“We recently learned that the vendor unintentionally backed up this data to an unsecured computer server that was accessible from the Internet,” Scott Purvis, vice president of human resources at the home-improvement retailer, said in a May 19 letter.
The notice went out to current and former employees whose SSNs or driver’s license numbers were stored in an online database provided by the contractor -- SafetyFirst, a driver safety firm.
Personal information from the backup server may have been accessed between July 2013 and April 2014. There is no evidence the data has been misused yet.
Other information stored in the database included names, addresses, dates of birth, sales IDs, and other driving record information.
ThreatWatch is a regularly updated catalog of data breaches successfully striking every sector of the globe, as reported by journalists, researchers and the victims themselves.