[ISN] [Dataloss Weekly Summary] Week of Sunday, March 21, 2010

From: InfoSec News <alerts_at_private>
Date: Tue, 30 Mar 2010 00:34:13 -0600 (CST)
========================================================================

Open Security Foundation - DataLossDB Weekly Summary
Week of Sunday, March 21, 2010

58 Incidents Added.

========================================================================

DataLossDB is a research project aimed at documenting known and reported data loss incidents world-wide. The Open Security Foundation asks for contributions of new incidents and new data for existing incidents. For any questions about the project or the data contained within this email or the website (http://www.datalossdb.org), please contact us at curators@private.

========================================================================

DataLossDB News/Updates

  Court Says Posting PII Online is Cool -- First Amendment Cool
  http://datalossdb.org/incident_highlights/47


  Fringe Incidents
  http://datalossdb.org/incident_highlights/46




========================================================================

Incidents Added


Reported Date: 2010-03-26
Summary: Data of 3.3M names, addresses, dates of birth and Social Security numbers exposed on stolen portable media device 
Organizations: Educational Credit Management Corporation
http://datalossdb.org/incidents/2627
---------------------

Reported Date: 2010-03-25
Summary: 250 patients' files stolen from unlocked cabinets by cleaning crew
Organizations: Northwestern Memorial Hospital, The Millard Group, Inc. 
http://datalossdb.org/incidents/2630
---------------------

Reported Date: 2010-03-24
Summary: 5,000 past and current employees' information including bank account information, social security numbers and birth dates compromised
Organizations: Evergreen Public Schools, Vancouver Public Schools
http://datalossdb.org/incidents/2673
---------------------

Reported Date: 2010-03-23
Summary: Tax preparer steals more than 60 customers names, addresses, Social Security numbers
Organizations: H&R Block
http://datalossdb.org/incidents/2613
---------------------

Reported Date: 2010-03-22
Summary: Third party vendor exposed debit card numbers
Organizations: Fifth Third Bank
http://datalossdb.org/incidents/2670
---------------------

Reported Date: 2010-03-22
Summary: Names, addresses and Social Security numbers of 11000 rebate applicatants are stolen 
Organizations: Connecticut Office of Policy and Management
http://datalossdb.org/incidents/2611
---------------------

Reported Date: 2010-03-18
Summary: 2,135 pension scheme illustrations stolen from laptop in the company’s office.
Organizations: Royal London Mutual Insurance Society
http://datalossdb.org/incidents/2618
---------------------

Reported Date: 2010-03-17
Summary: 480 former students' personal information on a stolen school-owned laptop
Organizations: University of South Carolina Beaufort
http://datalossdb.org/incidents/2672
---------------------

Reported Date: 2010-03-16
Summary: Computer glitch incorrectly mails tax forms to the wrong address 697 exposed
Organizations: House of Commons of Canada
http://datalossdb.org/incidents/2667
---------------------

Reported Date: 2010-03-15
Summary: Employment applications containing names, address, dates of birth, Social Security numbers, bank account numbers found in trash 
Organizations: Pizza Hut Inc
http://datalossdb.org/incidents/2620
---------------------

Reported Date: 2010-03-12
Summary: 20 million customers private data leaked by major retailer Shinsegae and 24 other companies 
Organizations: Shinsegae
http://datalossdb.org/incidents/2622
---------------------

Reported Date: 2010-03-12
Summary: Employee of HSBC steals information of 24,000 customers
Organizations: HSBC
http://datalossdb.org/incidents/2621
---------------------

Reported Date: 2010-03-06
Summary: Customer invoices exposed to internet
Organizations: Durex (brand), SSL International plc, TTK-LIG Ltd
http://datalossdb.org/incidents/2624
---------------------

Reported Date: 2010-03-05
Summary: 1,225 credit card numbers belonging to customers compromised via hack
Organizations: Small Dog Electronics
http://datalossdb.org/incidents/2623
---------------------

Reported Date: 2010-03-04
Summary: Documents of 554 patients names and Social Security numbers stolen from car
Organizations: Wake Forest University Baptist Medical Center
http://datalossdb.org/incidents/2612
---------------------

Reported Date: 2010-03-03
Summary: Incorrectly repaired corrupt data file leads to account information being sent to incorrect customers
Organizations: St. George, Salmat 
http://datalossdb.org/incidents/2629
---------------------

Reported Date: 2010-02-25
Summary: 15,000 customer accounts accidentally emailed to a member of the public
Organizations: Redstone Mortgages
http://datalossdb.org/incidents/2619
---------------------

Reported Date: 2010-02-20
Summary: Laptop containing the PHI of over 600 stolen
Organizations: Montefiore Medical Center
http://datalossdb.org/incidents/2666
---------------------

Reported Date: 2010-02-17
Summary: Lost blackberry device contains PHI of 3,800 patients
Organizations: Children's Medical Center of Dallas
http://datalossdb.org/incidents/2654
---------------------

Reported Date: 2010-02-15
Summary: Stolen medical documents expose 554 patients 
Organizations: North Carolina Baptist Hospital
http://datalossdb.org/incidents/2640
---------------------

Reported Date: 2010-02-13
Summary: Information of 170,000 employees and contractors leaked
Organizations: Royal Dutch Shell PLC
http://datalossdb.org/incidents/2626
---------------------

Reported Date: 2010-02-08
Summary: Stolen computer exposes patients medical details 1900 exposed
Organizations:  University of New Mexico Health Sciences Center
http://datalossdb.org/incidents/2635
---------------------

Reported Date: 2010-02-04
Summary: Unspecified paper breach exposes the PHI of nearly 2,000
Organizations: MMM Health Care Inc., MSO of Puerto Rico, Inc.
http://datalossdb.org/incidents/2653
---------------------

Reported Date: 2010-02-04
Summary: Unknown breach expose documents of 605 patients
Organizations: PMC Medicare Choice Inc
http://datalossdb.org/incidents/2655
---------------------

Reported Date: 2010-01-21
Summary: Thief steals old x-rays of over a thousand patients
Organizations: Carle Clinic Association
http://datalossdb.org/incidents/2656
---------------------

Reported Date: 2010-01-11
Summary: Stolen computer exposes patients medical details 532 are exposed
Organizations: Lucille Packard Children's Hospital
http://datalossdb.org/incidents/2637
---------------------

Reported Date: 2010-01-01
Summary: Stolen computer exposes PHI of 9,309 patients
Organizations: Ashley and Gray DDS
http://datalossdb.org/incidents/2659
---------------------

Reported Date: 2009-12-30
Summary: Equipment theft leads to potential exposure of patient PHI
Organizations: Advanced NeuroSpinal Care
http://datalossdb.org/incidents/2658
---------------------

Reported Date: 2009-12-27
Summary: CD's stolen containing PHI of nearly 6,000
Organizations: Educators Mutual Insurance Association of Utah, Health Behavior Innovations
http://datalossdb.org/incidents/2660
---------------------

Reported Date: 2009-12-22
Summary: A laptop containing personal details of thousands of MBNA credit card customers was stolen.
Organizations: MBNA, NCO Europe Ltd
http://datalossdb.org/incidents/2671
---------------------

Reported Date: 2009-12-15
Summary: Stolen laptop exposes patients 1,101 medical details 
Organizations: Center for Neurosciences
http://datalossdb.org/incidents/2665
---------------------

Reported Date: 2009-12-15
Summary: Stolen computer contains personal infomation.
Organizations: National Audubon Society
http://datalossdb.org/incidents/2625
---------------------

Reported Date: 2009-12-12
Summary: Lost backup tapes exposes PHI of 2,562 
Organizations: Blue Island Radiology Consultants, United Micro Data Inc
http://datalossdb.org/incidents/2643
---------------------

Reported Date: 2009-12-11
Summary: Unauthorized access to PHI exposes 528 patients details
Organizations: Brown University, Blue Cross Blue Shield of RI
http://datalossdb.org/incidents/2661
---------------------

Reported Date: 2009-11-30
Summary: Stolen laptop contained PHI of over 7,000
Organizations: University of California San Francisco
http://datalossdb.org/incidents/2652
---------------------

Reported Date: 2009-11-24
Summary: Stolen laptop exposes 812 PHI 
Organizations: Advocate Health Care
http://datalossdb.org/incidents/2645
---------------------

Reported Date: 2009-11-19
Summary: Stolen laptop exposes 900 patients health information
Organizations: Concentra Inc
http://datalossdb.org/incidents/2647
---------------------

Reported Date: 2009-11-17
Summary: Personal details of thousands of mobile phone customers stolen and sold to rival firms
Organizations: T-Mobile
http://datalossdb.org/incidents/2617
---------------------

Reported Date: 2009-11-16
Summary: 14,673 voters' details including names and date of birth stolen on laptop
Organizations: St Albans City and District Council
http://datalossdb.org/incidents/2657
---------------------

Reported Date: 2009-11-10
Summary: Unspecified theft loses PHI of over a thousand
Organizations: Massachusetts Eye and Ear Infirmary
http://datalossdb.org/incidents/2651
---------------------

Reported Date: 2009-10-31
Summary: Stolen medical records exposes 596 patients
Organizations: Kern Medical Center
http://datalossdb.org/incidents/2663
---------------------

Reported Date: 2009-10-26
Summary: 500,000 job seekers info fallen victim to hacker(s).
Organizations: The Guardian
http://datalossdb.org/incidents/2616
---------------------

Reported Date: 2009-10-26
Summary: Unspecified snail mail issue exposes PHI of 3,400
Organizations: Blue Cross Blue Shield Association, Service Benefits Plan Administrative Services Corp.
http://datalossdb.org/incidents/2664
---------------------

Reported Date: 2009-10-16
Summary: Theft of paper records potentially compromises 1,000 medical records
Organizations: Brooke Army Medical Center
http://datalossdb.org/incidents/2662
---------------------

Reported Date: 2009-10-12
Summary: Stolen USB exposes PHI of over 500 people
Organizations: Alaska Department of Health and Social Services
http://datalossdb.org/incidents/2644
---------------------

Reported Date: 2009-10-09
Summary: Lost laptop contains the PHI of nearly 4,000 people
Organizations: Health Services for Children with Special Needs, Inc. (HSCSN)
http://datalossdb.org/incidents/2642
---------------------

Reported Date: 2009-10-07
Summary: Snail mail error exposes the PHI of thousands
Organizations: Blue Cross Blue Shield Association, Merkle Direct Marketing
http://datalossdb.org/incidents/2641
---------------------

Reported Date: 2009-10-04
Summary: Unspecified theft exposes PHI of thousands
Organizations: Aspen Dental Care P.C.
http://datalossdb.org/incidents/2639
---------------------

Reported Date: 2009-09-27
Summary: Laptop stolen from employee's car exposes PHI of nearly 6,000
Organizations: City of Hope National Medical Center
http://datalossdb.org/incidents/2638
---------------------

Reported Date: 2009-09-22
Summary: Stolen server (vague) exposes medical records
Organizations: Mid America Kidney Stone Association, LLC
http://datalossdb.org/incidents/2634
---------------------

Reported Date: 2009-09-22
Summary: Phishing scam exposes over 600 medical records
Organizations: University of California San Francisco
http://datalossdb.org/incidents/2636
---------------------

Reported Date: 2009-08-17
Summary: SQL injection attack by Gonzalez compromises unknown number  of credit cards
Organizations: 7-Eleven
http://datalossdb.org/incidents/2628
---------------------

Reported Date: 2009-08-17
Summary: Gonzalez installs card data sniffers, potentially accessing credit and debit card transaction data
Organizations: J. C. Penney Company, Inc. (JCPenney)
http://datalossdb.org/incidents/2632
---------------------

Reported Date: 2009-08-17
Summary: Malicious software installed in network by Gonzalez and crew
Organizations: Wet Seal, Inc.
http://datalossdb.org/incidents/2633
---------------------

Reported Date: 2003-05-29
Summary: 2.5 million customers insurance claims and personal information exposed on web site
Organizations: Cingular
http://datalossdb.org/incidents/2615
---------------------

Reported Date: 2001-05-19
Summary: Hacker gains access to customer information posted on customer Web site
Organizations: A&B Sound
http://datalossdb.org/incidents/2631
---------------------

Reported Date: 2001-05-10
Summary: Customers information revealed in spreadsheet on website
Organizations: Gateway 2000
http://datalossdb.org/incidents/2614
---------------------

Reported Date: 1989-10-08
Summary: Thief steals eye patient retina pictures
Organizations: Massachusetts Eye and Ear Infirmary
http://datalossdb.org/incidents/2650
---------------------


========================================================================

Blotter Posts


Added: 2010-03-27
Title: Data theft targets 3.3 million with student loans
http://www.msnbc.msn.com/id/36060713/ns/technology_and_science-security/
---------------------

Added: 2010-03-27
Title: EMR Data Theft Booming
http://feeds.informationweek.com/click.phdo?i=a2db1ab5aac35f31ad4e2e3b6805ea34
---------------------

Added: 2010-03-27
Title: UHP sees spike in ID theft
http://www.thespectrum.com/article/20100326/NEWS01/3260331/1002/rss
---------------------

Added: 2010-03-27
Title: Seven women arrested in massive identity theft bust
http://www.suntimes.com/news/24-7/2123042,identity-theft-ring-bust-women-032510.article
---------------------

Added: 2010-03-27
Title: Online resumes can trigger identity theft
http://www.usatoday.com/money/jobcenter/workplace/bruzzese/2010-03-25-online-resume-hazards_N.htm?csp=34
---------------------

Added: 2010-03-27
Title: Top five tips to avoid digital identity theft
http://www.theglobeandmail.com/news/technology/top-five-tips-to-avoid-digital-identity-theft/article1510362/
---------------------

Added: 2010-03-27
Title: Hacker faces 17- to 25-year prison term
http://feeds.boston.com/click.phdo?i=af6fa7cd02cd1ae4c9b51d7966cb63e8
---------------------

Added: 2010-03-27
Title: As digital files replace paper, medical identity theft is apt to spread, too
http://feeds.boston.com/click.phdo?i=4d201f4fa11cef0d8a7571997ac21116
---------------------

Added: 2010-03-27
Title: Paterson man sentenced to 10 years for identity theft
http://www.northjersey.com/r?19=961&43=515347&44=88934317&32=4497&7=309037&40=http%3A%2F%2Fwww.northjersey.com%2Fnews%2F032310_Paterson_man_sentenced_to_10_years_for_identity_theft.html
---------------------

Added: 2010-03-24
Title: Court hears arguments on publishing Social Security numbers | Richmond Times-Dispatch
http://www2.timesdispatch.com/rtd/news/local/article/SSNS24_20100323-223006/332515/
---------------------

Added: 2010-03-22
Title: State Agency ID Theft May Affect 11,000
http://www.wfsb.com/money/22911320/detail.html
---------------------

Added: 2010-03-22
Title: Electrone Customized PIN Pads May Help Prevent Identity Theft
http://www.streetinsider.com/Press+Releases/Electrone+Customized+PIN+Pads+May+Help+Prevent+Identity+Theft/5459568.html
---------------------


_______________________________________________
Dataloss Mailing List (dataloss_at_private)

CREDANT Technologies, a leader in data security, offers advanced data encryption solutions.
Protect sensitive data on desktops, laptops, smartphones and USB sticks transparently 
across your enterprise to ensure regulatory compliance.
http://www.credant.com/stopdataloss


___________________________________________________________
Register now for HITBSecConf2010 - Dubai, the premier 
deep-knowledge network security event in the GCC, 
featuring keynote speakers John Viega and Matt Watchinski! 
http://conference.hitb.org/hitbsecconf2010dxb/
Received on Mon Mar 29 2010 - 23:34:13 PDT

This archive was generated by hypermail 2.2.0 : Mon Mar 29 2010 - 23:46:09 PDT