Stolen laptop contains data on truck drivers
The U.S. Federal Motor Carrier Safety Administration said a laptop containing personal information on commercial truck drivers was stolen from a government vehicle last week in Baltimore.
FMCSA said the computer contained identification information on 193 individuals from 40 motor carriers. The computer did not contain financial or medical information, but did store names, dates of birth and commercial drivers’ license numbers.
The agency, part of the Department of Transportation, said it is trying to notify all the affected drivers and their employers about the security breach and instruct them on how to protect their identities. Recommended actions include contacting credit bureaus for a fraud alert to be placed on their credit records and checking bank and credit card statements for any suspicious activity.
The federal government, states and large corporations have been plagued in recent months by thefts of computers that contain personal information on employees or customers. In late July, a password protected computer with 113,000 personal records was stolen from a Department of Transportation employee’s vehicle in Miami. The laptop included lists of individuals with commercial driver’s licenses and pilot’s licenses in Florida and was being used by special agents investigating the use of fraudulent information to obtain CDLs and air pilot certificates.
Another department laptop was stolen from an investigator’s hotel room in April during a conference in Orlando, Fla. And a computer with 26.5 million personal records was stolen in May from the home of a Department of Veterans Affairs employee. The laptop contained veterans’ social security numbers and disability rankings.
The DOT has said it doesn’t believe that the computers in either breach involving CDL’s were targeted because of the personal information they contained. Both incidents are under investigation with the help of local police.
The DOT’s Office of Inspector General has directed employees not to leave government laptops or electronic storage media unattended in vehicles, remove personally identifiable data from all laptops, and ensure that sensitive data is stored in encrypted folders. It ordered all employees to complete privacy and computer security awareness training by Aug. 30. The inspector general said it plans to further strengthen policies and procedures for protecting sensitive information.
As of Aug. 21, the DOT had notified 62,000 individuals about the loss of personal data from the Miami theft.
The Office of Management and Budget in June issued guidelines for federal agencies to protect sensitive information outside of federal facilities and lawmakers have suggested they may have to mandate data security requirements if agencies can’t stop losses from occurring.