eDiscovery Daily Blog

Potential Data Breaches Still Happen the Old Fashioned Way, Too: eDiscovery Trends

Whether you’re a website that promotes cheating on your spouse, a first place major league baseball team (yay!) or a major health insurance provider, data breaches can happen to you.  Potentially, they can happen to law firms too, even the old fashioned way.

According to SC Magazine (Personal data on laptop stolen from attorney with California law firm, written by Adam Greenberg), California-based law firm Atkinson, Andelson, Loya, Ruud & Romo is notifying an undisclosed number of individuals that a personal laptop computer owned by an attorney from the firm was stolen, and their personal information may have been compromised.

According to the article, the laptop contained names, addresses, telephone numbers, Social Security numbers, and possibly certain financial information or medical records for those individuals.  The theft occurred on April 23 while the attorney was a passenger on the MTS Trolley in downtown San Diego, and was reported to the San Diego police department on April 24. The laptop has not been recovered.  Good luck recovering it at this point.

As the article notes, all potentially impacted individuals are being notified via a four page notification letter, which states “We have no reason to believe that the laptop was stolen for the information it contained,” and also “We also have no information indicating that this information has been accessed or used in any way.”   The recipients of the notification letter have been offered a free year of identity theft protection and credit monitoring services.

Sharon Nelson of the excellent Ride the Lightning blog surmised last week in her blog that, because the firm is notifying the individuals of the theft, the laptop was not encrypted.  That may be true, or it may be that the firm is just being cautious.  I can relate to being cautious and having had my own business laptop stolen last year, I can also feel their pain.  Even though my laptop was fully encrypted and I don’t store client data on my laptop, I still felt compelled to change every password I owned and watched my accounts like a hawk for some time to make sure that my financial data was not compromised.  It’s extremely unsettling.  Like the law firm, we reported the theft (my colleague’s notepad was also stolen), but, of course, nothing was ever recovered.

Nonetheless, as traumatic as that was, it was just a stolen laptop (and a few personal effects in the laptop bag) in the end.  I was glad that the laptop was encrypted and it kept the situation from being WAY worse.

Encrypt your laptop.  It only takes a moment to become a victim of a data breach, the old fashioned way.

So, what do you think?  Have you ever had a laptop stolen?  Was it encrypted?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.