Administaff, a Houston-based provider of outsourced human resources services, this week began notifying about 159,000 former and current employees about a stolen laptop containing their unencrypted personal data.
The information belonged to Administaff worksite employees in 2006, including 96,000 former workers and 63,000 current ones.
A note posted on the company's site described the event as "random," with the personal information apparently not the target of the theft. "At this time, the company has no reason to believe that the personal information has been accessed or used improperly," Administaff said.
The laptop computer, which was reported missing on October 3, contained data that was being compiled "in response to a governmental reporting requirement," according to Administaff. The potentially compromised information includes names, addresses and Social Security numbers.
No details were offered on where or from whom the computer was stolen.
The company is providing one year's worth of free credit-monitoring services to the affected individuals.
Incidents such as the one at Administaff are the reason why security analysts have been advocating for some time now the use of encryption to protect sensitive data on laptops.
So far this month, there have already been four publicly disclosed data compromises involving lost or stolen laptops according to a breach disclosure list maintained by the Privacy Rights Clearinghouse (PRC), an advocacy group.
In total, PRC lists more than 60 separate incidents involving potential data compromises resulting from lost or stolen laptops and desktop computers this year. That number represents more than 20 percent of the 270 or so disclosed data breaches listed on PRC's Web site since January.