• Orbitz Worldwide advised the Attorney General of New Hampshire that it suffered a breach of sensitive personal information of a few hundred employees, including one resident of New Hampshire.

Relevance to Business Activity:

• security - physical safeguards considerations:
• a laptop computer was stolen from an employee's vehicle - the laptop:
• may have contained payroll information including names and Social Security numbers;
• was password protected;
• has not been recovered.

• breach response considerations:
• Orbitz:
• reported the theft to the:
• Attorney General of New Hampshire as required by law; and
• law enforcement officials.
• notified all impacted individuals and its entire US-based employees of the breach;
• is providing a premier credit monitoring product, including:
• access to identity theft insurance.
• accelerated its plans to install advanced encryption on all employees' computers;
• will be conducting training sessions for all employees and contractors who handle sensitive personal information.

Source Document:

http://doj.nh.gov/consumer/pdf/orbitz.pdf