======================================================================== Open Security Foundation - DataLossDB Weekly Summary Week of Sunday, March 21, 2010 58 Incidents Added. ======================================================================== DataLossDB is a research project aimed at documenting known and reported data loss incidents world-wide. The Open Security Foundation asks for contributions of new incidents and new data for existing incidents. For any questions about the project or the data contained within this email or the website (http://www.datalossdb.org), please contact us at curators@private. ======================================================================== DataLossDB News/Updates Court Says Posting PII Online is Cool -- First Amendment Cool http://datalossdb.org/incident_highlights/47 Fringe Incidents http://datalossdb.org/incident_highlights/46 ======================================================================== Incidents Added Reported Date: 2010-03-26 Summary: Data of 3.3M names, addresses, dates of birth and Social Security numbers exposed on stolen portable media device Organizations: Educational Credit Management Corporation http://datalossdb.org/incidents/2627 --------------------- Reported Date: 2010-03-25 Summary: 250 patients' files stolen from unlocked cabinets by cleaning crew Organizations: Northwestern Memorial Hospital, The Millard Group, Inc. http://datalossdb.org/incidents/2630 --------------------- Reported Date: 2010-03-24 Summary: 5,000 past and current employees' information including bank account information, social security numbers and birth dates compromised Organizations: Evergreen Public Schools, Vancouver Public Schools http://datalossdb.org/incidents/2673 --------------------- Reported Date: 2010-03-23 Summary: Tax preparer steals more than 60 customers names, addresses, Social Security numbers Organizations: H&R Block http://datalossdb.org/incidents/2613 --------------------- Reported Date: 2010-03-22 Summary: Third party vendor exposed debit card numbers Organizations: Fifth Third Bank http://datalossdb.org/incidents/2670 --------------------- Reported Date: 2010-03-22 Summary: Names, addresses and Social Security numbers of 11000 rebate applicatants are stolen Organizations: Connecticut Office of Policy and Management http://datalossdb.org/incidents/2611 --------------------- Reported Date: 2010-03-18 Summary: 2,135 pension scheme illustrations stolen from laptop in the company’s office. Organizations: Royal London Mutual Insurance Society http://datalossdb.org/incidents/2618 --------------------- Reported Date: 2010-03-17 Summary: 480 former students' personal information on a stolen school-owned laptop Organizations: University of South Carolina Beaufort http://datalossdb.org/incidents/2672 --------------------- Reported Date: 2010-03-16 Summary: Computer glitch incorrectly mails tax forms to the wrong address 697 exposed Organizations: House of Commons of Canada http://datalossdb.org/incidents/2667 --------------------- Reported Date: 2010-03-15 Summary: Employment applications containing names, address, dates of birth, Social Security numbers, bank account numbers found in trash Organizations: Pizza Hut Inc http://datalossdb.org/incidents/2620 --------------------- Reported Date: 2010-03-12 Summary: 20 million customers private data leaked by major retailer Shinsegae and 24 other companies Organizations: Shinsegae http://datalossdb.org/incidents/2622 --------------------- Reported Date: 2010-03-12 Summary: Employee of HSBC steals information of 24,000 customers Organizations: HSBC http://datalossdb.org/incidents/2621 --------------------- Reported Date: 2010-03-06 Summary: Customer invoices exposed to internet Organizations: Durex (brand), SSL International plc, TTK-LIG Ltd http://datalossdb.org/incidents/2624 --------------------- Reported Date: 2010-03-05 Summary: 1,225 credit card numbers belonging to customers compromised via hack Organizations: Small Dog Electronics http://datalossdb.org/incidents/2623 --------------------- Reported Date: 2010-03-04 Summary: Documents of 554 patients names and Social Security numbers stolen from car Organizations: Wake Forest University Baptist Medical Center http://datalossdb.org/incidents/2612 --------------------- Reported Date: 2010-03-03 Summary: Incorrectly repaired corrupt data file leads to account information being sent to incorrect customers Organizations: St. George, Salmat http://datalossdb.org/incidents/2629 --------------------- Reported Date: 2010-02-25 Summary: 15,000 customer accounts accidentally emailed to a member of the public Organizations: Redstone Mortgages http://datalossdb.org/incidents/2619 --------------------- Reported Date: 2010-02-20 Summary: Laptop containing the PHI of over 600 stolen Organizations: Montefiore Medical Center http://datalossdb.org/incidents/2666 --------------------- Reported Date: 2010-02-17 Summary: Lost blackberry device contains PHI of 3,800 patients Organizations: Children's Medical Center of Dallas http://datalossdb.org/incidents/2654 --------------------- Reported Date: 2010-02-15 Summary: Stolen medical documents expose 554 patients Organizations: North Carolina Baptist Hospital http://datalossdb.org/incidents/2640 --------------------- Reported Date: 2010-02-13 Summary: Information of 170,000 employees and contractors leaked Organizations: Royal Dutch Shell PLC http://datalossdb.org/incidents/2626 --------------------- Reported Date: 2010-02-08 Summary: Stolen computer exposes patients medical details 1900 exposed Organizations: University of New Mexico Health Sciences Center http://datalossdb.org/incidents/2635 --------------------- Reported Date: 2010-02-04 Summary: Unspecified paper breach exposes the PHI of nearly 2,000 Organizations: MMM Health Care Inc., MSO of Puerto Rico, Inc. http://datalossdb.org/incidents/2653 --------------------- Reported Date: 2010-02-04 Summary: Unknown breach expose documents of 605 patients Organizations: PMC Medicare Choice Inc http://datalossdb.org/incidents/2655 --------------------- Reported Date: 2010-01-21 Summary: Thief steals old x-rays of over a thousand patients Organizations: Carle Clinic Association http://datalossdb.org/incidents/2656 --------------------- Reported Date: 2010-01-11 Summary: Stolen computer exposes patients medical details 532 are exposed Organizations: Lucille Packard Children's Hospital http://datalossdb.org/incidents/2637 --------------------- Reported Date: 2010-01-01 Summary: Stolen computer exposes PHI of 9,309 patients Organizations: Ashley and Gray DDS http://datalossdb.org/incidents/2659 --------------------- Reported Date: 2009-12-30 Summary: Equipment theft leads to potential exposure of patient PHI Organizations: Advanced NeuroSpinal Care http://datalossdb.org/incidents/2658 --------------------- Reported Date: 2009-12-27 Summary: CD's stolen containing PHI of nearly 6,000 Organizations: Educators Mutual Insurance Association of Utah, Health Behavior Innovations http://datalossdb.org/incidents/2660 --------------------- Reported Date: 2009-12-22 Summary: A laptop containing personal details of thousands of MBNA credit card customers was stolen. Organizations: MBNA, NCO Europe Ltd http://datalossdb.org/incidents/2671 --------------------- Reported Date: 2009-12-15 Summary: Stolen laptop exposes patients 1,101 medical details Organizations: Center for Neurosciences http://datalossdb.org/incidents/2665 --------------------- Reported Date: 2009-12-15 Summary: Stolen computer contains personal infomation. Organizations: National Audubon Society http://datalossdb.org/incidents/2625 --------------------- Reported Date: 2009-12-12 Summary: Lost backup tapes exposes PHI of 2,562 Organizations: Blue Island Radiology Consultants, United Micro Data Inc http://datalossdb.org/incidents/2643 --------------------- Reported Date: 2009-12-11 Summary: Unauthorized access to PHI exposes 528 patients details Organizations: Brown University, Blue Cross Blue Shield of RI http://datalossdb.org/incidents/2661 --------------------- Reported Date: 2009-11-30 Summary: Stolen laptop contained PHI of over 7,000 Organizations: University of California San Francisco http://datalossdb.org/incidents/2652 --------------------- Reported Date: 2009-11-24 Summary: Stolen laptop exposes 812 PHI Organizations: Advocate Health Care http://datalossdb.org/incidents/2645 --------------------- Reported Date: 2009-11-19 Summary: Stolen laptop exposes 900 patients health information Organizations: Concentra Inc http://datalossdb.org/incidents/2647 --------------------- Reported Date: 2009-11-17 Summary: Personal details of thousands of mobile phone customers stolen and sold to rival firms Organizations: T-Mobile http://datalossdb.org/incidents/2617 --------------------- Reported Date: 2009-11-16 Summary: 14,673 voters' details including names and date of birth stolen on laptop Organizations: St Albans City and District Council http://datalossdb.org/incidents/2657 --------------------- Reported Date: 2009-11-10 Summary: Unspecified theft loses PHI of over a thousand Organizations: Massachusetts Eye and Ear Infirmary http://datalossdb.org/incidents/2651 --------------------- Reported Date: 2009-10-31 Summary: Stolen medical records exposes 596 patients Organizations: Kern Medical Center http://datalossdb.org/incidents/2663 --------------------- Reported Date: 2009-10-26 Summary: 500,000 job seekers info fallen victim to hacker(s). Organizations: The Guardian http://datalossdb.org/incidents/2616 --------------------- Reported Date: 2009-10-26 Summary: Unspecified snail mail issue exposes PHI of 3,400 Organizations: Blue Cross Blue Shield Association, Service Benefits Plan Administrative Services Corp. http://datalossdb.org/incidents/2664 --------------------- Reported Date: 2009-10-16 Summary: Theft of paper records potentially compromises 1,000 medical records Organizations: Brooke Army Medical Center http://datalossdb.org/incidents/2662 --------------------- Reported Date: 2009-10-12 Summary: Stolen USB exposes PHI of over 500 people Organizations: Alaska Department of Health and Social Services http://datalossdb.org/incidents/2644 --------------------- Reported Date: 2009-10-09 Summary: Lost laptop contains the PHI of nearly 4,000 people Organizations: Health Services for Children with Special Needs, Inc. (HSCSN) http://datalossdb.org/incidents/2642 --------------------- Reported Date: 2009-10-07 Summary: Snail mail error exposes the PHI of thousands Organizations: Blue Cross Blue Shield Association, Merkle Direct Marketing http://datalossdb.org/incidents/2641 --------------------- Reported Date: 2009-10-04 Summary: Unspecified theft exposes PHI of thousands Organizations: Aspen Dental Care P.C. http://datalossdb.org/incidents/2639 --------------------- Reported Date: 2009-09-27 Summary: Laptop stolen from employee's car exposes PHI of nearly 6,000 Organizations: City of Hope National Medical Center http://datalossdb.org/incidents/2638 --------------------- Reported Date: 2009-09-22 Summary: Stolen server (vague) exposes medical records Organizations: Mid America Kidney Stone Association, LLC http://datalossdb.org/incidents/2634 --------------------- Reported Date: 2009-09-22 Summary: Phishing scam exposes over 600 medical records Organizations: University of California San Francisco http://datalossdb.org/incidents/2636 --------------------- Reported Date: 2009-08-17 Summary: SQL injection attack by Gonzalez compromises unknown number of credit cards Organizations: 7-Eleven http://datalossdb.org/incidents/2628 --------------------- Reported Date: 2009-08-17 Summary: Gonzalez installs card data sniffers, potentially accessing credit and debit card transaction data Organizations: J. C. Penney Company, Inc. (JCPenney) http://datalossdb.org/incidents/2632 --------------------- Reported Date: 2009-08-17 Summary: Malicious software installed in network by Gonzalez and crew Organizations: Wet Seal, Inc. http://datalossdb.org/incidents/2633 --------------------- Reported Date: 2003-05-29 Summary: 2.5 million customers insurance claims and personal information exposed on web site Organizations: Cingular http://datalossdb.org/incidents/2615 --------------------- Reported Date: 2001-05-19 Summary: Hacker gains access to customer information posted on customer Web site Organizations: A&B Sound http://datalossdb.org/incidents/2631 --------------------- Reported Date: 2001-05-10 Summary: Customers information revealed in spreadsheet on website Organizations: Gateway 2000 http://datalossdb.org/incidents/2614 --------------------- Reported Date: 1989-10-08 Summary: Thief steals eye patient retina pictures Organizations: Massachusetts Eye and Ear Infirmary http://datalossdb.org/incidents/2650 --------------------- ======================================================================== Blotter Posts Added: 2010-03-27 Title: Data theft targets 3.3 million with student loans http://www.msnbc.msn.com/id/36060713/ns/technology_and_science-security/ --------------------- Added: 2010-03-27 Title: EMR Data Theft Booming http://feeds.informationweek.com/click.phdo?i=a2db1ab5aac35f31ad4e2e3b6805ea34 --------------------- Added: 2010-03-27 Title: UHP sees spike in ID theft http://www.thespectrum.com/article/20100326/NEWS01/3260331/1002/rss --------------------- Added: 2010-03-27 Title: Seven women arrested in massive identity theft bust http://www.suntimes.com/news/24-7/2123042,identity-theft-ring-bust-women-032510.article --------------------- Added: 2010-03-27 Title: Online resumes can trigger identity theft http://www.usatoday.com/money/jobcenter/workplace/bruzzese/2010-03-25-online-resume-hazards_N.htm?csp=34 --------------------- Added: 2010-03-27 Title: Top five tips to avoid digital identity theft http://www.theglobeandmail.com/news/technology/top-five-tips-to-avoid-digital-identity-theft/article1510362/ --------------------- Added: 2010-03-27 Title: Hacker faces 17- to 25-year prison term http://feeds.boston.com/click.phdo?i=af6fa7cd02cd1ae4c9b51d7966cb63e8 --------------------- Added: 2010-03-27 Title: As digital files replace paper, medical identity theft is apt to spread, too http://feeds.boston.com/click.phdo?i=4d201f4fa11cef0d8a7571997ac21116 --------------------- Added: 2010-03-27 Title: Paterson man sentenced to 10 years for identity theft http://www.northjersey.com/r?19=961&43=515347&44=88934317&32=4497&7=309037&40=http%3A%2F%2Fwww.northjersey.com%2Fnews%2F032310_Paterson_man_sentenced_to_10_years_for_identity_theft.html --------------------- Added: 2010-03-24 Title: Court hears arguments on publishing Social Security numbers | Richmond Times-Dispatch http://www2.timesdispatch.com/rtd/news/local/article/SSNS24_20100323-223006/332515/ --------------------- Added: 2010-03-22 Title: State Agency ID Theft May Affect 11,000 http://www.wfsb.com/money/22911320/detail.html --------------------- Added: 2010-03-22 Title: Electrone Customized PIN Pads May Help Prevent Identity Theft http://www.streetinsider.com/Press+Releases/Electrone+Customized+PIN+Pads+May+Help+Prevent+Identity+Theft/5459568.html --------------------- _______________________________________________ Dataloss Mailing List (dataloss_at_private) CREDANT Technologies, a leader in data security, offers advanced data encryption solutions. Protect sensitive data on desktops, laptops, smartphones and USB sticks transparently across your enterprise to ensure regulatory compliance. http://www.credant.com/stopdataloss ___________________________________________________________ Register now for HITBSecConf2010 - Dubai, the premier deep-knowledge network security event in the GCC, featuring keynote speakers John Viega and Matt Watchinski! http://conference.hitb.org/hitbsecconf2010dxb/Received on Mon Mar 29 2010 - 23:34:13 PDT
This archive was generated by hypermail 2.2.0 : Mon Mar 29 2010 - 23:46:09 PDT