About 1.3 million customers of a Texas provider of student loans are at risk of ID fraud, after a contractor lost computer equipment with sensitive information on them.
The equipment, which was not identified, contains the names and Social Security numbers of the borrowers, the Texas Guaranteed Student Loan company said in a statement Tuesday. The hardware was lost by an employee of Hummingbird, a enterprise software company hired to prepare a document management system, it said.
This follows a similar pattern to the way that the Veteran’s Administration lost 26 million records — some employee takes home the data and it promptly gets lost or stolen. Security tip: Don’t let your employees go home with the data! The government seems to be able to figure this out when it comes to top secret information; companies have figured it out when it comes to trade secrets. But when it comes to personal data belonging to others, it seems as though employees can just waltz out the door with it.
Hat tip: Deven Desai
Originally Posted at Concurring Opinions
* * * *
This post was authored by Professor Daniel J. Solove, who through TeachPrivacy develops computer-based privacy training, data security training, HIPAA training, and many other forms of awareness training on privacy and security topics. Professor Solove also posts at his blog at LinkedIn. His blog has more than 1 million followers.