AMR, the parent company of American Airlines, ran into some choppy air last month when it discovered a key hard drive containing the names, birth dates and Social Security numbers of thousands of current and former employees was stolen from its headquarters.
As eSecurity Planet discovered, this latest high-profile data breach impacted current and former employees dating as far back as 1960. So far, company officials said the compromised data has not been used to steal the identities of any of the affected workers.
Earlier this year, independent data security researcher and consulting firm Ponemon Institute estimated that more than 800,000 portable storage devices were stolen or misplaced last year, a fact that’s led state and federal lawmakers to pass more stringent legislation holding companies accountable for safeguarding employee and customer data.
In one of the largest data breaches in recent months, AMR, the parent company of American Airlines, said it’s now in the process of notifying more than 79,000 current, former and retired employees that a hard drive containing their most sensitive personal information was stolen for its corporate headquarters in Fort Worth, Texas.
AMR (NYSE: AMR) officials said the purloined drive contained images of microfilm files that stored data such as employees’ names, address, birth dates, Social Security numbers and what it described as “limited” bank account information.
The data breach was discovered on June 4, according to AMR, and the company last week began mailing out notification letters to all affected employees and retirees. The data was compiled by the company’s pension department and also included health insurance information, including the names and personal information of employees’ beneficiaries.
The company is offering a free year of credit-monitoring services and, in a statement, said it has initiated new security procedures at its headquarters to prevent future data breaches of this magnitude.