(No Ratings Yet. Rate It!)
Loading ...The Gap group, which includes Gap Stores, Banana Republic, and Old Navy, hired an external consultant to manage their job applications. For some stupid reason, the consultant kept 800,000 applications on a single laptop which then stolen. And of course, the data was unencrypted.
From Reuters here:
Clothing retailer Gap Inc said on Friday that a laptop computer containing personal information for about 800,000 job applicants was stolen from a vendor it used to manage that data. An investigation is under way.
The stolen laptop contained personal information for people who applied for store positions with the company’s Old Navy, Banana Republic, Gap and Outlet stores in the United States, Puerto Rico and Canada between July 2006 and June 2007.
Gap said the applicants’ Social Security numbers were included in the stolen information and that it is offering them a year of free credit monitoring services with fraud resolution assistance. Canadian applicants’ Social Insurance Numbers were not stolen, Gap said.
The information on the laptop was not encrypted, a fact Gap said is contrary to its agreement with the vendor. But Gap added that it has no reason to believe that the data on the computer was the target of theft or that the personal information has been accessed or used improperly.
I don’t know why Gap doesn’t just come out and point the finger at the guilty consultant. I hope they fire the consulting company. In the mean time, who knew that almost a million people applied for a job at the Gap??
Related Articles
2 people responded in this post
One whole year? How nice.
You know, there is no reason whatsoever why that data should have even been portable. That many records needs to be on a server protected by strong encryption and authentication. WTF were they going to do with the data anyways?
Want to Say Something?
Your comments are appreciated. And don't forget to rate the post!