Saturday, September 29, 2007

Gap Identity Theft from Stolen Laptop Exposes 800,000 Job Applicants

From the when will companies ever learn file, 800,000
job applicants from the Gap affiliated stores became
the latest identity theft victims due to a stolen laptop
containing unencrypted personal data.

Gap Identity Theft from Stolen Laptop Exposes 800000 Job Applicants

According to a Los Angeles Times report released yesterday:

"The laptop stored Social Security numbers and other data
from people who applied online and by phone from July 2006
to June 2007 for jobs at Gap, Old Navy, Banana Republic and
Outlet stores.

The laptop in the Gap case was lifted from the offices of a
third-party vendor that manages job applicant data for the
San Francisco-based clothier. Gap would not provide the
vendor's name or details of the theft."

Evidently the 3rd party vendor kept the data unencrypted in
violation of the Gap's agreement and as a result has opened
the Gap to liability to all those 800,000 innocent consumers
becoming identity theft victims.

"Gap is notifying applicants and offering a year of
credit monitoring services with fraud resolution

So, our tip for today is if you or anyone you know of who
applied for employment during the time period of 07/2006 -
06/2007 for any of the following Gap affiliated branded
retailers within the U.S.A., Puerto Rico, & Canada:

  • Gap
  • Old Navy
  • Banana Republic & outlets

Contact the Gap immediately to get more details on your free
credit monitoring offer. Their toll free contact number is

Finally, due to the sensitive data which was stolen, make sure
to tell a friend about this important new development as the
usual notification method (USPS mail) allows plenty of time for
an identity thief to open up bogus credit accounts during
this weekend to ruin the unsuspecting victim's credit.


At 1:01 PM, Blogger agent99 said...

And to think - looking for a new job used to be more stressful.

Evidently no longer as companies outsource protection of our confidential data to 3rd party firms who have not vested interest in securing your data.

Perhaps a few high profile wins by a large class action lawsuit might be the remedy?

At 10:19 AM, Anonymous Anonymous said...

I happen to one of those employees whose information was taken. Unfortunately I didn't know anything UNTIL that letter came in the mail TODAY (Tuesday Oct 2nd). Well, I've signed up for their free yr credit monitoring services, and my wonderful bank offers a free identity theft monitoring (third party company) for their bank account holders. I'm taking steps to let my credit card companies know as well. I actually think Gap, Inc. is doing the best they can to help those inflicted employees, but I wish I was just notified much earlier (but I guess next day notification is a bit of a stretch?) I hope everyone acts immediately!

At 5:53 PM, Anonymous Anonymous said...

I just received the Gap's letter as I was one of the lucky ones to have applied for employment at old navy during the period involved. A few high profile wins by a large class of minimum wage seeking employees? Probably not. The data stolen was not 800,000 executive resumes with security clearances, it was people looking to hang clothes on the rack. In my case, I attempted to apply in store and was refused. No applications accepted offline. period. end of discussion. these are the nickel 'n dimed employees, in my case I work a full-time job and am the primary wage earner and single mom. this was to have been the extra pennies income on the weekends. I'm sure it was mostly 700,000 16 year olds who received these letters. I'm ripped. Forced to apply in accordance with their standards, to take an inspid personality test about whether or not I ever procured a crayon inappropriately in 1st grade and fork over my identity data to a corporation masquerading as a protetctor that has the temerity to hire a third party vendor who can't afford the 35 bucks to encrypt.
cool. go figure.

At 8:59 PM, Blogger agent99 said...

Anonymous said:

"...a third party vendor who can't afford the 35 bucks to encrypt."


Yep - that pretty much sums it up.
Kinda makes you wonder why these companies don't just do it to avoid all of the negative press resulting from data breaches and identity theft.

At 9:03 PM, Blogger agent99 said...

Anonymous said:

"Unfortunately I didn't know anything UNTIL that letter came in the mail."


For identity theft disclosure, this is one of the prime reasons we chose over 5 years ago to let honest, hard working people know about all of the incidents which threaten their financial security.

Especially latent identity theft problems which can be minimized by prompt disclosure and subsequent action.

72 hours (a weekend) is an inordinately length amount of time for an identity theft criminal to scam your credit.

Check back with us to stay informed. It is faster than relying on getting the bad news via US Postal (snail) Mail.

At 8:49 PM, Anonymous Anonymous said...

"Gap is notifying applicants and offering a year of
free credit monitoring services with fraud resolution

A year wprth? They must be kidding me. Do they think that is enough? I would rather have my whole life monitored rather than some BS, 12 months.

At 6:50 AM, Anonymous Anonymous said...

So what happens after a year?? What if our identity is stolen 3 years down the line? The person might hang low until the dust has settled and the credit monitoring is off then take advantage of us.

At 6:46 PM, Anonymous Anonymous said...

It is October 9th... and I received my letter today. Funny thing credit sucks, good luck to anyone getting a credit limit above $300. As if life wasn't stressful enough...

At 7:31 AM, Blogger stormkat214 said...

I was one of those people too. This person has been buying crap in my name and it pisses me off. Most people who did put in their application were under 18, I am only 17 and even though gap offered to help ensure me for a year, I can't do anything about it because I'm not legal. That so freakin stupid because I'm sure there were a lot of teenagers who wanted this job. I found out on the day that it happened (Sept 28) and I'm still in shock. I think this is so unfair that they wouldn't help out a teenager when we were affected just the same.

At 3:33 PM, Anonymous Anonymous said...

I'm one of the lucky one here too. As if all of us don't have enough to worry about now a days. "Gap is notifying applicants and offering a year of
free credit monitoring services with fraud resolution
assistance." Well, guess what Gap? I can't get monitored because one of the credit bureaus can't pull my file. WOW!! Congrats Gap. That makes me feel so secure. I am furious. Gap has not disclose who the vendor is. It is my confidential personal information out there in someone's hands not Gap's. I want the name of the vendor. I will not stop until I find out who the vendor is. Gap points the finger at vendor. Gap take some responsibility in your part. It is time for me to contact an attorney.

At 6:40 PM, Anonymous Anonymous said...

We to received the letter, however I am more concerned that this may be a Credit Reporting Scam, by means of selling you long term credit monitoring service. I will continue to investigate.

At 8:00 AM, Anonymous Anonymous said...

My 17 year old daughter is one of the victims of this fraud. She is not 18 until January at which point she will be able to gain the 1 year of protection. How in the world do they feel that is adequate. All these youngsters just getting started in life with blank credit histories. This is a gold mine for the someone, but they have to wait 10 years for it to pan out. Let these kids graduate, get started in life and then they cash in. And the incompetents at the Gap offer one year of credit monitoring. And act like they are taking a bullet for us. I was able to talk to a supervisor at the 800 number in their letter, but she told me that there was no one higher in the corporation I could discuss this with. A call center supervisor has taken point on this little issue. Right.

Is there any collective action being taken by the 800,000? Even if 800,000 start a boycott of their brands is that enough? No, I doubt it. I see in the news today they are firing a sweatshop operator in India. I don't intend to debate the use of child labor, but mention it just to point out the lack of follow up they demonstrate in their agreements with those they deal with. It is apparent to me that lackadaisical approach to delegation as a form of management is exactly what we see here. “Let’s give them a year with Experian and we are fine. Right. Everything is cool now, right?” Bull Hockey. How would Glenn Murphy feel about that if his daughter was the victim of this idiocy?

So what is fair? Are there any precedents for this? Is 20 years of fraud protection too much to ask for? Heck no it’s not. This is gross negligence by their agent and they are responsible. Because of this cavalier approach to their business, my child’s credit ranking and quality of life are potentially affected. Her personal data, that we are constantly warned by the media to protect at all cost, is now in the hands of felons. (based on the value of two laptops this is grand larceny, a felony.) So why was it stolen? For the laptops or for the data? Who is willing to take the chance with the future quality of your life? Oh that would be the Gap. BOYCOT GAP BRANDS, PASS THE WORD.

At 7:49 PM, Anonymous laptop batteries said...

your article is very good,you seems so educated


Post a Comment

Links to this post:

Create a Link

<< Home