More than 3,000 clients and potential clients of Easter Seal Society of Superior California, a nonprofit charity group serving adults and children with special needs, may have had personal information compromised after an employee's vehicle was broken into and a work-issued laptop was stolen.
How many victims? 3,026.
What type of personal information? Dates of birth, health care provider information, patient identification numbers, health care billing information and therapy notes.
What happened? The vehicle of an Easter Seals employee was broken into and a password protected, work-issued laptop, which contained the information, was stolen.
What was the response? Easter Seals immediately hired a data security council and external forensics experts and launched an internal investigation. Easter Seals is reviewing internal policies and procedures and taking steps to ensure a similar incident does not occur. All impacted individuals are being sent notification letters.
Details: The employee vehicle was broken into on Dec. 10, the same day Easter Seals launched an investigation. It was determined that emails containing the personal information may have been accessible on the laptop, even though it was powered off, password protected and not connected to the internet at the time of the theft.
Quote: “Easter Seals is not aware of any actual or attempted fraud as a result of this incident, but takes the security of its patients' information seriously,” according to a notification on the Easter Seals website.
Source: myeasterseals.org, “Easter Seal Society of Superior California Issues Notice of Data Incident,” Feb. 7, 2014.