======================================================================== Open Security Foundation - DataLossDB Weekly Summary Week of Sunday, April 3, 2011 27 Incidents Added. ======================================================================== DataLossDB is a research project aimed at documenting known and reported data loss incidents world-wide. The Open Security Foundation asks for contributions of new incidents and new data for existing incidents. For any questions about the project or the data contained within this email or the website (http://www.datalossdb.org), please contact us at curators_at_private ======================================================================== DataLossDB News/Updates Epsilon Bingo http://datalossdb.org/incident_highlights/52 ======================================================================== Incidents Added Reported Date: 2011-04-09 Summary: Identities of more than 100 civil servants negotiating severance packages exposed in email error Organizations: Government of Scotland http://datalossdb.org/incidents/3558 --------------------- Reported Date: 2011-04-08 Summary: Database of 629 Government Customer Credit Cards stolen Organizations: Rojone Pty Ltd. http://datalossdb.org/incidents/3553 --------------------- Reported Date: 2011-04-08 Summary: Medical center appointment lists with names, dates of birth, and Social Security numbers were discarded without shredding Organizations: Aiken County Veteran's Affairs, Charlie Norwood VA Medical Center http://datalossdb.org/incidents/3555 --------------------- Reported Date: 2011-04-07 Summary: Email error exposed students' learning and sensitive medical details to student group Organizations: Godalming College http://datalossdb.org/incidents/3552 --------------------- Reported Date: 2011-04-07 Summary: Employees stole and sold personal information of patients and teachers as part of ID theft ring Organizations: Broward County School District, Linda Green, M.D., Linda Groene, M.D. http://datalossdb.org/incidents/3554 --------------------- Reported Date: 2011-04-05 Summary: Personal and protected health information of 93,500 patients on missing hard drive Organizations: Hartford Hospital, MidState Medical Center http://datalossdb.org/incidents/3546 --------------------- Reported Date: 2011-04-05 Summary: Employee accessed and transferred confidential database containing 3,000 pilots' personal information and Social Security numbers. Organizations: US Airways http://datalossdb.org/incidents/3557 --------------------- Reported Date: 2011-03-25 Summary: Dozens of boxes of employee personal, financial, and medical data as well as customer information sold at storage auction Organizations: Ulysses Telemedia Networks http://datalossdb.org/incidents/3545 --------------------- Reported Date: 2011-03-25 Summary: Customers names, addresses, and credit card numbers accessed by hacker Organizations: E-Dreamz, S&D Coffee http://datalossdb.org/incidents/3547 --------------------- Reported Date: 2011-03-23 Summary: Laptop with current and former employees' names and Social Security numbers stolen from employee's car Organizations: Applied Micro Circuits http://datalossdb.org/incidents/3548 --------------------- Reported Date: 2011-03-10 Summary: Infected servers exposed up to 300 employees' and customers'' personal and financial information Organizations: Hartford Life Insurance Company http://datalossdb.org/incidents/3551 --------------------- Reported Date: 2011-03-01 Summary: Stolen desktop computer contained protected health information on 576 patients Organizations: University of Nebraska Medical Center http://datalossdb.org/incidents/3556 --------------------- Reported Date: 2011-01-01 Summary: Protected health information of 500 patients exposed by hack Organizations: Hils Transcription Service, Osceola Medical Center http://datalossdb.org/incidents/3568 --------------------- Reported Date: 2010-07-19 Summary: 13,000 patients' information on stolen desktop computer Organizations: E. Brooks Wilkins Family Medicine, PA http://datalossdb.org/incidents/3561 --------------------- Reported Date: 2010-04-13 Summary: 598 patients' names and partial social security numbers were in a pharmacy log book that went missing. Organizations: Miami VA Healthcare System http://datalossdb.org/incidents/3559 --------------------- Reported Date: 2010-04-06 Summary: 955 patients' names, dates of birth, Social Security numbers and medical information were on an unencrypted stolen laptop Organizations: Pediatric Sports and Spine Associates http://datalossdb.org/incidents/3562 --------------------- Reported Date: 2010-04-03 Summary: 6,800 patient invoices, some containing PHI, went missing Organizations: VHS Genesis Lab INC http://datalossdb.org/incidents/3570 --------------------- Reported Date: 2010-03-31 Summary: Post cards from Infectious Disease Clinic exposed 3,800 patients' names and addresses Organizations: Lee Memorial Health System http://datalossdb.org/incidents/3565 --------------------- Reported Date: 2010-03-31 Summary: 5,080 patients' protected health information was on a stolen laptop. Organizations: Dynacare Northwest Inc, Laboratory Corporation of America http://datalossdb.org/incidents/3566 --------------------- Reported Date: 2010-03-29 Summary: 763 patients' names, private health information and account balances were sent in an email to an unauthorized recipient. Organizations: Computer Program and Systems, Inc. (CPSI), Reliant Rehabilitation Hospital North Houston http://datalossdb.org/incidents/3560 --------------------- Reported Date: 2009-12-11 Summary: 2,860 patients' records on server that was stolen off-premises Organizations: Daniel J. Sigman MD http://datalossdb.org/incidents/3549 --------------------- Reported Date: 2009-12-10 Summary: Customer names, email addresses, passwords and physical addresses exposed in SQL injection Organizations: Kaspersky Lab, Kaspersky Lab http://datalossdb.org/incidents/3563 --------------------- Reported Date: 2009-07-08 Summary: Employees accepted bribes for confidential patient information that was used as part of fraud scheme Organizations: Lincoln Medical and Mental Health Center, Jacobi Medical Center http://datalossdb.org/incidents/3572 --------------------- Reported Date: 2009-02-09 Summary: Customers' names, addresses and email addresses exposed by hack of reseller's site Organizations: BitDefender.pt http://datalossdb.org/incidents/3567 --------------------- Reported Date: 2009-02-07 Summary: Some customer data including names, addresses and product activation codes vulnerable in SQL injection Organizations: Kaspersky Lab http://datalossdb.org/incidents/3571 --------------------- Reported Date: 1999-01-21 Summary: 30,000 loyalty card members' personal and company information exposed on Web Organizations: Air Miles http://datalossdb.org/incidents/3550 --------------------- Reported Date: 1996-06-24 Summary: Payroll, personnel records and emails accessed by hacker Organizations: Lockheed Space and Missile http://datalossdb.org/incidents/3569 --------------------- ======================================================================== Blotter Posts Added: 2011-04-09 Title: Gaffe reveals civil servants' exit plans http://news.scotsman.com/scotland/Gaffe-reveals-civil-servants39-exit.6748855.jp --------------------- Added: 2011-04-08 Title: Most Willing to Pay to Reduce Identity Theft Risk http://www.examiner.com/information-security-in-boston/most-willing-to-pay-to-reduce-identity-theft-risk --------------------- Added: 2011-04-07 Title: Former Emily Morgan hotel worker pleads guilty in massive theft case http://www.kens5.com/news/Former-Emily-Morgan-hotel-worker-pleads-guilty-in-massive-ID-theft-case-119368919.html --------------------- Added: 2011-04-05 Title: Ex-Gucci worker charged for identity theft http://www.couriermail.com.au/news/breaking-news/ex-gucci-worker-charged-for-identity-theft/story-e6freonx-1226034004056?from=public_rss --------------------- Added: 2011-04-05 Title: Identity Thieves Target Tax Refunds http://abcnews.go.com/US/identity-thieves-target-irs-tax-refunds/story?id=13291070 --------------------- _______________________________________________ Dataloss Mailing List (dataloss_at_private) CREDANT Technologies, a leader in data security, offers advanced data encryption solutions. Protect sensitive data on desktops, laptops, smartphones and USB sticks transparently across your enterprise to ensure regulatory compliance. http://www.credant.com/stopdataloss ___________________________________________________________ Tegatai Managed Colocation: Four Provider Blended Tier-1 Bandwidth, Fortinet Universal Threat Management, Natural Disaster Avoidance, Always-On Power Delivery Network, Cisco Switches, SAS 70 Type II Datacenter. Find peace of mind, Defend your Critical Infrastructure. http://www.tegataiphoenix.com/Received on Mon Apr 11 2011 - 22:52:50 PDT
This archive was generated by hypermail 2.2.0 : Mon Apr 11 2011 - 22:58:06 PDT