14 DAY TRIAL // BP is dealing with a data breach incident after one of its employees lost a laptop computer containing the personal details of thousands of compensation claimants.
The lost personal information belongs to 13,000 people who filed claims related to the Deepwater Horizon oil spill and includes names, addresses, phone numbers, dates of birth and Social Security numbers.
"There is no evidence that the laptop or data was targeted or that anyone's personal data has in fact been compromised or accessed in any way," a BP spokesperson told CNN.
Such data loss incidents are relatively common, which is why companies should always encrypt laptops, USB sticks, external hard drives or other storage devices containing people's personal information.
Unfortunately, this wasn't the case here and BP took over a month to disclose the incident. It will now offer free credit monitoring subscriptions to those affected as required by the law.
"We have sent written notice to individuals impacted by this event to inform them about the loss of their personal data and to offer them free credit monitoring services to help protect their personal information," the BP spokesperson added.
The employee responsible for losing the laptop was traveling for business purposes and the incident was reported to law enforcement. Apparently, the laptop can be disabled remotely, but no other details were released about that.
"Even if you're the sort of organisation which is willing to take risks with your own data - sales forecasts, trade secrets, and that sort of thing - you have a clear moral duty not to take risks with data you keep about other people," says Paul Ducklin, head of technology at Sophos.
For home users looking to protect their personal data in case of stolen or lost laptops, there are free system-wide encryption solutions available, the most popular of which is probably TrueCrypt.