In a letter dated Thursday, Armstrong said the information was on a laptop taken from the locked car of a Deloitte & Touche employee who was auditing Armstrong’s payroll.

The information includes names, home addresses, home phone numbers, employee identification numbers, Social Security numbers and pay.

Although a report published elsewhere said the stolen data include bank-account numbers, a copy of the Armstrong letter obtained by the New Era does not mention it.

The two-page letter adds that the company, as of Thursday, is not aware of any misuse of the data.

The information is password protected — providing some security — but not encrypted, which would have protected it better.

“We sincerely apologize for this incident and its associated risk,” writes F. Nicholas Grasberger III, Armstrong senior vice president and chief financial officer.

“Deloitte & Touche has assured Armstrong that it has established additional safeguards to better secure personal information,” he continues.

Those extra precautions, the company says in an accompanying question-and-answer document, include encryption, a kind of coding that hides the content from all but authorized users.

Grasberger’s letter does not say when or where the laptop was stolen, noting only that a police report was filed and the computer remains unrecovered.

However, to lessen the chance of identity theft, Armstrong advises the employees to take a number of precautions.

“We recommend that you keep a close watch for unusual transactions involving your bank accounts, credit cards and other bills and financial statements,” Grasberger writes.

The letter also suggests that employees put a 90-day temporary fraud alert on their credit files, alerting creditors to the potential of fraudulent activity. The letter tells how to do so.

Armstrong also is offering employees two years of free credit monitoring through the Equifax Credit Watch Gold program. The program otherwise would cost them $130 a year.

It’s not known how many of the 12,000 current and former employees are Lancaster County residents, or whether Armstrong is going to continue hiring Deloitte & Touche.

Lancaster-based Armstrong, a maker of floors, ceilings and cabinets, has about 2,000 workers here.

An Armstrong spokeswoman did not return calls for comment by presstime. A Deloitte & Touche spokeswoman said she did not have details on the Armstrong incident immediately available.

Deloitte & Touche conducts regular audits of Armstrong policies and procedures. It does not audit Armstrong’s quarterly financial reports; KPMG handles that.

One Armstrong hourly employee who received the letter was not too worried about the risk of identity theft posed by the stolen laptop.

“I threw (the letter) out,” he said. “I figured, with 12,000 people, what are the chances of them coming after me?”

The theft of laptops containing personal information on thousands of people has become a growing problem in recent months, mirroring the growing use of laptops.

Among the most prominent thefts was the loss in May of a Department of Veterans Affairs laptop holding information on 26.5 million veterans and military personnel; that laptop was recovered.