Personal data on 800,000 Gap job applicants exposed in laptop theft

Computerworld - Gap Inc. said on Friday that a laptop storing personal information on 800,000 job applicants was "recently" stolen from the offices of a third-party vendor that manages job applicant data for the retailer.

In a statement issued on Friday, GAP said that the third-party vendor, which was not identified, violated an agreement between the two companies to properly ensure that sensitive data was encrypted.

Data stored on the missing laptop includes Social Security numbers and other personal information of individuals who applied for positions through the third-party vendor at Gap-owned businesses between July 2006 and June 2007, Gap said. Gap noted that it also uses other third-party vendors in its hiring process that were not affected by the theft.

In the statement, Gap said that it does not believe that the personal information stored on the laptop was purposefully targeted for theft, or has yet been accessed. The statement did not disclose the date of the theft or circumstances involving the incident.

Officials at San Francisco-based Gap could not be reached for comment.

"What happened here is against everything we stand for as a company," said Chairman and CEO Glenn Murphy in a statement. "We're reviewing the facts and circumstances that led to this incident closely, and will take appropriate steps to help prevent something like this from happening again."

Gap said that it has set up a 24-hour help line and started the process of reaching out to job applicants whose Social Security numbers were on the laptop. Affected individuals will be offered one free year of credit-monitoring services and fraud-resolution assistance, it said.

Read more about Applications in Computerworld's Applications Topic Center.