Arizona state agency loses data on 40,000 children in disk theft
Hard drives stolen from commercial storage facility; data wasn't encrypted, DES says
Computerworld - Arizona's Department of Economic Security (DES) is notifying the families of about 40,000 children that their personal data may have been compromised following the theft of several hard drives from a commercial storage facility.
The information stored on the stolen disks included the names, addresses and phone numbers of families whose children were referred to the DES for early intervention services over the past several years. In the cases of families that had applied for and received services from the agency, their records also included Social Security numbers, DES spokeswoman Liz Barker Alvarez said.
The DES provides services such as financial assistance and food stamps programs as well as ones that are aimed at preventing child abuse and neglect. According to Alvarez, the data on the stolen disks was password-protected but not encrypted. She said the disks were stored in a leased storage unit at a local Extra Space Storage facility that was broken into on Oct. 14, and were part of a much broader array of items — including furniture and electronics — that were taken from multiple units at the facility.
As a result, Alvarez added, there's little reason to believe that the thieves were specifically going after the disks or the data on them.
Alvarez said the disks were stored in accordance with the agency's rules, which call for sensitive data to be backed up and kept at an off-site storage facility. She defended the use of the commercial facility and said the unit in which the disks were stored had been locked and monitored.
As has become typical with such incidents, Alvarez said that the breach notices were being sent out not because any of the data has been misused but rather out of an overabundance of caution on the part of DES officials. In addition, both Arizona laws and DES rules require notifications in any situation in which personal information is put at risk of being misused, she said.
The only real difference between the incident in Arizona and most of the countless other breaches disclosed over the past few years is the fact that the compromise at the DES involved the personal data of a large number of children. Other than that, it continues the steady drum beat of breach disclosures resulting from the loss or theft of laptops and storage devices.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Pay-as-you-Grow Data Protection: IBM Tivoli's Full-featured Data Protection Suite for Small to Medium Businesses IBM Tivoli Storage Manager Suite for Unified Recovery gives small and medium businesses the opportunity to start out with only the individual solutions...
- Streamline Data Protection with IBM Tivoli Storage Manager Operations Center IBM Tivoli Storage Manager (TSM) has been an industry-standard data protection solution for two decades. But, where most competitors focus exclusively on Backup...
- Simplify and Consolidate Data Protection for Better Business Results Learn about IBM® Tivoli® Storage Manager Operations Center, which provides advanced visualization, built-in analytics and integrated workflow automation features that leapfrog traditional backup...
- HP HAVEn: See the big picture in Big Data HP HAVEn is the industry's first comprehensive, scalable, open, and secure platform for Big Data. Enterprises are drowning in a sea of data...
- Data Protection and Disaster Recovery with iSCSI and VMware Get this on demand webcast now
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well... All Privacy White Papers | Webcasts