Aflac clients' data stolen

August 22, 2006

By Peter Hull

Insurance giant Aflac said Monday that a laptop computer containing personal information on hundreds of customers was stolen from an agent's car in the Greenville area.

The computer contained names, addresses, Social Security numbers and birth dates of 612 policy holders, said spokeswoman Laura Kane.

After the theft was reported, the Columbus, Ga.-based company notified all affected customers in a letter dated Aug. 11.

Kane said the insurer, also known as American Family Life Assurance Co., believes the computer was taken by an opportunistic thief, not someone who was after the data on it.

The information is protected by a password, she said. Also, the computer is equipped with tracking software that will alert officials when the computer is connected to the Internet.

As of Monday that had not happened, she said. "Right now we're working with the authorities," Kane said.

She said local law enforcement was handling the investigation. Typically, crimes associated with financial institutions, including bank fraud, credit and debit cards, computer crimes and identity theft are investigated by the federal Secret Service.

Aflac's announcement is the second possible security breach to affect South Carolina consumers in as many weeks. Earlier this month, North Charleston-based publisher BookSurge LLC said a hacker possibly infiltrated its computer system.

The company said Aug. 8 that an "unauthorized individual" might have gained access to files on a computer server that contained credit card data and other account information for about 42,000 customers and authors. In response, BookSurge said it was taking additional but unspecified security measures to help prevent such incidents from recurring.

Lost or stolen computer data is becoming a growing problem for businesses. A study released last week by privacy research firms Ponemon Institute and Vontu Inc. found that 81 percent of firms surveyed reported losing one or more laptops containing sensitive information during the past 12 months.

When asked how long it would take to determine what sensitive data was on the lost or stolen equipment, the most frequent answer was "Never," according to the study.

main page ATTRITION feedback