Does it ever make you nervous just how secret and secure your employer is keeping your personal information?
Tonight, the tale of a West Valley man who decided to Get Gephardt when he found the names, social security numbers, and other personal information on a computer once used by one of Utah.s largest employers.
Does it ever make you nervous just how secret and secure your employer is keeping your personal information?
Tonight, the tale of a West Valley man who decided to Get Gephardt when he found the names, social security numbers, and other personal information on a computer once used by one of Utah.s largest employers.
We're talking about 6,244 people, all employees of intermountain health care who, until now, had no idea their private employee records were literally given away.
Their most precious information, perfect for an identity thief, sat in a laptop computer at a local Deseret Industries store available for anyone to buy for just $20.
How could one of Utah.s largest employers allow this to happen?
"6,000 names and social security numbers," says Michael Funaro.
Holy smokes!
Michael was furious when he turned on this old computer and found everything he needed to steal the identity of more than 6,000 employees.
All of them current or former employees of Intermountain Health Care, one of the largest employers in Utah.
"I don't want the responsibility of having 6,000 names and social security numbers in my possession," says Michael.
Michael called me because he was outraged that it was so easy to get supposedly confidential, protected information.
You see, someone stole his wife, Tamara's, identity, and the couple is still trying to clear her name.
"I know how much that stressed us out, and what kind of trouble it put us in," says Michael.
Michael got the computer from this Deseret Industries in salt lake.
His father actually bought two similar laptops for $40, but only one worked. The one with all of that personal information from I.H.C. employees from across the entire state.
Deseret industries and other second hand stores display for sale countless donated, used computers from both individuals and from business and industry.
So, just how many other computers being sold here have personal information? I don't know I haven't looked.
But they are donated, or sold as used. Hundreds, thousands, millions . from businesses which decide to upgrade their whole office.
Or individuals, who own a computer for 2 or 3 years, and then find they want to upgrade.
Can the information that remains behind on those machines . passwords, credit card numbers, social security numbers, secrets, web sites visited . really be erased?
Bronwyn Gottwald was one name we found on the computer.
"It's almost like being robbed at home," she says.
We tracked her down at her new job.
When Bronwyn worked at I.H.C. she says she had to provide all her personal information for a background check.
It's the same information employees are required to give to their employer wherever they work.
"You sign an agreement that they will use it only for that, that it won't be sold or let out any other way," says Bronwyn.
Even years after leaving I.H.C., her personal information escaped the promised security.
"The more I think about it, the more upset I get," says Bronwyn.
Jess Gomez is another name we found on the computer.
Gomez is a long-time spokesperson for Intermountain Health Care, and was surprised that his own employee information was on the donated computer.
"We have very strict protocols for the disposal of all of our technology," says Jess.
The computer has a sticker that clearly shows it came from Intermountain Health Care. And there is even a card that shows the computer comes from the company's personnel department.
It was taken out of service in 2002.
Back then, protocols called for deleting all information from the computers, a process that was thought to prevent any information from getting into the wrong hands.
But it didn't work.
"For whatever reason, that file was not deleted in this cleansing process and it remained in the computer-unknowingly," says Jess.
Jess Gomez tells me the information he, and his workmates, entrusted to I.H.C., was missed back in 2002 when someone donated the laptop to Deseret Industries.
"The protocols have changed significantly," says Jess.
Today, all I.H.C. computers taken out of commission are completely "scrubbed" like before.
But since they have discovered that no one can truly say that scrubbing and deleting will clean everything, they go one step further.
"I think that the fail safe safeguard for that information is to physically destroy it. And that's what we've done now," says Jess.
That's right Intermountain Health Care now physically takes out the hard drive, and smashes it.
As for this computer we found, with all those employee records, I.H.C. agreed to buy it back for what Michael paid.
I returned the money to Michael but he was more pleased to be out from under the responsibility of possessing such delicate information.
"I appreciate that," says Michael. "Hopefully they're going to do something with it."
There is no indication that any of those I.H.C. employee names and social security numbers have been compromised.
So, before you consider giving away your old computer, ask, .is there a fool-proof way to absolutely erase everything?.
One way is to destroy the hard drive.
Foolproof.