======================================================================== Open Security Foundation - DataLossDB Weekly Summary Week of Sunday, December 26, 2010 28 Incidents Added. ======================================================================== DataLossDB is a research project aimed at documenting known and reported data loss incidents world-wide. The Open Security Foundation asks for contributions of new incidents and new data for existing incidents. For any questions about the project or the data contained within this email or the website (http://www.datalossdb.org), please contact us at curators_at_private ======================================================================== DataLossDB News/Updates No news this week! ======================================================================== Incidents Added Reported Date: 2010-12-28 Summary: Binder of medical marijuana records with Social Security Numbers, names, addresses, dates of birth, driver's license numbers, telephone numbers, and copies of birth certificates found in a dumpster Organizations: Apothecary of Colorado http://datalossdb.org/incidents/3311 --------------------- Reported Date: 2010-12-23 Summary: 4.9 million names, addresses, e-mail addresses, user names and VINs exposed from email list Organizations: American Honda Motor Co., Inc http://datalossdb.org/incidents/3294 --------------------- Reported Date: 2010-12-23 Summary: 3159 patientĀ¹s full name, date of birth, medical record number, healthcare providerĀ¹s name, encounter date, and diagnosis information stolen from laptop in parked car Organizations: Mankato Clinic http://datalossdb.org/incidents/3306 --------------------- Reported Date: 2010-12-22 Summary: 1600 Names, Social Security numbers and employment information exposed in unsecured job applicant SQL database on the Web Organizations: Community First Credit Union, Cambrium Group http://datalossdb.org/incidents/3315 --------------------- Reported Date: 2010-12-22 Summary: 35,000 statements sent to the wrong address that includes name, bank details and recent transactions Organizations: Santander http://datalossdb.org/incidents/3321 --------------------- Reported Date: 2010-12-21 Summary: Payment card information misused by employee who also accessed name, address, date of birth, insurance info, and Social Security numbers in customer database Organizations: Kinetic Concepts Inc. http://datalossdb.org/incidents/3307 --------------------- Reported Date: 2010-12-16 Summary: Employee steals thousands of background check applications containing dates of birth and Social Security numbers and uses them to open credit card and other accounts Organizations: Integrated Biometrics Technology http://datalossdb.org/incidents/3317 --------------------- Reported Date: 2010-12-16 Summary: 1500 names, dates of birth, addresses and personal information on laptop stolen from locked room in hospital Organizations: Calderdale Royal Hospital, Calderdale and Huddersfield NHS Foundation Trust http://datalossdb.org/incidents/3319 --------------------- Reported Date: 2010-12-01 Summary: Names, addresses, Social Security numbers and driver license numbers exposed as manager throws out a box of job applications in a dumpster by mistake. Organizations: KMax Systems http://datalossdb.org/incidents/3318 --------------------- Reported Date: 2010-11-30 Summary: Specific management system software program infected by malicious software expose debit and credit cards Organizations: Shell Vacations Hospitality http://datalossdb.org/incidents/3296 --------------------- Reported Date: 2010-11-22 Summary: 147 names, phone numbers and Social Security numbers stolen from storage device in a secure room Organizations: Dartmouth College http://datalossdb.org/incidents/3316 --------------------- Reported Date: 2010-11-20 Summary: A former employee accessed a secure area and logged into hospital computer records that contain patient information Organizations: Coliseum Hospital http://datalossdb.org/incidents/3310 --------------------- Reported Date: 2010-11-19 Summary: Account numbers and card expiration dates may have been exposed by a breach at a third-party payment service. Organizations: 1st Source Bank http://datalossdb.org/incidents/3322 --------------------- Reported Date: 2010-11-12 Summary: Laptop stolen from an employee in the Human Resources Department contained names, addresses and Social Security numbers Organizations: Hanger Orthopedic Group http://datalossdb.org/incidents/3308 --------------------- Reported Date: 2010-11-10 Summary: Names, addresses, grades, Social Security numbers, date of birth and records of payments received stolen from laptop in locked off-campus site. Organizations: Methodist Theological School http://datalossdb.org/incidents/3323 --------------------- Reported Date: 2010-10-25 Summary: 180 names and Social Security numbers exposed as an employee took home a list with information and then tried to email to work Organizations: U.S. Department of Veterans Affairs http://datalossdb.org/incidents/3309 --------------------- Reported Date: 2010-10-15 Summary: Social Security numbers and bank account information stolen from a laptop at corporate office Organizations: Kayser-Roth Corporation http://datalossdb.org/incidents/3314 --------------------- Reported Date: 2010-10-08 Summary: Stolen portable hard drive contained former nursing students' Social Security Numbers Organizations: Armstrong Atlantic State University http://datalossdb.org/incidents/3312 --------------------- Reported Date: 2010-10-08 Summary: 240 names, Social Security numbers, date of birth, mailing addresses, medical data (health information), and other financial information exposed as guard finds an unencrypted thumb drive inside the facility doors. Organizations: U.S. Department of Veterans Affairs http://datalossdb.org/incidents/3313 --------------------- Reported Date: 2010-09-21 Summary: A propgraming error allows the Social Security numbers of the writing agent to be seen through the contracted broker's portal Organizations: CareFirst http://datalossdb.org/incidents/3303 --------------------- Reported Date: 2010-07-15 Summary: Confirmation information containing account number, name, transaction records were mailed to the wrong customers Organizations: Principal Financial Group http://datalossdb.org/incidents/3297 --------------------- Reported Date: 2010-07-14 Summary: Back-up hard drive containing names, Social Security numbers, and other financial information was stolen. Organizations: Ameriprise Financial http://datalossdb.org/incidents/3298 --------------------- Reported Date: 2010-07-07 Summary: 268 underwriting files found outside headquarters containing names, Social Security numbers, account numbers, medical information and driver license numbers Organizations: Knights of Columbus http://datalossdb.org/incidents/3299 --------------------- Reported Date: 2010-06-30 Summary: Names, Social Security Numbers and date of birth exposed after discovery of stolen backup tapes Organizations: Science Applications International Corp (SAIC) http://datalossdb.org/incidents/3295 --------------------- Reported Date: 2010-06-30 Summary: Spreadsheet with 799 names and Social Security numbers of current/former employees accidentally left exposed on network drive during upgrade Organizations: K. Hovnanian Enterprises http://datalossdb.org/incidents/3300 --------------------- Reported Date: 2010-06-24 Summary: Employee sold lists of customer information to a third party Organizations: State Farm Insurance http://datalossdb.org/incidents/3301 --------------------- Reported Date: 2010-06-21 Summary: Call center employee copies credit card numbers of 22 customers Organizations: T-Mobile http://datalossdb.org/incidents/3302 --------------------- Reported Date: 2010-06-11 Summary: Names, addresses, Social Security numbers, date of birth and DJS number stolen from laptop locked trunk of parked car. Organizations: VisionQuest http://datalossdb.org/incidents/3305 --------------------- ======================================================================== Blotter Posts Added: 2011-01-01 Title: Medical ID theft at Deaconess Hospital http://www.14wfie.com/story/13751151/medical-id-theft-at-deaconess-hospital --------------------- Added: 2011-01-01 Title: Federal study gives trends of identity theft http://www.tulsaworld.com/site/articlepath.aspx?articleid=20101227_12_A9_Aboutm21505&rss_lnk=11 --------------------- Added: 2011-01-01 Title: Sophisticated Vancouver theft ring busted http://www.cbc.ca/canada/british-columbia/story/2010/12/30/bc-andrew-cross-stolen-goods.html?ref=rss --------------------- Added: 2011-01-01 Title: CD Pirate Walks Federal Plank in Computer Gaming Case http://blogs.forbes.com/billsinger/2010/12/30/cd-piracy-bi/?utm_source=allactivity&utm_medium=rss&utm_campaign=20101230 --------------------- _______________________________________________ Dataloss Mailing List (dataloss_at_private) CREDANT Technologies, a leader in data security, offers advanced data encryption solutions. Protect sensitive data on desktops, laptops, smartphones and USB sticks transparently across your enterprise to ensure regulatory compliance. http://www.credant.com/stopdataloss ___________________________________________________________ Tegatai Managed Colocation: Four Provider Blended Tier-1 Bandwidth, Fortinet Universal Threat Management, Natural Disaster Avoidance, Always-On Power Delivery Network, Cisco Switches, SAS 70 Type II Datacenter. Find peace of mind, Defend your Critical Infrastructure. http://www.tegataiphoenix.com/Received on Tue Jan 04 2011 - 02:57:03 PST
This archive was generated by hypermail 2.2.0 : Tue Jan 04 2011 - 03:02:55 PST