A stolen laptop with employee and contractor information belonging to Houston-based engineering and construction firm KBR was reported to the New Hampshire Attorney General’s Office on January 21.
The date of theft was not mentioned, nor were the total number of individuals who had their names, dates of birth, addresses, Social Security Numbers and Employee ID numbers on the laptop, although the notification indicated that the laptop “may have contained” personal information of “some current and former” employees and contractors. Why do they write “may have?” Don’t they know what was on their own company laptop?
Ten of those affected were New Hampshire residents.
The notification doesn’t even indicate how or where or when the laptop was stolen, saying only that the company had “recently learned” of the theft and the theft had been reported to law enforcement.
This is why we need a mandatory notification law that includes specific elements, folks.
KBR’s letter to affected employees and contractors does not offer them any free services such as credit monitoring.
According to the company’s profile on its web site, KBR has more than 40,000 employees in 45 countries on five continents.