14 DAY TRIAL // An office of Children’s Eyewear Sight has been broken into and the perpetrator got away with a computer system that stored details about customers.
It is not clear what security measures were enforced to the system or whether the file that included the personal information benefited from any sort of protection.
SSN was not available in the lost file
As per good practices for protecting customer information, businesses lock access to the computer and encrypt the files containing confidential data. In the case of mobile computer devices, it is recommended to encrypt the storage device.
The computer was located in the office of Children’s Eyewear Sight on 11940 Foothill Blvd., Ste. 107, Rancho Cucamonga, CA, 91739.
As far as the data at risk is concerned, it included names, dates of birth, gender, addresses and contact phone numbers, emails, the IEHP (Inland Empire Health Plan) Member ID number and the date of the medical appointment.
IEHP stresses the fact that the social security number was not available in the potentially exposed file and that evidence about the data being used for fraudulent purposes has not been found.
The police investigated the incident, which occurred on October 28, 2014, and a suspect has been captured.
Chances are the data has long been deleted
When private data is exposed as a result of a computer device being stolen in a burglary, thieves do not spend time trying to access data stored on it. Instead, they erase the operating system and the hard drive in order to make a quick buck by selling the machine to the first buyer.
However, it could happen that the individual purchasing the system has sufficient knowledge to search the persistent storage for useful data.
By adopting the standards for secure data storage, companies ensure that the chances of exposing customer information during such an incident are minimum.
Even if there is no indication that the details have been accessed by an unauthorized entity, IEHP provides affected customers with the possibility to apply a confidentiality alert to the electronic records it maintains.
Customers interested in this offer are given a phone number in the letter about the possible disclosure of personal info sent by the company.