Lowe’s Acknowledges Third Party Data Breach

Lowe’s recently began notifying an undisclosed number of current and former employees that their personal information may have been disclosed when a third-party vendor mistakenly backed up Lowe’s employee data to an unsecured server.

The vendor, SafetyFirst, manages an online database called E-DriverFile, which stores compliance information related to current and former drivers of Lowe’s vehicles, as well as information about current and former employees who administer the system.

The data stored in E-DriverFile includes names, addresses, birthdates, Social Security numbers, driver’s license numbers, sales IDs, and other driving record information.

“Promptly after learning of the potential issue, SafetyFirst blocked access to the unsecured backup server and retained data security experts to conduct an investigation of the incident,” Lowe’s vice president of human resources Scott Purvis wrote in the notification letter [PDF]. “That investigation determined that personal information from the backup server may have been accessed between July 2013 and April 2014.”

All those whose Social Security numbers and/or driver’s license numbers may have been exposed are being offered one free year of credit protection services from AllClear ID.

Jeff Goldman
Jeff Goldman
Jeff Goldman has been a technology journalist for more than 20 years and an eSecurity Planet contributor since 2009.

Latest articles

Top Cybersecurity Companies

Related articles


Please enter your comment!
Please enter your name here