Business & Finance
News
11/9/2005
05:48 PM
50%
50%

PC Containing Consumer Credit Data Stolen

TransUnion will review its data handling processes after loss of desktop system with information on more than 3,600 consumers

With federal legislators mulling over options for fighting identify theft and fraud, TransUnion LLC, one of three companies that maintain consumer credit histories, provided the latest scare Wednesday, revealing that a password-protected PC containing personal credit information on more than 3,600 consumers was stolen from a regional sales office in California last month.

TransUnion's disclosure follows a string of compromised data incidents that have hit companies such as Bank of America, CardSystems Solutions Inc., ChoicePoint Inc., Citigroup, and HSBC North America, as well as numerous universities.

Upon learning of the theft, TransUnion promptly sent notices to 3,623 consumers last month alerting them to the breach and offering complimentary monitoring of credit reports for a year. The Chicago-based company also notified local law enforcement, and launched an internal investigation into the incident. The focus of that internal investigation is to find out why the information was stored on a far-flung PC rather than on TransUnion's secure network, says a company spokesman.

The spokesman says TransUnion also will take a close look at its internal security and data-handling processes. Initial indications are that the burglary was centered on the computer itself, not the data within it. While a portion of the information was encrypted, "some data may have been stored in a back-up file on an unencrypted portion of the computer's hard drive," the spokesman said in an E-mail.

The TransUnion breach comes less than a week after Microsoft chief counsel Brad Smith told the Congressional Internet Caucus that the software giant supports comprehensive legislation to tackle data privacy issues at the federal level. Smith suggested a four-part piece of legislation that would mandate baseline standards, more transparent data collection practices, individual control over use and disclosure of personal information, and minimal security requirements around storage of sensitive consumer data.

TransUnion and its two rivals in the consumer credit-history market, Equifax and Experian, said in September that they would work together on development of an encryption standard they would all use to protect consumer data as it's moved between information providers and within the companies themselves. Last month, TransUnion made its fraud and identity management products available for mortgage lenders to integrate into their loan origination and underwriting systems.

Comment  | 
Print  | 
More Insights
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest, Dec. 9, 2014
Apps will make or break the tablet as a work device, but don't shortchange critical factors related to hardware, security, peripherals, and integration.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of December 14, 2014. Be here for the show and for the incredible Friday Afternoon Conversation that runs beside the program.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.