The San Francisco-based bank on Friday posted a statement on its Web site saying that a computer belonging to its mortgage group had been reported as missing while being transported between Wells Fargo facilities by a global express shipping company.
The stolen system contained information such as names, addresses, Social Security numbers and mortgage loan account numbers of Wells Fargo customers. "The computer has two layers of security, making it difficult to access the information," the bank said.
So far, at least, there is no indication that the information kept on the computer has been misused in any way, said Alejandro Hernandez, a company spokesman.
Wells Fargo has begun sending letters to affected individuals informing them of the incident and advising them what they can do to mitigate any exposure to identity theft. The company will also pay for a one-year subscription to a credit monitoring service for affected individuals.
Hernandez did not disclose how many customers were affected by the breach. Nor did he say when the theft might have occurred, citing an ongoing criminal investigation by law enforcement authorities.
According to the online statement from the bank, law enforcement authorities directed Wells Fargo to delay notifying affected customers because they were concerned that doing so would jeopardize the investigation. "At this point, law enforcement believes the equipment was stolen for the hardware," not for the data it contained, Hernandez said.
For Wells Fargo, the incident is only the latest in a series of embarrassing and nearly identical data breaches that have taken place over the past two and a half years.
In November 2003, the names, addresses and Social Security numbers of thousands of Wells Fargo customers were compromised when a burglar broke into the office of consultant working for the bank and stole a computer containing the data.
A year later, in November 2004, the company announced that three laptops and one desktop computer containing personal data on thousands of the bank's borrowers were stolen from an Atlanta-based subcontractor that printed monthly statements for Wells Fargo. That incident prompted two of the affected individuals to sue the bank for negligence and breach of contract. The case was decided in the bank's favor in March.
And in February 2004, a laptop containing confidential information on more than 35,000 Wells Fargo customers was lost by a company employee when it was left in a car that was stolen from a gas station.