Stolen Laptop - Lesson Learned
 

I was at an investment conference yesterday in SF, and my bag with the company laptop was stolen.

(Which is an unheard-of event, actually. The room was crowded with analysts, portfolio managers, and company CEOs and CFOs. While some of these people may be thieves, they usually have ambitions higher than petty thievery.)

I immediately called the IT dept and had them shut down my VPN and network login. And they had a new laptop with all applications loaded and ready for me 2 hours later (our IT guys are great).

The laptop had almost entirely work information on it, and none of that would be useful/damaging to anyone. But it did also have my 2006 tax return, and hence my family's names, addresses, SSNs, and income. Plus the Internet Explorer had bookmarks for our financial accounts, with the userid but fortunately not the passwords. Anyone who can get through the Windows logon, or simply pull the hard drive, can get at this information.

Thus I am having to place a 7 year fraud block on all our credit files as well as notifying all our financial accounts and credit cards to watch for unusual activity. Plus I will have to re-do my taxes. And someone out there potentially knows a lot about me.

So, lesson learned - if you carry any sensitive information on your laptop, consider sofware to encrypt those files.

My new work laptop has the entire hard drive encrypted, plus we will start using the embedded fingerprint readers.

And if you come across an IBM X60 S/N LVG0196 for sale . . .

That SUCKS. Sorry for your headache.

Doesn't mean an enterprising thief didn't put on a suit and walk into the room...

All sensitive data should be on removable media.

Just my take....

I wouldn't hold my breath, but the laptop "might" be returned...I've known of scenarios (similar to what you describe) where someone mistakenly grabbed the wrong one (and later returned it). Good luck!

That's what I've always done too...even better than passwords, encryption, etc.

I'd probably misplace the removable media . . .

I think that is what happened. Either he had a fake badge, or didn't have one and no-one challenged him. The entire floor of the hotel was being used for the conference, ballroom and 6+ presentation rooms, so bad luck he found his way to the ballroom.

I got hit with identity theft 4 years ago, it really sucks, know what you're going through. Now I keep every sensitive file, including MS Money on a USB Flash drive. I've seen 1 gig going for as little as $9. I bought a couple for extra back-up.

Did you notify the credit bureau, only need to notify one, it will notify the others, and put a 90 day lock on you file. 7 years with a written letter.

Hope for your sake it was just picked up my mistake and gets returned. But you're doing all the right things.

Good Luck, Don

I leave my tax return on my destop - maybe he would feel bad and bring it back

-Here's something for those of you who travel quite a bit. I started working for a major international company last December. They told us during indoctrination that when you go to a hotel somewhere in the world...if you leave your room to go work out or go to dinner, make sure you leave your electronic room key at the hotel. Leave it with the front desk and ask for it back when you return.

Why?

Because thieves have learned how to crack these keys. What I'm talking about are the electronic door keys that look like a credit card and rely on a magnetic strip. Apparently gypsies and others around the world [and no doubt in the US] are now targeting these room keys. They watch around hotel exit doors and will pick your pocket, trying to get the key. They watch you walk away from the hotel, and then using a reader and some software that is apparently freeware, they determine the room number and the door code. They then create their own key and proceed to enter your room and steal everything you've left behind...including all the credit cards that you thought you were protecting from pick-pockets in the first place!

There goes your laptop...

What's more, those cards not only carry the room number and binary door code, but the hotel name itself can be determined, so even if they pick your pocket while you are at the restaurant, you are still nailed.

N

My employer provides a secure network drive for each employee. I put everything important there. I don't leave anything on my laptop.

I need to be able to work on planes, etc, so I use Windows Offline File Synchronization to mirror selected network folders to the laptop. I don't mirror anything vitally secret, though not sure what that would be. Suppose a competitor learns our portfolio holdings and copies them - he'd be stupid to do so as we might as easily lose money in the coming month as make it, it would actually help us if he buys the stocks we already hold (more buying demand = higher price), and we change our mind every day on holdings so the info rapidly becomes useless.

That was my thought. That, or I would leave it in the laptop bag.:)

That's what I meant by "removable media"... after I read JYL's reply, it occured to me that all media is indeed "removable" if you wanted to :)

Keep it on your key ring if that's the case. I don't keep mine there, but it's no bigger than my RSA security fob that I do keep there.

My Dell has a factory installed Lojack.

That might get your laptop back to you, but doesn't help protect your data (if the data is stored on your laptop).

Three rules I learned long ago from a senior VP:

1. Never take your eyes off your bag.
2. Never miss an opportunity to use the restroom.
3. When in doubt, bill it.

Let's see if I have this right... First thing in the morning, go to stall #3, sit all day looking at laptop bag, and then bill for 8 hours. I had no idea being an executive was this easy :)

ps: Seriously, I have found that #1 is impossible going through some airports.