[ISN] [Dataloss Weekly Summary] Week of Sunday, May 1, 2011

From: InfoSec News <alerts_at_private>
Date: Tue, 10 May 2011 02:32:40 -0500 (CDT)

Open Security Foundation - DataLossDB Weekly Summary
Week of Sunday, May  1, 2011

28 Incidents Added.


DataLossDB is a research project aimed at documenting known and reported 
data loss incidents world-wide. The Open Security Foundation asks for 
contributions of new incidents and new data for existing incidents. For 
any questions about the project or the data contained within this email 
or the website (http://www.datalossdb.org), please contact us at 


DataLossDB News/Updates

  No news this week!


Incidents Added

Reported Date: 2011-05-08
Summary: Ex-employees sued for allegedly downloading and taking more than 2,000 mortgage loan customers' names, addresses, phone numbers, Social Security numbers, bank account numbers, W-2's, and other records 
Organizations: Huntington National Bank

Reported Date: 2011-05-05
Summary: Students' email addresses and ID numbers accessed
Organizations: Central Oregon Community College

Reported Date: 2011-05-05
Summary: Doctor misused patient information to open lines of credit
Organizations: Lockerman Family Chiropractic

Reported Date: 2011-05-04
Summary: PIN pad tampering at stores results in dozens of cases of card fraud
Organizations: Michaels Stores, Inc.

Reported Date: 2011-05-04
Summary: 20 boxes of documents containing personal, financial, and medical information fell off truck and scattered in wind
Organizations: Baker Moving and Storage,  Rodney Johnson

Reported Date: 2011-05-03
Summary: 5,994 patients' names, addresses, hospital account numbers, medical record numbers, diagnostic codes and treatment codes on laptop stolen from employee vehicle
Organizations: Speare Memorial Hospital

Reported Date: 2011-05-02
Summary: Employee stole patient identity information for fraudulent purposes
Organizations: Woman To Woman Healthcare 

Reported Date: 2011-05-02
Summary: 250,000 show applicants' names, dates of birth, email addresses, zip code, phone numbers accessed
Organizations: X Factor

Reported Date: 2011-05-02
Summary: Customer email addresses accessed by hacker
Organizations: Unknown Organization, Best Buy

Reported Date: 2011-05-02
Summary: 24.6 million customer dates of birth, email addresses and phone numbers, including 12,700 non-U.S. credit or debit card numbers and expiration dates and about 10,700 direct debit records including bank account numbers accessed by hacker
Organizations: Sony Online Entertainment, Sony Corporation

Reported Date: 2011-04-28
Summary: Teacher login passwords stolen, grades changed at three high schools
Organizations: Seattle Public Schools,  Ballard High School, Ingraham High School, Chief Sealth 

Reported Date: 2011-04-28
Summary: Personal and medical information of Guantanamo detainees revealed in data dump
Organizations: United States Department of Defense

Reported Date: 2011-04-22
Summary: 12,000 employees notified that their identity information may have been acquired
Organizations: Schield Family Companies, Peachtree Doors and Windows, Inc., Weather Shield, Vetter, Crestline

Reported Date: 2011-04-20
Summary: Call center employee accessed customers' names and credit card information without authorization
Organizations: Netflix, Inc.

Reported Date: 2011-04-07
Summary: Compromised customer login used to access names, addresses, phone numbers and Social Security numbers
Organizations: Unknown Organization, Merlin Information Services

Reported Date: 2011-03-30
Summary: Laptop stolen from contractor's car contained personal, health, and financial information of 1700 individuals seeking to adopt children 
Organizations: Trisha Elaine Cordova, Catholic Social Services

Reported Date: 2011-03-04
Summary: 20,744 patients' personal and account information, including some SSN, credit card numbers, and dental images, on stolen equipment
Organizations: Rape & Brooks Orthodontics, P.C., Luther T. Cale & W. Gregory Rape, Orthodontics, PC,  St. Clair Orthodontics, LLC ,  Luther T. Cale, DMD Orthodontics, PA

Reported Date: 2010-07-07
Summary: 937 patients' names and email addresses exposed in email error.
Organizations: Aramark Healthcare Support Services, Inc., Sinai Hospital of Baltimore, Inc.

Reported Date: 2010-07-06
Summary: 29,808 patients' protected health information, names and addresses were on a lost compact disc
Organizations: California Department of Healthcare Service, Care 1st Health Plan

Reported Date: 2010-06-09
Summary: 2,300 patients' names, dates of birth, Social Security numbers, medical information, and insurance information were laptop stolen from doctor's home.
Organizations: Nihal Saran, MD

Reported Date: 2010-05-22
Summary: 4,083 patients' names, dates of birth, and social security numbers were in a binder and clipboard that went missing from a file room.
Organizations: North Texas Health Care System (Veterans Administration)

Reported Date: 2010-03-11
Summary: Stolen flash drives contained 26,152 students' names, birthdates, health record location codes
Organizations: Washoe County School District

Reported Date: 2010-03-04
Summary: Current and former employees' names, addresses, and Social Security numbers on stolen laptop
Organizations: Franciscan Health System, Franciscan Medical Group

Reported Date: 2009-07-29
Summary: Employee information leaked via "Winny" P2P program
Organizations: Sumitomo Life Insurance

Reported Date: 2009-06-17
Summary: Financial and sensitive case notes on nine families applying for assistance on stolen laptop.
Organizations: Health Service Executive, Roscommon Primary/Community and Continuing Care Department

Reported Date: 2009-03-05
Summary: Documents were not shredded potentially leading to personal data exposure
Organizations: State Farm Insurance

Reported Date: 2008-07-20
Summary: Former employee accessed clients' personal data without authorization
Organizations: New York Life Insurance Co

Reported Date: 2006-10-20
Summary: Laptop stolen from faculty member while traveling in Spain contained names, university IDs and grades.
Organizations: University of Minnesota


Blotter Posts

Added: 2011-05-07
Title: Sony provides a $1 million insurance policy to PSN users

Added: 2011-05-06
Title: Feds probing multistate ID theft ring

Added: 2011-05-06
Title: News: 				 Stringer pledges $1m identity theft insurance policy

Added: 2011-05-05
Title: Woman gets 20 years in ID theft

Added: 2011-05-05
Title: Anonymous Faces Identity Dilemma Over Sony Hack

Added: 2011-05-05
Title: Hearing on The Threat of Data Theft to American Consumers

Added: 2011-05-05
Title: Kailua woman gets 20 years for ID theft, credit fraud

Added: 2011-05-05
Title: Obama ID protection plan may be best alternative to data theft

Added: 2011-05-04
Title: Sony breach prompts House data theft hearing

Added: 2011-05-04
Title: Lawmakers look to statute of limitations on ID theft

Added: 2011-05-03
Title: 'X Factor' Contestants Watch Out: Your Identity Might Get Stolen

Added: 2011-05-02
Title: City's computer disposal might pose data-theft risks

Added: 2011-05-02
Title: State’s offer of free credit monitoring services overdue

Added: 2011-05-02
Title: ID theft hits foster youths

Dataloss Mailing List (dataloss_at_private)

CREDANT Technologies, a leader in data security, offers advanced data 
encryption solutions. Protect sensitive data on desktops, laptops, 
smartphones and USB sticks transparently across your enterprise to 
ensure regulatory compliance. http://www.credant.com/stopdataloss

Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery 
Network, Cisco Switches, SAS 70 Type II Datacenter. 
Find peace of mind, Defend your Critical Infrastructure.
Received on Tue May 10 2011 - 00:32:40 PDT

This archive was generated by hypermail 2.2.0 : Tue May 10 2011 - 00:44:08 PDT