GAP, the famous clothing retailer, shares the cruel faith of TJX and Monster. The theft of an unencrypted laptop on Sunday caused the loss of more than 800,000 SSN belonging to former job applicants at GAP.
Gap learned of the theft on Sept. 19, and later said the laptop was stolen from the offices of a third-party vendor managing job applicant data for it.Cynthia Lin, spokeswoman of the California-based clothier, would not disclose the name of the vendor, nor would she provide any other details of the theft.
"They trusted their data to our company, so we are ultimately accountable for this incident," Lin said, referring to the job seekers.An investigation into the matter is under way, though the company said "the company has no reason to believe the data contained on the computer was the target of the theft or that the personal information had been accessed or used improperly."
The stolen laptop contained personal information for people who applied for store positions with the company's Old Navy, Banana Republic, Gap and Outlet stores in the United States, Puerto Rico and Canada between July 2006 and June 2007, according to Gap. The applicants' Social Security numbers were included in the stolen information.
Although the job applicant information on the laptop-- which included Social Security numbers-- was supposed to be encrypted, it was not.Storing data without encrypting it to protect it from hackers is contrary to Gap's agreement with the third-party vendor, Gap said.
"What happened here is against everything we stand for as a company," said Gap Chairman and CEO Glenn Murphy. "We're reviewing the facts and circumstances that led to this incident closely, and will take appropriate steps to help prevent something like this from happening again." So far the company said job applicants have not notified it of any instances of identity theft or fraud related to the incident. |
