14 DAY TRIAL // A laptop belonging to Godiva Chocolatier, maker of premium chocolate products, and containing sensitive information about employees has been stolen, potentially exposing the confidential data.
The company reported that on October 16 the computer system was stolen from a rental car used by a human resources employee while visiting different retail stores. Immediately after learning about the incident, both the police and the company were notified.
In such cases, the electronic device is the least loss the company could sustain, more important being the nature of the data stored on it and its security.
Hard drive was not encrypted
It turns out that access to the computer was protected by a password. However, the hard drive was not encrypted and neither was the sensitive info on it, which exposes all the files to unauthorized access.
A password is not required to reach data on a hard drive. Apart from the availability of programs that can guess the protective string, provided it is not too complicated, there is also the possibility to boot a different operating system from a USB device and look for data on the mass storage unit.
Godiva may be safe from harm though, since in such cases the perpetrators tend to be interested in the device itself.
The most common course of action is to reinstall the operating system, but if the thief is unable to do it, they could take the computer to a tech savvy individual, who may think about looting the hard disk before wiping the OS.
The type of employee data at risk mostly includes names, addresses and social security numbers; but in some cases, medical diagnosis info (for work restrictions) and driver’s license number have also been included.
Company offers free, one-year membership for identity protection service
There is no indication that this was a targeted attack, or that the details have been misused, but the company puts safety first, so it informed all affected individuals about the incident, providing at the same time complimentary one-year membership to an identity protection service.
The product alerts the individual when personal details have been used in a fraud attempt and resolves the identity theft incident.
Mobile computer systems are more likely to be stolen and protecting them with efficient solutions should always be a priority, especially for companies.
Modern operating systems support hard drive encryption. Coupled with a strong password, this measure would prevent an intruder from accessing stored content, unless the correct password is provided.
