CNET también está disponible en español.

Ir a español

Don't show this again

Spotify Wrapped 2019 Interstellar comet Borisov Best Buy Apple sale Bernie Sanders on internet 'monopolies' The Witcher on Netflix Holiday gifts under $50

Laptop theft exposes data

Notebook taken from inside car of Ernst & Young employee reopens the issue of compromised clients and customers.

A seemingly random theft has led to another potential breach of personal data--this time name, address and credit card information from customers.

A laptop belonging to an Ernst & Young employee was stolen in a car theft earlier this year. Ernst & Young is the auditor for, an Expedia company, and the laptop contained personal data on customers. was notified of the theft of the laptop, which contained data for about 243,000 customers, on May 3, a representative for said. "Ernst & Young informed us that the vehicle was broken into in late February," said the representative. "We immediately began reconstructing the data. Once we were notified, we began working as expeditiously as possible to determine which customers were impacted and to notify them. We began sending letters to affected customers last week."

"We're the auditor for Expedia; this was part of the audit," Ken Kerrigan, deputy director of public relations for Ernst & Young, told CNET on Friday. Ernst & Young was in the process of doing the audit when the car theft took place, making it entirely proper for the employee to be in possession of the information via laptop, Kerrigan said.

CNET obtained copies of both the and Ernst & Young letters to affected customers.

According to the Ernst & Young letter, the file held certain personal information related to transactions, primarily from the year 2004. There were also a small number of transactions from 2003 and 2002. "We believe the transactions may have involved the payment card you used with or another Web site through which provided booking services directly to customers. Specifically, the information on the laptop may have included your name, address and some credit or debit card information you provided," the letter said.

The letter gives information on a toll-free call center to assist customers with questions, an offer for a free credit-monitoring service and instructions on how to file a fraud alert with credit card companies. has also contacted the credit card companies and informed them of specific customers whose cards have been compromised, the representative said.

While Kerrigan said he believes the incident was "just a car theft," the financial company has taken steps to more strongly protect confidential data.

"For the U.S. and Canada, as of May 31, 30,000 of our employees, which I believe is everyone, have password-protection and encryption software on their computers," Kerrigan said. He did not specify which vendor was providing the encryption software. "This computer was stolen before it was encrypted. It was password protected, but not with encryption software."

Ernst & Young has had other employee laptops stolen this year as well, according to news reports. The company said it is working with authorities on the latest laptop theft.

"At this time, we have no indication the information has been accessed or misused in any way," Ernst & Young said in a statement regarding the latest incident. "We are working closely with to reach out to their customers whose information was on the computer."

This incident is just one in a long line of security threats tied to misplaced, lost and stolen data.

On Thursday, the Texas Guaranteed Student Loan company reported that 1.3 million customers are in danger of ID theft, after an IT consultant lost hardware containing sensitive data. On May 22, the data of 26.5 million U.S. veterans and their spouses was stolen from a government employee who brought work home via a laptop. The day before that, it was discovered that hackers had possessed yearlong access to Ohio University servers. In April, it was discovered that a University of Southern California hacker gained access to the information of perspective students.