14 DAY TRIAL // According to The Register, a laptop belonging to the world renowned financial consulting firm Deloitte has been stolen. The laptop contained the personal and pension information of hundreds of thousands of workers employed by Deloitte's clients. Amongst the affected persons are UK railway workers and the entire staff of Vodafone UK.
Deloitte Touche Tohmatsu, or simply Deloitte, is an international group of companies that offer professional services like auditing, tax, consulting and financial advisory. The organization ranks in the top four international independent auditing organizations.
The laptop contained the personal details of over 150,000 railway workers and employees of other Deloitte clients. The details consisted of information like names, dates of birth, earnings, pension contributions and insurance numbers. However, according to a Deloitte official statement, “it did not include addresses or bank account information”.
According to the company, the laptop, which was in the possession of one of its employees, was carried in a handbag that got stolen from a public location in September. Fortunately, there were several levels of security in place to protect the data. They included start up password, operating system ID and password as well as data encryption, which is a highly recommended, but rare security protection. Because of this, the company is confident that the data has not been accessed or misused.
“We believe that the likelihood of unauthorised access to the data held on this laptop is remote due to the opportunistic nature of the theft and the security controls,” is noted in the official statement. The company also sent notification letters to all the affected clients and gave assurances that the undesired incident is being properly investigated.
Vodafone and the Transport Salaried Staff Association were obviously not pleased with the security breach. Vodafone noted that they are “extremely concerned about the breach in security of our employees’ personal information and we take the matter very seriously,” while the General Secretary of the Transport Salaried Staff Association, Gerry Doherty, commented for The Register that "all we have received are bland assurances that everything is going to be all right".
There is no reason to believe that the culprit aimed the stored data, giving the opportunistic nature of the theft, but regardless of the intentions, the alarming fact is that such incidents are piling up, especially this year. We could even consider this a fortunate one, as the data was encrypted, which is not the case for most of these security breaches.