BY FRANCINE KNOWLES
December 13, 2006
In a disturbing case of deja vu, 382,000 Boeing Co. retirees and active
workers are at risk of identity theft and credit-card fraud because of
the theft of a company laptop computer.
The files on the computer contained their names, Social Security numbers
and, in most cases, also home addresses, phone numbers and birth dates
as well as salary information on some.
The theft, which Boeing confirmed Tuesday, is the third such incident in
the past 13 months in which a laptop computer containing personnel
information was stolen, and it took place despite safeguards the company
put in place.
This time around, the huge number of people affected includes mostly
As was the case in the other situations, information on the laptop
The latest theft took place in the first week of December, but Boeing
has yet to notify affected retirees and employees. They will be notified
shortly either online or by mail, Boeing spokesman Tim Neale said. The
company is in the midst of putting the necessary infrastructure in place
to handle questions that are anticipated, he said, including posting
information on a Web site.
The theft took place after an employee left the laptop unattended, and
returned to find it gone, Neale said. He would not say where the theft
happened, but noted no proprietary, customer or supplier data was on the
In November 2005, a Boeing laptop containing information on roughly
160,000 current and former Boeing employees was stolen. In that
incident, bank account information was also on the computer. Also, last
April, a laptop containing information on 3,600 employees and retirees
The latest incident represented a violation of company policy, Neale
In the wake of the earlier thefts, Boeing has required that staff who
work with personnel data take it off the hard drives of their computers.
Managers were responsible for making sure that happened, Neale said.
Employees who need to work with personnel data are now required to work
off of the firewall-protected server, and if there is a need to download
such information to a laptop hard drive, the information is supposed to
be encrypted, he said.
"It's very disturbing to us when things like this happen, and there are
certain steps you can take right away ... but we realize we need to go
above and beyond those," Neale said.
He noted the company has a goal of replacing Social Security numbers
with other types of identifiers where possible to limit the number of
data bases that have that information. Boeing also is working on putting
software in place that automatically encrypts personnel data, he said.
Employees affected by the latest theft will be notified and provided
with information on how to sign up with Experian Co., a
credit-monitoring service. Boeing will pay for three years of
monitoring, Neale said.
Regarding the earlier thefts, he said "we haven't had any indication
that anybody has misused the information, but that said, we recognize
that data has been lost, and it's important to do what we can to make
sure people are protected."
Subscribe to InfoSec News