======================================================================== Open Security Foundation - DataLossDB Weekly Summary Week of Sunday, April 24, 2011 25 Incidents Added. ======================================================================== DataLossDB is a research project aimed at documenting known and reported data loss incidents world-wide. The Open Security Foundation asks for contributions of new incidents and new data for existing incidents. For any questions about the project or the data contained within this email or the website (http://www.datalossdb.org), please contact us at curators_at_private ======================================================================== DataLossDB News/Updates No news this week! ======================================================================== Incidents Added Reported Date: 2011-04-29 Summary: Stolen portable device contained protected health information on 10,000 patients Organizations: Brian J. Daniels, D.D.S, PC, Paul R. Daniels, D.D.S., PC http://datalossdb.org/incidents/3656 --------------------- Reported Date: 2011-04-29 Summary: Student & staff names, addresses, ID numbers, and email addresses exposed on intranet Organizations: Trinity College Dublin (University of Dublin) http://datalossdb.org/incidents/3658 --------------------- Reported Date: 2011-04-28 Summary: Tens of thousands of job applications including employment and salary history accesible on the web by url manipulation Organizations: UNESCO http://datalossdb.org/incidents/3659 --------------------- Reported Date: 2011-04-28 Summary: Members' names and addresses on stolen computers Organizations: Pasadena City College Faculty Association http://datalossdb.org/incidents/3657 --------------------- Reported Date: 2011-04-27 Summary: 8,000 email addresses and passwords compromised due to SQL injection attack Organizations: dslreports.com http://datalossdb.org/incidents/3650 --------------------- Reported Date: 2011-04-27 Summary: 17,000 season ticket holders had their account numbers, names, addresses, phone numbers and email addresses exposed in an email attachment Organizations: New York Yankees http://datalossdb.org/incidents/3647 --------------------- Reported Date: 2011-04-27 Summary: Employees' names, dates of birth, and Social Security numbers misused by fellow employee to obtain payday loans Organizations: Allianz Life Insurance Company http://datalossdb.org/incidents/3648 --------------------- Reported Date: 2011-04-26 Summary: 77 million names, addresses, email addresses, birthdates, PlayStation Network/Qriocity passwords and logins, handle/PSN online ID, profile data, purchase history and possibly credit cards obtained. Organizations: Sony Corporation of America http://datalossdb.org/incidents/3634 --------------------- Reported Date: 2011-04-22 Summary: Confidential information from 40 sealed court files, including specific names, addresses, and phone numbers, was publicly accessible in PACER case entries online Organizations: U.S. District Court - Middle District of Alabama http://datalossdb.org/incidents/3649 --------------------- Reported Date: 2011-04-21 Summary: 359,661 customers' credit card numbers stolen Organizations: Unknown Organization http://datalossdb.org/incidents/3653 --------------------- Reported Date: 2011-04-19 Summary: Names and email addresses used to send phishing email to customer email list Organizations: The Children's Place Retail Stores, Inc., CheetahMail http://datalossdb.org/incidents/3654 --------------------- Reported Date: 2011-03-16 Summary: Document with demographic information on patients stolen from employee's car Organizations: Jefferson Center for Mental Health http://datalossdb.org/incidents/3646 --------------------- Reported Date: 2011-03-08 Summary: 8,845 patients' Social Security Numbers and some health information on stolen laptop Organizations: Omnicare Inc. http://datalossdb.org/incidents/3655 --------------------- Reported Date: 2011-01-18 Summary: Attempted extortion based on personal information of 100 students and parents Organizations: Xavier University http://datalossdb.org/incidents/3645 --------------------- Reported Date: 2010-12-31 Summary: Health insurance applications with personal and medical information found discarded, unshredded, behind insurance agents' office Organizations: Blue Cross Blue Shield Florida, Aetna Inc., CIGNA HealthCare Corp., Action Insurance Planners, LLC, Total Network Consultants http://datalossdb.org/incidents/3644 --------------------- Reported Date: 2010-06-30 Summary: 6,372 patients' names, dates of birth, and social security numbers were in a discarded filing cabinet. Organizations: Aetna Inc. http://datalossdb.org/incidents/3640 --------------------- Reported Date: 2010-05-28 Summary: 2,628 individuals protected health information was breached through improper unauthorized access/disclosure of paper documents Organizations: University of Rochester Medical Center Affiliates http://datalossdb.org/incidents/3642 --------------------- Reported Date: 2010-05-01 Summary: 4,200 patients' names, addresses, dates of birth, medical histories, social security numbers, phone numbers, and drivers license numbers on laptop stolen from car. Organizations: Heriberto Rodriguez-Ayala, M.D. http://datalossdb.org/incidents/3641 --------------------- Reported Date: 2010-05-01 Summary: 2,416 patients' names, dates of birth and medical information were emailed without authorization to a research office, and were then stolen Organizations: Unknown Organization, Georgetown University Hospital http://datalossdb.org/incidents/3639 --------------------- Reported Date: 2010-04-03 Summary: 40,000 patients' names, addresses, phone numbers, email addresses, birthdates, names of family members, medical insurance information, Social Security numbers and protected health information were on a stolen server Organizations: Silicon Valley Eyecare Optometry and Contact Lenses http://datalossdb.org/incidents/3635 --------------------- Reported Date: 2010-04-01 Summary: 660 individuals medical information affected by unauthorized access/disclosure of paper records Organizations: McKesson Information Solutions, LLC, Beatrice Community Hospital and Health Center http://datalossdb.org/incidents/3636 --------------------- Reported Date: 2010-03-22 Summary: 600 patients' protected health information was misused to obtain narcotics Organizations: Tomah Memorial Hospital http://datalossdb.org/incidents/3638 --------------------- Reported Date: 2010-03-19 Summary: Debit cards issued by former bank compromised Organizations: National City Bank, PNC Financial Services Group http://datalossdb.org/incidents/3637 --------------------- Reported Date: 2009-08-21 Summary: Stolen laptop exposes personal details of 36,800 people and 1900 driving conviction details Organizations: Repair Management Services of Blackburn, MVRA Limited http://datalossdb.org/incidents/3651 --------------------- Reported Date: 2009-02-11 Summary: Stolen police files containing confidential information found in car park Organizations: Norfolk Constabulary http://datalossdb.org/incidents/3652 --------------------- ======================================================================== Blotter Posts Added: 2011-04-30 Title: PlayStation Users Want Tighter Security & Apology After Security Breach http://www.foxcharlotte.com/news/local/PlayStation-Users-Want-Tighter-Security--Apology-After-Security-Breach-121004259.html --------------------- Added: 2011-04-27 Title: The Sony PlayStation Network breach: An identity-theft bonanza http://www.networkworld.com/news/2011/042711-playstation-identity-theft.html?fsrc=netflash-rss --------------------- Added: 2011-04-27 Title: FTC pushes for laws that make identity theft harder http://www.tulsaworld.com/site/articlepath.aspx?articleid=20110427_15_E4_Citing683573&rss_lnk=5 --------------------- Added: 2011-04-27 Title: ID thief pleads guilty to 85 counts http://www.theolympian.com/2011/04/27/1630516/id-thief-pleads-guilty-to-85-counts.html --------------------- Added: 2011-04-26 Title: U.S. Senator demanding answers from Sony on PSN breach http://www.examiner.com/console-gaming-in-national/u-s-senator-demanding-answers-from-sony-on-psn-breach --------------------- Added: 2011-04-26 Title: News: What PSN identity theft means for you http://www.eurogamer.net/articles/2011-04-26-what-psn-identity-theft-means-for-you --------------------- Added: 2011-04-25 Title: Feds Charge 16 in Pennsylvania Identity Theft Scheme http://story.albuquerqueexpress.com/index.php/ct/9/cid/154063713fe5da1f/id/44875790/ --------------------- _______________________________________________ Dataloss Mailing List (dataloss_at_private) CREDANT Technologies, a leader in data security, offers advanced data encryption solutions. Protect sensitive data on desktops, laptops, smartphones and USB sticks transparently across your enterprise to ensure regulatory compliance. http://www.credant.com/stopdataloss ___________________________________________________________ Tegatai Managed Colocation: Four Provider Blended Tier-1 Bandwidth, Fortinet Universal Threat Management, Natural Disaster Avoidance, Always-On Power Delivery Network, Cisco Switches, SAS 70 Type II Datacenter. Find peace of mind, Defend your Critical Infrastructure. http://www.tegataiphoenix.com/Received on Tue May 03 2011 - 07:51:52 PDT
This archive was generated by hypermail 2.2.0 : Tue May 03 2011 - 07:57:57 PDT