Thursday, June 5, 2008

Sterling Commerce - Employee ID Theft - Stolen Laptop

Last year I worked for Sterling Commerce - an AT&T company. This May I received a letter from their CEO - Robert Erwin - stating the following:

"This letter is to inform you about an incident that may effect you. One of our vendors, USinternetworking Inc. (USI) recently informed us that a computer used by USI in support of Sterling Commerces' benefits administration was stolen from the home of one of its employees on March 23, 2008. This computer contained benefits information of Sterling Commerce employees and their dependents, including your name, address, date of birth, social security number, and benefit premiums and coverage."

I did not receive this letter until two months after the event. This is not timely notice at all as theft could have occurred the following day after it was stolen. The recent AT&T and Sterling breaches are alarming. Especially knowing that they are a premium technology and tech-services company that is fully aware of HIPPA, SOX and PCI compliance standards. I do realize Sterlings' breach were from a partner. However, if you are responsible for providing them the sensative data - you are responsible for selecting partners/vendors that will fully comply with protecting this level of personal information.

To make matters worse - the insurance Sterling offered to protect me from fraudulent activities was through IDTeftSmart. The bad news is their discalimers. Their disclaimer states: "Membership Services do not cover any financial losses attributed to the Stolen Identity Event., including but not limited to, money stolen from a wallet, unauthorized purchases of retail goods or services online, by phone, mail or direct." If all they are doing is monitorig my credit - I can do that online for a nominal fee. This does not resolve any potential fraud or financial damage that may occur to the people that had their information stolen.

TO ALL: There is NO reason for sensative and personal infromation to ever be on an employees or vendors laptop.

Update by Jamie Graham, The JamieWire

Jamie"s MOTTO.....

Don't follow the path that is already there....go instead where there is no path....and leave a trail....

This trail is a part of a long journey .....