Breaking News: Starbucks Sends Internal Memo Regarding Laptop Theft with 97,000 Employees’ Social Security Numbers, Names and Addresses

Note: We have received confirmation from THREE more Starbucks employees that the internal communication is valid.

It is being reported that Starbucks employees have received an internal communication regarding a stolen laptop which contained 97,000 employees’ names, addresses and social security numbers.

Here is the full memo sent internally from Russell Walker the VP of Enterprise Security at Starbucks, t note here is no mention of encryption or other security measures installed on the laptop.

Dear _____:

Because Starbucks takes out commitment to safeguarding the personal information and security of our partners very seriously, we are writing to inform you of a recent incident that may have involved a breach of your private information (including name, address and social security number). We are sending this letter to not only notify you about the incident, but also to share information about some safeguarding steps that we recommend you undertake to ensure that your information is fully protected and secure.

Starbucks Enterprise Security learned that a laptop containing partner information was stolen on October 29, 2008. The private information of approximately 97,000 US Partners, including yours, was stored on this laptop. A police report was filed with the Seattle Police Department. At present, we have no indication that the private information has been misused.

As a precaution, we ask that you monitor your financial accounts carefully for suspicious activity and take appropriate steps to protect yourself against potential identity theft. To assist you in protecting this effort, Starbucks has partnered with Equifax to offer, at no cost to you, credit watch services for the next year. This service provides you with an early warning of any changes to your credit file. Enclosed you will find a description of the service and enrollment instructions.

In addition, the Federal Trade Commission has released a comprehensive guide that may provide you with valuable information to help protect yourself against and deal with identity theft. It is available for free online at http://www.ftc.gov/bcp/edu/microsites/idtheft/consumers/about-identity-theft.html.

When these incidents occur, we take the opportunity to once again review our procedures for protecting data and educate our partners about ways to further protect their personal information. We also continue our work to prevent future incidents from occurring. In fact, we are currently implementing encryption solutions where appropriate.

Again, while we have no evidence that your personal information has been misused or compromised, we believe it is important that you are fully informed of the potential risks associated with this incident. Starbucks regrets any inconvenience this situation may cause.

If you have any questions, please contact the Starbucks Partner Contact Center.

Signed,

Russell Walker
vp, Enterprise Security
Starbucks Coffee Company