American International Group (AIG), one of the top insurance providers in the country, this week is informing customers about a two-month-old burglary that included a file server containing some 970,000 personal records.
According to several reports, a thief broke into an AIG office in an undisclosed Midwestern city on March 31 and stole a laptop and the file server. AIG officials say they are not aware of any misuse of the data yet.
The company did not inform customers previously of the burglary because officials did not believe the thieves knew what they had, and they didn't want to tip them off, according to a spokesman.
The lost records were sent to AIG by some 690 different insurance brokers on behalf of employers seeking group coverage for a type of supplemental medical insurance for catastrophic claims, according to a report in USA Today.
AIG does not need this type of personal data in order grant such coverage, says the spokesman, and they would have preferred not to have it.
The data on the file server was password-protected, according to reports.
This is another in a series of hardware thefts that has resulted in the loss of large amounts of personal data. Earlier today, some 13,000 District of Columbia government employees were informed that their personal information may have been compromised in the theft of an unprotected laptop. (See DC Workers' Personal Data Stolen.)
Tim Wilson, Site Editor, Dark ReadingTim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio