======================================================================== Open Security Foundation - DataLossDB Weekly Summary Week of Sunday, July 18, 2010 45 Incidents Added. ======================================================================== DataLossDB is a research project aimed at documenting known and reported data loss incidents world-wide. The Open Security Foundation asks for contributions of new incidents and new data for existing incidents. For any questions about the project or the data contained within this email or the website (http://www.datalossdb.org), please contact us at curators_at_private ======================================================================== DataLossDB News/Updates No news this week! ======================================================================== Incidents Added Reported Date: 2010-07-22 Summary: 230,000 customer records stolen from online database Organizations: Hell Pizza http://datalossdb.org/incidents/3035 --------------------- Reported Date: 2010-07-20 Summary: Website PlayNow.com exposes 130 customers names, credit card and bank account details Organizations: British Columbia Lottery Corporation http://datalossdb.org/incidents/3031 --------------------- Reported Date: 2010-07-19 Summary: Backup tape lost with by vendor exposes 800,000 patients medical details Organizations: South Shore Hospital http://datalossdb.org/incidents/3025 --------------------- Reported Date: 2010-07-19 Summary: Boxes of personal information, including names, addresses, medical details, Social Security numbers improperly disposed in dumpster Organizations: LV Financial Services http://datalossdb.org/incidents/3030 --------------------- Reported Date: 2010-07-19 Summary: Employee collects 'hundreds' of customers credit card details commits fraud Organizations: Starbucks http://datalossdb.org/incidents/3028 --------------------- Reported Date: 2010-07-19 Summary: Employee accidentally posts 3000 clients Social Security numbers on a third party website Organizations: Maryland Department of Human Resources http://datalossdb.org/incidents/3029 --------------------- Reported Date: 2010-07-16 Summary: Stolen laptop exposes 5000 exployees unemployment insurance claims including Social Security numbers Organizations: Connecticut Department of Labor http://datalossdb.org/incidents/3032 --------------------- Reported Date: 2010-07-07 Summary: 4,000,000 user names and email addresses stolen in hack Organizations: Pirate Bay http://datalossdb.org/incidents/3012 --------------------- Reported Date: 2010-06-30 Summary: White Hat uses foursquare privacy hole to capture 875K check-Ins Organizations: Foursquare http://datalossdb.org/incidents/3011 --------------------- Reported Date: 2009-12-11 Summary: Malicious software discovered on computer that processes credit cards Organizations: InterContinental Hotels Group http://datalossdb.org/incidents/2991 --------------------- Reported Date: 2009-12-02 Summary: Client information including Social Security numbers inadvertently mailed to wrong address Organizations: Ameriprise Financial http://datalossdb.org/incidents/2993 --------------------- Reported Date: 2009-11-30 Summary: Stolen laptop may have contained Social Security numbers Organizations: Nuance http://datalossdb.org/incidents/3020 --------------------- Reported Date: 2009-11-16 Summary: Hacker gains access to website and installs keylogger to gain credentials Organizations: Genworth Financial Trust Company http://datalossdb.org/incidents/3005 --------------------- Reported Date: 2009-09-28 Summary: Stolen laptop contained Social Security numbers, taxpayer information, addresses and national provider identifier numbers Organizations: Mountain State Blue Cross Blue Shield http://datalossdb.org/incidents/3021 --------------------- Reported Date: 2009-09-11 Summary: Former employee improperly handled sensitive documents exposing customers personal information Organizations: AT&T http://datalossdb.org/incidents/3007 --------------------- Reported Date: 2009-08-25 Summary: Hacker gains access to database, exposing personal information Organizations: Assurity Financial Serices http://datalossdb.org/incidents/2994 --------------------- Reported Date: 2009-08-21 Summary: Malious software found on computer which parsed RAM for credit card numbers Organizations: Handlery Hotel http://datalossdb.org/incidents/3022 --------------------- Reported Date: 2009-08-12 Summary: Virus on computer may have compromised login credentials to American Express Card processing accoutn Organizations: CFA Institute http://datalossdb.org/incidents/2990 --------------------- Reported Date: 2009-08-04 Summary: Former employee stole 10 customers' credit card numbers and attempted to use Organizations: T-Mobile http://datalossdb.org/incidents/3027 --------------------- Reported Date: 2009-07-28 Summary: Stolen computer at employees residence contained personal information Organizations: The Mind Research Network, Hartford Hospital http://datalossdb.org/incidents/3010 --------------------- Reported Date: 2009-07-13 Summary: Second-hand hard drive found to have personal information of employees Organizations: Lockheed Martin Corp http://datalossdb.org/incidents/3034 --------------------- Reported Date: 2009-06-30 Summary: Unauthorized access to accounts may have exposed other customer personal information Organizations: MoneyGram http://datalossdb.org/incidents/2997 --------------------- Reported Date: 2009-06-30 Summary: Daily receipt bag containing names, payment checks and co-pays was lost Organizations: UMassMemorial http://datalossdb.org/incidents/3002 --------------------- Reported Date: 2009-04-17 Summary: Invoices containing Social Security numbers were accidentally available to the public on website Organizations: Humana Inc http://datalossdb.org/incidents/3017 --------------------- Reported Date: 2009-04-17 Summary: Employee accessed data in which they had no need to be searching Organizations: Massachusetts General Hospital http://datalossdb.org/incidents/2995 --------------------- Reported Date: 2009-04-09 Summary: Financial account statement erroneously mailed to former agents, customers names and account information exposed Organizations: Prudential Financial http://datalossdb.org/incidents/3015 --------------------- Reported Date: 2009-03-24 Summary: Employee left laptop by car during patient visit; laptop was stolen, exposing client information Organizations: Partners Home Care Inc http://datalossdb.org/incidents/3004 --------------------- Reported Date: 2009-03-23 Summary: Personal data of over 800,000 Massachusetts residents exposed by internal breach Organizations: Massachusetts Department of Health and Human Services http://datalossdb.org/incidents/3014 --------------------- Reported Date: 2009-01-23 Summary: Financial consultant stored boxes of client information at his garage, hired crew improperly disposed of material Organizations: RBC Wealth Management http://datalossdb.org/incidents/2992 --------------------- Reported Date: 2009-01-06 Summary: 10 individuals sent applications with accidental attachment of another individuals information Organizations: Idearc Media http://datalossdb.org/incidents/3019 --------------------- Reported Date: 2008-11-19 Summary: Inadvertant exposure of 226 customer names and credit card numbers Organizations: British American Business Inc. http://datalossdb.org/incidents/3016 --------------------- Reported Date: 2008-11-19 Summary: Keylogger on employee home computer allows intruder to gain unauthorized access to accounts Organizations: Commonwealth Equity Services http://datalossdb.org/incidents/2998 --------------------- Reported Date: 2008-10-28 Summary: Starter checks sent by third party to wrong addresses, exposing names, addresses and bank account details Organizations: Citizens Financial Group, Inc http://datalossdb.org/incidents/2999 --------------------- Reported Date: 2008-09-25 Summary: Technical error in system allows 11 customers to see each others gas bills Organizations: Bay State Gas Company http://datalossdb.org/incidents/3026 --------------------- Reported Date: 2008-09-04 Summary: Employee erroneously emails form to unintended recipient Organizations: Metropolitan Life Insurance Company (MetLife) http://datalossdb.org/incidents/3000 --------------------- Reported Date: 2008-07-09 Summary: Confidential documents marked for destruction were taken by other department Organizations: California Office of Systems Integration http://datalossdb.org/incidents/3003 --------------------- Reported Date: 2008-05-09 Summary: Files stolen from officer's vehicle, containing personal information of 50 people Organizations: Massachusetts Division of Insurance http://datalossdb.org/incidents/2996 --------------------- Reported Date: 2008-03-13 Summary: 86 customers Credit Cards exposed through public blogging of calls Organizations: Toshiba America Information Systems, Inc http://datalossdb.org/incidents/3018 --------------------- Reported Date: 2008-02-25 Summary: Internal email sent to employee without authority to view personal information Organizations: The Center for Discovery http://datalossdb.org/incidents/3009 --------------------- Reported Date: 2008-01-22 Summary: Stolen laptop contained personal identifiable information of employees Organizations: GE Aviation Systems http://datalossdb.org/incidents/3013 --------------------- Reported Date: 2007-12-20 Summary: Unauthorized use of password of client exposes personal information of other clients Organizations: Jackson National Life Insurance Company, INVEST Financial Corporation http://datalossdb.org/incidents/3008 --------------------- Reported Date: 2007-11-02 Summary: Shareholder accounts fraudulenty accessed by temporary employee Organizations: Computershare Inc, Comcast Cable http://datalossdb.org/incidents/3001 --------------------- Reported Date: 2007-09-25 Summary: Unauthorized login exposes 2,297 customers Social Security numbers Organizations: Merlin Information Services http://datalossdb.org/incidents/3033 --------------------- Reported Date: 2007-07-18 Summary: Policy information sent to incorrect address, customer information exposed Organizations: Standard Life and Casualty Insurance http://datalossdb.org/incidents/3023 --------------------- Reported Date: 2007-07-11 Summary: Clerical error results in one account being exposed to another firm Organizations: Bear Stearns & Co Inc http://datalossdb.org/incidents/3006 --------------------- ======================================================================== Blotter Posts Added: 2010-07-24 Title: Federal agents uncover Palm Beach County-based identity-theft ring http://feedproxy.google.com/~r/sun-sentinel/news/local/palmbeach/~3/fnjErBnEXGQ/fl-palm-id-theft-20100723,0,185161.story --------------------- Added: 2010-07-24 Title: Security dealers take on identity theft http://www.securityinfowatch.com/Dealers/security-dealers-take-identity-theft --------------------- Added: 2010-07-24 Title: Former tax-preparation service worker sentenced for identity theft http://www2.timesdispatch.com/news/2010/jul/23/frau23-ar-347584/ --------------------- Added: 2010-07-24 Title: Protecting your kids from ID theft http://feeds.boston.com/click.phdo?i=36cd21a1c26a731449bdfab42e728765 --------------------- Added: 2010-07-24 Title: CanadaPost to fortify mailboxes to stop mail theft http://news.therecord.com/article/748875 --------------------- Added: 2010-07-24 Title: Task Force Busts Alleged Credit Card Skimming Ring http://feeds.nbclosangeles.com/click.phdo?i=98bfd402d9072a9ee55457afb855033a --------------------- Added: 2010-07-24 Title: How to Protect Yourself from ID Theft http://www.infozine.com/news/stories/op/storiesView/sid/42441/ --------------------- Added: 2010-07-24 Title: AG advice to victims of South Shore data breach http://feedproxy.google.com/~r/bostonherald/business/~3/VtTbMrGSB-Q/view.bg --------------------- Added: 2010-07-24 Title: What Personal Information Should Appear on Personal Checks? http://www.buzzle.com/articles/what-personal-information-should-appear-on-personal-checks.html --------------------- Added: 2010-07-24 Title: Charges: MN Nursing Assistants Stole From Patients http://wcco.com/crime/nursing.assistants.theft.2.1813682.html --------------------- Added: 2010-07-24 Title: Who is your agent? Lessons in identity theft. http://feeds.boston.com/click.phdo?i=cf3eb51adc7730c75c91b25586e3fae4 --------------------- Added: 2010-07-24 Title: A Poor Man’s Identity Theft Protection http://www.usnews.com/blogs/my-money/2010/7/19/a-poor-mans-identity-theft-protection.html?s_cid=rss:my-money:a-poor-mans-identity-theft-protection --------------------- _______________________________________________ Dataloss Mailing List (dataloss_at_private) CREDANT Technologies, a leader in data security, offers advanced data encryption solutions. Protect sensitive data on desktops, laptops, smartphones and USB sticks transparently across your enterprise to ensure regulatory compliance. http://www.credant.com/stopdataloss _________________________________________________________________ Attend Black Hat USA 2010, hosted at Caesars Palace in Las Vegas, Nevada July 24-29th, offering over 60 training sessions and 11 tracks of Briefings from security industry elite. To sign up visit http://www.blackhat.comReceived on Tue Jul 27 2010 - 00:49:00 PDT
This archive was generated by hypermail 2.2.0 : Tue Jul 27 2010 - 00:56:51 PDT