aetna insurance,38K customers, names+SSNs, health info, stolen laptop
Report via Reuters.
Aetna declined to to say where this occurred or which law-enforcement agency they are working with, but it looks like the employer whose folks just got their PII exposed was the US Department of Defense.
Stars and Stripes [link to http://www.estripes.com/article.asp?section=104&article=36796 no longer works] has the scuttlebutt from HQ:
The laptop was stolen from an employee’s personal car in a public parking lot. While Aetna has strict safeguards on such matters, “the employee did not follow all company policies in this instance,” Michener said. Michener refused to say whether any disciplinary action would be taken, saying it was a “personnel matter.”
A few thousand other Aetna customers also lost data, but they do not fall under DOD, Michener said.
The company is sending three letters: one for those whose information included their social security number, one for those whose information included health information, and one for those whose information contained both.
With a stolen laptop, passwords are easy to get. For ways to hack, and resist hacking, read:
http://www.soxfirst.com/50226711/hackers_vs_the_power_of_the_pound.php