• On TV.com: THE GIRLS NEXT DOOR photos
advertisementAT&T Tech Support 360

December 18, 2006 7:51 AM PST

Boeing employee fired after laptop stolen

By Dawn Kawamoto
Staff Writer, CNET News

  • Print
Related Stories

Stolen Boeing laptop held ID data on 382,000

 December 14, 2006

Boeing announced last week it fired an employee who it said violated company policy by downloading sensitive information onto a laptop without using encryption technology. Boeing took the action after learning the laptop, which contained personal information about 382,000 Boeing employees and retirees, had been stolen from a car. The theft of the laptop put those whose information was on the machine at risk for identity theft.

The theft marked the third time in roughly a year in which a laptop containing sensitive personal information about Boeing employees and other individuals was stolen. A laptop stolen in April contained personal information on about 3,600 people, and one stolen in late 2005 contained information on 161,000.

See more CNET content tagged:
laptop computer, personal information

Add a Comment (Log in or register) 27 comments
Telecommute????
by pinkrockafella December 18, 2006 8:49 AM PST
.........from a personal source, all Boeing telecommuters are to begin reporting to their nearest home office. Looks like "work from home" jobs are going to go Bye-bye..........
Reply to this comment
Hope this is a trend
by macdaddybob December 18, 2006 8:53 AM PST
I'm so sick and tired of information being put on laptops that are then stolen. If everyone in the chain of command knew their job was on the line if this happened (employee, manager, IT manager, etc.), it would probably happen less. I don't even have that sensitive of information on my work laptop, which I take home, but always put it in the trunk and out of sight when I stop at the store "just for a minute." Smash and grabs happen too fast.
Reply to this comment
stolen... right
by davaal December 18, 2006 9:03 AM PST
so a person with access to sensitive information, and who should have known better, DL'ed info and didnt use an encryption... lemme ask this: why did he download it to a laptop rather than something a little bit easier to secure?

or better yet

how much do ya think he was paid to download sensitive info to an unsecured laptop and leave it in his car?
Reply to this comment
HEY X-FILES BURNOUT WHERE R MY FRIES?
by NRecob December 18, 2006 9:34 AM PST
"how much do ya think he was paid to download sensitive info to an unsecured laptop and leave it in his car?"

Amazing. Talkin about too many reruns of "The X-Files"...get a freakin life....not EVERYTHING is a conspiracy moron-wake up ;)
View all 2 replies
Don't leave it in the car!!!!
by robbtuck December 18, 2006 9:28 AM PST
Duh.
Reply to this comment
FAKE SANTAS!
by Commander_Spock December 18, 2006 10:01 AM PST
H.....mmmm..... Let's see, imagine NORAD'S Military Personnel downloading "highly" sensitive defense information on a loptop and getting that laptop stolen and falling into the hands of the "bad" guys - what then? Come on now BOEING, put on that thinking cap (a bit late for that - huh)!
Reply to this comment
The correct action
by slickmachines December 18, 2006 10:22 AM PST
Boeing acted correctly in this situation. After two breaches of security it's time for Boeing to make an example of someone so that other employees finally understand the seriousness of this issue. And, no one should leave their laptop in the car, EVER.
Reply to this comment
What example are we talking about?!
by Kostagh December 20, 2006 5:48 AM PST
The right example would have been to file charges for negligence and ask for civil compensations on behalf of all those in the list! Just put in 10 bucks for each and I guarantee no Boeing employee would ever "download" sensitive info on his laptop.
BTW... what the heck did he say he was going to do with it on the laptop?!
Simple Solution!
by Commander_Spock December 18, 2006 10:36 AM PST
IBM's WorkSpace-On-Demand (WSOD) requiring no Hard Drive - Duh!
Reply to this comment
good start
by randomandy December 18, 2006 10:57 AM PST
Yes! Finally a company gets beyond "we're really really sorry."

But I agree with others' comments. The added public step by all companies in such situations needs to be to let the world know the individual is being thoroughly investigated for possibly having done it deliberately.
Reply to this comment
Monkey see...
by `WarpKat December 18, 2006 11:02 AM PST
It's almost a trend - you see one person do it, and then you decide to do it.

It's the mentality that, "this will never happen to me," that gets people into trouble, so they end up doing it anyway.

I think this is the right course of action for Boeing or any other company that allows users to take laptops home - fire irresponsible people.

The data on the laptops is what's important, not the laptops themselves.

Telecommuters should be forced to take a simple and instructive training course on the proper use of laptops - from how to access company networks to storage when on the road.

And just because you have a BIOS password on it doesn't mean it can't be reset.
Reply to this comment
I've always wondered why ..
by yo-jim-bow December 18, 2006 11:46 AM PST
Why did this person need to have info on 300,000 people on a laptop? Was he going to do his Christmas Cards? Get set up for GirlScout cookie time?
I assume that Boeing has a server with this stuff on it, so why the need to lug it all home?

If I had my "company" laptop stolen, the swipers would have some quarterly reports and 20 CDs or so of music. And my grandkids photos.
I have, what they call, a VPN account, and the password is in my brain (with a paper copy in my sock drawer).
***!
Reply to this comment
it is amazing how often this happens
by qwerty75 December 18, 2006 1:46 PM PST
An idiot at my school decided to download sensitive faculty info on a flash drive on her keychain and took it with her. Of course it got stolen.

The stupidity of people never ceases to amaze.

At least some software companies are working on this problem. A company I recently interviewed with is developing software that does not allow downloading and transfer of data except under certain circumstances set by the customer.

It is sad that this sort of project is necessary, but as long as idiots and/or malicious employees exist it is.
Reply to this comment
Who Owned The Laptop?
by CancerMan2 December 18, 2006 4:53 PM PST
Did Boeing provide the laptop to the employee, or was it his own? If Boing provided it, then they should have ensured that it was configured with encryption by default. Notice that the story does not say that it was against Boeing policy to have downloaded the info, only that the info should have been encrypted. We are not getting the whole story here. Is this employee being scapegoated for a larger Boeing failure?
Reply to this comment
Boeing is the only one to blame
by Buzz_Friendly December 18, 2006 6:03 PM PST
Because Boeing allowed the situation to happen if Boeing had simply followed some simple solutions. All hard disk should be fully encrypted using many free or retail packages available. Enforce policies to block USB drives, removable media etc. For a small or perhaps no fee at all Boeing could have saved itself money, attention, the employee (who by the way needs to know less about encryption and more about what they are paid to do) and last but not least peoples personal information. If I were the man atop Boeing the first person fired would have been the CTO.
Reply to this comment
What kind of security is this?
by wbenton December 19, 2006 6:45 AM PST
Firing an employee for doing something he was capable of doing because of the access rights granted him.

Who granted him those rights? That is the person whom should be fired!

There is ONLY ONE WAY to strong security...

To start with, tie everything down and give NOBODY access to ANYTHING.

Then with certain need, have a request placed for ONLY the required access, minimally open up only what is required and for the time required. Ensure the time has a short deadline of a maximum of 3 months such that it gets reviewed every 3 months to see whether such access is still required or not.

A constant review of who has acces to what and whether it's required or not should already be ongoing... but apparently not.

But I still can't believe a Defense Contractor would have such lax security.

Fireing the guy won't keep it from happening again. Firing the current security management team WILL however give them one last chance to do things the right way if they get a good/new security team to replace the current so-called security team.

Walt
Reply to this comment
Fake data
by dmm December 19, 2006 7:35 AM PST
I'm really tired of hearing that "the employee needed to have 100,000 employee records to test his program." Hasn't anyone ever heard of using fake data for testing? If you're capable of writing software, you should be capable of making fake data. No excuses.
Reply to this comment
It was probably an Apple laptop
by iZune December 19, 2006 8:12 AM PST
Apple is so evil
Reply to this comment
wow thats insightful
by hobbesca December 20, 2006 9:33 AM PST
clearly you are huge fan, any time you get a chance to shoot your
mouth off you do it. nice work buddy
Old fashioned way of stealing
by Gorditon December 19, 2006 8:55 AM PST
I dont' know why the article mentioned he downloaded dangerous software. I mean, did it matter? The laptop was stolen. It's not like an installed Norton will electrocute a thief and stop him from putting his hands on the laptop
Reply to this comment
Misdirection...?
by MD525 December 19, 2006 9:16 AM PST
While I am glad Boeing took some action I think that this is a huge case of a scapegoat. Yes, of course there is culpability for the employee but he or she should not serve as the whipping boy for Boeing's mistakes. I would really like to see Federal Regulations that are set up to protect the Personal information would actually be enforced and punish the company. I think if companies would see the cost of their errors they would have more incentive to take the extra step to protect the information.
Reply to this comment
Punishment fits the crime
by mjd420nova December 20, 2006 8:34 PM PST
I guess I'd be rather upset if I was the CIO and one of your vulnerable sources of info is now outside the company. What ever happens, if the corporate bosses have to answer up to either the feds, the public or shareholders, the the responible individual is no longer working for you. What possesses these people to take chances with vital info. The government does not have a monopoly on stupidity.
Reply to this comment
 See all 27 Comments >>
advertisement
Click Here

Latest tech news headlines

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

More feeds available in our RSS feed index.

Markets

Market news, charts, SEC filings, and more

Related quotes

Dow Jones Industrials (6.54%) 494.13 8,046.42
S&P 500 (6.32%) 47.59 800.03
NASDAQ (5.18%) 68.23 1,384.35
CNET TECH (5.95%) 56.25 1,002.00
  Symbol Lookup
advertisement

Inside CNET News

Scroll Left Scroll Right
News
Latest news
Business tech
Green tech
Wireless
Security
Media
Popular topics
Apple iPhone
Apple iPod
CES
Cell phones
Dell
GPS
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
Corrections
Customer Help Center
RSS
What's new
About CNET