Honeywell Investigates Data Security Breach

Personal info on 19,000 current and former employees was posted on a website


Honeywell International is offering credit monitoring and identity theft insurance to approximately 19,000 current and former employees whose personal information - including Social Security numbers and bank account information - was posted on an Internet Web site.

The company notified employees about the breach within a day of learning of it on Jan. 20, according to spokesman Robert C. Ferris.

"The company immediately contacted the relevant service provider, had the page removed from the Internet and is continuously monitoring the Internet to ensure that the Web page and any copies of it remain taken down," said Ferris.

He said the company was working with federal and state investigators to determine who posted the data. Ferris said he didn't know whether the posting was the work of a disgruntled employee or resulted from an administrative error or other cause.

"Honeywell will aggressively pursue those responsible for this breach," Ferris said.

In a Jan. 24 letter to employees, the company's vice president of global security, John E. McClurg, said the Identity Theft and Fraud Division of insurer AIG would help them protect themselves.

"They will provide you with a tool kit of resources and hands-on support to address any issues you encounter," he said.

The Morristown-based industrial and aerospace conglomerate employs about 120,000 people worldwide.

Incidents like the Honeywell security breach are on the rise as thieves and pranksters take aim at corporate America, according to Ron Teixeira, executive director of the National Cyber Security Alliance, a Washington, D.C.-based nonprofit dedicated to educating individuals and corporations about cyber safety.

"There are a number of reasons why this could have happened. When it's put out on the Web, hackers do that to show they could get access to the information and show the company their security was lacking. Other times, hackers are actually thieves or try to sell the information to thieves to commit ID theft.

"Any time your info is posted on a Web site, you never know who's using it and what they're using it for," said Teixeira.


Copyright 2005 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.