Police probing data theft from information-security company employee

SafeNet Inc. is one of the world's top information security companies, supplying encryption technologies to protect communications, patents and other sensitive data for corporations and government agencies.

But as the Belcamp company has learned the hard way, there's no way to encrypt paper with the wrong kind of information printed on it.

An employee hoping to get extra work done over the weekend printed out 2004 payroll information for hundreds of Safenet's U.S. employees, snapped it into a briefcase and placed the briefcase in a car.

The car was broken into over the weekend and the briefcase stolen - along with the employees' names, bank account numbers and Social Security numbers that were on the printouts, a company spokeswoman confirmed yesterday.

"It is serious," Amber Zentis, SafeNet's vice president of corporate communications, said in an interview last night. "With all you hear about identify theft, Social Security numbers are obviously a very important thing, a very personal thing. Which is why we've taken the steps we have."

The company knows of no one attempting to use the information for untoward purposes, Zentis said.

SafeNet informed its top managers locally the first thing Monday and told its site managers at other U.S. locations that day, she said.

The managers were instructed to inform employees Monday.

The company suggested that employees contact their banks and credit-reporting bureaus, which have "flagged" Social Security numbers as a way of watching for any activity over the next 90 days, according to Zentis.

It's not clear exactly how many employees were affected, she said.

SafeNet employs 850 worldwide, including about 180 in Harford County.

Between 120 and 130 employees who were on the payroll last year but aren't with the company any longer also were affected. SafeNet has taken steps to contact them, Zentis said.

Working with police

The company said it continues to work with police investigators and has asked employees to inform them if anyone attempts to use the information for illicit purposes.

Zentis, who was traveling yesterday, said she did not know which police agency was investigating.

"There's not been one, single infraction - and we're monitoring this carefully," Zentis said.

She said that police told company officials that with each passing hour, it's increasingly less likely that the data will be used by the thief or thieves.

"It's likely they don't even know what they have, or had," said Zentis, who said that police believe the car was broken into -with a baseball bat - so that other, more-easily pawned items could be stolen.

The employee, whom Zentis would not identify, has not been disciplined.

No policies violated

The company said no policies were violated, and that no new policies are being written as a result of this incident.

Even so, for a company that has a two-step authentication procedure for employees trying to access its systems from remote locations, the theft of the payroll data has caused plenty of angst.

"We all take work home," Zentis said. "This happened because someone took a baseball bat to [the employee's] vehicle. It's not something one expects .... but we've followed it very closely" and believe that the company has done all it can to limit the potential for damage.