======================================================================== Open Security Foundation - DataLossDB Weekly Summary Week of Sunday, May 16, 2010 32 Incidents Added. ======================================================================== DataLossDB is a research project aimed at documenting known and reported data loss incidents world-wide. The Open Security Foundation asks for contributions of new incidents and new data for existing incidents. For any questions about the project or the data contained within this email or the website (http://www.datalossdb.org), please contact us at curators@private. ======================================================================== DataLossDB News/Updates No news this week! ======================================================================== Incidents Added Reported Date: 2010-05-18 Summary: SQL Injection database leak exposes 168000 dutch citizens records Organizations: ervaarhetov.nl http://datalossdb.org/incidents/2813 --------------------- Reported Date: 2010-05-17 Summary: Stolen laptop contains personal information of over 600 patients Organizations: Oconee Heart Center http://datalossdb.org/incidents/2778 --------------------- Reported Date: 2010-05-11 Summary: Tax documents from about 1990 containing names and SSNs of former employees were stolen from the vacant Osseo building in February Organizations: Curtlin Manufacturing http://datalossdb.org/incidents/2812 --------------------- Reported Date: 2009-08-27 Summary: Call center compromised exposing names, addresses, credit card numbers of customers, expiration and verification numbers Organizations: Priceline.com, Inc. http://datalossdb.org/incidents/2797 --------------------- Reported Date: 2009-08-20 Summary: Letters sent to wrong members contained names and Social Security numbers Organizations: Massachusetts Department of Health and Human Services http://datalossdb.org/incidents/2811 --------------------- Reported Date: 2009-07-17 Summary: 29 Social Security numbers and names accidently e-mailed 10 other employees within foundation Organizations: The Caleb Foundation http://datalossdb.org/incidents/2785 --------------------- Reported Date: 2009-07-10 Summary: Stolen laptop contained names, Social Security numbers, financial information and copies of drivers license Organizations: Associated Third Party Administrators, United Service Workers Union http://datalossdb.org/incidents/2781 --------------------- Reported Date: 2009-07-10 Summary: Email inadvertently sent to wrong address exposes client names, address date of birth, Social Security numbers and medical information Organizations: Health Net http://datalossdb.org/incidents/2782 --------------------- Reported Date: 2009-06-10 Summary: One patient's name, Social Security number, and medical insurance information was accidently given to another patient Organizations: Brigham and Woman's Hospital http://datalossdb.org/incidents/2789 --------------------- Reported Date: 2009-05-27 Summary: Personal information of 1 resident was mailedto the wrong address Organizations: Massachusetts Department of Revenue http://datalossdb.org/incidents/2810 --------------------- Reported Date: 2009-05-12 Summary: Hackers accessed online merchant and stole name, addresses and credit card numbers of customers Organizations: Kosher Vitamin Express http://datalossdb.org/incidents/2795 --------------------- Reported Date: 2009-05-01 Summary: Computer stolen from office contained personal information of potential clients Organizations: Jones & Associates Insurance Agency Inc http://datalossdb.org/incidents/2784 --------------------- Reported Date: 2009-04-27 Summary: Account information containing name, address, and Social Security number emailed to wrong recordkeeper Organizations: The Dreyfus Corp, MBSC Securities Corp http://datalossdb.org/incidents/2779 --------------------- Reported Date: 2009-04-03 Summary: Unsecured hard drive lost in mail transit contained names and Social Security numbers Organizations: JPMorgan Chase http://datalossdb.org/incidents/2793 --------------------- Reported Date: 2009-03-31 Summary: Patient received a radiology requisition that belonged to another patient; containing name and medical information Organizations: Brigham And Women's Hospital http://datalossdb.org/incidents/2790 --------------------- Reported Date: 2009-03-27 Summary: Portable storage device left on train exposing personal information of current and former employees Organizations: ProCure Treatment Centers, Inc http://datalossdb.org/incidents/2796 --------------------- Reported Date: 2009-03-25 Summary: Restuarant point-of-sale system hacked, exposing customers credit card information Organizations: La Salsa http://datalossdb.org/incidents/2800 --------------------- Reported Date: 2009-03-25 Summary: Register and safe broken into and merchant receipts stolen from store Organizations: Sticks and Stones Garden http://datalossdb.org/incidents/2806 --------------------- Reported Date: 2009-03-05 Summary: Former employee was providing personal information to third parties for fraudulent use Organizations: Branch Banking & Trust http://datalossdb.org/incidents/2794 --------------------- Reported Date: 2009-02-04 Summary: Stolen laptop may have contained tax returns, bank account statement details for 10 contacts Organizations: Fairway Independent Mortgage Inc. http://datalossdb.org/incidents/2807 --------------------- Reported Date: 2009-01-20 Summary: Letters sent to customers accidentally contained their account numbers Organizations: Raymond James Financial, Inc http://datalossdb.org/incidents/2799 --------------------- Reported Date: 2008-12-04 Summary: Employee inadvertently emails Social Security numbers of all employees to other stores and internal database Organizations: Harold's Stores, Gordon Brothers Group LLC http://datalossdb.org/incidents/2805 --------------------- Reported Date: 2008-09-15 Summary: Hacker steals 8,250 credit card numbers from an online merchant Organizations: American Express, E-Cost.com http://datalossdb.org/incidents/2787 --------------------- Reported Date: 2008-08-12 Summary: Former employee takes and uses 5,200 patient names, date of birth, and last 4 digits of Social Security number Organizations: Kaiser Permanente http://datalossdb.org/incidents/2804 --------------------- Reported Date: 2008-07-28 Summary: Hacking incident exposes 987 customers names and credit card numbers Organizations: American Express, Taste on Melrose http://datalossdb.org/incidents/2792 --------------------- Reported Date: 2008-05-12 Summary: 20 students financial aid information, inlcuding Social Security numbers, visible to other students Organizations: Capella University http://datalossdb.org/incidents/2803 --------------------- Reported Date: 2008-02-13 Summary: Hard drive stolen from desktop contained 263 Social Security numbers Organizations: Massachusetts Department of Education http://datalossdb.org/incidents/2808 --------------------- Reported Date: 2008-02-06 Summary: Personally identifiable information accessed by unauthorized employee Organizations: LexisNexis, California Franchise Tax Board http://datalossdb.org/incidents/2788 --------------------- Reported Date: 2007-12-20 Summary: Document containing names and Social Security numbers accidently mailed to 5 other clients Organizations: Fidelity Investments http://datalossdb.org/incidents/2780 --------------------- Reported Date: 2007-11-14 Summary: Lost folder contained personal information of 56 students names, dates of birth, and Social Security numbers Organizations: Harvard University http://datalossdb.org/incidents/2798 --------------------- Reported Date: 2007-01-03 Summary: 367 accounts exposed when employee sent e-mail to former employee address Organizations: Andritz Inc http://datalossdb.org/incidents/2802 --------------------- Reported Date: 2006-04-11 Summary: Web server hacked, databases with names and Social Security numbers may have been accessed Organizations: State University of New York at New Pal http://datalossdb.org/incidents/2809 --------------------- ======================================================================== Blotter Posts Added: 2010-05-23 Title: U.S. is requiring companies to defend against identity theft http://feeds.latimes.com/~r/latimes/business/~3/8WlPSpeqbeI/la-fi-identity-theft-20100524,0,5513085.story --------------------- Added: 2010-05-23 Title: News: Rochester hospital sends bills to wrong patients http://www.stargazette.com/article/20100521/NEWS01/5210340/1117/ --------------------- Added: 2010-05-23 Title: Latest Trend In Identity Theft: Bank Text Alerts http://cbs2chicago.com/local/smishing.bank.sms.2.1706390.html --------------------- Added: 2010-05-23 Title: 2 Men Face Over 130 ID Theft Charges Each http://www.wftv.com/news/23593875/detail.html --------------------- Added: 2010-05-23 Title: How to Quickly Find Out if Your Identity Is Stolen http://bucks.blogs.nytimes.com/2010/05/19/how-to-quickly-find-out-if-your-identity-is-stolen/ --------------------- Added: 2010-05-23 Title: FTC targets privacy concerns related to copy machines http://www.computerworld.com/s/article/9176928/FTC_targets_privacy_concerns_related_to_copy_machines?source=rss_hardware --------------------- Added: 2010-05-23 Title: LifeLock CEO’s Identity Stolen 13 Times http://www.wired.com/threatlevel/2010/05/lifelock-identity-theft/ --------------------- Added: 2010-05-23 Title: Huge 'sexiest video ever' attack hits Facebook http://www.computerworld.com/s/article/9176905/Huge_sexiest_video_ever_attack_hits_Facebook?source=rss_security --------------------- _______________________________________________ Dataloss Mailing List (dataloss_at_private) CREDANT Technologies, a leader in data security, offers advanced data encryption solutions. Protect sensitive data on desktops, laptops, smartphones and USB sticks transparently across your enterprise to ensure regulatory compliance. http://www.credant.com/stopdataloss _______________________________________________ Best Selling Security Books and More! Shop InfoSec News http://www.shopinfosecnews.org/Received on Mon May 24 2010 - 22:36:43 PDT
This archive was generated by hypermail 2.2.0 : Mon May 24 2010 - 22:42:36 PDT