I had an employee provide a resignation before I was on site. The employee then unplugged a desktop computer and left the premises with it. The computer contained pricing data, customer data, email communications, login credentials to several important websites, login info to vendor websites.
I filed a police report and the police were able to recover the computer, however the data on the machine was wiped or the drive was replaced.
What should I do?
Call your insurance broker and report a potential data breach. You have steps you need to take immediately to be in compliance with the law and your policy.
You’re well into the zone of stolen confidential customer and employee information being exposed.
Call your business litigation lawyer, many states consider this specific act a felony, and unlike the kia thieves and shoplifters, I’d bet there’s a good chance of both criminal and civil court wins for you.
The courts will absolutely nail him to the wall for white collar crime.
This. Having customer’s PII exposed is a big issue and if not reported, could end up landing you in some shit. I’d report it to my insurance and see what their advice is.
There might also be industry based laws on informing data breaches to regulators and customers such as with HIPPA.
if the employee was able to do this then the insurance company probably won’t pay. I’m in IT and cyber insurance has ridiculous conditions these days