Coca-Cola suffers data breach after employee 'borrows' 55 laptops

Up to 74,000 records compromised, firm believes

Coca-Cola has admitted falling prey to bizarre slow-motion data breach in which an employee apparently stole dozens of laptops over several years containing the sensitive data of 74,000 people without anyone noticing.

The unnamed former worker, said to have been in charge of equipment disposal, reportedly removed a total of 55 laptops over a six-year period from its Atlanta offices, including some that belonged to a bottling company acquired by the fizzy-drinks giant in 2010.

Only after recovering these during November and December did Coca-Cola realise that they contained 18,000 personal records that included social security numbers plus a further 56,000 covering other types of sensitive data. All but a few thousand were Coca-Cola employees or otherwise connected to the firm.

None of the records were encrypted in line with the firm's security policy, the company told employees in a memo seen by the Wall Street Journal. Affected individuals were being contacted.

"To expedite the process, we brought in extra crews that worked long hours, including throughout the holiday period and on weekends," the memo reportedly said by way of explaining the delay between discovering the issue in December and the company telling the world on 24 January.

The mystery of how the laptops disappeared is almost as strange as the fact that they later reappeared, allowing the breach to be characterised as temporary.

"Organisations need to be sure they have a firm grasp on their data, know where and when it has been copied or transferred, and ensure that techniques such as encryption are in place in case it falls into the wrong hands," commented Chris McIntosh, CEO of security firm ViaSat UK.

Then again, the failure here appears to be as much about physical security and processes surrounding equipment disposal as the fact it wasn't encrypted.

Join the Computerworld Australia group on Linkedin. The group is open to IT Directors, IT Managers, Infrastructure Managers, Network Managers, Security Managers, Communications Managers.

More about: ViaSat, Wall Street
Comments are now closed.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: Coca-Cola, Personal Tech, security, None, wall street journal
Whitepapers
All whitepapers

UPDATED: 4G in Australia: The state of the nation

READ THIS ARTICLE
DO NOT SHOW THIS BOX AGAIN [ x ]
Sign up now to get free exclusive access to reports, research and invitation only events.

Computerworld newsletter

Join the most dedicated community for IT managers, leaders and professionals in Australia