[ISN] [Dataloss Weekly Summary] Week of Sunday, March 28, 2010

From: InfoSec News <alerts_at_private>
Date: Tue, 6 Apr 2010 01:47:46 -0500 (CDT)
========================================================================

Open Security Foundation - DataLossDB Weekly Summary
Week of Sunday, March 28, 2010

50 Incidents Added.

========================================================================

DataLossDB is a research project aimed at documenting known and reported data loss incidents world-wide. The Open Security Foundation asks for contributions of new incidents and new data for existing incidents. For any questions about the project or the data contained within this email or the website (http://www.datalossdb.org), please contact us at curators@private

========================================================================

DataLossDB News/Updates

  JCPenney has dodged a huge bullet... until now.
  http://datalossdb.org/incident_highlights/48




========================================================================

Incidents Added


Reported Date: 2010-04-03
Summary: City tax papers, Social Security numbers, copies of bank checks exposed in dumpster
Organizations: City of Middletown Ohio
http://datalossdb.org/incidents/2720
---------------------

Reported Date: 2010-04-02
Summary: Names and Social Security numbers accidentially sent to 3 suspended employees exposes 244
Organizations: Naval Facilities Engineering Service Center
http://datalossdb.org/incidents/2719
---------------------

Reported Date: 2010-03-31
Summary: Medical records thrown in trash exposing 14 patients
Organizations: Boulder Community Hospital , Physicians Medical Associates
http://datalossdb.org/incidents/2716
---------------------

Reported Date: 2010-03-30
Summary: Nearly 1,000 patients radiology studies data stolen
Organizations: Griffin Hospital
http://datalossdb.org/incidents/2722
---------------------

Reported Date: 2010-03-30
Summary: Participants and faculty affected due to unauthorized access to computer network
Organizations: Three Rivers Community College
http://datalossdb.org/incidents/2721
---------------------

Reported Date: 2010-03-29
Summary: 9,000 students' information lost on unencrypted CD-ROMs and USB memory sticks due to domestic burglary
Organizations: Barnet Borough Council
http://datalossdb.org/incidents/2711
---------------------

Reported Date: 2010-03-23
Summary: Employee steals unknown number of customers credit card details 
Organizations: Armor Building Supply
http://datalossdb.org/incidents/2723
---------------------

Reported Date: 2010-03-07
Summary: Employee steals the personal information of patients
Organizations: Diabetes Direct, Inc.
http://datalossdb.org/incidents/2703
---------------------

Reported Date: 2010-03-03
Summary: File containing the names, Social Security numbers of students found on Peer-to-Peer (P2P) network
Organizations: New Mexico State University
http://datalossdb.org/incidents/2705
---------------------

Reported Date: 2010-03-02
Summary: Employee tosses sensitive documents in dumpster, containing names, Social Security numbers, and more.
Organizations: South Carolina Department of Health and Environmental Control
http://datalossdb.org/incidents/2704
---------------------

Reported Date: 2010-03-01
Summary: Payroll system breach potentially exposes names, Social Security numbers, and Bank Account numbers of over 1,000
Organizations: Bennett College
http://datalossdb.org/incidents/2699
---------------------

Reported Date: 2010-02-24
Summary: Tax documents found in dumpster belonging to two law firms
Organizations: Wilson Brock & Irby, Morris, Hardwick and Schneider
http://datalossdb.org/incidents/2698
---------------------

Reported Date: 2010-02-23
Summary: Employee provides fake identities to 'customers'
Organizations: NYS Department of Motor Vehicles
http://datalossdb.org/incidents/2695
---------------------

Reported Date: 2010-02-22
Summary: Criminals install skimmers on ATMs, stealing hundreds of thousands of dollars
Organizations: SunTrust Banks, Inc. 
http://datalossdb.org/incidents/2696
---------------------

Reported Date: 2010-02-19
Summary: Temporary worker potentially accessed the personal information of nearly 2000
Organizations: Group Health Cooperative Health Care System
http://datalossdb.org/incidents/2694
---------------------

Reported Date: 2010-02-17
Summary: Waitress skimmed customer credit cards
Organizations: T.G.I. Friday's (Coon Rapids, MN)
http://datalossdb.org/incidents/2690
---------------------

Reported Date: 2010-02-08
Summary: Hackers brute force their way into website containing names, credit card numbers
Organizations: Gloves, Inc. (Galeton)
http://datalossdb.org/incidents/2692
---------------------

Reported Date: 2010-02-07
Summary: Personal banking information of thousands of state employees accidentally emailed
Organizations: Department of Administrative Services
http://datalossdb.org/incidents/2688
---------------------

Reported Date: 2010-02-04
Summary: Unauthorized access via website exposes names, credit card numbers of customers
Organizations: Daedalus Books, Inc.
http://datalossdb.org/incidents/2691
---------------------

Reported Date: 2010-02-03
Summary: File containing names, account numbers, and Social Security numbers of customers accicdentally posted online
Organizations: ING U.S. Financial Services
http://datalossdb.org/incidents/2693
---------------------

Reported Date: 2010-02-03
Summary: Hack exposes hundreds of customer's credit cards, fraud ensues.
Organizations: St. Clair Winery  & Bistro
http://datalossdb.org/incidents/2689
---------------------

Reported Date: 2010-01-29
Summary: Stolen backup tapes may have contained names, social security numbers, drivers license numbers, and other PII of employees and consumers
Organizations: Abbott Medical Optics, Inc.
http://datalossdb.org/incidents/2687
---------------------

Reported Date: 2010-01-28
Summary: Medical records found in dumpster
Organizations: University Medical Clinics
http://datalossdb.org/incidents/2684
---------------------

Reported Date: 2010-01-26
Summary: Unspecified hack potentially exposes unspecified personal information 
Organizations: Innotek, Radio Systems Corporation
http://datalossdb.org/incidents/2686
---------------------

Reported Date: 2010-01-22
Summary: Court employee sells credit card information to card-cloning thieves
Organizations: Seattle Municipal Court
http://datalossdb.org/incidents/2681
---------------------

Reported Date: 2010-01-19
Summary: Employee steals bank account information of hundreds of businesses that paid fines
Organizations: Minnesota Department of Labor & Industry
http://datalossdb.org/incidents/2682
---------------------

Reported Date: 2010-01-15
Summary: Website faxes over 100 credit card numbers of donors to legislators
Organizations: ExposeObama.com
http://datalossdb.org/incidents/2680
---------------------

Reported Date: 2010-01-06
Summary: Insider steals client and donor bank account information
Organizations: Association for the Blind and Visually Impaired
http://datalossdb.org/incidents/2697
---------------------

Reported Date: 2010-01-05
Summary: Documents abandoned in filing cabinets contained sensitive information
Organizations: Housing Authority of New Orleans (HANO)
http://datalossdb.org/incidents/2676
---------------------

Reported Date: 2010-01-04
Summary: Shared username and password vulnerability potentially exposes 1.2 million records
Organizations: Lincoln National Corporation
http://datalossdb.org/incidents/2678
---------------------

Reported Date: 2010-01-04
Summary: Customer service employee steals and misuses payment card information of customers
Organizations: Time, Inc.
http://datalossdb.org/incidents/2679
---------------------

Reported Date: 2010-01-03
Summary: Bank account information incorrectly mailed to nearly 2500
Organizations: Eastern Bank
http://datalossdb.org/incidents/2674
---------------------

Reported Date: 2009-12-22
Summary: Student employee's Social Security numbers posted on web
Organizations: Western Michigan University
http://datalossdb.org/incidents/2677
---------------------

Reported Date: 2009-11-19
Summary: Stolen laptop contained spreadsheet with personal information of 2000 employees
Organizations: FCI USA Inc.
http://datalossdb.org/incidents/2713
---------------------

Reported Date: 2009-11-11
Summary: Several laptops, containing social security numbers of customers, stolen
Organizations: Moriarty & Primack, Smith College
http://datalossdb.org/incidents/2675
---------------------

Reported Date: 2009-10-30
Summary: Laptop stolen from an employee's locked trunk contained credit application forms
Organizations: Thermo Fisher Scientific Inc.
http://datalossdb.org/incidents/2709
---------------------

Reported Date: 2009-10-29
Summary: Third party accidentally sent CD's containing customer PII to the wrong client 
Organizations: BlackRock, Inc., PNC Global Investment Servicing Inc.
http://datalossdb.org/incidents/2710
---------------------

Reported Date: 2009-10-27
Summary: Email containing personal information of plan participants sent to all plan participants
Organizations: Erisa Pension Systems, First NLC Financial Services
http://datalossdb.org/incidents/2700
---------------------

Reported Date: 2009-10-17
Summary: Break-in results in stolen computer containing names, dob's, Social Security numbers
Organizations: Feeney Insurance Agency
http://datalossdb.org/incidents/2702
---------------------

Reported Date: 2009-10-14
Summary: Stolen laptop contained names, Social Security numbers of contractors
Organizations: McGraw-Hill Companies
http://datalossdb.org/incidents/2701
---------------------

Reported Date: 2009-10-05
Summary: Backup "storage device" stolen in transit containing the personal information of clients
Organizations: Moses, Phillips, Young, Brannon and Henninger, L.P.P.
http://datalossdb.org/incidents/2707
---------------------

Reported Date: 2009-09-30
Summary: Laptop stolen from personnel office contained PII of firefighter applicants
Organizations: Anne Arundel County
http://datalossdb.org/incidents/2708
---------------------

Reported Date: 2009-08-27
Summary: Limited number of credit / debit cards stolen by Gonzalez and crew
Organizations: Target Corporation
http://datalossdb.org/incidents/2706
---------------------

Reported Date: 2009-08-06
Summary: Former employee inappropriately accessed data containing names, Social Security numbers, and dates of birth 
Organizations: California Business Bureau Inc.
http://datalossdb.org/incidents/2712
---------------------

Reported Date: 2009-07-22
Summary: Former employee suspected of having sensitive customer information, and is being sought
Organizations: Ameriprise Financial
http://datalossdb.org/incidents/2715
---------------------

Reported Date: 2009-06-09
Summary: Customer data of T-Mobile stolen and used for identity theft
Organizations: T-Mobile
http://datalossdb.org/incidents/2714
---------------------

Reported Date: 2009-04-23
Summary: Employee steals social Security Numbers and other PII of hundreds of tax payers
Organizations: New York State Department of Taxation and Finance
http://datalossdb.org/incidents/2685
---------------------

Reported Date: 2009-01-21
Summary: Boxes of tax returns, credit reports, and other PII found in unsecured dumpster
Organizations: First Interstate Mortgage Corporation, Nevada One Corporation
http://datalossdb.org/incidents/2683
---------------------

Reported Date: 2008-09-11
Summary: Hacking event leads to personal data being accessed
Organizations: 21 Commerce
http://datalossdb.org/incidents/2717
---------------------

Reported Date: 2008-08-21
Summary: File containing personal information was available over P2P network
Organizations: Frederick's of Hollywood Group Inc.
http://datalossdb.org/incidents/2718
---------------------


========================================================================

Blotter Posts


Added: 2010-04-03
Title: Boulder Hospital Investigating Medical Records Theft
http://www.thedenverchannel.com/news/23018952/detail.html
---------------------

Added: 2010-04-01
Title: Watch your records to limit identity theft
http://feedproxy.google.com/~r/morningcall/news/local/~3/KBaYR3pBtDo/all-5yback0331.7223329mar31,0,3545689.story
---------------------

Added: 2010-03-30
Title: Fighting identity theft not a priority, report says
http://rss.cnn.com/~r/rss/cnn_us/~3/LmAW40c9EPU/index.html
---------------------

Added: 2010-03-30
Title: Justice Dept. Criticized Over Identify Theft
http://abcnews.go.com/Politics/wireStory?id=10241721
---------------------

Added: 2010-03-30
Title: Protect your identity
http://rss.cnn.com/~r/rss/money_latest/~3/AtMSbt9GF3E/index.htm
---------------------

Added: 2010-03-30
Title: Hacker Gets 7 Years For Credit Card Data Theft
http://www.thebostonchannel.com/news/22996526/detail.html
---------------------

Added: 2010-03-30
Title: Smartphone users 'vulnerable to identity theft'
http://www.telegraph.co.uk/technology/mobile-phones/7535804/Smartphone-users-vulnerable-to-identity-theft.html
---------------------

Added: 2010-03-29
Title: Identity thief to serve time, repay banks
http://www.startribune.com/business/89480417.html
---------------------

Added: 2010-03-29
Title: Scottsdale man gets 20 years in ID-theft case
http://www.azcentral.com/rsslinks/1538968
---------------------


_______________________________________________
Dataloss Mailing List (dataloss_at_private)

CREDANT Technologies, a leader in data security, offers advanced data encryption solutions.
Protect sensitive data on desktops, laptops, smartphones and USB sticks transparently 
across your enterprise to ensure regulatory compliance.
http://www.credant.com/stopdataloss


___________________________________________________________
Register now for HITBSecConf2010 - Dubai, the premier 
deep-knowledge network security event in the GCC, 
featuring keynote speakers John Viega and Matt Watchinski! 
http://conference.hitb.org/hitbsecconf2010dxb/
Received on Mon Apr 05 2010 - 23:47:46 PDT

This archive was generated by hypermail 2.2.0 : Mon Apr 05 2010 - 23:50:50 PDT