[ISN] [Dataloss Weekly Summary] Week of Sunday, April 24, 2011

From: InfoSec News <alerts_at_private>
Date: Tue, 3 May 2011 09:51:52 -0500 (CDT)

Open Security Foundation - DataLossDB Weekly Summary
Week of Sunday, April 24, 2011

25 Incidents Added.


DataLossDB is a research project aimed at documenting known and reported 
data loss incidents world-wide. The Open Security Foundation asks for 
contributions of new incidents and new data for existing incidents. For 
any questions about the project or the data contained within this email 
or the website (http://www.datalossdb.org), please contact us at 


DataLossDB News/Updates

  No news this week!


Incidents Added

Reported Date: 2011-04-29
Summary: Stolen portable device contained protected health information on 10,000 patients
Organizations: Brian J. Daniels, D.D.S, PC,  Paul R. Daniels, D.D.S., PC

Reported Date: 2011-04-29
Summary: Student & staff names, addresses, ID numbers, and email addresses exposed on intranet
Organizations: Trinity College Dublin (University of Dublin)

Reported Date: 2011-04-28
Summary: Tens of thousands of job applications including employment and salary history accesible on the web by url manipulation
Organizations: UNESCO

Reported Date: 2011-04-28
Summary: Members' names and addresses on stolen computers
Organizations: Pasadena City College Faculty Association

Reported Date: 2011-04-27
Summary: 8,000 email addresses and passwords compromised due to SQL injection attack
Organizations: dslreports.com

Reported Date: 2011-04-27
Summary: 17,000 season ticket holders had their account numbers, names, addresses, phone numbers and email addresses exposed in an email attachment
Organizations: New York Yankees

Reported Date: 2011-04-27
Summary: Employees' names, dates of birth, and Social Security numbers misused by fellow employee to obtain payday loans
Organizations:  Allianz Life Insurance Company

Reported Date: 2011-04-26
Summary: 77 million names, addresses, email addresses, birthdates, PlayStation Network/Qriocity passwords and logins, handle/PSN online ID, profile data, purchase history and possibly credit cards obtained.
Organizations: Sony Corporation of America

Reported Date: 2011-04-22
Summary: Confidential information from 40 sealed court files, including specific names, addresses, and phone numbers, was publicly accessible in PACER case entries online
Organizations: U.S. District Court - Middle District of Alabama

Reported Date: 2011-04-21
Summary: 359,661 customers' credit card numbers stolen
Organizations: Unknown Organization

Reported Date: 2011-04-19
Summary: Names and email addresses used to send phishing email to customer email list
Organizations: The Children's Place Retail Stores, Inc., CheetahMail

Reported Date: 2011-03-16
Summary: Document with demographic information on patients stolen from employee's car
Organizations: Jefferson Center for Mental Health

Reported Date: 2011-03-08
Summary: 8,845 patients' Social Security Numbers and some health information on stolen laptop
Organizations: Omnicare Inc.

Reported Date: 2011-01-18
Summary: Attempted extortion based on personal information of 100 students and parents
Organizations: Xavier University

Reported Date: 2010-12-31
Summary: Health insurance applications with personal and medical information found discarded, unshredded, behind insurance agents' office
Organizations: Blue Cross Blue Shield Florida, Aetna Inc., CIGNA HealthCare Corp., Action Insurance Planners, LLC, Total Network Consultants

Reported Date: 2010-06-30
Summary: 6,372 patients' names, dates of birth, and social security numbers were in a discarded filing cabinet.
Organizations: Aetna Inc.

Reported Date: 2010-05-28
Summary: 2,628 individuals protected health information was breached through improper unauthorized access/disclosure of paper documents
Organizations: University of Rochester Medical Center Affiliates

Reported Date: 2010-05-01
Summary: 4,200 patients' names, addresses, dates of birth, medical histories, social security numbers, phone numbers, and drivers license numbers on laptop stolen from car.
Organizations: Heriberto Rodriguez-Ayala, M.D.

Reported Date: 2010-05-01
Summary: 2,416 patients' names, dates of birth and medical information were emailed without authorization to a research office, and were then stolen 
Organizations: Unknown Organization, Georgetown University Hospital

Reported Date: 2010-04-03
Summary: 40,000 patients' names, addresses, phone numbers, email addresses, birthdates, names of family members, medical insurance information, Social Security numbers and protected health information were on a stolen server
Organizations: Silicon Valley Eyecare Optometry and Contact Lenses

Reported Date: 2010-04-01
Summary: 660 individuals medical information affected by unauthorized access/disclosure of paper records
Organizations: McKesson Information Solutions, LLC, Beatrice Community Hospital and Health Center

Reported Date: 2010-03-22
Summary: 600 patients' protected health information was misused to obtain narcotics
Organizations: Tomah Memorial Hospital

Reported Date: 2010-03-19
Summary: Debit cards issued by former bank compromised
Organizations: National City Bank, PNC Financial Services Group

Reported Date: 2009-08-21
Summary: Stolen laptop exposes personal details of 36,800 people and 1900 driving conviction details
Organizations: Repair Management Services of Blackburn, MVRA Limited

Reported Date: 2009-02-11
Summary: Stolen police files containing confidential information found in car park
Organizations: Norfolk Constabulary


Blotter Posts

Added: 2011-04-30
Title: PlayStation Users Want Tighter Security & Apology After Security Breach

Added: 2011-04-27
Title: The Sony PlayStation Network breach: An identity-theft bonanza

Added: 2011-04-27
Title: FTC pushes for laws that make identity theft harder

Added: 2011-04-27
Title: ID thief pleads guilty to 85 counts

Added: 2011-04-26
Title: U.S. Senator demanding answers from Sony on PSN breach

Added: 2011-04-26
Title: News:
				 What PSN identity theft means for you

Added: 2011-04-25
Title: Feds Charge 16 in Pennsylvania Identity Theft Scheme

Dataloss Mailing List (dataloss_at_private)

CREDANT Technologies, a leader in data security, offers advanced data 
encryption solutions. Protect sensitive data on desktops, laptops, 
smartphones and USB sticks transparently across your enterprise to 
ensure regulatory compliance. http://www.credant.com/stopdataloss

Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery 
Network, Cisco Switches, SAS 70 Type II Datacenter. 
Find peace of mind, Defend your Critical Infrastructure.
Received on Tue May 03 2011 - 07:51:52 PDT

This archive was generated by hypermail 2.2.0 : Tue May 03 2011 - 07:57:57 PDT