Coca-Cola logo

The Coca-Cola company announced a data breach incident this week after a former employee was found in possession of worker data on a personal hard drive.

The company learned of the security breach last September after law enforcement officials contacted Coca-Cola.

Investigators said that a former employee at a Coca-Cola subsidiary was found in possession of an external hard drive containing information that appeared to have been misappropriated from Coca-Cola.

Incident impacts 8,000 Coca-Cola workers

Coca-Cola says it worked with law enforcement in the past months to investigate the data's origin and validity, and determined that some documents contained the personal information of some of its workers.

Following state laws, the company is now sending notification letters to affected employees.

"We are issuing data breach notices to about 8,000 individuals whose personal information was included in computer files that a former employee took with him when he left the company," a Coca-Cola spokesperson told Bleeping Computer today.

The type of stolen and exposed data varies per employee, the spokesperson told us.

"We take information security very seriously, and we sympathize with everyone whose information may have been exposed. We regret any inconvenience or concern this may be causing them," the spokesperson added. "We do not have any information to suggest that the information was used to commit identify theft."

Coca-Cola is offering free identity monitoring for one year to affected employees through a third-party provider.

Announcement delayed at the request of law enforcement

The company also added it waited until now to report the breach to employees at the request of law enforcement, who were still investigating the incident.

Coca-Cola is not the first major company to have its data exposed by former employees. SunTrust suffered a similar breach last month.

Plus, there are many other similar cases of disgruntled employees doing damage to their former companies on which we have reported in the past [1, 2, 3, 4, 5, 6], all of which ended up badly for the former workers.

A copy of Coca-Cola's employee notification letter is available below.

Coca-Cola breach notification