 | |
| |||||
March 16, 2006
|
|
|
The employee handled some of the tax functions Ernst & Young does for IBM's workers.
Ernst and Young states that the company does tax work for current and former overseas employees of IBM. In this role, the auditing firm needs information such as an employee's address, family size, US social security number and tax identification number. It then holds onto all of this information for at least seven years.
The incident puts a number of IBM employees at risk of identity theft as IBM operates under an offshoring model called "best shore", concentrating activities in global centers of excellence.
The husband of one IBM employee has provided The Register with an exclusive copy of the letter Ernst & Young mailed out to the affected parties. This particular letter did not arrive until March 8 - two months after the theft.
| Excerpts: "The IBM Corporation (IBM) has for the past two years engaged Ernest & Young to provide tax services and expatriate administration for you and other IBM employees. We are writing to inform you that an Ernest & Young employee recently had a laptop containing personally identifiable information of IBM employees stolen from his car. Appropriate security and police personnel were contacted and a police report filed." "The employee whose laptop was stolen is part of a group in our tax practice that works regularly with historical data files, assisting our Global Mobility and other tax professionals with data conversion, formatting and analysis," Ernst and Young wrote in the letter. "In connection with his job, the employee ran reports, which result in files being created on the laptop. "We have determined that the laptop contained various personal information for a select number of IBM employees. Among the items of information included for some or all of these employees were name, address, US social security number, e-mail address, and country where stationed." |
Ernst & Young has offered those affected a free, 12-month credit monitoring service provided by Experian. The service includes a hotline that IBM employees can call.
UPDATE: Ernst & Young pushed forward a company-wide rollout of encryption software made by Pointsec. Employees were ordered to install the software on March 9, according to The Register.
RELATED
Ernst and Young fails to disclose data loss, reveals The Register
Ernst and Young loses four more laptops
Deloitte and Touche loses data on thousands of McAfee employees
 E-mail this story
 Printer-friendly version  Bookmark this page |
Custom Search
|
|
|
