Theft Of Gap Laptop Puts 800,000 Job Applicants At Risk
The retailer said a contractor hadn't properly encrypted sensitive information on a laptop that was stolen from one of the vendor's offices.
Personal information on about 800,000 people who applied for jobs at the Gap was compromised when a laptop was stolen.
The stolen computer held personal data, including Social Security numbers, for people who applied online or by phone for store positions with the company's Old Navy, Banana Republic, Gap, and outlet stores in the U.S. and Puerto Rico between July 2006 and June 2007, according to an online alert. The machine also held information on Canadian applicants, but it didn't contain their Social Security numbers, the company noted.
The laptop was stolen from one of the retailer's third-party vendors that manages information on job applicants.
The company didn't note when the laptop was stolen or when applicants were first notified of the theft. The company pointed out in the alert that Gap uses more than one vendor to manage job applicant data, so not every job applicant was affected
"Gap Inc. deeply regrets this incident occurred. We take our obligation to protect the data security of personal information very seriously," Glenn Murphy, chairman and CEO, said in a statement. "What happened here is against everything we stand for as a company. We're reviewing the facts and circumstances that led to this incident closely, and will take appropriate steps to help prevent something like this from happening again."
The alert noted that, contrary to the company's agreement with the vendor, the information on the laptop wasn't encrypted.
Law enforcement reportedly was contacted and an investigation is underway.
The Gap is asking anyone who applied online or by phone for a job during the specified dates to contact the Gap Security Assistance Helpline at 1-866-237-4007. Representatives are available 24 hours a day, seven days a week, to provide information and assistance. The company also is posting information and updates at this Web site.
Gap's announcement comes just a few days after it came out that the Connecticut Attorney General is investigating a former Pfizer employee in connection with a data breach that compromised personally identifying employee information at that company.
And just a few weeks ago, TD Ameritrade Holding e-mailed account holders and put a public advisory on its Web site alerting users that a hacker broke into one of its databases and stole personally identifying information for some of its 6.3 million customers. The company said names, e-mail addresses, phone numbers, and home addresses were taken in the data breach.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.