======================================================================== Open Security Foundation - DataLossDB Weekly Summary Week of Sunday, March 28, 2010 50 Incidents Added. ======================================================================== DataLossDB is a research project aimed at documenting known and reported data loss incidents world-wide. The Open Security Foundation asks for contributions of new incidents and new data for existing incidents. For any questions about the project or the data contained within this email or the website (http://www.datalossdb.org), please contact us at curators@private ======================================================================== DataLossDB News/Updates JCPenney has dodged a huge bullet... until now. http://datalossdb.org/incident_highlights/48 ======================================================================== Incidents Added Reported Date: 2010-04-03 Summary: City tax papers, Social Security numbers, copies of bank checks exposed in dumpster Organizations: City of Middletown Ohio http://datalossdb.org/incidents/2720 --------------------- Reported Date: 2010-04-02 Summary: Names and Social Security numbers accidentially sent to 3 suspended employees exposes 244 Organizations: Naval Facilities Engineering Service Center http://datalossdb.org/incidents/2719 --------------------- Reported Date: 2010-03-31 Summary: Medical records thrown in trash exposing 14 patients Organizations: Boulder Community Hospital , Physicians Medical Associates http://datalossdb.org/incidents/2716 --------------------- Reported Date: 2010-03-30 Summary: Nearly 1,000 patients radiology studies data stolen Organizations: Griffin Hospital http://datalossdb.org/incidents/2722 --------------------- Reported Date: 2010-03-30 Summary: Participants and faculty affected due to unauthorized access to computer network Organizations: Three Rivers Community College http://datalossdb.org/incidents/2721 --------------------- Reported Date: 2010-03-29 Summary: 9,000 students' information lost on unencrypted CD-ROMs and USB memory sticks due to domestic burglary Organizations: Barnet Borough Council http://datalossdb.org/incidents/2711 --------------------- Reported Date: 2010-03-23 Summary: Employee steals unknown number of customers credit card details Organizations: Armor Building Supply http://datalossdb.org/incidents/2723 --------------------- Reported Date: 2010-03-07 Summary: Employee steals the personal information of patients Organizations: Diabetes Direct, Inc. http://datalossdb.org/incidents/2703 --------------------- Reported Date: 2010-03-03 Summary: File containing the names, Social Security numbers of students found on Peer-to-Peer (P2P) network Organizations: New Mexico State University http://datalossdb.org/incidents/2705 --------------------- Reported Date: 2010-03-02 Summary: Employee tosses sensitive documents in dumpster, containing names, Social Security numbers, and more. Organizations: South Carolina Department of Health and Environmental Control http://datalossdb.org/incidents/2704 --------------------- Reported Date: 2010-03-01 Summary: Payroll system breach potentially exposes names, Social Security numbers, and Bank Account numbers of over 1,000 Organizations: Bennett College http://datalossdb.org/incidents/2699 --------------------- Reported Date: 2010-02-24 Summary: Tax documents found in dumpster belonging to two law firms Organizations: Wilson Brock & Irby, Morris, Hardwick and Schneider http://datalossdb.org/incidents/2698 --------------------- Reported Date: 2010-02-23 Summary: Employee provides fake identities to 'customers' Organizations: NYS Department of Motor Vehicles http://datalossdb.org/incidents/2695 --------------------- Reported Date: 2010-02-22 Summary: Criminals install skimmers on ATMs, stealing hundreds of thousands of dollars Organizations: SunTrust Banks, Inc. http://datalossdb.org/incidents/2696 --------------------- Reported Date: 2010-02-19 Summary: Temporary worker potentially accessed the personal information of nearly 2000 Organizations: Group Health Cooperative Health Care System http://datalossdb.org/incidents/2694 --------------------- Reported Date: 2010-02-17 Summary: Waitress skimmed customer credit cards Organizations: T.G.I. Friday's (Coon Rapids, MN) http://datalossdb.org/incidents/2690 --------------------- Reported Date: 2010-02-08 Summary: Hackers brute force their way into website containing names, credit card numbers Organizations: Gloves, Inc. (Galeton) http://datalossdb.org/incidents/2692 --------------------- Reported Date: 2010-02-07 Summary: Personal banking information of thousands of state employees accidentally emailed Organizations: Department of Administrative Services http://datalossdb.org/incidents/2688 --------------------- Reported Date: 2010-02-04 Summary: Unauthorized access via website exposes names, credit card numbers of customers Organizations: Daedalus Books, Inc. http://datalossdb.org/incidents/2691 --------------------- Reported Date: 2010-02-03 Summary: File containing names, account numbers, and Social Security numbers of customers accicdentally posted online Organizations: ING U.S. Financial Services http://datalossdb.org/incidents/2693 --------------------- Reported Date: 2010-02-03 Summary: Hack exposes hundreds of customer's credit cards, fraud ensues. Organizations: St. Clair Winery & Bistro http://datalossdb.org/incidents/2689 --------------------- Reported Date: 2010-01-29 Summary: Stolen backup tapes may have contained names, social security numbers, drivers license numbers, and other PII of employees and consumers Organizations: Abbott Medical Optics, Inc. http://datalossdb.org/incidents/2687 --------------------- Reported Date: 2010-01-28 Summary: Medical records found in dumpster Organizations: University Medical Clinics http://datalossdb.org/incidents/2684 --------------------- Reported Date: 2010-01-26 Summary: Unspecified hack potentially exposes unspecified personal information Organizations: Innotek, Radio Systems Corporation http://datalossdb.org/incidents/2686 --------------------- Reported Date: 2010-01-22 Summary: Court employee sells credit card information to card-cloning thieves Organizations: Seattle Municipal Court http://datalossdb.org/incidents/2681 --------------------- Reported Date: 2010-01-19 Summary: Employee steals bank account information of hundreds of businesses that paid fines Organizations: Minnesota Department of Labor & Industry http://datalossdb.org/incidents/2682 --------------------- Reported Date: 2010-01-15 Summary: Website faxes over 100 credit card numbers of donors to legislators Organizations: ExposeObama.com http://datalossdb.org/incidents/2680 --------------------- Reported Date: 2010-01-06 Summary: Insider steals client and donor bank account information Organizations: Association for the Blind and Visually Impaired http://datalossdb.org/incidents/2697 --------------------- Reported Date: 2010-01-05 Summary: Documents abandoned in filing cabinets contained sensitive information Organizations: Housing Authority of New Orleans (HANO) http://datalossdb.org/incidents/2676 --------------------- Reported Date: 2010-01-04 Summary: Shared username and password vulnerability potentially exposes 1.2 million records Organizations: Lincoln National Corporation http://datalossdb.org/incidents/2678 --------------------- Reported Date: 2010-01-04 Summary: Customer service employee steals and misuses payment card information of customers Organizations: Time, Inc. http://datalossdb.org/incidents/2679 --------------------- Reported Date: 2010-01-03 Summary: Bank account information incorrectly mailed to nearly 2500 Organizations: Eastern Bank http://datalossdb.org/incidents/2674 --------------------- Reported Date: 2009-12-22 Summary: Student employee's Social Security numbers posted on web Organizations: Western Michigan University http://datalossdb.org/incidents/2677 --------------------- Reported Date: 2009-11-19 Summary: Stolen laptop contained spreadsheet with personal information of 2000 employees Organizations: FCI USA Inc. http://datalossdb.org/incidents/2713 --------------------- Reported Date: 2009-11-11 Summary: Several laptops, containing social security numbers of customers, stolen Organizations: Moriarty & Primack, Smith College http://datalossdb.org/incidents/2675 --------------------- Reported Date: 2009-10-30 Summary: Laptop stolen from an employee's locked trunk contained credit application forms Organizations: Thermo Fisher Scientific Inc. http://datalossdb.org/incidents/2709 --------------------- Reported Date: 2009-10-29 Summary: Third party accidentally sent CD's containing customer PII to the wrong client Organizations: BlackRock, Inc., PNC Global Investment Servicing Inc. http://datalossdb.org/incidents/2710 --------------------- Reported Date: 2009-10-27 Summary: Email containing personal information of plan participants sent to all plan participants Organizations: Erisa Pension Systems, First NLC Financial Services http://datalossdb.org/incidents/2700 --------------------- Reported Date: 2009-10-17 Summary: Break-in results in stolen computer containing names, dob's, Social Security numbers Organizations: Feeney Insurance Agency http://datalossdb.org/incidents/2702 --------------------- Reported Date: 2009-10-14 Summary: Stolen laptop contained names, Social Security numbers of contractors Organizations: McGraw-Hill Companies http://datalossdb.org/incidents/2701 --------------------- Reported Date: 2009-10-05 Summary: Backup "storage device" stolen in transit containing the personal information of clients Organizations: Moses, Phillips, Young, Brannon and Henninger, L.P.P. http://datalossdb.org/incidents/2707 --------------------- Reported Date: 2009-09-30 Summary: Laptop stolen from personnel office contained PII of firefighter applicants Organizations: Anne Arundel County http://datalossdb.org/incidents/2708 --------------------- Reported Date: 2009-08-27 Summary: Limited number of credit / debit cards stolen by Gonzalez and crew Organizations: Target Corporation http://datalossdb.org/incidents/2706 --------------------- Reported Date: 2009-08-06 Summary: Former employee inappropriately accessed data containing names, Social Security numbers, and dates of birth Organizations: California Business Bureau Inc. http://datalossdb.org/incidents/2712 --------------------- Reported Date: 2009-07-22 Summary: Former employee suspected of having sensitive customer information, and is being sought Organizations: Ameriprise Financial http://datalossdb.org/incidents/2715 --------------------- Reported Date: 2009-06-09 Summary: Customer data of T-Mobile stolen and used for identity theft Organizations: T-Mobile http://datalossdb.org/incidents/2714 --------------------- Reported Date: 2009-04-23 Summary: Employee steals social Security Numbers and other PII of hundreds of tax payers Organizations: New York State Department of Taxation and Finance http://datalossdb.org/incidents/2685 --------------------- Reported Date: 2009-01-21 Summary: Boxes of tax returns, credit reports, and other PII found in unsecured dumpster Organizations: First Interstate Mortgage Corporation, Nevada One Corporation http://datalossdb.org/incidents/2683 --------------------- Reported Date: 2008-09-11 Summary: Hacking event leads to personal data being accessed Organizations: 21 Commerce http://datalossdb.org/incidents/2717 --------------------- Reported Date: 2008-08-21 Summary: File containing personal information was available over P2P network Organizations: Frederick's of Hollywood Group Inc. http://datalossdb.org/incidents/2718 --------------------- ======================================================================== Blotter Posts Added: 2010-04-03 Title: Boulder Hospital Investigating Medical Records Theft http://www.thedenverchannel.com/news/23018952/detail.html --------------------- Added: 2010-04-01 Title: Watch your records to limit identity theft http://feedproxy.google.com/~r/morningcall/news/local/~3/KBaYR3pBtDo/all-5yback0331.7223329mar31,0,3545689.story --------------------- Added: 2010-03-30 Title: Fighting identity theft not a priority, report says http://rss.cnn.com/~r/rss/cnn_us/~3/LmAW40c9EPU/index.html --------------------- Added: 2010-03-30 Title: Justice Dept. Criticized Over Identify Theft http://abcnews.go.com/Politics/wireStory?id=10241721 --------------------- Added: 2010-03-30 Title: Protect your identity http://rss.cnn.com/~r/rss/money_latest/~3/AtMSbt9GF3E/index.htm --------------------- Added: 2010-03-30 Title: Hacker Gets 7 Years For Credit Card Data Theft http://www.thebostonchannel.com/news/22996526/detail.html --------------------- Added: 2010-03-30 Title: Smartphone users 'vulnerable to identity theft' http://www.telegraph.co.uk/technology/mobile-phones/7535804/Smartphone-users-vulnerable-to-identity-theft.html --------------------- Added: 2010-03-29 Title: Identity thief to serve time, repay banks http://www.startribune.com/business/89480417.html --------------------- Added: 2010-03-29 Title: Scottsdale man gets 20 years in ID-theft case http://www.azcentral.com/rsslinks/1538968 --------------------- _______________________________________________ Dataloss Mailing List (dataloss_at_private) CREDANT Technologies, a leader in data security, offers advanced data encryption solutions. Protect sensitive data on desktops, laptops, smartphones and USB sticks transparently across your enterprise to ensure regulatory compliance. http://www.credant.com/stopdataloss ___________________________________________________________ Register now for HITBSecConf2010 - Dubai, the premier deep-knowledge network security event in the GCC, featuring keynote speakers John Viega and Matt Watchinski! http://conference.hitb.org/hitbsecconf2010dxb/Received on Mon Apr 05 2010 - 23:47:46 PDT
This archive was generated by hypermail 2.2.0 : Mon Apr 05 2010 - 23:50:50 PDT