DOVER – Personal information from thousands of people in New Hampshire and Massachusetts has been compromised after a data backup tape from Bill Dube Ford/Toyota was stolen this summer.

The pilfered data include names, addresses, Social Security numbers and driver's license information, but no financial data such as credit card information, from customers at Bill Dube's dealerships in Dover and Wilmington, Mass.

The data were discovered stolen on Aug. 5 and reported to police that same day. Customers were informed of the breach in a letter dated Dec. 5.

Police are investigating the breach as a theft, but so far none of the information has been used to steal anyone's identity, Dover Police Lt. David Terlemezian said.

"The investigation is active; we haven't developed evidence against any particular person at this point," he said. "Exactly what happened and how it happened isn't entirely clear."

Company officials could not say yesterday precisely how many people were affected by the breach or what time period the data covered.

"It was in the thousands," said Bill Dube attorney Scott Silverman, of the Boston office of McCarter & English, about the number of people affected. "I believe it was more than 10,000." Customers who purchased vehicles and those who had their vehicles serviced at the dealerships are affected. The company has asked those with concerns to place fraud alerts on their credit files in case anyone tries to open new cards under their name.

A single data tape was stolen from a secure storage room at the Dover dealership on Dover Point Road in August, Silverman said. He said few people knew of the storage room and whoever stole the tape accessed the room via a staircase in the back of the dealership.

Dealership officials notified authorities of the alleged theft as soon as it was learned of; the data breach triggered investigations by police and the company, Silverman said.

The attorney generals from New Hampshire and Massachusetts also had to be notified, Silverman said, because the theft affects customers in both states. In the case of Massachusetts, that attorney general also had to sign off on any notification letter to customers, Silverman said.

Silverman said company officials also had to figure out what data were stolen. He said it's unclear how useful the data could be to thieves, because it was kept in a format that requires specialized software to be read.

That process of investigation and notification is why customers weren't notified until this month, Silverman said.

"The dealership executives feel very strongly that whoever did this, the intent was to give them a hard time and have them have to go through a process like this," he said.