EPIC Insurance Admits Security Breach
Names, addresses, birthdates, driver's license numbers, Social Security numbers, bank account information and health data may have been exposed.
Edgewood Partners Insurance Center (EPIC) recently began notifying an undisclosed number of people that their personal information may have been exposed when five laptops were stolen from its offices (h/t DataBreaches.net).
During the night of July 16, 2013, five password-protected but unencrypted laptops were stolen from EPIC's San Francisco office. When the theft was discovered on July 17, 2013, the company notified law enforcement and hired a computer forensics company to investigate.
The investigation found that one of the stolen laptops, which hasn't been recovered, contained information regarding current and former employees, job applicants, and independent contractors, as well as some current and former employees' beneficiaries and dependants. The information may have included names, addresses, birthdates, driver's license numbers, benefits information and Social Security numbers, along with some bank account information and health information.
All those potentially affected are being offered one year of free credit monitoring and identity theft protection services from Experian's ProtectMyIDAlert.
"We deeply regret any inconvenience this may cause you, and to help prevent something like this from happening in the future, we are conducting a comprehensive review of our information security practices and procedures and will implementing new security measures over the next 30 days, including adding encryption software to all EPIC laptops," EPIC executive vice president and general counsel Daniel J. Crawford wrote in the notification letter [PDF].