Mansfield, Ohio -- Area Agency on Aging: Breached due to Lost Laptop

On June 3, an employee of the Area Agency of Agency in Mansfield, Ohio had a laptop stolen from their car. This resulted in the exposure of personal data related to 43,000 customers.  The laptop was assigned to a Passport case manager. The personal data was health related in nature and also contained the  personal contact information of 35,000 related clients' personal representatives.  


According to a report in The Morning Journal  the Area Agency on Aging had the following response to the Breach:

“The Area Agency on Aging understands the importance of safeguarding our consumer’s personal information and takes that responsibility very seriously,” said Duana Patton, chief executive officer. “We deeply regret that this incident occurred, and we have already taken steps to ensure our laptops are properly equipped to secure personal information from unauthorized access in the future.” 

Unfortunately many organizations take a reactive approach to encrypting endpoint devices such as laptops and cell phones that may contain sensitive information. 


Oil giant BP, had a similar incident this spring in which an employee lost their laptop during routine business travel. The laptop contained  unencrypted personal data such as names, social security numbers, and dates of birth for over 13,000 people who submitted claims with the company after last years oil spill. 


According to Ponemon's "Cost of a Lost Laptop" report, a lost or stolen, unencrypted laptop, will cost an organization $20,000 more than if an encrypted laptop is lost or stolen. Read the full Ponemon report here: Cost of a Lost Laptop Study - Ponemon

77% Of Business Experienced Data Loss Last Year

A survey of over 2,400 IT security administrators conducted by Check Point and Ponemon reveals 77% of businesses experienced data loss last year. This number does not correlate with the number of reported breaches, but with increasing stringency of compliance regulations, we may begin to see more and more reported breaches.

The study’s research shows organizations are struggling with the growing set of security priorities and limited employee awareness about corporate security policies. Over 55 percent of companies surveyed are using more than seven vendors to perform security tasks. Because of this, organizations struggle with minimizing TCO and maximizing performance.

Approaching security with a holistic view of an organization’s technology is the first step in enforcing better protection. This helps to determine where risks can reside. Security is more than a simple technology solution. Aligning IT security with business needs requires a combination of policies, people and enforcement.

Sony Share Price in Tokyo Tumble

Sony's recent breach has affected the personal data of up to 100 million users. As one of the largest data breaches to date, Sony estimates that it will result in a $170 million hit to its operating profit.

The financial affects do not stop there. Brand "pain" or the financial losses experienced by loss of consumer confidence will likely be much greater than the $170 million hit on operational profits. The breach has already sent shares down more than 2% in Tokyo. Sony is not the only company to experience a drop in stock prices after a major data breach. The figure below is a sampling of other companies who experienced a similar drop.

The cost of a data breach will be detrimental to your organization. Develop a plan to protect your data to decrease the likelihood of a breach.