This is one of those good news, bad news stories, but it’s may be more like bad news, good news in this case:
The charity long known for turning donated cars into life-changing transportation for the needy is sending out thousands of letters this week.
The news inside isn’t ‘good’ at all.
The notices are going current and former donors notifying them they are now at some risk of identity theft.
The news follows a burglary at the home of an employee on Nov. 25. when a thief broke into a locked car — inside a garage –stealing a backpack.
Investigators are not revealing where the burglary took place — only that it was somewhere in Vermont.
The backpack contained a data tape encrypted with the names, addresses and — in some cases — social security numbers of Good News Garage donors dating back fifteen years.
Read more on WPTZ.
I’m glad to hear the tape was encrypted, but I’m not clear why the charity notified 14,000 if the data were encrypted. Did they have any reason to think the encryption wasn’t strong enough? Otherwise, their decision to notify may have been an ethical one but possibly unnecessary and costly one.
Update December 28, 2011: It seems the tape wasn’t encrypted. See this letter from the firm’s lawyers to the New Hampshire Attorney General’s Office. The tape also contained a lot more data than reported in the media coverage. In some cases, protected health information, driver’s license numbers, and/or bank account (direct deposit information).