A former information technology contract worker had banking information for more than 6,000 current and former Baltimore County employees on his computer, local government officials said Friday.
The revelation heightens concerns about public employees' exposure to a data breach that came to light last week as county police investigated an unrelated identity-theft case. Officials previously said county workers' Social Security numbers and other information had been found on the suspect's computer.
County police have not identified the suspect. Police spokeswoman Elise Armacost said Friday the department plans to extradite the man from Florida, where he was taken into custody.
The man was indicted in the other case in the spring by the Baltimore County state's attorney's office but later fled the state. Police were alerted after the suspect's neighbor reported in July 2012 that that he was making purchases using fake checks and fake identification.
Investigators recovered the computer after a search of the suspect's home. Police have said detectives do not believe the county employee data from the hard drive is linked to any identity-theft cases.
Officials said the suspect worked for a county contractor between December 2011 and July 2012. Baltimore County hired the contractor to move computers around offices, and officials believe he got the data when he brought a new computer to an employee who needed the information for work.
"I apologize that this information was not included in the original correspondence that I sent you last week regarding this unfortunate incident," said county administrative officer Fred Homan in a statement. He said investigators are nearly finished reviewing the recovered data.
The data was discovered in payroll files from January and March of 2007 and contained the personal information of those employees who, on those dates, had their paychecks directly deposited into their bank accounts, officials said.
Authorities also found information, including employee names, county identification numbers, home addresses, payment amounts and Social Security numbers. No banking or routing information was found for employees hired after March 2007.
The county has since prohibited employees from downloading personal information on their individual county hard drives said workers were scanning 5,000 computers to remove any personal information.