Posted on 06/18/2007 2:47:12 PM PDT by stainlessbanner
COLUMBUS, Ohio - A 22-year-old intern was given the responsibility of safeguarding the personal information of thousands of state employees, a security procedure that ended up backfiring. Social Security numbers of all 64,000 Ohio state employees were stolen last weekend from a state agency intern who left a backup data storage device in his car, Gov. Ted Strickland said.
An additional review of data revealed that the storage device also held information on 53,797 participants enrolled in the state's pharmacy benefits management program, as well as names and Social Security numbers of about 75,532 dependents, the governor's office confirmed Saturday. Strickland has asked Ohio Inspector General Tom Charles to investigate.
What officials don't know is whether the thief is an unsuspecting common car burglar or a computer-literate opportunist with the capability of unlocking the code encrypting thousands of Social Security numbers.
Either way, Strickland said the security procedure failed, and he issued an executive order to change the practices for handling state data.
Officials were still determining whether the storage device contains any other personal information.
"Obviously, I feel badly this has happened, on a human level. As an executive, I'm trying to be transparent and we're looking for ways to mitigate any harm. I remain hopeful there will be no breach of private information," Strickland said.
The governor said he was not allowed to specifically describe the computer device or other details surrounding the theft, under direction from law enforcement.
The device — listed in a police report as being worth $15 — was reported stolen along with a $200 radar detector out of Jared Ilovar's car.
A message seeking comment was left for Ilovar, a college senior making $10.50 an hour as an intern with the Office of Management and Budget.
Under protocol in place since 2002, a first backup storage device is kept at a temporary work site for a state office along with the computer system that holds all the employee information, and a second backup device is given to employees on a rotating basis to take home for safekeeping, officials said.
Strickland said it was inappropriate for an intern to be designated that responsibility, and he ordered an end to the practice of employees taking the devices home. State Budget Director Pari Sabety said the device now would be stored in another location in a locked, fireproof box.
It was just the latest case of personal information on thousands of employees disappearing or being inappropriately accessed. Several universities, including Ohio State University and Ohio University, and even the Veterans Affairs Department have reported lost or stolen data.
In the Ohio case, Dawn Rice, an employee in the state Senate clerk's office, wasn't that bothered that sensitive information was being transported in cars on inexpensive equipment.
"I think it's not that big of a deal," she said. "The person who stole it would really have to know what he's doing."
A 22-year-old intern was given the responsibility of safeguarding the personal information of thousands of state employees, a security procedure that ended up backfiring. Social Security numbers of all 64,000 Ohio state employees were stolen last weekend from a state agency intern who left a backup data storage device in his car, Gov. Ted Strickland said.This is only the second super-major data theft in Ohio! Does anyone remember all the veterans' data that simply disappeared? The federal government sent me a letter that I could not for the life of me decipher--should I be worried about this, or not?
Encryption?
Not surprised : )
""The person who stole it would really have to know what he's doing.""
WELL NOW, that sure makes one feel better. No, not really... because it could be the person who did steal the info does know what he/she is doing.
Well, if he's a news reader he now knows that he has something of value.
"I think it's not that big of a deal"
Man oh man, do I ever feel secure.
Not terribly comforting. One would expect that the person who stole the data knew precisely what they were doing, and the value of the data itself—otherwise, why steal it? This isn’t like kids stealing hubcaps so that they can spin them like frisbees.
State Data Storage Device Stolen (Ohio) [15-June]
For Petes sake its called Iron Mountain Ohio!
Bet ya a buck it was on a flash drive laying on the car seat with other stuff!
Doesn't sound secure to me.
What moron comes up with such an idiotic procedure? Absolutely unbelievable.
For the same reason they took the radar detector! They saw something electronic and took it!
How many of those SS numbers will wind up being used in an act of identity theft, especially by illegal aliens.
You can't make this stuff up.
State employees, ROTFLMAO.
Note to self: avoid the state of Ohio.
22 year old INTERN!!!! Not even an EMPLOYEE!! This is disgusting.
That same week, I got a letter from my credit union telling me they were issuing me a new ATM card and PIN, because the C.U.'s data was compromised.
Something's up.
I just realized something.
Cincinnati, OH is the processing center the IRS forms are mailed to for people that have taxes due.
Lovely.
Here is the thread on that.
http://www.freerepublic.com/focus/f-news/1636391/posts
Key Data on Millions of Veterans Stolen!
I was using that thread as a bump list too; so check the back posts for links to more data stolen stories.
From what I've seen, almost everyone talks about encryption, but it's probably only used 10% of the time.
If the dumbasses would buy a fire safe with a media insert, the “storage devise” would never have left the office. Duh....
Maybe we need Sarbanes-Oxley for governments, not corporations.
Ping
And that was just the football recruiters.
GO BUCKEYES! GO TRESSLER!
“”I think it’s not that big of a deal,” she said.”
That’s the whole root of the problem... people thinking it’s not that big of a deal.
What the heck was an intern doing with such sensitive information?
Oh, yeah...it’s no big deal.
64,000 state workers? LOL!
What the hell are they all doing?
Counting our tax money?
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.