CNET employees notified after data breach
More than 6,500 CNET Networks employees and relatives are being notified of a possible data breach after burglars stole computer systems from the offices of the company that administers the Internet publisher's benefit plans.
CNET was one of several clients affected when burglars broke into the Walnut Creek, California, offices of Colt Express Outsourcing Services, stealing equipment "which contains the human resources data of several of their clients including CNET networks," CNET Senior Vice President of Human Resources Jose Martin said in a June letter notifying employees of the incident.
The computers contained names, birth dates, Social Security numbers and employment information of the beneficiaries of CNET's health insurance plans.
It was unclear which other Colt Express clients were affected by the breach. Its other customers have included BroadVision, JDS Uniphase and 24 Hour Fitness.
The company's CEO, Samuel Colt III, did not return a call seeking comment Monday, but in a letter to CNET, published on the Web site of the attorney general for the state of Maryland, he said that local police were investigating the matter.
Data breaches such as Colt's must be reported to the Maryland attorney general when they affect state residents. State laws typically require such notification when an unencrypted computer is lost or stolen. According to Privacy Rights Clearinghouse, more than 230 million records have been exposed in this fashion in the U.S. over the past three-and-a-half years.
Four days after the break-in, Colt Express installed an alarm system, and the company is "looking into what additional steps may be taken to provide enhanced security," Colt wrote in his letter.
Customers looking for free credit-monitoring services from Colt Express should not get their hopes up, however.
Colt's letter included some marketing materials for Kroll, a company that helps companies respond to data breaches, but the information was provided "only out of courtesy and to give you an idea of the types of services available," Colt said.
"By this letter and enclosures we are providing you with all the information we believe you need and that we are able to give you," Colt added. "We do not have the resources financial and otherwise to assist you further."
Hurt by a downturn in business late last year, Colt is now in the process of going out of business, he said.
Affected CNET employees can sign up for one year of free credit-monitoring from Equifax, Martin said.
IDG News Service
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
data breach
Powered by Twitter
jfruh
Apple syncing patent can't come soon enough
pasmith
New Twitter features borrow from 3rd party clients
Esther Schindler
Open Source Changes the Software Acquisition Process
mikelgan
How to set up continuous podcast play on the new iTunes
David Strom
Five important Windows 7 mobility features
sjvn
Guard your Wi-Fi for your own sake
Sandra Henry-Stocker
Grepping on Whole Words
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
An excellent and timely
An excellent and timely article: It's amazing that breaches and thefts keep happening. There is something that is helping a lot of people, judging by the business blogs I’ve been reading. It’s a defined eCulture called The Business-Technology Weave - it helps to influence employee behaviour as regards security, use and integrity of data - as well as protection of hard assets (such as laptops). The book I.T. Wars is the leading voice, and concentrates on the solution – a proactive treatment and training of people, and reinforcements to their corresponding security awareness. This is particularly relevant: www.businessforum.com/DScott_02.html . Some good stuff here too: www.david-scott.net . We use his book at work - stupid mistakes like deleted and misplaced data have dropped tremendously. Our CEO even requires our vendors to read it.Ha - one of our interns from
Ha - one of our interns from University of WI brought that book in. good stuff.