Boeing has lost a laptop containing the Social Security numbers, names and home addresses of 382,000 current and former employees. The laptop was stolen in early December from an employee's car, the company admitted.
The theft pushes the tally of US data breach victims past the 100 million mark. Since California passed a law obliging companies to make public any loss of personal data, there have been 100,152,801 victims said Beth Givens, director of consumer advocacy group Privacy Rights Clearinghouse.
Privacy Rights Clearinghouse has been tracking data breaches since February 2005, when ChoicePoint disclosed that thieves had stolen information on 163,000 victims from the company's database.
The ChoicePoint incident was remarkable because although the data broker was obligated to disclose the theft to victims living in California - the only state with a breach notification law on the books - it decided to notify everyone, Givens said. "That was the first time, to the best of our knowledge, that a breached entity decided to disclose the event to individuals nationwide," she said.
"That was a watershed event," she added, "because other entities that had experienced breaches started disclosing the situation to individuals nationwide."
Since the ChoicePoint incident, data security has been in the spotlight, and breaches at the USDepartment of Veteran's Affairs and, most recently, Boeing and the University of California, Los Angeles, have received national attention.
Givens believes that the actual number of names that have been compromised since ChoicePoint is probably much higher than her tally. "I think the number 100 million is largely a fictional number, but what it really indicates is that this is a very significant problem," she said.
She couldn't say whether all the publicity has made consumers any more secure. "It's quite obvious from the listing that we've compiled that we're in a very leaky boat when it comes to data security," she said. "I don't think that consumers can feel confident about the protection that their personal information receives."