The theft of a laptop containing the unencrypted personal details of 133,000 Florida residents has sparked a major security alert. The PC was stolen from the car of a worker at Florida’s Department of Transportation, making it the latest in a spate of US organisations airing the private credentials of individuals in public.

The thief stole the Dell laptop after tampering with the lock of the SUV. Curiously a second laptop also left in the boot of the car was left behind, the Miami Herald reports (http://www.miami.com/mld/miamiherald/news/15247707.htm). Data on the laptop had been encrypted, but this protection had been removed during a major network upgrade. The Miami-based agent had been working at home and hadn't resynchronised the laptop recently. Because of this a software upgrade that would have re-encrypted sensitive data hadn't been applied.

News of the theft emerged on Wednesday, two weeks after the laptop was nicked and five days after it emerged that the PC contained data including the social security numbers of thousands. Individuals whose information may have been exposed are to be sent warning letters. Data held on the laptop included the details of 86,670 driving license holders in the Miami area, information on 42,800 airline license holders throughout Florida and around 9,500 standard and commercial vehicle driving license holders in and around Tampa.

The data, if it fell into the wrong hands, could be used to apply for loans or credit cards under false names by identity thieves. It seems unlikely that those affected will be offered free fraud monitoring services but Florida’s Department of Transportation has set a hotline to deal with queries from concerned members of the public on 800-424-9071. The Department is offering a $10,000 reward for the safe return of the laptop. ®

Related stories

M&S in ID theft flap over stolen laptop (9 May 2007)
http://www.theregister.co.uk/2007/05/09/printing_security_flap/
US nuclear security agency missing 20 PCs (2 April 2007)
http://www.theregister.co.uk/2007/04/02/us_nuclear_agency_missing_pcs/
Hospital laptop theft sparks concerns (28 March 2007)
http://www.theregister.co.uk/2007/03/28/hospital_laptop_theft/
Met Police in laptop theft security flap (22 November 2006)
http://www.theregister.co.uk/2006/11/22/met_police_laptop_theft/
'Blagging' info thieves fined £14,800 (17 November 2006)
http://www.theregister.co.uk/2006/11/17/info_thieves_convicted/
Police search for UK victims of US ID theft (11 October 2006)
http://www.theregister.co.uk/2006/10/11/id_theft/
PC thief steals court PC during trial (20 September 2006)
http://www.theregister.co.uk/2006/09/20/court_pc_thief/
Terrorism no excuse for privacy breaches, says EU regulator (19 September 2006)
http://www.theregister.co.uk/2006/09/19/terrorism_privacy_breaches/
Europe may mandate data breach notification (13 September 2006)
http://www.theregister.co.uk/2006/09/13/europe_data_breach_law/
ID theft hits home in Canada (4 September 2006)
http://www.theregister.co.uk/2006/09/04/property_id_theft_canada/
What the heck was on that stolen laptop? (19 August 2006)
http://www.theregister.co.uk/2006/08/19/laptop_loss_survey/
Dell recalls 4.1m laptop batteries (14 August 2006)
http://www.reghardware.co.uk/2006/08/14/dell_laptop_recall/
Two teens charged over VA laptop theft (7 August 2006)
http://www.theregister.co.uk/2006/08/07/va_laptop_theft_arrests/
Security flap after US Navy loses laptops (28 July 2006)
http://www.theregister.co.uk/2006/07/28/navy_laptop_security_snafu/
Laptop with veterans' data recovered intact (30 June 2006)
http://www.theregister.co.uk/2006/06/30/va_laptop_recovered/
White House calls for improved laptop security (28 June 2006)
http://www.theregister.co.uk/2006/06/28/white_house_laptop_security/
Medical Excess loses records on 1m customers (28 June 2006)
http://www.theregister.co.uk/2006/06/28/medical_excess_loss/
USB drives pose insider threat (27 June 2006)
http://www.theregister.co.uk/2006/06/27/usb_drives_security_threat/
US veterans' data exposed after burglary (23 May 2006)
http://www.theregister.co.uk/2006/05/23/va_data_security_breach/
Nokia staff jacked by Ernst & Young laptop loss (30 March 2006)
http://www.theregister.co.uk/2006/03/30/ey_nokia_lapop/
Fidelity lost HP's employee data to impress HP (24 March 2006)
http://www.theregister.co.uk/2006/03/24/hp_fidelity_laptop/
40,000 BP workers exposed in Ernst & Young laptop loss (23 March 2006)
http://www.theregister.co.uk/2006/03/23/ey_bp_laptop/
Lost Ernst & Young laptop exposes IBM staff (15 March 2006)
http://www.theregister.co.uk/2006/03/15/ernstyoung_ibm_laptop/
Readers amazed by Ernst & Young's laptop giveaway (4 March 2006)
http://www.theregister.co.uk/2006/03/04/ey_letters/
Ernst & Young loses four more laptops (26 February 2006)
http://www.theregister.co.uk/2006/02/26/ey_laptops/
Strict liability for data breaches? (22 February 2006)
http://www.theregister.co.uk/2006/02/22/data_breach_liaibility/
Tory contender in laptop theft flap (16 November 2005)
http://www.theregister.co.uk/2005/11/16/cameron_aide_laptop_theft/
Arrest made in Berkeley laptop theft case (16 September 2005)
http://www.theregister.co.uk/2005/09/16/berkeley_laptop_theft_arrest/