Stolen DOT computers lead to laptop theft ring

An investigation into two recent laptop computer thefts from the Transportation Department’s Office of Inspector General has helped uncover a ring of laptop thieves, according to the latest status report on the incidents.

On July 27, someone stole an OIG special agent’s laptop from a locked car near Miami. The laptop contained personally identifiable information about 133,000 Florida residents. Following that episode, officials reviewed an April theft of an OIG laptop that occurred in Orlando, Fla. That laptop belonged to the special agent-in-charge of the Miami OIG office.

It took several weeks for computer crime forensics experts to check the Orlando laptop’s backup files for sensitive personally identifiable information (SPII), OIG spokesman Clayton Boyce said today.

“They found about 9,000 individuals [who] were also on the Miami-area laptop and about 900 who were not on the Miami-area laptop,” he said.

Nearly all the individuals had been entered into the Orlando computer as part of a criminal investigation into fraudulent licensing, Boyce said. The individuals were not suspects. Rather, they had picked up their commercial driver's licenses, airman certificates and security clearances from facilities where incidents of fraud had been reported. The laptop also contained a small number of employee records, such as leave approvals and employee evaluations.

Although both laptops were protected with passwords, the contents — including names, Social Security numbers and addresses — may or may not have been encrypted, Boyce said. The data on the Miami laptop was definitely not encrypted, according to OIG officials. But it is unclear whether the contents of the Orlando laptop were encrypted.

"This still has not been determined with absolute certainty. It was to the best of our knowledge not encrypted when the laptop was stolen,” Boyce said. “The SPII data had been encrypted previously, but the encryption software had been disabled to allow migration of a server and updating of software.”

He added that OIG officials do not know for sure whether it was unencrypted at the time of the theft because the scripts controlling the encryption process were not visible to the computer’s owner — the special agent-in-charge.

Officials are confident that the laptops were not targeted for identity theft, according to a Nov. 21 status report on the investigation. No credit fraud has resulted from the theft of either computer, the report states.

“Based on our investigation to date, we believe that the risk of credit fraud in the future is very low. The investigation is nearly complete and we expect to issue a report by the end of the year,” according to the status report.

The laptop investigation — which was undertaken by OIG special agents, with assistance from the FBI and Miami-Dade County Police Department — led to the arrest of an individual suspected of stealing the Miami-area laptop, according to the report. During surveillance at the same restaurant where the laptop had been stolen, the suspect stole a decoy computer — using the same technique that was used in the original theft. He used a device to punch the lock in the passenger-side door.

The suspect acknowledged stealing many laptops but did not acknowledge taking the laptop on July 27. This individual was indicted on a federal charge of theft of government property for stealing the decoy laptop.

Interviews with the individual and others involved uncovered a small theft ring in which its members stole laptops at the restaurant and in the nearby vicinity. The ring members would load the stolen laptops with new operating systems and then sell them on the used computer market, primarily to high school students, the OIG status report states.

As of Nov. 13, OIG and an identity risk management contractor found no indications that any of the affected individuals’ personally identifiable information had been misused.

A hot line established to address citizens’ concerns has received more than 1,600 phone calls, e-mail messages and letters, as of Nov. 13. Nearly 50 of those communications produced possible leads in the criminal investigation, the status report states.

Interviews with the suspects confirmed that the ring did not attempt to access the original data on the laptops, the report adds.