A thief stole hard drives containing Facebook payroll data from a car

Facebook informed its employees that hard drives containing information about its workers’ payroll were stolen from a car last month.

On Friday, Facebook announced that hard drives containing information about its workers’ payroll were stolen from a car last month.

According to the company, a thief stole unencrypted hard drives containing banking data belonging to 29,000 Facebook employees.

The hard drives contained information on US workers who were employed by Facebook in 2018, exposed data includes bank account numbers, employee names, the last four digits of their social security numbers, their salaries, bonuses, and equity details. The company notified the data theft to its staff via email Friday morning.

“We worked with law enforcement as they investigated a recent car break-in and theft of an employee’s bag containing company equipment with employee payroll information stored on it,” the spokeswoman said in a statement shared with Bloomberg. “We have seen no evidence of abuse and believe this was a smash and grab crime rather than an attempt to steal employee information.”

The theft took place on November 17, and Facebook discovered the absence of the hard drives on November 20. On November 29, a “forensic investigation” confirmed that those hard drives included employee payroll information.

According to Bloomberg, the theft stole the hard drives from a member of Facebook’s payroll department, and it wasn’t supposed to have taken the hard drives outside the campus.

The member of the payroll department was keeping the hard drives in a bag.

“Out of an abundance of caution, we have notified the current and former employees whose information we believe was stored on the equipment and are offering them free identity theft and credit monitoring services,” Facebook said.

The social media giant is working with police investigating the theft.

“Facebook is still working with law enforcement to recover the information, though none of the hard drives have been found. In an email, Facebook encouraged employees to notify their banks and offered them a two-year subscription to an identity theft monitoring service.” concludes Facebook.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Facebook, crime)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.