Tennessee-based EOD Technology (EODT) recently notified the New Hampshire Attorney General’s Office of a breach that occurred in August 2008. No, that’s not a typo: 2008.
By letter dated November 12, the firm reported that in August 2008, they became aware that one of their computers had been accessed by an individual or individuals outside of the U.S. while the computer was connected to a non-EODT network. The incident was reported to the FBI at the time and an investigation by the FBI at that time reportedly suggested that the goal of the intrusion was to acquire EODT banking information and that no personal information had been accessed or acquired.
Fast forward to 2010 when the FBI recently notified EODT that it had uncovered additional information — information that indicated that documents containing the names and Social Security Numbers of employees had been accessed after all. The firm reports that it has no indication or reports to suggest that any of the employee data were misused.
Employees whose data were on the computer were notified by letter on November 10 and advised to remain alert and check their credit reports.