BP--infamous for last year's Deepwater Horizon accident in the Gulf of Mexico--is still having trouble containing its resources. First it caused the largest oil spill in U.S. history, and now it lost a laptop containing personal data for 13,000 individuals who had filed legal claims related to the spill. 

The laptop, lost by a BP employee at an undisclosed time a month or so ago, held the social security numbers, addresses, phone numbers and birth dates of the claimants--and the information was not encrypted, reports Jaikumar Vijayan at Computerworld.   

BP has been tightlipped about the potentially compromised data, citing an ongoing investigation and search process as reasons for not offering further explanation. The device was password-protected even though the data was not encrypted.

The case of the lost BP laptop adds to a long list of potentially compromised personal information contained on devices that have gone missing. In 2010, the Ponemon Institute found that organizations lose an average of 261 laptops each year, and just 5 percent of lost devices will be found, reports Mathew J. Schwartz at InformationWeek. Massachusetts has gone so far as to require businesses to use encryption with sensitive personal information that is held on mobile devices.

For more:
- see Jaikumar Vijayan's article at Computerworld
- see Mathew J. Schwartz's article at InformationWeek

Related Articles:
Three data breaches that underscore human error
Q&A: Indiana University's key to safeguarding confidential data