Ohio-based manufacturer Tremco is notifying approximately 3,700 employees that a human resources employee left a company-issued laptop containing personal information on an airplane, and that the laptop has not yet been recovered.
How many victims? Approximately 3,700.
What type of personal information? Names, addresses, dates of birth, phone numbers, and Social Security numbers.
What happened? A Tremco employee left a laptop containing the personal information on an airplane, and the laptop has not yet been recovered.
What was the response? Tremco is strengthening its protections for all data – notably for data stored on mobile devices – and is implementing more robust incident response procedures. All potentially impacted individuals are being notified, and offered two years of identity protection at no cost.
Details: The employee discovered on June 17 that he left the laptop on the airplane; he notified the airline, but the laptop has not yet been recovered. The employee realized several weeks later that the laptop – which was protected by a strong password – stored spreadsheets containing personal information. The laptop had software that permits remote monitoring of the device, and the software indicated that the laptop had not been powered up or otherwise accessed.
Quote: “To date, the Company has received no information suggesting that any unauthorized person obtained the laptop or was able to access the data,” a notification letter said. “We also have received no reports to date indicating that any personal information stored on the laptop has been misused.”
Source: A Monday email correspondence with a Tremco spokesperson; doj.nh.gov, “Tremco, Incorporated,” July 29, 2015.