Not all incidences of confidential data getting into criminal hands is because a hacker has breached security, there is always the human element. BP have reported that nearly one month ago one of its employees lost a company laptop with the personal information of 13,000 claimants who are trying to get compensation from BP after the Gulf oil spill.
Curtis Thomas, a BP spokesman, said that BP has sent letters to almost 13,000 people whose data was stored on the computer. BP is offering to pay the claimants to have their credit monitored by Equifax in case their details are being used fraudulently.
Although the laptop was password-protected, the spreadsheet of claimants’ details was not encrypted. The spreadsheet contained the claimants’ names, Social Security numbers, phone numbers and addresses.
This data is now potentially out in the wild all because a single laptop was lost or stolen “during routine business travel”. And laptops are easy to lose, research from 2008 showed that 10,278 laptops are reported lost every week at 36 of the largest U.S. airports, and 65 percent of those laptops are not reclaimed.
According to a statement make to SecurityWeek: “The lost laptop was immediately reported to law enforcement authorities and BP security, but has not been located despite a thorough search. There is no evidence that the laptop or data was targeted or that anyone’s personal data has in fact been compromised or accessed in any way. Our Security team continues to monitor the situation very closely and we are still in touch with authorities in an attempt to recover the laptop.”