Social security numbers have been exposed

Jan 14, 2015 22:59 GMT  ·  By

A laptop containing sensitive information has been stolen from the Law Offices of David A. Krausz, putting personal customer data at risk of exposure to unknown entities.

David A. Krausz said in a letter to the affected individuals that the incident occurred last week, on January 6, and that the computer was storing identifiable information, such as names, social security numbers, and dates of birth.

It is unclear if data regarding the cases the law firm was working on or financial info belonging to customers was available on the stolen computer, as such details were not specified.

At least 500 Californians are impacted

The law firm did not reveal how many people were impacted as a result of the theft, nor if the data was encrypted on the laptop or not; but California law says that a business has to inform the Attorney General’s office in case of a breach affecting more than 500 residents of the country, whose unencrypted personal data was “acquired, or reasonably believed to have been acquired, by an unauthorized person.”

The simple fact that the office of the Attorney General in California received on Monday a copy of the notification delivered to the customers offers some answers, especially regarding the encryption state of the data.

At the moment, there is no evidence that the stolen data has been misused, and it is unlikely that it would be, as in most computer theft cases the thief is more interested in the electronic device itself than in the files it stores.

Steps to protect against identity theft

Unlike other businesses, Law Offices of David A. Krausz did not offer the affected clients complimentary subscription to identity protection services.

Instead, it provided steps that can be taken to identify and protect against fraud attempts, such as contacting one of the three nation-wide consumer reporting companies and placing an initial fraud alert on the credit reports.

“When you place the alert, you will get information about ordering one free credit report from each of the companies. It is prudent to wait about a month after your information was stolen before you order your report. That is because suspicious activity may not show up right away,” the advice reads.

Customers are also advised to be aware of phone calls, emails or other type of communication that asks for personal information, as they may be part of a phishing scheme.