Don’t you just hate it when your breach response goes awry and compounds the breach or you discover that your original analysis of what information was involved was incomplete?
Last month, Stanley Black & Decker notified both California and New Hampshire that a stolen corporate laptop contained employees’ information, including their bank routing and account numbers for those who received reimbursement for expenses via direct deposit.
On April 15, however, the firm notified New Hampshire that in the process of preparing notification letters, they experienced a mail merge error that resulted in some individuals having the wrong addresses.
While trying to address the mail merge error, and to compound matters even more, they discovered that the stolen laptop had held the Social Security numbers of some of the former and current employees.
As a result, the firm is sending out new notification letters to everyone affected by the stolen laptop breach.
You can read their explanation to New Hampshire here.