Gap loses personal information on 800,000 people

By Justin Mann on September 28, 2007, 9:31 PM
Another wonderful data breach in the news, this one affecting a huge number of people who applied for jobs at Gap Inc. Gap, a clothes retailer, apparently keeps job applicants on file for a long while – and in great numbers. A laptop was lifted, and on it was the information for 800,000 applicants. Since job applications often include phone numbers, street addresses, social security numbers and a lot of other goodies, it is prime real estate for an identity thief.

Why would gap, who employs about 152,000 people worldwide, have a single machine with nearly a million people who aren't even employed there on file? It seems odd, but with all the massive data thefts we've seen the past three years it is hardly surprising.

There are no reports yet of the data being “misused” according to Gap.




User Comments: 9

Got something to say? Post a comment
nirkon said:
I find it hard to believe that one laptop had 800,000 applications on it..and if it did, and gap doesn't have a protection system on it, they probably deserve a law suit <.<
TimeParadoX said:
Actually Nirkon, some major businesses can have over a million people on a computer, since all it is really is abunch of information like Phone Number each wouldn't take up much space ;)If you look at hospitals they can have a crapload of files on 1 computer :D
PanicX said:
The issue is that all this very sensitive information is on an unsecured laptop instead of a database hosted in a secured location requiring encrypted authentication like it should be. I really hope that criminal charges are pressed against the user who was responsible for the laptop or the manager that authorized sensitive data to be removed from a secure location.
Gars said:
Last week MediaDefender, now that. Who's next?Wtf going on?
Fornacis said:
I see a joke in this headline....
Deathstar17 said:
woops...lol at Gap
kitty500cat said:
[quote]The issue is that all this very sensitive information is on an unsecured laptop instead of a database hosted in a secured location requiring encrypted authentication like it should be.[/quote]Exactly. It makes more sense to store it on a central server anyway, since others who need the data can access it more readily.
hejustlaughs said:
I actually got a letter from Gap INC.I uploaded a picture of it here:[url]http://www.endlessgibberish.com/uploaded-letter-of
gap-apologizing-for-losing-my-name-and-social-security/[/u
l]
theitguy said:
The IT Guy wrote about it here: [url]http://theitguysblog.com/?p=20[/url]Lawsuit is right around the corner!
Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.