Univ. of Michigan credit union warns of stolen data

June 8, 2006

By Jaikumar Vijayan, Computerworld


The University of Michigan Credit Union Thursday confirmed that a data theft that apparently took place last summer but was not discovered until March may have resulted in some of its members becoming identity theft victims.

Jim Mattson, president and CEO of the Ann Arbor-based credit union, said that documents containing the personal information of about 5,000 of the credit union's 42,000 members were stolen from one of its storage rooms last summer. The documents were supposed to have been digitally imaged and then shredded. Instead, he said, they appear to have been stolen.

One person has been fired by the credit union in connection with the theft, he said. At this point it is not clear how many records were shredded and how many may have been compromised.

The incident was not discovered until March when Michigan State Police raided a house in Detroit and discovered several loan records and applications from the credit union. So far, "less than 100" people have fallen victim to identity theft as a possible result of the compromise, Mattson said.

In most cases, the stolen information was used to open credit card accounts.

"Just to be safe, we sent letters to all 5,000 urging them to be alert" for ID theft, he said. The letters were sent in mid-March, one week after the Credit Union was informed of the breach.

After the incident, the Credit Union decided to move away from its use of paper records to electronic record keeping, he said.

[an error occurred while processing this directive]