Modernizing Authentication — What It Takes to Transform Secure Access
"The laptop was stolen from a locked hotel room, we believe it was a random criminal act," Russell Wilkerson, a GE spokesperson, told internetnews.com.
Wilkerson said "evidence suggests the laptop was stolen for its physical value rather than for its content." The spokesman wouldn't elaborate.
Though Wilkerson did not identify the employee nor the hotel's location, he said the data was being used in a project. "We are considering disciplinary action."
In the letter, GE offered free one-year identity theft monitoring and credit checks.
Additionally, GE said it was assessing its procedures to safeguard personal information. Despite no data encryption and using only a password, the company has "strict policies in place for laptop and data security," according to the spokesman.
The news from GE comes on the heels of word from the Department of Commerce, which said more than 1,000 laptops are missing, 249 of which contain personal data.
"We are at a juncture," said Joe Wilcox, analyst at JupiterKagan. "Companies are allowing more mobile devices without putting in place firm policies to protect the data," he said.
Laptops containing business data and employee records are often brought home where the computers can be infected by spyware, Wilcox said.
In May, a laptop containing the personal data of 26.5 million vets was stolen from a VA employee's home.
Though the computer was recovered from two teenage thieves, the incident prompted the creation of the White House Identity Theft Task Force.
But attention to laptop thefts is a "distraction," according to Dave Taylor, vice president of data security strategies at Protegrity.
"We pay more attention to laptop theft than we need to and less on data theft," Taylor told internetnews.com.
A survey by AuthenTec, a biometric security firm, found 73 percent of consumers are concerned about ID theft, yet more than half of the 2,000 U.S. residents polled said they are not taking steps to prevent the practice.
Taylor said "there is a relatively low probability of ID theft" from stolen laptops. Laws concentrating on theft of property miss the mark.