The names, Social Security numbers and salary information of an unknown number of Under Armour employees might have been exposed when a thumb drive containing payroll information was lost in the U.S. mail, according to a published report in Ohio.
The Dayton Daily News obtained an internal memo from the Baltimore-based sports apparel maker to its employees last week. The emailed memo reported that an unencrypted thumb drive containing employee payroll information was lost in the mail on or about April 12. The thumb drive was sent by mail to Under Armour's auditing firm, PricewaterhouseCoopers, in connection with an audit.
"We are taking this matter very seriously and are working diligently with PwC and local governmental authorities to conduct an investigation and search, but have been unable to locate the thumb drive as of the date of this letter," Chip Adams, Under Armour's chief performance officer, wrote in the memo, according to the newspaper.
Jude Curtis, PwC's chief ethics and compliance officer, confirmed the loss of the thumb drive, the newspaper said.
"PwC is committed to protecting its clients' confidential information and is working closely with its client to provide protective safeguards to those individuals whose information was lost," Curtis said in a statement. "The firm deeply regrets that the information was lost in transit to a PwC facility, and is conducting a thorough internal investigation into these events to determine how PwC's client security protections were breached."
Under Armour officials were not aware of any misuse of the employee information, according to the Dayton Daily News. The company has taken steps to guard against any potential problems related to the data breach, according to the memo.
"We are undertaking a thorough review of this incident to help ensure that it will not be repeated," the memo said.