The American Institute of Certified Public Accountants (AICPA) has confirmed today that it had lost a hard drive containing personal data belonging to its 330,000 members. It had been missing since February. The data contained names, addresses and social security numbers – the perfect recipe for identity theft.
The hard drive had been accidentally damaged by an AICPA employee and was sent out for repair to an external data-recovery service in violation of the AICPA’s policies, said Joel Allegretti, a spokesman for the New York-based organization. It was on its way back to the AICPA via FedEx but failed to arrive. Allegretti did not say when exactly the drive went missing except to note that the package containing it was due back at the AICPA “toward the end of February.”
The group is offering a year’s worth of free credit monitoring services. More information about the incident can be found on the AICPA website.