Stolen Home Depot laptop exposes employee data
Correction, 8:22 a.m. PST: The original version of this article inaccurately reported the timing of the theft. The laptop was stolen several weeks ago.
A laptop containing personal data on about 10,000 Home Depot employees was stolen from the car of a regional manager, Home Depot announced Wednesday.
The laptop was stolen several weeks ago from the car of the regional manager in Massachusetts while it was parked in front of his home, according to Home Depot.
"The Home Depot takes data security seriously and works very diligently to protect its customers' and associates' privacy," said Sarah Molinari, corporate communications manager for Home Depot. "We continually work to upgrade and improve our data security and privacy systems."
While the password-protected computer contained no customer information, the names, addresses and Social Security numbers of the Home Depot employees may have been compromised. Home Depot is providing free credit-monitoring services to the exposed employees as a result.
Atlanta-based Home Depot would not say whether the files containing the employee data were encrypted.
"We continue to cooperate with the authorities in this matter and cannot discuss the specifics of our data protection measures," Molinari said.
In a software-driven world, it's easy to forget about the nuts and bolts. Whether it's cars, robots, personal gadgetry or industrial machines, Candace Lombardi examines the moving parts that keep our world rotating. A journalist who divides her time between the United States and the United Kingdom, Lombardi has written about technology for the sites of The New York Times, CNET, USA Today, MSN, ZDNet, Silicon.com, and GameSpot. E-mail her at candacelombardi@gmail.com. She is a member of the CNET Blog Network and is not a current employee of CNET. 
Better yet, the password was the manager's name or the word "password."
Managers, or ANYONE for that matter, who have no inclination to protect their laptops or the data on them should not be given the opportunity to carry one - even if it doesn't have anything more than Solitaire on it.
I've said this before - common sense should be a course taught in kindergarten.
It's sad that some of us haven't evolved into anything more than a pencil monkey and are given that kind of responsibility only to botch it while looking for a banana.
I think the guy should be castrated.
the thing that always strikes me about these stories is, why is this information on a portable computer to begin with? maybe there's a reasonable (a stretch) answer, but the premise just seems flawed.
Second, who takes a laptop w/ confidential information home w/ them? I sure as h-ll don't..
Third, why on Earth do companies hire people that are this careless? I sure as h-ll don't...
Last, if the drive isn't encrypted (which it sounds like it wasn't), why the h-ll not?!
I happen to like Home Depot, but talk about gross negligence and borderline incompetence...
Why was the laptop in his car? He obviously wasn't using it for work or it would have been inside the house being used. I take my laptop home all the time and keep NO sensitive information on it - everything is on the Network server or on my encrypted Flash drive.
I'll dig a little deeper into that and ask why a manager had access to employee SS#'s?
Hasn't Home Depot replaced SS#'s with employee ID numbers? Every HR system I've seen provides that ability so then managers can have the EID but never have access to the SS#.
- No Excuse
- by fxjamusa October 18, 2007 12:58 PM PDT
- Inexcusable not to have device encryption installed, especially when FREE software solutions available. If home depot takes privacy/security seriously, this data would never have been compromised.
- Like this Reply to this comment
-
(10 Comments)CompuSec: http://www.ce-infosys.com/english/downloads/free_compusec/index.html
Protect you data before YOU become a victim.