According to a blog entry at wsj.com, Kleiner Perkins Caufield & Byers, “one of Silicon Valley’s most influentinal venture capital firms” has experienced a data breach and notified the Attorney General’s Office in New Hampshire. Why didn’t they use information security solutions like managed laptop encryption like AlertBoot? you may ask. Chances are, they did.
Password Protection, Lack of Details
The details surrounding the data breach are pretty scarce. We know this much: laptops belonging to Kleiner Perkins were stolen over the weekend of July 19 – 20. Two of these were “password protected”. One employee who calls New Hampshire home may have been affected. Aside from this, everything else is speculation.
As wsj.com points out, Kleiner Perkins is a very influential venture capital firm, and its secrets can be lucrative targets (obviously, lucrative enough for someone to break into their offices). And the venture firm knows this. They’d be crazy not to use the most basic of solutions when it comes to data security software.
But then, what’s the deal with shooting off a letter to the New Hampshire AG?
Different States, Different Laws
It’s common knowledge that the use of encryption software can significantly decrease the risk of a data breach (depending on who did the thieving, the risk drops to zero) because the theft of an encrypted laptop is, for all intents and purposes, no different from having stolen an expensive, larger-than-average plastic brick. Whereas, the theft of an unencrypted laptop could be the leading vector to a bigger headache.
It’s also common knowledge that states and regulators give people a break from reporting a data breach if encryption is used. However, this is not the case for New Hampshire (or D.C., Louisiana, New York, North Carolina, Ohio, Texas, Wisconsin, and Wyoming). So, the fact that the one of the AGs in the US has been contacted doesn’t really signify much in this particular case.
So, was encryption used? For their own sake, I hope so. Based on who and what was burglarized, there’s an elevated risk that this is not your run-of-the-mill burglary (the ones where you can go around claiming that you “believe it was the hardware the thieves were after”). The thieves will likely attempt to go through the data, and the presence of encryption will make things very difficult (if not impossible) for them.
Related Articles and Sites: