Thief swipes sensitive details of 30,000 Facebook employees

Stolen hard drives contained personal banking information including payroll data

The personal and financial data of thousands of Facebook workers was exposed after somebody allegedly stole corporate hard drives from an employee’s car.

The unencrypted drives contained workers’ payroll information including the names, bank account numbers and the last four digits of social security numbers belonging to approximately 29,000 workers, according to Bloomberg. The compromised data also contained salary information, bonus amounts and equity details.

Advertisement - Article continues below

The worker’s car was broken into on 17 November, and the firm realised the hard drives had been stolen three days later. Facebook told its affected employees on 13 December that their financial and personal details may have been compromised following a forensic investigation in late November.

The hard drives stored information of US-based employees who worked at the social media company in 2018, although did not contain any users’ personal or financial data. The firm said it would offer the affected employees free identity theft and credit monitoring services.

“We are working with law enforcement as they investigate a recent car break-in and theft of an employee’s bag containing company equipment with employee payroll information stored on it,” a spokesperson told IT Pro. “We have seen no evidence of abuse and believe this was a smash and grab crime rather than an attempt to steal employee information.” 

Advertisement
Advertisement - Article continues below

“We have taken appropriate disciplinary action,” the spokesperson added in a statement to Bloomberg, commenting on the payroll employee who extracted the hard drives from the site against company protocol. “We won’t be discussing individual personnel details.”

Related Resource

How do vulnerabilities get into software?

90% of security incidents result from exploits against defects in software

Download now

The company has gained notoriety for leaking the personal data of its users on several prominent occasions. The personal data of 30 million users, for example, was announced to have leaked in October 2018 due to a vulnerability in Facebook’s code that existed between July 2017 and September 2018.

The Irish Data Protection Commission (DPC) is also investigating the firm for more than ten separate General Data Protection Regulation (GDPR) violations, albeit not all related to the exposure of user data.

Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now
Advertisement

Recommended

Visit/policy-legislation/general-data-protection-regulation-gdpr/355337/ico-will-reduce-gdpr-fines-due-to
General Data Protection Regulation (GDPR)

ICO to relax GDPR enforcement during coronavirus economic downturn

16 Apr 2020
Visit/security/privacy/355304/nhs-working-with-apple-google-coronavirus-tracking-app
privacy

The NHS teams up with Apple and Google on coronavirus tracking app

14 Apr 2020
Visit/policy-legislation/data-protection/355250/health-sites-sharing-users-medical-data-with-major-tech
data protection

Health sites are 'unlawfully' sharing medical data with Facebook and Google

7 Apr 2020
Visit/policy-legislation/data-protection/355184/supreme-court-finds-morrisons-was-not-liable-for-2014
data protection

Supreme Court rules Morrisons was not liable for 2014 data breach

1 Apr 2020

Most Popular

Visit/operating-systems/microsoft-windows/355781/microsoft-confirms-further-issues-with-troublesome
Microsoft Windows

Microsoft's latest Windows 10 update is causing yet more issues

26 May 2020
Visit/mobile/5g/355712/nokia-5g-speed-record
5G

Nokia breaks 5G record with speeds nearing 5Gbps

20 May 2020
Visit/security/data-breaches/355777/easyjet-faces-class-action-lawsuit-over-data-breach
data breaches

EasyJet faces class-action lawsuit over data breach

26 May 2020