Marks & Spencer has become the latest large organisation embroiled in an identity theft-related security flap.

A laptop containing salary details, addresses, dates of birth, national insurance and phone numbers of some 26,000 employees has been stolen from a printing firm, which was tasked with the job of writing to workers about pension changes. M&S wrote to all staff whose names were on the laptop, warning them of the risk and offering free credit checks as a result.

News of the theft, which emerged over the weekend, follows similar security flaps at the Royal Cornwall Hospital Trust, Nationwide Building Society, the Metropolitan Police, Serco, and others.

Security firms were quick to point to the latest theft as another reason to use disk encryption in order to protect sensitive data. PGP Corporation spokesman Jamie Cowper said: "Staff and customers are increasingly concerned about the possibility of identity theft, and the offending company suffers not only high financial costs, but also risks enormous damage to their brand in the aftermath of a breach.

"Encryption and proper authorisation controls are quickly becoming essential measures for the protection of sensitive customer and employee data - companies need to realise this before legislation in this area drives greater punishment."

In other information security breach news, HM Revenue and Customs has apologised after sending the bank details of other claimants to punters applying for tax credits. It blamed a printer cock-up for the security snafu. Those affected were notified by letter last week. Many of those affected live in Northern Ireland, the BBC reports. ®

Related stories

• 7-year-old faces M&S Inquisition (5 September 2008)
• Security boffins unveil BitUnlocker (22 February 2008)
• M&S rapped for data loss (28 January 2008)
• Boro council in child data theft flap (17 January 2008)
• Lost CD may put pension holders in peril (5 November 2007)
• Tax man praised for owning up to lost laptop (8 October 2007)
• Second security breach hits Pfizer (16 August 2007)
• First Response issues ID theft alert after burglary (7 August 2007)
• VeriSign worker exits after laptop security breach (6 August 2007)
• Ohio data leak was 'accident waiting to happen' (22 June 2007)
• Eden laptop theft sparks ID theft fears (15 June 2007)
• Hackers blamed for Illinois agency server hack (7 June 2007)
• Hitachi ships Travelstar 7K200 encrypted hard drive (7 June 2007)
• Europe mulls anti-ID theft law (24 May 2007)
• Roche exposes medical details on website (11 May 2007)
• Memory sticks top security concern for firms (11 May 2007)
• Feds urge tougher ID theft laws (24 April 2007)
• Georgia on the mind of three million after CD loss (11 April 2007)
• Laptop thefts expose 40,000 Chicago teachers (9 April 2007)
• Nationwide fined £980,000 over stolen laptop (14 February 2007)
• Met Police in laptop theft security flap (22 November 2006)
• Florida laptop loss sparks ID theft fears (11 August 2006)
• Two teens charged over VA laptop theft (7 August 2006)