Honeywell blames ex-employee in data leak

February 6, 2006

By Robert McMillan,10801,108434,00.html

Honeywell International Inc. says a former employee has disclosed sensitive information relating to 19,000 of the company's U.S. employees.

Honeywell discovered the information being published on the Web on Jan. 20 and immediately had the Web site in question pulled down, said company spokesman Robert Ferris.

In court filings dated Jan. 30, the company accused former employee Howard Nugent of Arizona of accessing the information on a Honeywell computer and then causing "the transmission of that information."

Nugent has since been ordered not to disclose any information about Honeywell, including "information about Honeywell's employees (payroll data, Social Security numbers, personal information, etc.)," according to a Jan. 31 order signed by Judge Neil Wake of the U.S. District Court for the District of Arizona.

The precise method Nugent is alleged to have used to gain access to the information, and why he may have disclosed it, is not clear.

In the court filings, Honeywell claimed that Nugent "intentionally exceeded authorized access to a Honeywell computer," but the integrity of Honeywell's computer systems was not compromised, Ferris said.

"Nobody hacked into systems," he said, without disclosing further details on the data breach.

Honeywell employees were notified of the breach via e-mail on Jan. 23, just days after it was discovered, and the company has since mailed notices about the compromise to all affected employees, Ferris said.

The company is working with federal and local authorities on the case, but Ferris declined to comment on whether criminal charges were expected to be filed.

Nugent could not be reached to comment for this story.

[an error occurred while processing this directive]