Missing unencrypted thumb drive impacts 19,000 Colorado workers

Share this article:

Almost 19,000 current and former Colorado state workers may have had personal information compromised after a worker lost an unencrypted thumb drive containing the data.

How many victims? 18,800. 

What type of personal information? Names, addresses and Social Security numbers are among the information.

What happened? A state employee lost the drive containing data on 8,000 current employees and 10,800 former workers while transporting it between work locations.

What was the response? Colorado officials worked quickly to find out what type of information was stored on the drive so they could send out notification letters to all impacted workers. The Office of Information Security is continuing efforts to recover the thumb drive. Procedures and practices are being reviewed and revised to minimize the risk of recurrence.

Details: The drive was discovered to be missing in late November. Employees from multiple state agencies were involved.

Quote: “We have strict policy for the state about encryption,” Tauna Lockhart, a spokesperson with the Governor's Office of Information Technology, said. “That said, this employee did not follow stated protocol and has been disciplined.”

Source: idradar.com, “18,800 Colorado State Workers Wrapped Up In Data Breach,” Dec. 16, 2013

Share this article:

Sign up to our newsletters

POLL

More in The Data Breach Blog

Fate of unencrypted drive unknown, PHI of 5,500 in Virginia at risk

A Virginia-based chiropractic center is not quite sure what happened to an unencrypted thumb drive, which contained personal information - including Social Security numbers - on more than 5,500 patients.

Iowa State server breach exposes SSNs of nearly 30,000

The breach impacts Iowa State students where were enrolled at the university between 1995 and 2012.

Three laptops stolen from New York podiatry office, 6,475 at risk

Nearly 6,500 patients of New York-based Sims and Associates Podiatry may have had personal information compromised after three laptops were stolen.