New Mexico's PERA Suffers Security Breach
Names, addresses, bank routing numbers, account types, account numbers and more may have been exposed.
Two laptops, one containing sensitive information on 100,000 members of New Mexico's Public Employees Retirement Association (PERA), were recently stolen from a pickup truck.
"A Ford pick-up truck belonging to a third-party contractor was parked for eight hours on the night of June 12 in the lot of a Clovis Comfort Inn & Suites," writes SC Magazine's Greg Masters. "Thieves broke into it and stole two computers, one of which held the PERA data."
"At the time of its theft, the Dell laptop was in the possession of Robert Peixotto, a 28-year-old auditor at Atkinson & Co., according to the Clovis police report," writes The Santa Fe New Mexican's Trip Jennings. "PERA said last week that Atkinson is an Albuquerque accounting firm hired to perform an annual audit of the state agency. The stolen laptop possibly containing PERA information was owned by the Atkinson firm, the report said."
"While PERA has no reason to be believe that the computer was stolen for the information it contained, we want to make every effort to safeguard any unauthorized access to the information," PERA said in a statement [PDF file] on its Web site. "PERA is encouraging all members, former members, and retirees to protect themselves by placing a free Fraud Alert on their credit files. Retirees are also encouraged to notify their bank or financial institution of the possible security breach."
"Threatpost reached out to Atkinson and Company LLP to ask them if they encrypt the laptops on which they store client data, but a spokesperson refused to comment and promptly hung up the phone," writes Threatpost's Brian Donohue. "The stolen computer is thought to contain names, addresses, bank routing numbers, account types, account numbers, payment amounts and PERA identification numbers."