Symantec and HP lose laptops – workers warned of identity theft risk

Graham Cluley
Graham Cluley
@[email protected]

Hewlett Packard (HP) and Symantec are reported to be warning their workers of the potential risk of identity theft after laptops were stolen containing unencrypted personal information.

The Symantec incident occurred in October, when a laptop containing some staff names, addresses and social security numbers was stolen from an employee’s home.

It was a similar story for HP, who have revealed that several thousand employee records may have been compromised when a computer was stolen from a staff member based in Houston several months ago. This incident has only just been made public after the technology giant discovered that it was wrong in its original assessment that there was no sensitive information stored on the laptop.

Sign up to our free newsletter.
Security news, advice, and tips.

Now, it’s perfectly possible of course that these computers were stolen by a common criminal, perhaps looking for high value and portable electronic equipment to sell for drug money. But the further a laptop is passed around the criminal community, the higher the chances that someone will examine the hard drive to see if they can uncover information that they can use for identity theft.

That’s why encrypting the data on your laptop is so important. You may have a computer stolen through no real fault of your own – but it is your company’s responsibility to firstly control whether sensitive data should be on your hard drive in the first place, and secondly to ensure that any confidential data is shielded from identity thieves through strong encryption.

Lets not forget – Symantec and HP are victims of a criminal act here, and it would be wrong for any of us to feel smug. Although the news must be disturbing for employees who may have had their private data revealed, the companies have done the right thing by informing the authorities, and have announced that they are reviewing their policies. No doubt they are ensuring that they have better data security policies and technology in place in future as a matter of priority.

If nothing else, stories like this can have a silver lining if they help underline the importance of encryption in securing data.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.