washingtonpost.com
NEWS | POLITICS | OPINIONS | BUSINESS | LOCAL | SPORTS | ARTS & LIVING | GOING OUT GUIDE | JOBS | CARS | REAL ESTATE |SHOPPING
Royal Ahold Loses Personal Data of Former Employees

By Ylan Q. Mui
Washington Post Staff Writer
Saturday, June 3, 2006

Grocery retailer Royal Ahold NV has lost personal information for an unknown number of former and retired employees eligible for pension benefits at its Giant Food, Stop & Shop and Tops chains, the company said yesterday.

The missing data include names, Social Security numbers, birth dates and benefit amounts. The company said the information was contained on a laptop lost by an employee for Electronic Data Systems Corp., which managed the data for Ahold, during a commercial airline flight May 2.

The announcement comes on the heels of several other high-profile security breaches involving personal information, including an electronic data file stolen from a Department of Veterans Affairs employee that could affect 26.5 million veterans.

Ahold sent a letter to affected employees about a week and a half ago notifying them of the loss and set up a toll-free help line for them, said Barry F. Scher, vice president of communications. The company also recommended that workers alert credit bureaus and said it will pay for one year of credit monitoring.

"Right now, this is a data breach. It is not identity theft," Scher said.

The laptop was password-protected, but the file containing personal information was not protected or encrypted. EDS spokeswoman Kimberly Walton said she was not certain whether company policy required the file to have been protected.

Walton said an employee was traveling between Philadelphia and Boston and was asked to store her laptop in a cargo area with other checked luggage because the overhead bins were full. The employee complied, but the laptop never reappeared.

EDS does not allow workers to check laptops, Walton said, adding that the employee had been "disciplined." Walton said the laptop is "likely stolen" but that the company is continuing to search for it.

A Falls Church resident with a family member who worked at Giant said he received a letter about the breach yesterday. He was angry about the loss and upset that the company would only cover credit monitoring for a year.

"This stuff just burns me up," said the man, who spoke on condition of anonymity because he did not want it known that his personal information had been jeopardized. "Obviously, these people are incompetent. I mean it's sixth-grade ability to go in and encrypt data now on a laptop."

Last month, an intruder stole an electronic data file containing birth dates and Social Security numbers from the Aspen Hill home of a Veterans Affairs data analyst. But the information was stored in a format that could make it difficult for thieves to use, according to a VA memo.

Also last month, personal information for nearly 50,000 customers of Mercantile Potomac Bank was lost when a laptop was stolen from an employee's car. And yesterday, CNN reported that names and credit card numbers for 243,00 customers of Hotels.com are missing.

Staff writer Christopher Lee contributed to this report.

View all comments that have been posted about this article.

© 2006 The Washington Post Company