Coca-Cola announced a data breach after a former employee was found in possession of worker data on a personal hard drive. In compliance with state laws, the company is notifying the data breach to the affected employees via letter.
The company discovered the security breach in September when law enforcement officials notified it that a former employee at a Coca-Cola subsidiary was found in possession of an external hard drive.
Coca-Cola supported the investigation conducted by law enforcement, it confirmed the authenticity of the documents that contained personal information of some workers.
The company did not disclose the incident immediately at the request of authorities who were investigating the data breach.
Following state laws, the company is now sending notification letters to affected employees.
According to a company spokesman, the data breach has affected about 8,000 workers.
“We are issuing data breach notices to about 8,000 individuals whose personal information was included in computer files that a former employee took with him when he left the company,” a company spokesperson told Bleeping Computer.
“We take information security very seriously, and we sympathize with everyone whose information may have been exposed. We regret any inconvenience or concern this may be causing them. We do not have any information to suggest that the information was used to commit identity theft.”
As usually happens in these cases, Coca-Cola is offering free identity monitoring for one year to affected employees.
Back in 2014, Coca-Cola warned some 74,000 employees and other individuals that their personal information was compromised due to the theft of several company laptops.
(Security Affairs – cybercrime, data breach)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.