Boeing is notifying 3,600 current and former employees that their names, Social Security numbers and in some cases, addresses and phone numbers, may have been compromised after a laptop was stolen several days ago.
The laptop was grabbed from a Boeing human-resources employee at an airport, said company spokesman Tim Neale.
The laptop was password-protected and was turned off, he said.
But the file containing the information was not encrypted, despite a directive issued five months ago to remove or encrypt all sensitive information on laptops.
That order followed last November's theft of a Boeing laptop with data on 161,000 current and former employees, including names, Social Security numbers, and in some cases banking information.
Neale said the company is now conducting an audit of all human-resources laptops and purging any sensitive personal information from the hard drives.
From now on, such information can't be transferred to laptops, and anyone handling sensitive information must take training. Encryption software will also be on all laptops, Neale added.
"This is very upsetting to us to have data on that many employees on a computer that was stolen," Neale said. "We certainly don't want to see this happen again."
The file contained personnel information from the 2000 acquisition of Hughes Space and Communications by Boeing Satellite Systems, according to an internal company communication.
The employee did review his files after the November theft, but the stolen file was inside a folder that he had forgotten was on the laptop.
"Unfortunately this was an older file that this person hadn't opened in quite a while," Neale said. "The person who uses this computer had missed it."
Current employees who are affected are being contacted by e-mail, and those who are no longer with the company will be notified by mail. The company also is offering to pay for a credit-monitoring service for those affected.
Neale said there's no sign that any information from the 2005 laptop theft was used illegally.
Last year 250 Boeing laptops were stolen or lost, Senior Vice President of Human Resources Rick Stephens said in the internal communication. The company has 75,000 laptops.
For Arian Ward, a former Hughes Space and Communications IT manager who left the company in 1998, news that his information may be out there is disconcerting. But he said he's been a victim of identity theft twice and regularly monitors his bank and credit information.
Ward said he hasn't been notified regarding the stolen data.
"Anyone with data that's confidential should do what they can to secure it," said Ward, who is a self-employed management consultant in California. "Our information is flowing around a lot of places, not just from Boeing."
Ward said he has advised companies to cultivate greater employee awareness.
"It goes beyond simply locking down laptops," Ward said. "This requires a full-scale program to raise the consciousness of each employee, to have them take the initiative."