======================================================================== Open Security Foundation - DataLossDB Weekly Summary Week of Sunday, April 17, 2011 45 Incidents Added. ======================================================================== DataLossDB is a research project aimed at documenting known and reported data loss incidents world-wide. The Open Security Foundation asks for contributions of new incidents and new data for existing incidents. For any questions about the project or the data contained within this email or the website (http://www.datalossdb.org), please contact us at curators_at_private ======================================================================== DataLossDB News/Updates No news this week! ======================================================================== Incidents Added Reported Date: 2011-04-21 Summary: Missing flash drive contains names and identity card numbers of 19 pediatric patients Organizations: Queen Mary Hospital http://datalossdb.org/incidents/3620 --------------------- Reported Date: 2011-04-21 Summary: Customers' card numbers acquired and misused Organizations: Qdoba Mexican Grill http://datalossdb.org/incidents/3617 --------------------- Reported Date: 2011-04-21 Summary: 90 students' personal information on laptop stolen from car Organizations: Freehold Community School http://datalossdb.org/incidents/3618 --------------------- Reported Date: 2011-04-20 Summary: Employee and applicants' records containing names, contact details, Social Security and personnel matters found discarded Organizations: Blockbuster Video http://datalossdb.org/incidents/3622 --------------------- Reported Date: 2011-04-19 Summary: 200 usernames, passwords and email addresses, as well as server logs exposed Organizations: European Space Agency, Cern Science Institute, BAE Systems http://datalossdb.org/incidents/3594 --------------------- Reported Date: 2011-04-19 Summary: Unencrypted flash drive with 750 patients' urology images and diagnoses left in a computer Organizations: Brighton and Sussex University Hospitals NHS Trust , University College London Hospitals NHS Foundation Trust, University College London Hospitals http://datalossdb.org/incidents/3598 --------------------- Reported Date: 2011-04-19 Summary: Misdirected faxes contained personal and mental health information Organizations: Borough of Poole http://datalossdb.org/incidents/3597 --------------------- Reported Date: 2011-04-18 Summary: Names and Social Security numbers of current and former employees on stolen computer Organizations: ABM Industries http://datalossdb.org/incidents/3614 --------------------- Reported Date: 2011-04-18 Summary: A memory stick containing personal and medical information 4,500 kids seen at speech and hearing clinic discovered missing Organizations: Middlesex London Health Unit, H.A. Leeper Speech and Hearing Clinic, University of Western Ontario - Elborn College. http://datalossdb.org/incidents/3590 --------------------- Reported Date: 2011-04-18 Summary: Employee took 581 patient records with names, financial and medical information for training purposes Organizations: Southwest Ambulance http://datalossdb.org/incidents/3591 --------------------- Reported Date: 2011-04-13 Summary: 100 patient files stolen from doctor's garage contained personal and medical information Organizations: Moises M. Soulas Jr, M.D. http://datalossdb.org/incidents/3602 --------------------- Reported Date: 2011-04-13 Summary: Employee downloaded client files and transactions before resigning Organizations: AllianceBernstein Holding LP http://datalossdb.org/incidents/3604 --------------------- Reported Date: 2011-04-13 Summary: Mailing error exposed members' names and life insurance member numbers to others Organizations: Marsh U.S. Consumer, IEEE http://datalossdb.org/incidents/3626 --------------------- Reported Date: 2011-04-12 Summary: Configuration error exposes employees' pay stub data and bank account numbers to other employees Organizations: UMass Memorial Healthcare http://datalossdb.org/incidents/3588 --------------------- Reported Date: 2011-04-12 Summary: Customer credit card payment transactions may have been compromised Organizations: Infogroup http://datalossdb.org/incidents/3615 --------------------- Reported Date: 2011-04-12 Summary: Over 25,000 students' and 2,500 employees' personal information, including dates of birth and Social Security numbers, may have been acquired Organizations: Lancaster County School District http://datalossdb.org/incidents/3593 --------------------- Reported Date: 2011-04-11 Summary: Names and email addresses of leads and partners exposed by hacker Organizations: Barracuda Networks Inc. http://datalossdb.org/incidents/3603 --------------------- Reported Date: 2011-04-01 Summary: Customers' names, addresses, credit card numbers and card expiration dates viewable by intruder Organizations: GoGrid LLC http://datalossdb.org/incidents/3616 --------------------- Reported Date: 2011-03-11 Summary: 617 students' registration cards with names and social security numbers sent to auction house storage in error Organizations: Central Ohio Technical College http://datalossdb.org/incidents/3595 --------------------- Reported Date: 2011-02-11 Summary: 80 students' files containing personal and medical information dumped in skips Organizations: Norwich City College of Further and Higher Education (City College Norwich) http://datalossdb.org/incidents/3596 --------------------- Reported Date: 2010-10-25 Summary: Customers' usernames, passwords, line speeds and subscriber names posted on web by hacker Organizations: MWEB, Bloomberg , Volvo SA, Caledon Hotel Casino, Peugeot SA, Radio 786, Internet Solutions (IS) http://datalossdb.org/incidents/3607 --------------------- Reported Date: 2010-10-18 Summary: Compromised customer login to TransUnion enabled access to consumers' credit reports Organizations: Midtown Motors, TransUnion http://datalossdb.org/incidents/3609 --------------------- Reported Date: 2010-09-09 Summary: Employees of other Trusts able to access patient and employee data Organizations: Unknown Organization, Unknown Organization, NHS Birmingham East and North http://datalossdb.org/incidents/3613 --------------------- Reported Date: 2010-08-19 Summary: Bus driver stole personal information of disabled passengers and opened credit accounts using their information Organizations: MV Transportation, Central Florida Regional Transportation Authority (LYNX) http://datalossdb.org/incidents/3633 --------------------- Reported Date: 2010-08-18 Summary: Paper records of patient information lost or stolen Organizations: Beauty Dental http://datalossdb.org/incidents/3629 --------------------- Reported Date: 2010-07-27 Summary: 780 cancer patients' names and identity card numbers and up to 40 volunteers' names, identity card numbers, and contact information on stolen hard drive Organizations: Queen Mary Hospital, Li Ka Shing Foundation Hospice Service Program http://datalossdb.org/incidents/3621 --------------------- Reported Date: 2010-07-15 Summary: Claims summary statements were inadvertently sent to the wrong members Organizations: UnitedHealthcare, Deere & Co. http://datalossdb.org/incidents/3589 --------------------- Reported Date: 2010-04-23 Summary: 500 patients' social security numbers, names, and addresses were stolen from 6 computers after a fire. Organizations: Rockbridge Area Community Services http://datalossdb.org/incidents/3619 --------------------- Reported Date: 2010-04-16 Summary: Stolen portable device contained protected health information of 2,773 individuals Organizations: Laboratory Corporation of America (LabCorp), Dianon System Inc. http://datalossdb.org/incidents/3592 --------------------- Reported Date: 2010-04-12 Summary: 2,600 newborn's protected health information including parent's name, infant's name, infant's date of birth, medical record number and hearing test results were on an unencrypted stolen laptop. Organizations: Mount Sinai Medical Center http://datalossdb.org/incidents/3624 --------------------- Reported Date: 2010-04-12 Summary: 2,024 patients' protected health information on stolen laptop Organizations: Hypertension, Nephrology, Dialysis and Transplantation, PC http://datalossdb.org/incidents/3623 --------------------- Reported Date: 2010-04-10 Summary: 36,657 living persons' names, dates of birth, Social Security numbers, and zip code exposed in Death Master File Organizations: Social Security Administration http://datalossdb.org/incidents/3600 --------------------- Reported Date: 2010-04-01 Summary: 8,000 students' protected health information stolen and destroyed by employee Organizations: University of Pittsburgh Student Health Center http://datalossdb.org/incidents/3625 --------------------- Reported Date: 2010-04-01 Summary: 735 patients' protected health information on stolen remittance forms Organizations: UnitedHealth Group--SACE http://datalossdb.org/incidents/3599 --------------------- Reported Date: 2009-12-08 Summary: Open Online Database with SSN's Organizations: Shelby County Register http://datalossdb.org/incidents/3611 --------------------- Reported Date: 2009-06-12 Summary: Former employee created a spreadsheet of personnel data including names, addresses, Social Security number and Date of Birth of 68 employees and emailed to spouse's email address. Organizations: 1-800 East West Mortgage Co, Inc. http://datalossdb.org/incidents/3632 --------------------- Reported Date: 2008-08-16 Summary: Discs containing 27,000 supplier records, including supplier name, address and in some cases bank details, were in the possession of a contractor to the ministry Organizations: Unknown Organization, UK Ministry of Justice http://datalossdb.org/incidents/3630 --------------------- Reported Date: 2008-03-28 Summary: Customer personal information, including mobile numbers and resident registration codes, acquired by hacker Organizations: Daum Communications http://datalossdb.org/incidents/3605 --------------------- Reported Date: 2008-03-27 Summary: Thousands of patient records fell off a courier's truck Organizations: Unknown Organization, Laboratory Corporation of America (LabCorp) http://datalossdb.org/incidents/3612 --------------------- Reported Date: 2007-06-08 Summary: Employee stole patient identity information to open credit card accounts Organizations: Laboratory Corporation of America (LabCorp) http://datalossdb.org/incidents/3610 --------------------- Reported Date: 2007-05-03 Summary: Unauthorised person registered for account access and was able to view personal information. Organizations: Countrywide Home Loans http://datalossdb.org/incidents/3631 --------------------- Reported Date: 2001-01-01 Summary: Completed firearms license applications stolen from Canadian Firearms Centre van Organizations: Justice Canada - Canadian Firearms Centre http://datalossdb.org/incidents/3628 --------------------- Reported Date: 1994-09-28 Summary: 100,000 calling card numbers and PINs acquired by employee and sold to others Organizations: MCI, AT&T, Sprint http://datalossdb.org/incidents/3601 --------------------- Reported Date: 1987-02-12 Summary: Microfiche containing applications and criminal records of 5,000 found in a dump Organizations: Employment and Immigration Canada http://datalossdb.org/incidents/3627 --------------------- Reported Date: 1985-08-06 Summary: Employee accesses credit ratings and posted them online Organizations: MCI, American Express, Southern Bell http://datalossdb.org/incidents/3606 --------------------- ======================================================================== Blotter Posts Added: 2011-04-24 Title: Identity theft scare arrives in teen's mail http://www.ohio.com/business/120561649.html --------------------- Added: 2011-04-24 Title: Secret Service looks into identity thefts http://www.marshfieldnewsherald.com/article/20110423/MNH0101/104230581/1980&located=rss --------------------- Added: 2011-04-22 Title: Rancho Cordova man suspected of card skimming, ID theft http://feeds.bizjournals.com/~r/bizj_sacramento/~3/Eh1QXk_a4go/man-suspected-of-card-skimming-id-theft.html --------------------- Added: 2011-04-22 Title: Exclusive: Million dollar ID theft operation busted http://abclocal.go.com/wpvi/story?section=news/crime&id=8085649&rss=rss-wpvi-article-8085649 --------------------- Added: 2011-04-22 Title: Phoenix Man Sentenced For Forgery, ID Theft http://www.kpho.com/news/27630065/detail.html --------------------- Added: 2011-04-22 Title: Georgia man pleads guilty to $36.6M in ID theft http://rss.computerworld.com/~r/computerworld/s/feed/topic/17/~3/yZoe39Chm0o/Georgia_man_pleads_guilty_to_36.6M_in_ID_theft --------------------- Added: 2011-04-20 Title: Colo. bill to redefine ID theft shelved http://feedproxy.google.com/~r/washingtonexaminer/nation/~3/drji62iqTuA/colo-bill-redefine-id-theft-shelved --------------------- Added: 2011-04-20 Title: The New Ways Thieves Are Stealing Your Identity http://blogs.forbes.com/investopedia/2011/04/19/the-new-ways-thieves-are-stealing-your-identity/?utm_source=allactivity&utm_medium=rss&utm_campaign=20110419 --------------------- Added: 2011-04-19 Title: Gwinnett ID Theft Case Could Have 5,800 Victims http://www.wsbtv.com/news/27600264/detail.html --------------------- Added: 2011-04-19 Title: US proposes online IDs for Americans http://go.theregister.com/feed/www.theregister.co.uk/2011/04/19/us_proposes_online_ids_for_americans/ --------------------- Added: 2011-04-18 Title: Obama's online trusted ID plan greeted with caution http://www.networkworld.com/news/2011/041811-obamas-online-trusted-id-plan.html?source=nww_rss --------------------- _______________________________________________ Dataloss Mailing List (dataloss_at_private) CREDANT Technologies, a leader in data security, offers advanced data encryption solutions. Protect sensitive data on desktops, laptops, smartphones and USB sticks transparently across your enterprise to ensure regulatory compliance. http://www.credant.com/stopdataloss ___________________________________________________________ Tegatai Managed Colocation: Four Provider Blended Tier-1 Bandwidth, Fortinet Universal Threat Management, Natural Disaster Avoidance, Always-On Power Delivery Network, Cisco Switches, SAS 70 Type II Datacenter. Find peace of mind, Defend your Critical Infrastructure. http://www.tegataiphoenix.com/Received on Mon Apr 25 2011 - 23:58:40 PDT
This archive was generated by hypermail 2.2.0 : Tue Apr 26 2011 - 00:05:57 PDT