Boeing has fired an employee whose stolen laptop contained identifying information on 382,000 current and former employees.
The employee, who hasn't been identified, was fired because he violated company policy by downloading the information onto the laptop and not encrypting it, says Tim Neale, a spokesman for Boeing. The laptop, which had been taken out of the office, was stolen the first week of December, he added.
This was the third laptop theft in two years that resulted in lost employee data at Boeing. This latest missing laptop contained the names, Social Security numbers, and in some instances the home addresses of both current and former (mostly retired) employees.
The theft is under investigation.
"This was somebody who was authorized to be working with the data," says Neale. "The company policy discourages people from saving those types of files with personnel info to their laptop. We encourage people to work off the server, which would keep the information behind the firewall. If you do download the information onto a laptop, it's supposed to be temporary and the information is supposed to be encrypted."
Neale adds that the employee "had fair warning" because after the other laptop theft incidents, Boeing managers had made sure that everyone working with employee data was educated about the rules.
"If there's any good piece of news in all of this, it's the fact that [the laptop] was not turned on," said Neale. "Whoever may have that computer would have to know or figure out the user's password to get into the files."
On Thursday, Boeing's president and CEO Jim McNerney sent an e-mail about the data loss to the company's 156,000 employees. The memo was printed in The Seattle Times. Neale confirmed the memo's legitimacy.
"I've received many e-mails over the past 24 hours from employees expressing disappointment, frustration, and downright anger about yesterday's announcement of personal information belonging to thousands of employees and retirees being on a stolen computer. I'm just as disappointed as you are about it," McNerney wrote. "I know that many of us feel that this data loss amounts to a betrayal of the trust we place in the company to safeguard our personal information. I certainly do."
McNerney also told employees he believes it was a petty theft and not an attempt at identity theft.
The company is providing credit monitoring services to affected employees for the next three years.