Instead of hacking into company databases, thieves are making off with personal data on hundreds of thousands of people the old-fashioned way -- by stealing machines from cargo holds, cars and offices.
The latest wave of data thefts started last month when someone broke into the home of a U.S. Department of Veteran's Affairs (VA) employee and stole computer hardware containing the names, Social Security numbers and dates of birth for 26.5 million U.S. veterans.
Late last week came news of three stolen laptops with data on the former employees of three supermarket chains, customers of Hotels.com and members of the YMCA.
In the first case, a laptop with pension data on former employees of supermarket chains Stop & Shop, Giant and Tops was reportedly stolen during a commercial flight. The information included Social Security numbers and was stored on a laptop belonging to an employee with Electronic Data Systems Corp. (EDS), a contractor that does business with the supermarkets' Dutch parent company, Royal Ahold.
Ahold USA spokesman Barry Scher told The Associated Press (AP) that current employees are not affected.
EDS spokeswoman Kimberly Walton told the AP she couldn't disclose how many former employees of Ahold subsidiaries were affected because it "would put the information at greater risk." She said the computer was password-protected but that the sensitive information wasn't encrypted. She added that the employee violated EDS policy by checking the computer with baggage instead of taking the computer onboard as carry-on luggage.
The second case involved a laptop stolen during a car theft earlier this year. The computer belonged to an employee with Ernst & Young LLP, the auditor for Expedia Inc.'s Hotels.com. The laptop contained credit card data for 243,000 Hotels.com customers, according to published media reports.
The third case involved a laptop with data on more than 65,000 Rhode Island and Massachusetts YMCA members that was stolen from a locked office of the Providence, R.I., YMCA.
The computer was used by administrators of the organization's daycare program and contained bank account numbers, credit card information and names, addresses and personal family and medical details, the Providence Journal reported Friday.
There's no indication that the stolen information has been accessed or used, YMCA spokeswoman Michelle Riendeau told the newspaper.