Theft of unencrypted laptops behind Coca-Cola breach impacting 74,000

Share this article:
Social Security numbers, driver's license numbers and other data was exposed.
Social Security numbers, driver's license numbers and other data was exposed.

Due to a theft of unencrypted laptops at Coca-Cola, around 74,000 current and former employees at the company may be at risk of identity theft or fraud.

Sensitive information that was on the laptops included names and Social Security numbers of around 18,000 individuals, while an additional 56,000 people had personal information, such as driver's license numbers, exposed in the incident.

Other data, like addresses, financial compensation and ethnicity of victims, was also compromised, according to a Friday article in The Wall Street Journal, which broke the story.

According to WSJ, Coca-Cola learned on Dec. 10 that personal data was stored on the laptops, which were eventually recovered by the company.

Ann Moore, a spokeswoman at Coca-Cola told WSJ that the laptops were stolen by a former employee who was responsible for maintaining and disposing of company equipment.

On Friday, the company began sending notification letters to the 74,000 impacted individuals, which include Coca-Cola employees, contractors and suppliers in North America.

According to a memo sent to company employees, which was obtained by WSJ, Coca-Cola waited until Friday to alert employees in order to assess what information was on the recovered laptops.

“To expedite the process, we brought in extra crews that worked long hours, including throughout the holiday period and on weekends, to sort through the data,” the memo said.

Coca-Cola also revealed that the stolen laptops had not been encrypted as they should have been in accordance with company policy.

UPDATE: In a Monday email, Coca-Cola provided a statement on the incident to SCMagazine.com, saying that the company would provide free identity theft protection services to those impacted.

“The Coca-Cola Company has sent notices to about 74,000 North America-based employees, former employees and other third parties informing them that some of their sensitive personal information was contained in documents on [Coca-Cola Refreshments] CCR and former [Coca Cola Enterprises] CCE laptop computers that were stolen from the company," the statement said.

“We have no indication that the information was misused. However, we understand the concerns some people may have and therefore, to demonstrate an abundance of caution, The Coca-Cola Company is offering free identity theft protection services to all affected. We take personal information security very seriously, and we apologize for any inconvenience this may cause."

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Hackers grab email addresses of CurrentC pilot participants

Hackers grab email addresses of CurrentC pilot participants

Although the hack didn't breach the mobile payment app itself, consumer confidence may be shaken.

Operators disable firewall features to increase network performance, survey finds

Operators disable firewall features to increase network performance, ...

McAfee found that 60 percent of 504 surveyed IT professionals prioritize security as the primary driver of network design.

PCI publishes guidance on security awareness programs

PCI publishes guidance on security awareness programs

The guidance, developed by a PCI Special Interest Group, will help merchants educate staff on protecting cardholder data.