14 DAY TRIAL // The non-profit organization Community Technology Alliance (CTA) informed some of its clients that personal information about them might have been exposed to unauthorized parties, after one of their laptops had been stolen.
There is no knowledge about the actual data that has been compromised, but CTA took the precaution of letting potentially affected individuals know about the incident.
The organization administers the Bay Area Homeless Management Information Systems (HMIS), which has partners running different programs and services for homeless people and individuals with low-income. These are the clients whose data may have fallen into the wrong hands.
It appears that the laptop was stolen from a car in a public garage, on July 28. CTA started sending the letters on September 25, but the breach was reported to the California Attorney General on October 2.
As per the provisions of the California state law regarding data security breaches, the office of the Attorney General has to receive a copy of the letter if more than 500 residents are affected by the breach.
Encryption was not enabled on the laptop’s storage device, but the information on it was password-protected.
The organization believes that client data that could be exposed contains names and social security numbers, enough to allow the possibility of identity theft. If this information falls in the hands of cybercriminals, they could sell it on underground forums dealing fake documents.
All evidence, however, points to the fact that the thief was after the device itself and there is no indication that data on it has been used for nefarious purposes.