21 Jun PC with 66,000 records at Australian Institute of Company Directors stolen
THE information of 66,000 Australian Institute of Company Directors members and clients has been stolen following the theft of a single computer.
This includes the personal information of 28,000 members such as names, addresses, phone numbers, date of birth and member number.
Members range from some of Australia’s largest public and private companies to small, private family businesses.
The stolen machine did not contain information about credit card numbers, banking details, personal email addresses of members and clients or passwords.
The AICD made the admission in a statement today following the incident in Sydney last weekend.
The organisation is confident the data on the desktop cannot be compromised as the machine was protected although it admitted the data itself wasn’t encrypted.
The organisation was undergoing a major customer relationship management (CRM) upgrade and had used the PC as a “test machine”. However it also used “live” personal data.
That data was transferred from its servers to the desktop’s hard disk to facilitate testing.
During a scheduled power outage at its office building, the security doors to its office were temporarily disabled. Although security guards were present, it is believed that the theft occurred during that time.
The AICD doesn’t believe it was the victim of a targeted attack.
“We believe it was opportunistic due to the positioning of the computer (near the door),” AICD spokesman Steve Burrell said.
Mr Burrell said only the computer was taken.
It has alerted members, clients, police and the Privacy Commissioner to the theft.
“While we are of the view that the risk is low, we take this matter and the privacy of our members very seriously,” John Colvin, Company Directors’ CEO, said in the statement.
“With the police and forensic experts, we are investigating the theft and reviewing our security. We have also consulted the Privacy Commissioner and are following his best practice guidelines in dealing with this.
“This loss of data was the result of criminal activity involving the theft of computer hardware. We have assured our members and clients that we have strong data security precautions in place and that our data storage and other systems, including our website, are not compromised in any way.”
http://www.theaustralian.com.au Fran Foo