Snatched laptop puts 40,000 at risk of ID fraud

About 40,000 US Chicago Public Schools (CPS) employees are at risk of identity fraud after two laptops containing their personal information were stolen late last week.

The computers were taken from the CPS headquarters, the organisation said in a statement. The laptops belong to accounting firm McGladrey and Pullen and its subcontractor, who were reviewing contributions to the Chicago Teacher Pension Fund, according to the statement.

The computers contain the names and Social Security numbers of employees who contributed to the pension fund between 2003 and 2006, the CPS said. The data does not include addresses, dates of birth or any other personal information, it said.

Speaking yesterday, a CPS official said the laptops had not yet been recovered. The official couldn't say if there are any indications the hardware was stolen for the information on the machines or for the laptop hardware itself.

A subject in the laptop theft has been identified, CPS said. Surveillance video was released to the media and a $10,000 reward offered for information leading to the arrest of the perpetrator or recovery of the stolen data.

There has been a string of data breaches in the US in recent years, many of which were reported publicly because of new disclosure laws there. The University of California at San Francisco recently said a possible computer security breach may have put 46,000 campus and medical centre faculty, staff and students at risk of identity fraud.

In 2005, UC Berkeley warned more than 98,000 people that the theft of a laptop from its graduate school admissions office exposed their personal information. That laptop was later recovered.

Since early 2005, more than 150 million personal records have been exposed in dozens of incidents, according to information compiled by the Privacy Rights Clearinghouse.

ID fraud continues to top the complaints reported to the Federal Trade Commission (FTC). Such complaints, which include credit card fraud, bank fraud, as well as phone and utilities fraud, accounted for 36 per cent of the total 674,354 complaints submitted to the FTC and its external data contributors in 2006.

CPS will pay for one year of credit protection for any current or former employee affected by the theft, it said.

Joris Evers writes for CNET News.com