Personal Data Belonging to New Mexico Retirees at Risk After Laptop Theft

The personal information of some 100,000 members of the New Mexico Public Employees Retirement Association (PERA) is at risk after a thief broke into a truck belonging to an employee working for the company hired to perform PERA’s annual audit and stole a laptop containing the sensitive data.

New MexicoThe personal information of some 100,000 members of the New Mexico Public Employees Retirement Association (PERA) is at risk after a thief broke into a truck belonging to an employee working for the company hired to perform PERA’s annual audit and stole a laptop containing the sensitive data.

The company responsible for the laptop was a consulting and certified public accounting firm, Atkinson and Company LLP. According to the police report obtained by the Santa Fe New Mexican, a company employee, Robert Peixotto, left the laptop in his truck in a Clovis, N.M., Comfort Inn and Suites parking lot. The police report indicates that the vehicle was broken into from the passenger side and that the items stolen included two laptops, one of which belonged to Atkinson and Company, as well as an iPod.

Threatpost reached out to Atkinson and Company LLP to ask them if they encrypt the laptops on which they store client data, but a spokesperson refused to comment and promptly hung up the phone.

The stolen computer is thought to contain names, addresses, bank routing numbers, account types, account numbers, payment amounts and PERA identification numbers.

Calls to the New Mexico Attorney General and PERA were not returned by the time of publication.

The police report later notes that Peixotto reached out to a local pawn shop where stolen goods are often recovered. The pawn shop contacted Peixotto on Friday and informed him that someone brought in a laptop case belonging to him that day. When Peixotto went to the pawn shop he confirmed that laptop case was his but that he had never seen the laptop stored within (which the police later learned was also stolen).

PERA has been actively reaching out to all of its members. In a statement, PERA says it has no reason to believe that the laptop was stolen because of the information it contains, but they are still encouraging that all former and current members place fraud alerts on their credit files.

“We expect our vendors to take proper precautions, and leaving a computer in a locked car in a parking lot is not what we expect,” PERA’s executive director, Wayne Probst told The New Mexican. “That’s unacceptable. We are seeing what the consequences are. We are going through an incredible amount of expenses reacting to this.”

Suggested articles

Discussion

  • Rod on

    Common mistakes done by unawareness people. Most of the time statements like "We expect our vendors to take proper precautions, and leaving a computer in a locked car in a parking lot is not what we expect," are heard often when it has already happened and not before in awareness campaigns, as it must to be...  

  • f0real on

    Why did the guy have the information in the first place?

  • Anonymous on

    "Mew Mexico?" My brother works IT in a high crime area, where his vehicle gets broken into often. He has a a metal chest with a recessed lock, welded/bolted to the deck, high pitched alarm. Seems to work pretty good.
  • jaybeeinabq on

    PERA should notivy EVERY member of the risk involved, precisley. What "should" we do, exactly and for what events should we attempt to protect oursleves.

    for those of us retirees, for whom, our pera benefits constitute our income, this is an issue which is very, very important.

    Dammit, can we lose money and if so, how?. How can we protect ourselves? and our dependents. I did not expect to be notified of this breakdown in security by a secondary source, but now I know, what should I do to protect myself and my dependents?

    Another thing, about which to worry, is not really, welcome new, really!

    Really, Really, Really!!!

    C'mon PERA, step up your security-alert system!!!          

  • Anonymous on

    I agree that the state is really the one to blame for this one

  • JustSayin on

    I see absolutely NO reason for the consultant to have a company's data on his laptop. I've been involved in many outside audits for companies that I've worked for - if any of their employees had copied my data to their laptop I'd have had their head. And their parent company would have had some very nasty dealings with me afterward. To leave a laptop with such sensitive data in an unprotected car is the height of amateurism. It's unprofessional and inexcusable. The auditor should be fired and his employer sued by PERA for such astounding failure.

  • Anonymous on

    My spouse was in a job that dealt with some pretty bad criminalos.  We have been so careful for years about keeping our home address private.  No that info is out there.  If it gets into the wrong hands, it could be life threatening for me.  Can't afford to move at this point.  Not enough equity in our home.

     

    I also checked with one of the credit reporting agencies and was told that if I put a fraud alert on my accounts, that it may prevent me from obtaining a home loan if I do decide to move, so I chose not to put the fraud alert on the account.  Instead I have purchased identity theft insurance, but of course they is nothing they can do about the possibility of my address being made public.

     

    I do not need to be going through this while grieving my spouse.  I hold both the accounting firm and the State responsible for not making sure info was encrypted and for the employees total disredard for the in nformation he had in his possesion.

  • Anonymous on

    One more comment.  I downloaded the police report.  All the personbal info for Mr Pelxotto had been blotted out.  MY personal information is out there...my home address which we worked so hard to keep private.

    Has anyone ben able to verifuy if this man is still employed by the accounting firm?

     

    Also, have all of you received information about this free to us identity theft service that it being offered to us?.  I haven't received anything yet.

  • oyedele Eniola on

    I feel ok using this antivirus
  • DF on

    Data should never leave the network. With SSL and VPN access commonplace there is no real need to carry the data around with you. It's just lazy people with lazy attitudes that cause this. Go to your offic and work or have en encrypted connection to work. Simple. Allow nothing else.

  • Anonymous on

    A smart person who realized all the information on the computer would wait at least a year before using it...We have been offered identity theft insurance for one year.  After that we will have to pay for it.

    Nothing protects our address and identity theft insurance, I understand, may not keep the theft from occuring..it's just insurance that you will be notified if there is a breach and support in dealing with the issue afterwards.  Am I the only one concerned about what the future might hold for us all??

     

    Does nayone know if a class action law suit has been filed agaisnt the accounting firm

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.