It’s sad that last week’s 1,000,000-victim laptop theft announcement, which came right after I published the weekly Rip of the Week (each Thursday), didn’t even stay on the top of the stack long enough for me to get to this week’s Rip.

Nope. Instead, another theft has occurred while the first theft is still in the headlines, this time affecting 225,000 (also reported: 90,000). At the rate we’re going, I can’t even keep up with the Oklahoma breaches with my blog posts. I’m going to have to start publishing daily. That’s not a good thing, especially for my fellow Oklahomans.

We’ll just wrap both of these nice, massive data breaches up together as the Double Whammy for the Rip of the Week.

1) Theft one: 1,000,000 data records on an Oklahoma DHS laptop.

2) Theft two: 225,000 data records on an Oklahoma Housing Finance Agency laptop.

In both cases, officials note that passwords, even double passwords, were in place. But apparently not encryption.

This has drawn some ridicule from the security community, as you might expect. I have appeared on two OKC news stations to discuss. OSU’s Dr. Mark Weiser also has commented, mentioning that this is essentially like a “locked box inside a locked car” but that “if they want what’s inside, it won’t be very hard to get it.”

I couldn’t agree more. Very well said.

And so, what we have is Oklahoma state government breaching the data of 1,225,000 people in merely two incidents and then going on the record as stating that the likelihood of data theft is low because the machines were password protected.

My hopes are:

1) That others outside of Oklahoma, particularly in the security community, will cut Oklahoma some slack as we try to “fix the situation.”

2) That we will actually fix the situation.

Obviously MyLaptopGPS, located right in Oklahoma, can address #2.  Will the state be interested?