Two foreign nationals who worked for a third-party data company are suspected of stealing the personal information of as many as 4,000 Dow Corning employees. The two men, who worked for HCL America, are believed to have downloaded names, Social Security numbers, income records, and more, then transferred that data to a USB drive. The drive—and the information—are unaccounted for as of now.

HCL America is a third-party contractor that provides paid services to clients like Dow Corning. As such, they are responsible for conducting thorough background checks, employee verifications, and other authenticating procedures. Many businesses rely on this type of contractor to complete certain company tasks while saving on the hiring costs and benefits associated with bringing in full-time employees.

Internal data breaches like this one are certainly nothing new. One particular incident resulted in a conviction of a former Morgan Stanley financial advisor who stole account records from the database and downloaded them to his personal laptop; although he still claims that he never released or sold the records, batches of those same account records were found on a black market website.

What is different about this incident with Dow Corning, however, is the speed with which the incident was detected and the suspects’ names revealed. News of data breaches in the past has often involved months or even years between the breach occurring, investigators discovering it, and then the company notifying the victims. In this case, Dow Corning discovered the breach in late-September, and a hearing is scheduled for November 17th. A federal judge has already issued a mandate to prevent the two suspects from destroying any evidence, and the men have been detained as they are considered a flight risk.

But regardless of whether the guilty parties are apprehended or how the breach occurred, the outcome for the thousands of victims is the same: their highly-sensitive data has been stolen. Since there’s no evidence yet that it has been used or released anywhere, the affected individuals are only being cautioned to monitor their credit reports and financial statements at this time. It’s also a good idea for victims of a data breach to change their passwords on significant accounts like their email, to install robust anti-virus and anti-malware software, and to keep the notification letter in a safe place as proof that their identities may have been compromised.