COLUMBUS, Ohio — A backup computer storage device with the names and Social Security numbers of all 64,000 state employees was stolen from a state worker’s car last Sunday, Gov. Ted Strickland said Friday.
In a news conference, Strickland said he doesn’t believe worker privacy is in jeopardy because it would take special equipment to access the information.
“I don’t mean to alarm people unnecessarily,” he said. “There’s no reason to believe a breach of information has occurred.”
Strickland said he was not allowed to specifically describe the computer device, or other details surrounding the theft, under direction from law enforcement investigating the theft.
Strickland said the employee, an intern, mistakenly left the device in a vehicle parked outside an apartment when it was supposed to be taken into his home as part of a protocol in place since 2002.
A first backup storage device is kept at a temporary work site for a state office along with the computer system that holds all the employee information. A second backup device is given to employees on a rotating basis to take home for safekeeping, officials said.
Strickland said it was inappropriate for an intern to be designated that responsibility, and has issued an executive order to end the practice of employees taking the devices home for safekeeping. State Budget Director Pari Sabety said the device now would be stored in another location in a locked, fireproof box.
The intern, who informed his supervisor of the theft Monday, is being investigated. Strickland said he has not decided whether to identify the intern because he is “not looking for a scapegoat.”
Strickland said it took the administration several days to publicize the information because extensive data in the device was being reviewed. Officials said they had to comb through 338,634 files in 24,333 folders.
The state will provide state employees access to free identity protection services for the next year.
It was just the latest case of personal information on thousands of employees disappearing or being inappropriately accessed. Several universities, including Ohio State University and Ohio University, and even the Veterans Affairs Department have reported lost or stolen data.
In 2006, Ohio University discovered breaches that had exposed 173,000 files containing Social Security numbers, names, medical records and home addresses to data theft of workers and alumni. Someone hacked into an Ohio State University computer and stole the personal information of more than 14,000 current and former faculty and staff members in March.
Data theft also has been a problem with several corporations. TJX Cos., the operator of T.J. Maxx and Marshalls, disclosed in January that a data theft exposed at least 45 million credit and debit cards to potential fraud. In March 2005, the parent company of Dayton, Ohio-based Lexis Nexis said hackers got access to personal information on as many as 32,000 U.S. citizens in a database owned by Lexis Nexis.
Source : www.chillicothegazette.com
0 comments:
Post a Comment