According to PC World, a data breach occurred Colt Express Outsourcing Services when thieves broke into the company's Walnut Creek, California offices and stole several computers. Colt Express administers the benefit plans for C/NET and other companies. About 6,500 C/NET employees have been notified.
The computers contained very sensitive personal information including names, birth dates, Social Security numbers and employment information. This story highlights the fact that outsourcing vendors can be identity theft targets, since these vendors are a rich source of sensitive data about employees and contractors.
Four days after the break-in, Colt Express installed a security system with an alarm. It is unclear whether the information was encrypted or not. According to the PC World news story:
"Customers looking for free credit-monitoring services from Colt Express should not get their hopes up, however. Colt's letter included some marketing materials for Kroll, a company that helps companies respond to data breaches, but the information was provided "only out of courtesy and to give you an idea of the types of services available... By this letter and enclosures we are providing you with all the information we believe you need and that we are able to give you. We do not have the resources financial and otherwise to assist you further."
Apparently, Colt Express is going out of business. Regardless, I encourage the affected companies to look for a benefits plan administrator with strong data security processes in place. Or, the affected data breach victims should pressure their employers to select a benefits plan administrator with strong data security. Colt Express is not very responsive to the needs of its data breach victims. I've Been Mugged readers are well aware of the damage identity thieves can do with stolen Social Security numbers.