A stolen laptop containing personal and protected health information of 1,700 clients of Catholic Social Services in Anchorage has resulted in a notification to the U.S. Dept. of Health & Human Services and affected clients.
According to a notice on the CSS’s web site dated March 30: on February 2nd, CSS learned of a theft that had occurred on February 1. A laptop used by a contractor of the Pregnancy Support and Adoption Services program had been stolen from the contractor’s vehicle. According to CSS’s report to HHS, the contractor was Trisha Elaine Cordova.
The laptop contained personal information on individuals who had requested a home study in order to adopt a child from 2008 – 2010. Information in the studies may have included some or all of the following for each individual: name, address, phone number, email, date of birth, driver’s license, health, family history, financial status, and recommendation for readiness to adopt.
CSS noted that they did not expect the thief to be apprehended as the theft took place out of state, although they did not indicate where it occurred.
Sadly, CSS makes the kinds of problematic statements that we have seen all too often:
Although the laptop has not been recovered, we believe that there is a low likelihood of identity theft. The laptop was password protected and we are uncertain if the information was accessed. However, as with any breach of personal information, some risk does remain.
Such statements reduce the likelihood of those notified taking prompt and effective steps to protect themselves from harm and should be loudly and roundly rejected by every privacy advocacy group and organization.
CSS did not offer those affected any free credit monitoring or credit restoration services. You can read their full statement on their site.