Marks & Spencer has warned 26,000 staff that their personal data is at risk following theft of a laptop computer containing pension information from a printing firm.
The retailer said staff names, salary details, home addresses and national insurance numbers were on the laptop which was stolen from the printing company on Wednesday 18 April during a major burglary.
An M&S spokesperson said the printer was producing correspondence to be sent to the staff, who were all members of the retailer’s final salary pension scheme, “hence his need to have the database”.
She added: “Unfortunately the timing wasn’t good from our perspective because the burglary happened while that was going on. The printing premises were broken into and a large number of items were stolen. The laptop wasn’t specifically targeted.”
M&S would not name the printing firm, but the spokesperson said the retailer usually used third party firms to handle large scale mailouts.
The laptop and the data on it were password protected, the spokesperson said, but she was unable to say whether any other security protection was in place.
The M&S staff were notified of the data loss on Friday 20 April and the retailer has offered to reimburse the cost of unlimited credit checks.
The retailer’s data security breach follows a number of similar high profile incidents involving stolen laptops. Last week a laptop holding payroll data on 10,000 NHS staff was stolen from locked and alarmed premises at the Royal Cornwall Hospitals trust.
In March, police recovered another NHS laptop, containing the names, addresses and dates of birth of 11,500 children, which had been stolen from Nottinghamshire Teaching primary care trust.
The data security risks of thefts from third party suppliers were highlighted earlier this year, when a laptop belonging to IT services firm Serco, containing sensitive data on more than 16,000 Worcestershire council staff, was stolen. Serco, which was providing the council with a new payroll system, agreed to pay costs after the theft from one of its employees.
But laptops are not the only portable devices at risk. This week the agency responsible for security at US airports, part of the US Department of Homeland Security, admitted it could not find