Telecoms carrier AT&T has admitted that it failed to encrypt a laptop that was stolen, which carrying the details of managers' salaries and other staff details.
The laptop was stolen from an employee's car last month, and the firm is now planning to strengthen its laptop security procedures following the theft.
Along with executive salary and bonus details - which could prove embarrassing if posted on the web - the laptop contained Social Security numbers and other personal details which would be useful to identity thieves.
"The fact that it is AT&T that has encountered this problem highlights the reality that no one is immune to being hit by a data breach that could result in identity theft," said Michael Callahan, chief marketing officer at laptop encryption specialist CREDANT Technologies.
"Our observations suggest that incidents like this usually result in a significant change of policy within the company. Although this can be interpreted as shutting the stable door after the horse has bolted, a positive change of company policy on encryption is always welcome," he said.