Brighton laptop stolen while IT engineer golfed

Anger is seething among several employees of the city of Brighton (Colorado) whose bank account numbers, social security numbers and addresses may have been compromised by the city’s lead IT engineer.

Jeromy King was playing in a charity golf tournament Monday at the Ranch County Club in Westminster when someone apparently took a laptop computer from his pickup.

The laptop contained the sensitive payroll information of city employees.


Johnson did say the information on the computer was encrypted.


The companion news video indicates that almost 350 employees had data on the laptop.

About the author: Dissent

2 comments to “Brighton laptop stolen while IT engineer golfed”

You can leave a reply or Trackback this post.
  1. nneul - July 26, 2009

    If the data on the laptop was encrypted, then:

    1) Why was this inadequate security?
    2) Why was anything compromised?

    Or did the person just CLAIM it was encrypted, or was it encrypted with a key written on the laptop/etc. so as to render the encryption moot?

  2. admin - July 27, 2009

    If you’re asking why this incident got reported on a web site named “Office of Inadequate Security,” then I should point out that not all incidents reported on the site involve inadequate security. That said, I personally do consider it “inadequate security” to leave a device with PII in a vehicle.

    As to the encryption, some people might argue that we shouldn’t consider this a breach at all because there was encryption (and some laws certainly would grant safe harbor for encryption), but if encryption can be cracked, should we be so quick to say “no breach” without knowing how strong the encryption was? Nor do we know whether the encryption key was with the laptop.

    If you were running this web site, would you have included this incident?

Comments are closed.