[ news_security_news ]
Aetna Loses Data On 38,000 Members
David Utter
Staff Writer
2006-04-27
 Insider Reports RSS Feed
The latest edition of the SPN Idiot Watch award goes to an unnamed and presumably former employee of the Aetna insurance firm for taking the company's "We want you to know" far too literally.
Aetna CEO and president Ronald Williams probably did not want everyone to know that an employee who didn't follow procedures managed to lose a laptop containing personal member information. But in the interest of disclosure, Aetna did issue a press release about what happened.
"In this case, our employee did not follow our corporate policies, and it was coupled with a criminal theft," said Williams. "In light of this, we are augmenting our efforts to ensure employee compliance with all Aetna security requirements."
The employee left the laptop in a personal vehicle in a public parking lot. Despite repeated incidents of laptop theft being reported in the media, and Aetna's internal policies and code of conduct regarding laptop security, the plum prize was left where it could be stolen, and it was.
A poster at the Consumerist website identified herself as an Aetna staffer, and said the company requires passwords of a minimum six characters in length with at least one letter and one number.
Also, Williams said in the statement the data was secured with strong-password authentication, and they had no indication data had been compromised.
We hope that the authentication applies to applications accessing the data on the laptop and not just the login to the laptop itself.
---
Tag: Aetna
Add to | DiggThis | Yahoo! My Web | PreFound.com
Get all the updates in RSS: 
About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.
More news_security_news Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
