Parcels giant UPS has taken remedial action in the wake of the theft of a laptop from one of it’s employees while on business abroad in October 2008. The theft was reported by the “Daily Mirror” on 14 November.
The laptop, which was not recovered, was password-protected but the data was unencrypted. It contained the payroll data of some 9,150 UK-based UPS employees. The information included personal details, such as the employees’ names, addresses, dates of birth, National Insurance numbers, as well as salary and bank details. All UK employees were notified by UPS of the theft and precautionary measures were organised for them.
Action taken by the company includes the encryption of all its UK laptops and smartphone devices. UPS has also signed an undertaking to assure the Information Commissioner’s Office that personal information will be kept securely in future.
Mick Gorrill, assistant information commissioner, said: “Password protected laptops are not secure. I urge all organisations to restrict the amount of personal information that is taken off secure sites. I am pleased that UPS has encrypted its laptops and smartphones, and I urge other organisations to follow suit.”
