A Facebook payroll department staffer had a number of the company’s hard drives in their bag. Said bag was in the employee’s car, when it was broken into. In case you were wondering, no, the employee was not supposed to have taken the hard drives outside of the company. Worst of all, the drives were unencrypted. This means easy access to Facebook employees’ name and bank account number. Also in the drives are salaries, bonuses and some equity details. This is very bad news if the drives were taken by someone with intent to steal personal and financial information of the employees. But a company spokesperson said that this is likely a case of petty theft rather than a specific attempt at stealing employee data.
The incident happened on 17 November, but the company only realised that the drives were missing three days later. Oddly enough, it took another nine days before a “forensic investigation” confirmed that the missing drives had employee payroll information. Facebook started informing affected employees on 13 December. At the very least, the company also offered the affected employees a two-year subscription to an identity theft monitoring service. And while this time it’s not a story of customer data getting leaked, it still not a good situation for Facebook’s employees to be in. (Source: Bloomberg)