The computer was stolen Monday from the Washington home of an employee of ING U.S. Financial Services, said officials with the company, which administers the district's retirement plan.
The company did not notify city employees of the theft until late Friday because it took officials several days to determine what information was stored on the laptop, ING spokeswoman Caroline Campbell said.
The laptop was not password-protected and the data was not encrypted, Campbell said.
The company said it was working with district police and had hired a private investigator. Police would not confirm the theft Saturday.
City officials said they were disturbed about how the data was stored and that the company waited to report the theft.
"We are concerned that this information was being managed without protection," said Mary Ann Young, spokeswoman for the city's chief financial officer.
She said the district expects details about the incident from ING this week.
The company has sent letters to all affected employees warning them of the possibility of identity theft. ING also will set up and pay for a year of credit monitoring and identity fraud protection, Campbell said.
"For us, this is very unfortunate," she said. "But we're moving forward, we're very focused and committed to find any other laptops that don't have encryption software and to fix that. This incident revealed a gap."
Two other ING laptops containing information on 8,500 Florida hospital workers were stolen in December, but the employees were not notified until this week, said ING spokesman Chuck Eudy. Neither laptop was encrypted, he said.