Lowe’s: Breach was limited to employee data

A Lowe’s spokeswoman told HCN that various blogs covering the story about a Lowe’s data breach inaccurately implied that consumers were affected. 

That’s not the case, said Karen Cobb, manager of corporate public relations for the Mooresville, North Carolina-based retail giant.

“This situation affected only documentation of employees approved to drive Lowe’s-owned vehicles and in no way contained any customer data,” she said.

She also broke down the nature of the breach:

She said Lowe’s uses a third-party vendor to maintain compliance information and documentation for employees who are approved to drive company vehicles. An error by the vendor resulted in personal information about some current and former employees made potentially accessible via the Internet.

“We’ve made current and former employees affected by the error aware of the situation,” she said. The company also made arrangements for those affected to receive credit protection services. 

The company also stressed that there is no evidence that any of the compromised information was misused.