Feeds

VeriSign worker exits after laptop security breach

Man overboard

5 things you didn’t know about cloud backup

VeriSign has warned workers of the theft of a laptop that contained their personal information.

The laptop was stolen from a car parked in the garage of a California worker sometime on the night of 12 July. The laptop contained personal information - name, Social Security number, date of birth, salary information, telephone numbers, and home addresses - of an unknown number of VeriSign employees. Bank account numbers or password information were not stored on the machine.

Data on the machine was not encrypted, in contravention of VeriSign policies, raising ID theft concerns. The unnamed worker involved has left VeriSign while the web security firm has responded by promising to tighten up its security policies.

In a letter to workers, VeriSign said the laptop was probably stolen in a random burglary. Nonetheless, the security infrastructure firm is offering to pay a year's credit watch monitoring subscription to those potentially affected.

Reports of the breach first surfaced on Wizbang on Friday. Prompted by our follow-up questions, Verisign issued a statement explaining its response to the breach.

VeriSign is taking the recent laptop theft very seriously. The Company initiated an investigation as soon as the theft was discovered. We have no reason to believe that the thief or thieves acted with the intent to extract and use this information. The local police have said the theft may be tied to a series of neighborhood burglaries. We disabled any access by the employee’s computer to the VeriSign network. The employee involved in this incident has since left VeriSign.

The Company has a policy on how to manage laptops that contain sensitive information and company data - which in this case was not followed. That policy includes not leaving laptops in vehicles in plain view, keeping the amount of confidential and sensitive data stored on laptops to a minimum, and using data encryption tools to protect those sets of data that absolutely must be stored on a laptop. Going forward, we will continue to review our security procedures to prevent future human errors of this type.

VeriSign specialises in marketing the digital certificates and other elements of the infrastructure that underpin secure web transactions, so any kind of security breach is embarrassing.

It's far from alone in having problems with lost or stolen laptops containing sensitive information, however.

Similar thefts have sparked security flaps at Marks & Spencer, Nationwide Building Society, the Metropolitan Police, the US Department of Veterans Affairs, and others. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
JLaw, Kate Upton EXPOSED in celeb nude pics hack
100 women victimised as Apple iCloud accounts reportedly popped
Rubbish WPS config sees WiFi router keys popped in seconds
Another day, another way in to your home router
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
Researchers camouflage haxxor traps with fake application traffic
Honeypots sweetened to resemble actual workloads, complete with 'secure' logins
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
New Snowden leak: How NSA shared 850-billion-plus metadata records
'Federated search' spaffed info all over Five Eyes chums
Three quarters of South Korea popped in online gaming raids
Records used to plunder game items, sold off to low lifes
prev story

Whitepapers

Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Advanced data protection for your virtualized environments
Find a natural fit for optimizing protection for the often resource-constrained data protection process found in virtual environments.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.