Equifax Inc. (EFX), one of the nation's three major credit bureaus, said Tuesday a company laptop containing employee names and Social Security numbers was stolen from an employee who was traveling by train near London.
The theft, which could affect as many as 2,500 of the Atlanta-based company's 4,600 employees, happened May 29 and all employees were notified June 7, spokesman David Rubinger said.
Employee names and partial and full Social Security numbers were on the computer's hard drive, though Rubinger said it would be almost impossible for the thief to decipher the information because it was streamed together.
"It would be very difficult to link this information and determine they were actual Social Security numbers in the first place," he said.
No other employee information was on the computer, he said, and there was no customer data on the computer.
Even so, the company has provided employees free access to its credit monitoring service, and it has encouraged them to put a fraud alert on their credit file.
The employee whose laptop was stolen, who was not identified by the company, has been disciplined for violating company policy, which prohibits storage of company information on a hard drive, Rubinger said. The information is supposed to be stored on the company's computer server. The employee was allowed to have access to the information because of his job, which Rubinger would not specify.
Authorities in Great Britain are investigating the theft, though the laptop has not been recovered, Rubinger said.
The disclosure by Equifax follows news that a laptop containing the Social Security numbers and other personal data of 13,000 District of Columbia employees and retirees was stolen.
That computer was stolen last week from the Washington home of an employee of ING U.S. Financial Services, according to officials with the company, which administers the district's retirement plan.
The laptop was not password-protected and the data was not encrypted, officials have said. ING said it was working with district police and had hired a private investigator.
The company has sent letters to all affected employees warning them of the possibility of identity theft. ING also said it would set up and pay for a year of credit monitoring and identity fraud protection.