Get Up to Speed on...
Enterprise security
Get the latest headlines and
company-specific news in our
expanded GUTS section.
UCLA's Blood and Platelet Center included the advisory in a letter sent last week to all who donated blood through the organization.
Thieves broke into a locked van last November and grabbed a laptop with a database that includes names, birth dates and Social Security numbers for all blood donors, according to a university statement. The database did not include medical information other than blood type, according to the statement, and university officials did not recognize the significance of the loss and the potential for identity theft until the matter came up in a security audit last month.
"We deeply regret any inconvenience this incident may cause our blood donors," Dr. Priscilla I. Figueroa, director of the university's Division of Transfusion Medicine, said in the statement. "We hope and trust that they will continue participating in our blood drives and making these lifesaving donations."
The database was password-protected but not encrypted, according to the statement, which said the university was reviewing data security policies in light of the incident.
Los Angeles police are investigating the theft, according to the university, and there is no evidence yet that information in the database has been retrieved or misused.
University representatives said in a follow-up statement that a second laptop was stolen two weeks ago from the financial office of the University's health care division, putting personal information for an additional 62,000 patients at risk.
Widespread use of laptops has presented an increasing risk for security theft, with lost or stolen devices potentially exposing data ranging from FBI secrets to tax records in recent years.
