Theft Of Gap Laptop Puts 800,000 Job Applicants At Risk - InformationWeek
01:21 PM

Theft Of Gap Laptop Puts 800,000 Job Applicants At Risk

The retailer said a contractor hadn't properly encrypted sensitive information on a laptop that was stolen from one of the vendor's offices.

Personal information on about 800,000 people who applied for jobs at the Gap was compromised when a laptop was stolen.

The stolen computer held personal data, including Social Security numbers, for people who applied online or by phone for store positions with the company's Old Navy, Banana Republic, Gap, and outlet stores in the U.S. and Puerto Rico between July 2006 and June 2007, according to an online alert. The machine also held information on Canadian applicants, but it didn't contain their Social Security numbers, the company noted.

The laptop was stolen from one of the retailer's third-party vendors that manages information on job applicants.

The company didn't note when the laptop was stolen or when applicants were first notified of the theft. The company pointed out in the alert that Gap uses more than one vendor to manage job applicant data, so not every job applicant was affected

"Gap Inc. deeply regrets this incident occurred. We take our obligation to protect the data security of personal information very seriously," Glenn Murphy, chairman and CEO, said in a statement. "What happened here is against everything we stand for as a company. We're reviewing the facts and circumstances that led to this incident closely, and will take appropriate steps to help prevent something like this from happening again."

The alert noted that, contrary to the company's agreement with the vendor, the information on the laptop wasn't encrypted.

Law enforcement reportedly was contacted and an investigation is underway.

The Gap is asking anyone who applied online or by phone for a job during the specified dates to contact the Gap Security Assistance Helpline at 1-866-237-4007. Representatives are available 24 hours a day, seven days a week, to provide information and assistance. The company also is posting information and updates at this Web site.

Gap's announcement comes just a few days after it came out that the Connecticut Attorney General is investigating a former Pfizer employee in connection with a data breach that compromised personally identifying employee information at that company.

And just a few weeks ago, TD Ameritrade Holding e-mailed account holders and put a public advisory on its Web site alerting users that a hacker broke into one of its databases and stole personally identifying information for some of its 6.3 million customers. The company said names, e-mail addresses, phone numbers, and home addresses were taken in the data breach.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of IT Report
In today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll