Company does not have info on the state of the drive

Nov 5, 2014 01:03 GMT  ·  By

An external storage device containing personally identifiable information about the customers of Palm Springs Federal Credit Union has been lost, all data running the risk of being exposed into the wrong hands.

The discovery of the lost drive has been detected as a result of a regular audit performed on the operations and records of the financial institution.

The exact date the device was lost is unclear, but it is believed that the incident happened on or about October 20. Furthermore, no information is provided about the security state of the hard disk.

If the information on it was encrypted, then there is really no point worrying about the data. However, if everything was accessible without any security measure in place, by simply connecting the device to a computer, then the details on it should be considered exposed.

Names, addresses, social security numbers and account numbers were available on the hard drive; there are no details about how many customers have been impacted.

“At this time we do not known if the external drive has been inadvertently destroyed or if it was acquired by an unauthorized person. All we know is that it is lost,” says Debbie Pitigliano, CEO of the company, in a letter to the affected customers.

Considering the type of data exposed, it is a good idea to take all the necessary steps to prevent identity theft, by placing a fraud alert on the credit file as well as enable the identity protection service provided for free for a period of one year by Palm Springs Federal Credit Union.