The laptop was stolen from a vendor the retailer used to manage the data. The computer held the personal information, including Social Security numbers, for store positions with the company’s Old Navy, Banana Republic, Gap and Outlet stores in the U.S., Puerto Rico and Canada between July 2006 and June 2007.
The company said the agreement between Gap and the vendor required that the information be encrypted. The information on the laptop was not encrypted.
Gap said it was investigating the matter, but would not disclose the name of the vendor. It said it had no reason to believe that applicants’ personal information was the target of theft.
Gap is sending letters to the affected individuals to notify them of the incident and offer them a year of free credit monitoring services with fraud resolution assistance.
In August, reports surfaced that two pension funds in California and New York had compromised the personal information of retirees.
The California Public Employees’ Retirement System (CalPERS) security breach happened when pension fund brochures containing part or entire Social Security numbers on the envelope were mailed out to 445,000 retired workers. Also, a laptop computer with the financial information of as many as 280,000 New York City retirees disappeared from a restaurant (See CalPERS Says Computer Error Compromised Retirees’ Social Security Numbers ).
And Neiman Marcus reported in April that thieves made away with computer equipment with personal information of about 160,000 current and former employees from a benefits consultant (See Neiman Marcus Announces Employee Data Theft ).