|
Date |
Article Title |
Publication |
Author |
Synopsis |
|
1/23/2012 |
State to probe RG&E, NYSEG data
breach |
Democrat and Chronicle |
Joseph Spector |
New York State Electric & Gas
and Rochester Gas and Electric
have announced that a consulting
firm hired by the utilities
allowed unauthorized access to
customer accounts. |
|
1/17/2012 |
Patient Data Theft Sends IT
Specialist To Jail |
Information Week |
Nicole Lewis |
After pleading guilty to charges
of hacking his former employer's
database, stealing patient data
and deleting it from the
company's system, Eric McNeal
was sentenced to 13 months in
prison, three years of
post-release supervision and 120
hours of community service. |
|
1/17/2012 |
Even Big Companies Cannot
Protect Their Data |
New York Times |
Nicole Perlroth |
The New York
Times
delves into the ongoing string
of online data breaches. |
|
1/17/2012 |
Zappos Data Breach Response:
Good Idea or Panic Mode? |
PC World |
Ellen Messmer |
Zappos' response to its recent
breach affecting 24 million
customers. |
|
1/13/2012 |
Data breach could affect 100,000
students |
MSNBC |
Associated Press |
The computer networks of a San
Francisco community college have
been infected with software
viruses that illegally
transmitted personal data from
students and employees overseas. |
|
1/6/2012 |
Spotsy schools respond to online
breach |
fredericksburg.com |
Pamela Gould |
As many as 4,289 individuals may
have had their personal
information compromised after it
was discovered that the
Spotsylvania County school
system's tax information was
accessible online. |
|
1/5/2012 |
Hackers' Threat to Publish
Symantec Source Code Not a
Reason to Worry |
eweek.com |
Fahmida Rashid |
A group of hackers claims it has
stolen the source code to
antivirus software company
Symantec's flagship product. |
|
1/3/2012 |
Attorney Charges Breach Of
Privacy In D-SNAP |
Hartford Courant |
Christopher Keating |
An attorney representing several
Connecticut state employees says
investigators made a "huge
breach of privacy" when they
released at least two subpoenas
listing dozens of names and
Social Security numbers. |
|
12/30/2011 |
Anonymous exposes 860K Stratfor
users (and 75K credit
card numbers) |
Venture Beat |
Jolie O'Dell |
The hacker collective Anonymous
has exposed the usernames,
e-mail addresses and passwords
of 860,000 users of the security
think tank Stratfor. |
|
12/29/2011 |
Hospital employee allegedly
makes fun of patient's medical
condition on Facebook; officials
investigating |
Daily News Los Angeles |
Susan Abram |
Three breaches involving the
sensitive personal and medical
information of thousands of
patients have been reported. |
|
12/28/2011 |
6
Worst Data Breaches Of 2011 |
Information Week |
Matthew J. Schwartz |
A report on the most significant
data breaches of 2011. |
|
12/21/2011 |
How hackers gave Subway a $3
million lesson in point-of-sale
security |
ArsTechnica |
Sean Gallagher |
Romanian hackers allegedly
infiltrated the point-of-sale
(POS) systems of hundreds of
small businesses, including more
than 150 Subway franchises. |
|
12/21/2011 |
Laptop Stolen, 1,500 Patients
Affected |
Health Data Management |
Joseph Goedert |
The University of Mississippi
Medical Center and the
Mississippi Department of Health
are notifying 1,400 patients
involved in a study that their
personal information was
compromised when a laptop was
stolen. |
|
12/20/2011 |
UCLA Hospitals Sued Over Patient
Data Breach |
law.com |
Amanda Bronstad |
A class-action lawsuit has been
filed against the University of
California at Los Angeles Health
System after a theft of medical
records and other personal
information on nearly 16,000
patients. |
|
12/16/2011 |
Data Breaches:
A Year in Review |
Privacy Rights Clearinghouse |
Privacy Rights Clearinghouse |
The Privacy Rights Clearinghouse
(PRC) has released its 2011
breach tracking report,
highlighting what it considers
the six most significant
breaches of the year. |
|
12/7/2011 |
Data Breach Hits 3.5 Million
Online Poker Players |
Security News Daily |
Matt Liebowitz |
A defunct gambling site
experienced a breach affecting
3.5 million members. |
|
12/3/2011 |
Contra Costa County warns of
patient privacy breach |
San Jose Mercury News |
Rick Hurd |
In California, Contra Costa
County officials have begun
notifying thousands of county
hospital patients that their
personal information was exposed
in a breach. |
|
11/23/2011 |
Sutter Health sued over theft of
computer containing patient data |
Sacramento Bee |
Darrell Smith |
A patient of Sutter Medical
Foundation has filed a
class-action lawsuit in
Sacramento Superior Court after
the personal information of more
than four million Sutter
patients was compromised in a
breach. |
|
11/18/2011 |
APEC committee alerted to
possible data breach |
Star Advertiser |
Dan Nakaso |
Personal details of certain APEC
committee members may have been
exposed in a data breach. |
|
11/17/2011 |
Sutter Medical Foundation
patients' privacy breached |
Scaramento Bee |
DV Smith |
The personal information of more
than four million patients of
the Sutter Medical Foundation
was compromised when a
password-protected but
unencrypted computer was stolen
from the foundation's offices in
October. |
|
11/17/2011 |
Theft of data on 4M patients
part of wider problem |
Boston Globe |
Don Thompson and Marcus Wohlsen |
A report on the scope of data
breaches in the healthcare
sector during the past two
years. |
|
11/11/2011 |
Hackers hit Steam gaming service
in latest data breach |
v3.co.uk |
Shaun Nichols |
Hackers have infiltrated the
systems of Valve--a games
developer--and accessed customer
data from the company's Steam
networking service. |
|
11/10/2011 |
Market spikes eurozone’s guns |
Financial Times |
Staff Writer |
"Having a good plan in place can
seriously reduce the costs
resulting from the breach as, in
these kinds of situations, the
longer things run without being
dealt with in the proper
fashion, the more costly it can
get." |
|
Confidential Patient Information
Found on Hard Drive |
Richmond Times-Dispatch |
Jeff Brush |
Breaches of healthcare and
student data have been reported
in three states. |
|
11/7/2011 |
Adidas websites go offline after
security breach |
The Inquirer |
Lawrence Latif |
Adidas has taken down some of
its websites after it learned of
a "sophisticated, criminal cyber
attack." |
|
10/27/2011 |
New Survey by the Ponemon
Institute Finds that Data
Breaches Can Cause Lasting and
Costly Damage to the Reputation
of Affected Organizations |
PR News Wire |
Ponemon Institute |
A recent survey has found that
it takes an organization
recovering from a data breach
one year to repair damage done
to its reputation. |
|
10/24/2011 |
Leak of Emory patient records
could affect thousands |
ajc.com |
David Ibata |
Georgia's Emory Healthcare has
notified 7,300 patients of a
data breach in which 32
patients' hospital bills were
taken, including their Social
Security numbers (SSNs), and
nine have become victim to
identity theft. |
|
10/19/2011 |
FBI Probes Sale Of Hospital
Patient Information |
WESH.com |
|
The FBI is investigating a
breach of patient records at
Florida Hospital. |
|
10/12/2011 |
Data Breach at Delaware Nemours
Facility Affects 1.6M Patients,
Employees |
Becker's Hospital Review |
Sabrina Rodak |
Nemours has reported the loss of
unencrypted computer backup
tapes containing information on
1.6 million patients and their
guarantors, vendors and
employees. |
|
10/12/2011 |
Sony halts 93,000 online
accounts after new breach |
Google |
Associated Press |
Sony announced that it has
locked 93,000 online network
user accounts because of an
unusual amount of sign-in
attempts from an unauthorized
user. |
|
10/5/2011 |
Patient Data Landed Online After
a Series of Missteps |
New York Times |
Kevin Sack |
A report on the causes of last
month's Stanford Hospital data
breach and how a "series of
missteps" often leads to major
data breaches. |
|
9/26/2011 |
What to Do if You've Been Hacked |
Wall Street Journal |
Ben Worthen |
The frequency and scale of
recent data breaches is causing
many companies to reevaluate
their data protection mechanisms
and question what to do in the
event of a cyberattack. |
|
9/22/2011 |
Man unknowingly buys medical
records |
Times Daily |
Hannah Mask |
A man intending to buy a storage
unit in Alabama inadvertently
purchased about 20 boxes of
personal medical records. |
|
9/22/2011 |
Alleged Hacker Arrested in Sony
Pictures Data Breach |
myFOXla.com |
City News |
An arrest has been made in the
Sony Pictures data breach case. |
|
9/21/2011 |
Data breaches affect 2m in Mass |
Boston Globe |
Hiawatha Bray |
The Office of the Attorney
General of Massachusetts has
released statistics detailing
the number of residents impacted
by data breaches over the past
18 months. |
|
9/16/2011 |
CT tax worker arrested in data
breach |
Hartford Business |
|
A Connecticut state employee
faces up to six years in prison
for breaching the privacy of
taxpayers. |
|
9/12/2011 |
Vending machine company
announces major data breach |
Computerworld |
Jaikumar Vijayan |
A vending machine company has
announced that a hacker accessed
its point-of-sale systems,
exposing the payment card data
of waterpark visitors in
Tennessee and Wisconsin. |
|
9/9/2011 |
IU medical school warns of
possible data breach |
Chicago Tribune |
Associated Press |
The Indiana University School of
Medicine says the theft of a
physician's laptop may have
resulted in the loss of 3,000
patients' confidential
information. |
|
9/8/2011 |
Patient Data Posted Online in
Major Breach of Privacy |
New York Times |
Kevin Sack |
Stanford University's hospital
has confirmed that the records
of 20,000 emergency room
patients were available online
for almost a year. |
|
9/7/2011 |
GlobalSign stops secure
certificates after hack claim |
BBC News |
|
A security company has suspended
issuing authentication
certificates for secure websites
in response to claims that an
unauthorized individual accessed
the company's servers. |
|
9/6/2011 |
Data breaches cost organizations
a staggering $156.7 billion over
six years |
InfoSecurity.com |
|
A recent study found that from
2005 through 2010, data breaches
cost companies $156.7 billion
dollars. |
|
8/31/2011 |
Hackers may have stolen over 200
SSL certificates |
Computerworld |
Gregg Keizer |
Targeted attacks have affected
two U.S.-based agencies and a
Dutch company, reports indicate. |
|
8/29/2011 |
Nokia Hacked: Forum Suspended
After Data Breach |
Wall Street Journal |
Ben Rooney |
Nokia says its developer forum
website has been hacked,
requiring it to shut down the
site until "further
investigations and security
assessments" have been
completed. |
|
8/29/2011 |
Facial Biometrics Pose Privacy
Woes |
GovInfo Security |
Eric Chabrow |
Beth Givens, founder and
director of the Privacy Rights
Clearinghouse, says that
breaches of facial biometric
data are a major concern and
that IT security managers need
to encrypt the information to
protect an individual's right to
privacy. |
|
8/27/2011 |
Former justice arrested after
FBI probe |
Buffalo News |
Dan Herbeck |
Authorities have arrested a
former justice for the Village
of Depew, NY, in connection with
illegal disposal of medical
records. |
|
8/25/2011 |
Maine admits to data breach of
voter registration system |
InfoSecurity.com |
|
Maine Secretary of State Charlie
Summers has announced that
malware infected a computer
belonging to a town office,
potentially compromising the
personal information of close to
one million voters. |
|
8/25/2011 |
RBS breach of email security
policy exposes staff pay rates |
searchsecurity.com |
Ron Condon |
The pay rates of 3,000 contract
staff were exposed when a staff
member at the employment agency
Hays e-mailed 800 RBS employees
with the details. |
|
8/22/2011 |
Yale warns 43,000 about
10-month-long data breach |
Computerworld |
Jaikumar Vijayan |
Yale University says a 2010
change in the way Google indexed
and located FTP servers led to
the exposure of sensitive data
on 43,000 individuals. |
|
8/22/2011 |
NYU Langone Medical Center's
Hospital for Joint Diseases
Notifies Patients Of Potential
Data Breach |
med.nyu.edu |
|
In three separate incidents,
medical clinics have informed
patients that their data was
either accessed by unauthorized
individuals or inappropriately
discarded. |
|
8/17/2011 |
AT&T sues two over scheme to
steal customer data |
SC Magazine |
Angela Moscarlito |
AT&T is suing two Utah residents
for allegedly enacting a
data-mining scheme that gleaned
information from the company's
customer database during a
five-year period. |
|
8/16/2011 |
Purdue warns ex-students of data
breach |
jconline.com |
|
Social Security numbers of more
than 7,000 former Purdue
University students may have
been compromised last year when
one of the school's servers was
breached by an unauthorized
user. |
|
8/11/2011 |
University of Wisconsin Malware
May Have Exposed Student, Staff
Data |
Security News Daily |
Matt Liebowitz |
The University of
Wisconsin-Milwaukee has
announced that the personal
information of 75,000 students,
alumni and staff may have been
exposed as a result of malware
discovered on a university
server on June 30. |
|
8/10/2011 |
Cisco report sheds light on
advanced persistent threat trend |
silicon.com |
Gordon Smith |
In its latest global threat
report, Cisco has found that
data breaches have been
"seemingly nonstop" in 2011,
with unique instances of malware
more than doubling. |
|
8/9/2011 |
Companies Lose $2.5 Million from
Missing Memory Sticks, Study
Says |
PC World |
John P. Mello Jr. |
Lost memory sticks holding
sensitive data can be
detrimental to a company's
bottom line. |
|
8/6/2011 |
'Anonymous' Hacks U.S. Law
Enforcement Sites, Steals Data |
Huffington Post |
Raphael G. Satter |
A report on the theft of data
from approximately 70 law
enforcement websites across the
U.S. |
|
8/5/2011 |
Brigham and Women’s discloses
patient data breach |
Boston Herald |
Staff Writer |
Beth Israel Deaconess Medical
Center is notifying more than
2,000 patients of a data breach
that occurred when a vendor
performing computer maintenance
did not restore security
controls to a hospital computer. |
|
8/1/2011 |
WellPoint reaches tentative
accord in data breach suit |
American Medical News |
Pamela Lewis Dolan |
WellPoint has reached a
preliminary settlement in a
class-action lawsuit involving
the exposure of 600,000 health
applicants' sensitive data. |
|
AG Fines Belmont Savings $7.5K
for ID Breach |
Belmont Patch |
Franklin Tucker |
Massachusetts Attorney General
Martha Coakley has imposed a
$7,500 fine on a bank for
failing to protect customer
data. |
|
7/25/2011 |
Ten steps every organization
should take to address global
data security breach
notification requirements |
IAPP |
Brian Hengesbaugh |
As data security breach
notification requirements become
more widespread on a global
scale, businesses are at greater
risk for brand damage, customer
loss and regulatory scrutiny. |
|
7/22/2011 |
Ponemon study: Cyber attacks
more frequent, severe |
Network World |
Tim Greene |
A Ponemon Institute study has
found that 90 percent of
businesses experienced a data
breach in the past year, and
attacks were more severe and
difficult to prevent. |
|
7/20/2011 |
Toshiba cops to data breach
potentially affecting 7,520 US
customers |
InfoSecurity.com |
|
A server containing the personal
information of approximately
7,520 Toshiba customers has been
compromised by hackers. |
|
7/18/2011 |
Beth Israel reports potential
data breach |
Boston Globe |
Hiawatha Bray |
Beth Israel Deaconess Medical
Center is notifying more than
2,000 patients of a potential
data breach involving their
personal information. |
|
7/18/2011 |
Government scolded for data
breach notification delays |
NextGov |
Aliya Silverstein |
The Treasury Inspector General
for Tax Administration has
criticized the IRS for not
notifying taxpayers quickly
enough when their personal
information had been
compromised. |
|
7/14/2011 |
Hackers Gained Access to
Sensitive Military Files |
New York Times |
Thom Shanker and Elizabeth
Bumiller |
Deputy Defense Secretary William
Lynn has announced that a
foreign intelligence service
accessed 24,000 Pentagon files
by hacking into an unnamed
government contractor in March. |
|
7/11/2011 |
Anonymous Hackers Breach Booz
Allen Hamilton, Dump 90,000
Military Email Addresses |
Forbes |
Andy Greenberg |
The hacker group Anonymous
claims to have released the
e-mail addresses and encrypted
passwords of 90,000 military
personnel that it accessed
through a defense contractor's
server. |
|
7/7/2011 |
Combs names chief privacy
officer |
KXAN.com |
|
After experiencing a breach that
exposed the sensitive data of
3.5 million Texans, the state
comptroller's office has hired a
chief privacy officer. |
|
7/6/2011 |
Washington Post says job seeker
data was breached |
cnetnews.com |
Elinor Mills |
Hackers accessed an employment
website last week, exposing the
user IDs and e-mail addresses of
about 1.27 million job seekers. |
|
7/5/2011 |
Ind. AG: WellPoint to pay $100K
over data breach |
Google |
Associated Press |
Indiana Attorney General Greg
Zoeller announced that an
Indiana-based insurer will pay a
$100,000 fine and take other
steps for waiting months to
notify 32,000 customers of a
data breach. |
|
7/5/2011 |
Report: Morgan Stanley warns
34,000 clients of data breach |
cnetnews.com |
Elinor Mills |
Two CD-ROMs containing the
personal information of
approximately 34,000 Morgan
Stanley Smith Barney customers
have gone missing. |
|
7/3/2011 |
Mass. data breaches strike 5
million |
Boston Herald |
Greg Turner |
Barbara Anthony of the
Massachusetts Office of Consumer
Affairs and Business Regulation
highlights the number of data
breaches the state has been
notified of since its reporting
law was passed almost four years
ago. |
|
7/1/2011 |
New theory of harm in data
breach cases |
IAPP |
Andrew Clearwater |
Plaintiffs in data breach claims
have been unsuccessful in
convincing courts that they have
suffered harms as a result of a
breach, but "a new theory that
claims a property right in
personal information has
recently been tried." |
|
6/28/2011 |
Data breach victims more likely
to be fraud targets: Study |
Reuters |
|
Victims of a data breach are
more than four times as likely
to become victims of fraud than
other consumers, Reuters
reports. |
|
6/27/2011 |
California agency suffers second
major data breach in six months |
InfoSecurity.com |
|
The California Department of
Public Health (CDPH) has been
breached for the second time in
six months. |
|
6/27/2011 |
Preparation for hacker attacks
helps in protecting, insuring
firms |
Business Insurance |
Rodd Zolkos |
A report on the growing concern
businesses have in the face of
increased hacker attacks and
cybersecurity risks. |
|
6/24/2011 |
Citigroup did little to assist
victims of privacy breach,
critics say |
Globe and Mail |
Maria Aspan and Ross Kerber |
Citigroup's handling of its
recent data breach is drawing
criticism. |
|
6/24/2011 |
Sony laid off employees before
data breach- lawsuit |
Reuters |
Dan Levine |
A lawsuit was filed in a U.S.
District Court against Sony
alleging the company knew it was
at a high risk of being attacked
by hackers because it had
previously sustained smaller
breaches. |
|
6/23/2011 |
NATO Reports 'Probable Data
Breach' to One of Its Websites |
TIME |
Doug Aamoth |
The North Atlantic Treaty
Organization (NATO) has released
a statement announcing that a
NATO-related website, operated
by a third party, has been
compromised. |
|
6/22/2011 |
Citi Breach Builds Momentum for
Federal Data Security Standards |
Insurance Networking |
Kate Davidson |
Recent high-profile data
breaches are building momentum
for a national standard for
breach notification. |
|
6/19/2011 |
Sega says 1.3 million users
affected by cyber attack |
Reuters |
Yoko Kubota |
A recent rash of cyberattacks
continues, this time affecting
1.3 million members of Sega's
online video game network, Sega
Pass. |
|
6/17/2011 |
Firms Adjust to Hacks |
Wall Street Journal |
Ben Worthen and Anton Troinovski |
A report on the shift companies
are taking in response to data
breaches. |
|
6/14/2011 |
Citigroup Is Asked for
Data-Breach Details by
Connecticut Attorney General |
Bloomberg |
Karen Freifeld and Donal Griffin |
Connecticut Attorney General
George Jepsen has written a
letter to Citigroup's CEO and
general counsel asking for more
information about its recent
data breach. |
|
6/14/2011 |
Recent hacker attacks have more
companies eyeing cyber risk
coverage |
Business Insurance |
Reuters |
The "cyberinsurance" industry is
experiencing an up-tick in
business with recent
high-profile breaches driving
companies' desire to protect
themselves from spending
potentially millions of dollars
on breach-related costs. |
|
6/11/2011 |
Employees' info exposed in
another state data breach |
KCENTV.com |
|
The personal information of
approximately 4,900 Texas state
employees may have been released
to the public. |
|
6/9/2011 |
Citi Says Credit Card Customers’
Data Was Hacked |
New York Times |
Chris V. Nicholson and Eric Dash |
Citigroup has announced that
about one percent of its North
American credit card customer
data was exposed when hackers
breached its security. |
|
6/8/2011 |
SEC Says Companies Should
Disclose Cyber Attacks in
Filings |
Bloomberg |
Kelly Riddell |
In a letter to Senate Commerce
Committee Chairman Jay
Rockefeller (D-WV), the U.S.
Securities and Exchange
Commission (SEC) said that
publicly traded companies should
notify investors about cyber
attacks that present a "specific
and material risk." |
|
6/7/2011 |
Fed sees slow growth but no
double-dip |
Financial Times |
|
A report on lessons that should
be gleaned from data breaches
that have affected several large
companies. |
|
6/7/2011 |
RSA Faces Angry Users After
Breach |
New York Times |
Nelson D. Schwarts and
Christopher Drew |
Industry experts say RSA
Security's admission--after a
hacking attack in March--that
its SecurID tokens are
vulnerable came too late. |
|
6/6/2011 |
HIPAA Violation Charged in
Records Theft |
Gov Info Security |
Howard Anderson |
An Alabama woman has been
charged with a HIPAA violation
after allegedly stealing the
personal information of 4,500
Trinity Medical Center patients. |
|
6/5/2011 |
Nintendo Is Hit by Hackers, but
Breach Is Deemed Minor |
New York Times |
Hiroko Tabuchi |
Nintendo announced that one of
its affiliate servers in the
U.S. was illegally accessed "a
few weeks ago." |
|
6/2/2011 |
Hacker Group Claims
Responsibility for New Sony
Break-In |
New York Times |
Riva Richmond |
A report on a hacker group that
has claimed it breached
SonyPictures.com, accessing the
personal information of
approximately one million
customers. |
|
5/31/2011 |
Lockheed Martin investigates
possible link between cyber
attack and RSA data breach |
Computer Weekly |
Warwick Ashford |
A U.S. defense contractor has
announced it has improved remote
access security following a
breach that disrupted its
computer networks. |
|
5/27/2011 |
Personal data compromised for
4,000 at San Juan school
district |
Sacramento Bee |
Diana Lambert |
The personal
information--including Social
Security numbers--of 4,000
employees at a California school
district has been compromised. |
|
5/26/2011 |
Insider data breach costs Bank
of America over $10 million,
says Secret Service |
InfoSecurity.com |
|
The FBI and Secret Service have
arrested 95 suspects in a data
breach involving Bank of
America. |
|
5/24/2011 |
Sony Discovers Data Breach in
Greece |
Wall Street Journal |
Juro Osawa |
Sony has announced that it has
found a data breach in one of
its Sony Music Entertainment
Greece units. |
|
5/23/2011 |
Small firms learn size doesn't
matter to hackers |
Los Angeles Times |
Cyndia Zwahlen |
Small firms that think they are
not a target for hackers should
think again. |
|
5/20/2011 |
Sony Subsidiary's User Accounts
Hacked |
Wall Street Journal |
Daisuke Wakabayashi
|
So-net Entertainment Corp., a
Sony subsidiary, has announced
that a hacker accessed its
customer rewards site and stole
gift points worth approximately
$1,225. |
|
5/19/2011 |
Data breach affects about 4,000
SEC workers |
Los Angeles Times |
Shan Li |
The Securities and Exchange
Commission has notified about
4,000 agency employees that
their Social Security numbers
and other payroll information
were included in an unencrypted
e-mail. |
|
5/18/2011 |
Virus puts state’s unemployed
residents at risk |
Boston Herald |
Greg Turner |
Hackers installed a virus that
corrupted about 1,500 computers
in the Massachusetts
unemployment system,
compromising the personal data
of as many as 210,000
out-of-work residents of the
state. |
|
5/18/2011 |
Sony finds another security
flaw, shutters site |
Reuters |
Liana B. Baker |
Sony has shut down a website
that was designed to help those
affected by their data breaches. |
|
5/17/2011 |
Sony Faces More Questions From
U.S. Lawmakers About Data Breach |
Bloomberg |
Eric Engleman |
Reps. Mary Bono Mack (R-CA) and
G.K. Butterfield (D-NC) sent a
letter to Sony requesting more
information about last month's
data breaches that affected
approximately 100 million users. |
|
5/12/2011 |
Michaels Customers Warned To Be
On Lookout |
WCVB TV |
Associated Press |
Michaels Stores, Inc., has
announced that approximately 90
PIN pads in at least 20 U.S.
states have shown "signs of
tampering." |
|
5/12/2011 |
Lawyers take aim at Sony hack |
Globe and Mail |
Dan Levine |
Sony faces at least 25 lawsuits
in U.S. federal courts that stem
from recently reported data
breaches. |
|
5/9/2011 |
As Sony Counts Hacking Costs,
Analysts See Billion-Dollar
Repair Bill |
Wall Street Journal |
Juro Osawa |
A report on the financial impact
on Sony after the data breaches. |
|
5/5/2011 |
Sony's insurers to help foot
bill for data breach |
Reuters |
Liana B. Baker and Jim Finkle |
Reuters reports that Sony may be
looking to its insurers to help
pay for costs resulting from
last month's data breaches. |
|
5/5/2011 |
LastPass warns of possible data
breach |
SC Magazine |
Darren Paul |
Online password manager LastPass
has warned users of a potential
data breach and is asking
customers to alter their master
passwords. |
|
5/4/2011 |
X
Factor contestants warned after
250,000 data breach |
TechWorld |
John E. Dunn |
A report on a television show's
data breach resulting in the
loss of 250,000 individuals'
personal information. |
|
5/4/2011 |
New laws urged on Sony data
breach |
Financial Times |
Joseph Menn |
In response to Sony's recent
data breaches, U.S. lawmakers
are pressing for legislation
that would set up national
standards in cases of data
breaches. |
|
5/3/2011 |
Senator Presses Sony on Theft of
Customer Data |
New York Times |
Nick Bilton |
Reaction from the data breaches
of Sony's PlayStation Network
and its Online Entertainment
service continue. |
|
5/2/2011 |
Sony hit by second security
breach by hackers |
Washington Post |
Hayley Tsukayama |
Sony has been hit by a second
data breach that may affect up
to 24.6 million users. |
|
5/1/2011 |
A
Contrite Sony Vows Tighter
Security |
Wall Street Journal |
Daisuke Wakabayashi
|
Sony apologized for the security
breach that may have affected up
to 77 million users and
announced it will create a new
chief information security
officer position to oversee
consumer data protection. |
|
4/29/2011 |
Texas comptroller takes blame
for major breach |
Computerworld |
Jaikumar Vijayan |
A report that Texas Comptroller
Susan Combs has, in a statement,
apologized for her office's
recent data breach, saying she
takes "full responsibility for
it." |
|
4/28/2011 |
Sony sued for PlayStation
Network data breach |
cnetnews.com |
Erica Ogg |
A lawsuit has been filed against
Sony for not taking "reasonable
care to protect, encrypt and
secure the private and sensitive
data of its users." |
|
4/28/2011 |
Analysis: What's so special
about Sony's massive data
breach? |
Reuters |
John Finkle |
Reuters analyzes the extent and
scope of the recent breach of
Sony's PlayStation Network,
which has "earned a place in the
annals of Internet crime." |
|
4/28/2011 |
Yankees Detail Ticket Holder
Data Breach |
The Street |
Michael Baron |
An employee for the New York
Yankees sent an e-mail to
"several hundred" season ticket
holders with an attached
spreadsheet containing their
personal information of all
recipients. |
|
4/27/2011 |
Holding Companies Accountable
for Privacy Breaches |
New York Times |
Nick Bilton |
There seem to be few
repercussions for companies that
lose customers' sensitive data,
opines Nick Bilton. |
|
4/26/2011 |
Sony tells customers their
personal data might be at risk |
The Hill |
Gautham Nagesh |
Sony started warning customers
that its Sony PlayStation
Network was breached sometime
between April 17 and 19 by an
"external intruder," potentially
affecting 77 million users. |
|
4/26/2011 |
Texas Spends $1.8 Million on
Data Breach As Lawsuits Loom |
eweek.com |
Fahmida Y. Rashid |
A recent data breach at the
Texas Comptroller's Office has
resulted in the firing of four
employees and more than $1.8
million spent on notifications,
a call center and consultants to
assess damages and improve
security--and lawsuits may be on
the horizon. |
|
4/19/2011 |
Data Loss Plummets, Verizon
Report Finds |
Information Week |
Thomas Claburn |
Verizon Business will release
its 2011 Data Breach
Investigations Report, outlining
findings from almost 800 data
breach incidents in 2010. |
|
4/19/2011 |
Data thieves target smaller prey |
SC Magazine |
Liz Tay |
A report on Verizon Business's
recently released 2011 Data
Breach Investigations report
that shows data thieves are
targeting "smaller, softer and
less reactive" businesses, such
as retail and hospitality
companies. |
|
4/18/2011 |
Glaxo Warns Consumers' Email
Addresses, Names Were
Compromised |
Austin Business Journal |
Jeanne Whalen |
The Texas Office of the
Comptroller announced that
citizens affected by its recent
breach have been receiving
fraudulent phone calls. |
|
4/14/2011 |
Comptroller losing cover for
data breach |
Postcards |
|
After Texas Comptroller Susan
Combs announced a breach at her
office that left 3.5 million
Texans' data available on the
Internet for about a year, Combs
and her spokesman raised issue
with the offices that sent them
the data. |
|
4/14/2011 |
WordPress.com Data Breach Puts
Millions of Bloggers at Risk |
Security News Daily |
Paul Wagenseil |
A host site for more than 19
million blogs has announced a
data breach. |
|
4/13/2011 |
Fairview-Southdale missing
records for 1,200 patients |
Minnesota Public Radio |
Elizabeth Stawicki |
The health information of
approximately 133,000
individuals might have been
compromised after the theft of a
department laptop and 50 paper
files. |
|
4/12/2011 |
3.5 million Texans' data
compromised online |
statesman.com |
Kate Alexander |
Texas Comptroller Susan Combs
announced that human error
resulted in confidential data on
3.5 million Texans ending up
accessible online for about a
year. |
|
4/12/2011 |
Data breach notification
fatigue: Do consumers
(eventually) tune out? |
CSO |
George Hulme |
The Texas Attorney General's
Office is investigating a breach
by the comptroller's department
that may be the largest in the
state's history, exposing the
personal data of 3.5 million
individuals. |
|
4/11/2011 |
'Minimal' financial impact of
massive data breach could reach
$100M |
IT World |
Kevin Fogarty |
Kevin Fogarty explores the
financial repercussions of
Alliance Data Systems subsidiary
Epsilon's data breach, stating
that it could cost the company
more than $100 million--mostly
due to lost sales. |
|
4/9/2011 |
Patient data stolen from
Philadelphia's Family Planning
Council |
eSecurity Planet |
Robert Moran |
A former chief pilot at US
Airways handed over names,
addresses, Social Security
numbers and possibly the
passport information of 3,000 of
the airline's pilots to a
third-party pilot group in 2009. |
|
4/7/2011 |
Servers breached at Fortune 100
company |
Help Net Security |
Zeljka Zorz |
Hartford Financial Services
Group has announced that its
servers were breached by
password-stealing Trojans,
affecting about 300
people--mostly employees and
contractors of the company. |
|
4/6/2011 |
Epsilon Data Breach Highlights
Cloud-Computing Security
Concerns |
eweek.com |
Fahmida Y. Rashid |
As Alliance Data Systems
apologizes and works to rebuild
its clients' trust, the fallout
from last week's Epsilon data
breach continues. |
|
4/6/2011 |
House Lawmakers Want Info About
Data Breach |
National Journal |
Juliana Gruenwald |
The House Subcommittee on
Commerce, Manufacturing and
Trade wrote to e-mail marketing
company Epsilon giving it an
April 18 deadline for delivering
information on the company's
recent data breach. |
|
4/5/2011 |
MidState Medical Center informs
93,500 patients of data breach |
Hartford Business |
Greg Bordonaro |
Connecticut's MidState Medical
Center is now on the growing
list of medical centers that
have reported a data loss. |
|
4/4/2011 |
After Breach, Companies Warn of
E-Mail Fraud |
New York Times |
Miguel Helft |
Privacy experts say a
large-scale data breach at
e-mail marketer Epsilon has put
millions at greater risk of
being scammed through phishing
attempts. |
|
4/2/2011 |
Massive Breach at Epsilon
Compromises Customer Lists of
Major Brands |
Security Week |
Mike Lennon |
The world's largest provider of
permission-based e-mail
marketing, Epsilon, has
announced that a hacker gained
access to some of its files,
exposing multiple companies'
consumer data. |
|
4/1/2011 |
Oklahoma Health System Loses PC
Holding Personal Data of 84,000
Patients |
eweek.com |
Brian T. Horowitz |
The Saint Francis Health System
in Tulsa, OK, has announced the
theft of a PC containing
personal information for 84,000
patients. |
|
3/31/2011 |
Health clinic investigating
possible leak of porn actors'
personal information |
Los Angeles Times |
|
Officials at a California clinic
that caters to performers say
they are investigating the
possibility of a criminal breach
of patient information. |
|
3/30/2011 |
Clarksburg VA Medical Center
patient list left in car for
months, but not to worry, VA
says |
Office of Inadequate Security |
Admin |
Human error and theft have left
thousands of personal records
vulnerable to inappropriate
access across the U.S.
Washington's Wenatchee Valley
College accidentally included
3,800 former students' Social
Security numbers (SSNs) in
records sent to a local law firm
in response to a public records
request. |
|
3/30/2011 |
BP Spills Personal Data Of
13,000 Oil Leak Victims |
eweek.com |
Sophie Curtis |
A BP employee lost an
unencrypted laptop containing
the personal information of
13,000 people who filed
compensation claims after the
Gulf of Mexico oil spill. |
|
3/30/2011 |
Tech-Expert Group Gets Hacked |
Security News Daily |
Matt Liebowitz |
A laptop stolen from the Rancho
Los Amigos Rehabilitation center
contained personal health
information on 667 patients who
received electromyography tests. |
|
3/28/2011 |
Most Companies Keeping Mum On
Data Breaches |
Huffington Post |
Amy Lee |
The results of a recent study by
cybersecurity vendor McAfee
indicate that six in 10
companies pick and choose which
data breaches to report and half
of those that have experienced a
breach make changes to fix and
protect their systems from
future breaches. |
|
3/27/2011 |
Maine, Play.com, GSN Customers
Hit by Third-Party Data Breach |
eweek.com |
Fahmida Y. Rashid |
Hackers gained access to
consumer data through
third-party service providers in
three recent breaches affecting
the Maine Bureau of Parks and
Lands, Play.com and Game Show
Network members. |
|
3/25/2011 |
Computer files lost at Maryville |
Chicago Tribune |
Staff Report |
The Maryville Academy, a social
service agency in Illinois that
cares for abused children, has
announced that computer files
containing the personal
information of 3,900 children
Maryville has served have either
been misplaced or stolen. |
|
3/24/2011 |
TripAdvisor: E-mail addresses
stolen in data breach |
cnetnews.com |
Elinor Mills |
A travel Web site is alerting
customers that their personal
information may have been
breached. |
|
3/24/2011 |
Data breach may have exposed
park passholders |
WCSH News |
News Center |
Individuals who purchased their
Maine State Parks passes online
last year may have had their
credit card information
breached. |
|
3/22/2011 |
SecurID Customers Advised To
Prepare For Worst Case |
Information Week |
Matthew J. Schwartz |
Experts say that those affected
by the breach last week at a
company that provides computer
security products to a number of
corporations and governments
should brace themselves for the
worst case scenario. |
|
3/22/2011 |
SSNs of Laredo ISD Students
Missing In Data Breach |
Texas Tribune |
Morgan Smith and Julian Aquilar |
A disk containing the Social
Security numbers of 24,903
students in a Texas school
district has gone missing. |
|
3/17/2011 |
SecurID Company Suffers a Breach
of Data Security |
New York Times |
John Markoff |
A company that provides computer
security products to a number of
corporations and governments
says it has suffered a
sophisticated data breach that
could potentially compromise
those products. |
|
3/10/2011 |
UMass Amherst Data Breach
Affects 942 Patients |
Becker's Hospital Review |
Jamie Oh |
A malware program infected a
University of Massachusetts
Amherst Health Services
workstation from June through
October of last year, possibly
exposing personal data of some
of its patients. |
|
3/9/2011 |
University Data Breaches
Underscore Need for Employee
Security Training |
eweek.com |
Fahmida Y. Rashid |
Recent breaches at universities,
while unrelated, underscore the
need for educating employees on
the dangers of misplacing
organizational data. |
|
3/8/2011 |
Data Breach Costs Continue
Climbing |
Information Week |
Thomas Claburn |
The cost of a data breach for a
U.S. company continues to rise,
reaching $7.2 million in 2010,
an increase of nine percent from
the previous year. |
|
3/5/2011 |
Blue Cross and Blue Shield of
Florida Corrects and Alerts
Customers of System Error
Resulting in Some Member
Information Being Sent to
Incorrect Addresses |
Sacramento Bee |
BCBSFL |
Blue Cross and Blue Shield of
Florida (BCBSF) has alerted
about 7,400 of its members that
for three months it has been
mailing explanation of benefits
forms to old addresses. |
|
3/4/2011 |
300,000 clients of umbilical
cord blood bank at risk of ID
theft |
Network World |
Paul McNamara |
Cord Blood Registry (CBR), the
world's largest stem cell bank,
has notified about 300,000
people that their data may have
been have been exposed when
storage tapes and a laptop were
stolen from an employee's locked
car last December. |
|
3/4/2011 |
Thousands of Alaska Students'
Personal Information
Accidentally Released |
KTUU.com |
Jason Lamb |
The University of South Carolina
has notified 31,000 current and
former faculty, staff and
students throughout its eight
campuses about a breach that
exposed their personal
information--including Social
Security numbers (SSNs). |
|
3/1/2011 |
HBGary Federal CEO Aaron Barr
Quits Due to Anonymous Attack |
eweek.com |
Fahmida Y. Rashid |
Three weeks after the
"hacktivist" group Anonymous
breached HBGary Federal's
servers, the company's CEO has
resigned. |
|
3/1/2011 |
Insurance company punished for
improper disposal of documents |
WREX News |
|
A report on the Office of the
State of Illinois Director of
Insurance's decision to fine an
insurance company for its
improper disposal of private
insurance documents. |
|
2/25/2011 |
Lost device compromises medical
information of 2,777 patients |
Detroit Free Press |
Robin Erb |
The Henry Ford Health System
reported that an unencrypted
flash drive containing patient
data was lost on January 31. |
|
2/17/2011 |
Lincoln National fined $600K for
lax data security |
BusinessWeek |
Daniel Wagner |
The Financial Industry
Regulatory Authority (FINRA) has
reached an agreement with
Lincoln Financial Securities
Inc. |
|
2/16/2011 |
CAMC acknowledges patient data
vulnerability |
TMCnet.com |
|
West Virginia's Attorney
General's Office (AG) is
assisting the Charleston Area
Medical Center (CAMC) in
informing patients of a
vulnerability on one of its
servers. |
|
2/15/2011 |
Letters expose Social Security
numbers of child care providers |
Chronicle-Telegram |
Associated Press |
A company hired by the Ohio
Department of Job and Family
Services mailed 8,000 letters to
day care providers with member
numbers--which in some cases are
the providers' Social Security
numbers--printed on the outside
of the envelopes. |
|
2/15/2011 |
Maine State Police Investigate
Credit and Debit Card Data
Breach |
MPBN.net |
|
Investigators have determined
that hackers from outside the
company accessed the payment
card data of Day's Jewelers
customers. |
|
2/14/2011 |
Senate Judiciary names Franken
head of new privacy, tech
subcommittee |
Washington Post |
Cecilia Kang |
Sen. Al Franken (D-MN) has been
selected to chair the new Senate
Judiciary Subcommittee for
Privacy, Technology and the Law. |
|
2/12/2011 |
Data Are Stolen From Hospitals |
Wall Street Journal |
Joseph DeAvila |
Confidential information on
about 1.7 million New York City
hospital patients and employees
dating back as far as 20 years
was stolen in December. |
|
2/10/2011 |
Some eHarmony user information
stolen |
cnetnews.com |
Steven Musil |
The online dating site eHarmony
has announced that a hacker used
a vulnerability to access the
usernames, e-mail addresses and
passwords of users of its
informational site eHarmony
Advice. |
|
2/9/2011 |
Oregon Prisons Hit by Worker
Info Breach |
KTVZ.com |
|
The Oregon Department of
Corrections (DOC) announced that
a non-employee had access to a
thumb drive that may have
contained the payroll
information of up to 550
staffers from at least three
correctional facilities. |
|
2/8/2011 |
San Francisco Reports Data
Breach Affecting Medi-Cal
Beneficiaries |
CaliforniaHealthline |
|
A data breach at California's
Medicaid program has affected
about 2,400 beneficiaries. |
|
2/7/2011 |
Nasdaq admits security breach,
denies data access by hackers |
Business Banking Review |
Staff Writer |
Nasdaq OMX Group says it found
suspicious files on its U.S.
computer servers. |
|
2/7/2011 |
Union: Iowa hospital worker
denies records breach |
Washington Post |
Ryan J Foley |
One of the University of Iowa
Hospitals and Clinics employees
fired for breaching football
players' medical records says
she did nothing wrong. |
|
2/3/2011 |
Iowa hospital fires three after
privacy breach involving players |
MSNBC |
Ben Kercheval |
The University of Iowa Hospitals
and Clinics will fire three
employees following an
investigation into a data breach
involving inappropriate access
to 13 athletes' medical records. |
|
2/2/2011 |
Private UW medical records sold
at surplus store |
KING 5 News |
Allen Schauffler |
A report on private medical
records one customer found
inside furniture sold at a
surplus store. |
|
1/26/2011 |
DHHS Alerts Clients of Missing
Records |
WNCT |
George Crocker |
The North Carolina Department of
Health and Human Services (DHHS)
has announced that they may have
thrown out computer disks
containing personal information
during an office renovation. |
|
1/24/2011 |
Trapster.com hacked, leaving
millions of smartphone users
exposed |
SC Magazine |
Dan Raywood |
A mobile application developer
has warned of a data breach that
could affect up to 10 million
users. |
|
1/24/2011 |
Students' Personal Data Posted
Online |
WCVB TV |
|
Two educational institutions are
informing those potentially
affected by data breaches. |
|
1/18/2011 |
Two Are Charged With Fraud in
iPad Security Breach |
New York Times |
Nick Bilton and Jenna Wortham |
Federal prosecutors have charged
two men with fraud and
conspiracy in obtaining and
distributing the e-mail
addresses of 114,000 iPad 3G
owners. |
|
1/17/2011 |
Hacker breaches security at
Pentagon Federal Credit Union |
Washington Post |
Lisa Rein |
Hackers breached a Pentagon
Federal Credit Union (PenFed)
laptop, exposing the personal
and banking information of an
undisclosed number of
active-duty military personnel
and others connected to the
Pentagon. |
|
1/17/2011 |
Agency: Records of employees may
have been breached |
Aiken Standard |
Associated Press |
South Carolina officials have
notified those covered by the
state's insurance program that
their personal information may
have been breached. |
|
1/12/2011 |
UConn reports data breach of
online retail site |
Network World |
John Cox |
The University of Connecticut
has notified customers of its
Husky-branded online sports
store that their billing and
payment information may have
been exposed when its database
was hacked. |
|
1/7/2011 |
Report: Military and government
data breached 104 times in 2010 |
NextGov |
Brian Kalish |
An Identity Theft Resource
Center study that showed 15.7
percent of the 662 data breaches
reported last year involved
military and government
agencies. |
|
1/7/2011 |
Report: Military and government
data breached 104 times in 2010 |
NextGov |
Brian Kalish |
The University of Maine System
(UMS) and the University of
Hawaii (UH) are taking steps to
secure data after breaches
affected thousands at their
campuses last year. |
|
1/6/2011 |
Infected Laptop Leads to Data
Breach at Pentagon Federal
Credit Union |
Softpedia |
L. Constantin |
The Pentagon Federal Credit
Union (PenFed) is notifying
customers that a malware attack
penetrated a database which
contains current and former
members' names, addresses,
Social Security numbers, payment
card numbers and more. |
|
1/4/2011 |
US racked up 662 reported data
breaches in 2010 |
InfoSecurity.com |
|
The Identity Theft Resource
Center (ITRC) has revealed that
662 data breaches were reported
in the U.S. in 2010, up about 33
percent from 2009. |
|
1/3/2011 |
Personnel records found dumped
outside Plano library |
WFAA.com |
Brad Watson |
A reports that medical records,
Social Security numbers and
other personal information were
found in a box outside a Plano,
Texas library. |
|
12/31/2010 |
Honda car owners hit by data
breach |
ZDNET |
Vivian
Yeo |
American Honda has alerted
millions of customers that their
personal information was hacked. |
|
12/22/2010 |
Microsoft BPOS cloud service hit
with data breach |
Computerworld |
Andreas Udo de Haes |
A report a breach of address
book data belonging to customers
of Microsoft's Business
Productivity Online Suite (BPOS)
Standard occurred in the
company's data centers in North
America, Europe and Asia. |
|
12/21/2010 |
Data Breach Could Test
Massachusetts Law |
ThePost.com |
Paul Roberts |
The CitySights NY tour company
has notified certain state
attorneys general that the
financial data of more than
100,000 customers was stolen
when a SQL injection attack hit
one of its Web servers. |
|
12/20/2010 |
Stolen laptop contained medical
data on thousands of patients |
Wisconsin State Journal |
David Wahlberg |
Dean Health System and St.
Mary's Hospital sent letters to
3,288 of their surgical patients
on Saturday telling them their
data was compromised when a
laptop was stolen from a
doctor's home. |
|
12/16/2010 |
CDPH Reports 'Big' Data Security
Breach |
Health Leaders Media |
Cheryl Clark |
The California Department of
Public Health (CDPH) announced
that it is missing a magnetic
tape containing sensitive
personal and medical information
on up to 2,550 staff and
residents of Southern California
skilled nursing facilities. |
|
12/15/2010 |
Feds probe '100 site' data
breach:
McDonald's Silverpopped |
The Register |
Dan Goodin |
More details have emerged in the
theft of McDonald's customer
data. |
|
12/15/2010 |
Hacker breaches OSU computers |
Columbus Dispatch |
Encarnacion Pyle |
The Ohio State University is
notifying 760,000 individuals
that hackers may have accessed
their personal information after
officials discovered
unauthorized activity on a
university server. |
|
12/13/2010 |
Mesa hospital missing data files
for more than 2,200 patients |
azcentral.com |
Stephanie Russo |
Mountain Vista Medical Center in
Mesa, AZ, has informed 2,284
endoscopy patients that their
data was contained on compact
memory cards that were
discovered missing on October
13. |
|
12/11/2010 |
McDonald's and Walgreens Warn
Customers of Data Theft |
WalletPop |
Mitch Lipka |
McDonald's is notifying
customers that certain personal
details have been exposed by
thieves who broke into a
database. |
|
12/10/2010 |
UW-Madison warns 60,000 of card
data theft |
Wisconsin State Journal |
Samara Kalk Derby |
University of Wisconsin-Madison
discovered on October 26 that
hackers accessed records
containing identification cards
that included names, photos and
ID numbers of former students,
faculty and staff members. |
|
12/8/2010 |
Nasa suffers data breach after
failing to wipe end-of-life PCs |
v3.co.uk |
Phil Muncaster |
An internal investigation has
revealed "significant weaknesses
in the sanitization and
disposition processes" at NASA
space and research centers. |
|
12/3/2010 |
'Long-term' Employee Responsible
for Mesa County Data Breach |
KJCT8.com |
Don Coleman |
A long-term Mesa County, CO, IT
employee was fired after a data
breach exposed secure law
enforcement files and personal
information, including some
belonging to people who reported
crimes. |
|
11/24/2010 |
Healthcare Breach In Puerto Rico
Could Affect More Than 400,000 |
darkreading.com |
Tim Wilson |
Two healthcare providers are
alerting thousands of patients
that their data may have been
exposed. |
|
11/19/2010 |
Six California hospitals fined
for medical record security
breaches |
Los Angeles Times |
Staff Writer |
State officials have fined six
California hospitals and a
nursing home for failing to
prevent unauthorized access to
confidential patient medical
information. |
|
11/19/2010 |
UH sued over data breach |
Honolulu Star-Advisor |
Gene Park |
Since 2005, one in every three
residents of Hawaii have had
their personal records breached,
and more than half of those
breaches have come in the form
of online security incidents
involving the University of
Hawaii. |
|
11/19/2010 |
CIOs See Smartphones As Data
Breach Time Bomb |
Information Week |
Matthew J. Schwartz |
A recent survey found that eight
out of 10 CIOs rank data
breaches as their top security
concern and think that using
smartphones in the workplace
increases their vulnerability to
attack. |
|
11/18/2010 |
VA's Baker briefs Congress on
data breaches |
Federal News Radio |
|
Department of Veterans Affairs
CIO Roger Baker described two
recent data breach incidents
during a monthly briefing for
congress. |
|
11/17/2010 |
Verizon launches hacking
information service |
v3.co.uk |
Iain Thomson |
Verizon Business has launched an
information-sharing service that
it hopes will help improve
companies' approaches to risk
management. |
|
11/16/2010 |
Downtime Rated Top Risk Of Data
Breaches |
Information Week |
Matthew J. Schwartz |
A reports on a recent survey
showing that a majority of
organizations are ill-prepared
for a data breach. |
|
11/15/2010 |
Florida hospital admits to data
breach affecting 1500 patients |
Info Security |
|
Two healthcare facilities have
announced data breaches this
week involving the exposure of
patient records and personal
information. |
|
11/14/2010 |
It's not a privacy 'breach' when
information about you is out
there already |
Washington Post |
Rob Pegoraro |
With high-profile incidents
raising concerns and the U.S.
Congress considering privacy
legislation, not every case
reported in the media actually
meets the definition of a
privacy breach. |
|
11/6/2010 |
U.S. Workers Are on Alert After
Breach of Data |
New York Times |
Ashley Southall |
The General Services
Administration is taking steps
to protect its employees'
identities after a data breach
exposed the personal information
of 12,000. |
|
10/29/2010 |
APNewsBreak: University Posts
Info Of 40K Students |
National Public Radio |
Associated Press |
The University of Hawaii (UH)
this week removed the names,
grades, disabilities and other
sensitive information of 40,101
of its former students after the
information sat on an
unprotected server for almost a
year. |
|
10/26/2010 |
Medicaid data breach 'like an
onion' |
Healthcare IT News |
Molly Merrill |
The recent security breach of
280,000 individuals' personal
health information highlights
the need for data encryption,
says one security expert. |
|
10/21/2010 |
Medical-data breach said to be
major |
Philadelphia Inquirer |
Jane M. Von Bergen |
Two health plans have notified
the Pennsylvania Department of
Public Welfare about the loss of
a flash drive containing
information on 280,000 Medicaid
recipients. |
|
10/15/2010 |
University of North Florida
breach exposes data on 107,000
individuals |
Computerworld |
Jaikumar Vijayan |
Intruders accessed a University
of Northern Florida server last
month, exposing the data of
107,000 current and prospective
students, adding to the list of
four dozen similar breaches at
universities this year. |
|
10/14/2010 |
Mismailing Causes VA Information
Breach |
GovInfoSecurity |
|
The Department of Veterans
Affairs (VA) is offering about
4,000 vets free credit
monitoring services because in
August their Social Security
numbers were mailed to the wrong
person. |
|
10/11/2010 |
FTC: No Major PHR Breaches So
Far |
Gov Info Security |
|
No major breaches affecting 500
or more individuals have been
reported since the Federal Trade
Commission's (FTC) breach
notification rule for personal
health records took effect. |
|
10/8/2010 |
Miss. Guard personnel
information compromised |
Army Times |
Shelia Byrd |
Officials are looking into the
exposure of data on nearly 3,000
active members of the
Mississippi National Guard. |
|
10/7/2010 |
Cancer researcher fights UNC
demotion |
The Herald-Sun |
Gregory Childress |
As the result of an incident
involving the University of
Texas Medical Branch, a
34-year-old Texas woman has been
sentenced to 15 years in federal
prison and ordered to pay
$163,185.19 restitution for
unlawful possession of
fraudulent identification
documents and conspiracy to
commit identity theft. |
|
9/29/2010 |
UF notifies former students of
privacy breach |
University of Florida News |
|
The University of Florida has
notified 239 former students
that their personal information
may have been compromised. |
|
9/27/2010 |
‘Snippets’ of Patient Data Are
Accidentally Posted |
New York Times |
Anemona Hartocollis |
New York-Presbyterian
Hospital/Columbia University
Medical Center announced Monday
that pieces of 6,800 patients'
data were mistakenly exposed on
the Internet. |
|
9/24/2010 |
ChoicePoint Data Breach Victims
Await Their Pittance |
eSecurity Planet |
Larry Barrett |
The Federal Trade Commission
(FTC) began sending checks for
$18.17 last week to 14,023
victims of the 2008 ChoicePoint
breach. |
|
9/23/2010 |
Legal groups criticize state for
disclosing names of people with
HIV |
Bay Area Reporter |
Seth Hemmelgarn |
Advocacy groups are criticizing
the California Department of
Healthcare Services for
releasing the names of about
5,000 residents with HIV to a
healthcare contractor, while
Alaska officials fear a breach
at the Alaska AIDS Assistance
Association may have compromised
the information of 2,000
individuals. |
|
9/17/2010 |
Man gets prison for Discover
card fraud |
Orange County Register |
Larry Welborn |
A man who purchased on the black
market data stolen in the
Hannaford Bros. 2007-2008 breach
has been sentenced to prison. |
|
9/17/2010 |
Rice University Exposes Student,
Employee Data |
eSecurity Planet |
Larry Barrett |
Rice University is notifying
more than 7,000 students and
employees that their personal
information was exposed when a
portable storage device
containing student and employee
names, addresses, birth dates,
salaries, emergency contact
information and, in some cases,
Social Security numbers was
stolen. |
|
9/13/2010 |
CCNY Students Feel Sting of Data
Security Mishap |
eSecurity Planet |
Larry Barrett |
School officials at City College
of New York are alerting more
than 7,000 students that their
personal information may have
been compromised after a school
laptop was stolen. |
|
9/9/2010 |
Missing files little threat,
hospital says |
Boston Globe |
Elizabeth Cooney |
A Massachusetts hospital has
concluded its investigation into
the disappearance of backup
computer tapes containing the
personal information of
approximately 800,000
individuals. |
|
9/9/2010 |
Hotel operator warns of data
breach |
ComputerWorld |
Jaikumar Vijayan |
HEI Hospitality, the owner of
Marriott, Sheraton, Westin and
other hotel brands, is the
latest in a growing number of
operators to announce a breach
of its point-of-sale system. |
|
9/5/2010 |
Stolen and sold: Private details
of thousands of World Cup fans |
Daily Mail |
Jason Lewis |
A criminal investigation has
been launched into the theft and
sale of personal details of as
many as 250,000 individuals from
the U.S., UK, Switzerland,
Portugal, the Netherlands,
Poland, Italy, Germany, France,
Spain and Croatia who purchased
tickets to the 2006 World Cup
from official FIFA outlets. |
|
9/2/2010 |
Delaware government: State
retiree sues over data leak |
Delaware Online |
Chris Barrish |
A Delaware woman has filed a
class-action lawsuit after her
personal information was exposed
on a state Web site, reports. |
|
9/1/2010 |
Heartland to pay Discover $5M
for 2008 data breach |
Associated Press |
Associated Press |
Heartland Payment Systems, Inc.,
agreed on Wednesday to pay
Discover Financial Services $5
million to resolve issues
related to its 2008 data breach. |
|
8/31/2010 |
State retiree data breached |
Delaware Online |
J.L. Miller |
A report that a benefits
consulting company working with
the state government
inadvertently posted to the
Internet the Social Security
numbers, birth dates and gender
of about 22,000 state retirees. |
|
8/31/2010 |
Military social security cards &
other papers found in dumpster |
Heartland News |
Jeff Cunningham |
A viewer alerted Heartland News
after finding high school
diplomas, birth certificates and
Social Security cards in a
dumpster behind a Missouri Armed
Forces Recruiting Center. |
|
8/27/2010 |
Connecticut Insurance Regulators
Requiring Data Breach
Notification |
Insurance Journal |
|
Following a string of incidents
involving the exposure of
residents' personal information,
insurance regulators in the
state of Connecticut are placing
notification requirements on
insurers and their agents,
requiring that they let the
state insurance commissioner
know within five days of
discovering a breach. |
|
8/26/2010 |
500 Million Sensitive Records
Breached Since 2005 |
Privacy Rights Clearinghouse |
|
More than a half billion
sensitive records have been
breached since 2005, according
to the most recent estimates
from the Privacy Rights
Clearinghouse (PRC), which keeps
track of such breaches in its
Chronology of Data Breaches
project. |
|
8/24/2010 |
Judge approves Countrywide ID
theft settlement |
kypost.com |
Brett Barrouquere |
A federal judge has approved a
settlement between Countrywide
Financial Corp. and millions of
customers whose information was
exposed in what has been
described as "the biggest
reported case of data theft by a
financial insider." |
|
8/20/2010 |
Businesses Cash In on Web
Privacy Concerns |
CNBC |
Julia Boorstin |
As online data breaches increase
to 100 million in the U.S.
alone, the numbers of data
protection startups are
increasing as well. |
|
8/19/2010 |
Stolen UConn laptop had
applicants' Social Security
numbers |
New Haven Register |
Register Staff |
Officials at the University of
Connecticut (UConn) are
notifying more than 10,000
individuals that their personal
information was on a laptop
computer stolen from the
school's West Hartford campus. |
|
8/19/2010 |
Stolen Yale laptop held patient
data; Blumenthal investigating
breach |
New Haven Register |
Register Staff |
Yale School of Medicine is
alerting 1,000 people that their
health information has been
compromised after a laptop
containing non-encrypted
information was stolen last
month. |
|
8/12/2010 |
Heartland denies systems
involved in new data breach |
Computerworld |
Jaikumar Vijayan |
The company that "suffered the
largest ever data breach
involving payment card data"
last year, is downplaying
reports linking it to a data
breach at a Texas restaurant
chain. |
|
8/11/2010 |
VA Data Breaches Go Live |
Nextgov |
Bob Brewin |
Veterans Affairs Department (VA)
Chief Information Officer Roger
Baker told a press briefing that
the department has begun posting
monthly data breach reports on
the Internet. |
|
8/11/2010 |
Broward College students warned
of ID theft risk after leak |
Miami Herald |
Michael Vasquez |
A software upgrade at the
College Center for Library
Automation exposed the personal
information of about 126,000
Florida public college students
and faculty. |
|
8/2/2010 |
Rampant hotel data theft |
SC Magazine |
Angela Moscarlito |
Data theft continues to be
prevalent in the hotel industry,
with breaches occurring on a
weekly basis. |
|
7/21/2010 |
Universities Struggle with Wave
of Data Breaches |
Campus Technology |
Dian Schaffhauser |
Florida International University
(FIU) and the University of
Maine (UMaine) reported breaches
affecting thousands of students. |
|
7/20/2010 |
Hospital files with data of
800,000 are missing |
Boston Globe |
Martin Finucane and Kay Lazar |
The South Shore Hospital has
announced that 800,000 records
may have been lost during
shipping to an off-site
contractor responsible for
destroying the records. |
|
7/19/2010 |
U
Hawaii Data Breach Echoes 2009
Incident |
Campus Technology |
Dian Schaffhauser |
The University of Hawaii
informed the Honolulu police and
the FBI that a server was
breached at their parking
office, possibly exposing the
personal information of 53,000
people. |
|
7/19/2010 |
State employee posts nearly
3,000 SSNs online |
Baltimore Sun |
Liz F. Kay |
A Maryland Department of Human
Resources (DHR) employee has
been placed on administrative
leave after posting the Social
Security numbers and other
personal information of nearly
3,000 DHR clients online. |
|
7/17/2010 |
|
Des Moines Register |
Jens Manuel Krogstad |
A report that a database
security breach at Buena Vista
University may have exposed the
names, Social Security numbers
and license numbers of 93,000
people affiliated with the
university dating back to 1987. |
|
7/14/2010 |
OSU: Computer virus infects
computer with info about 34,000
employees |
KVAL TV |
|
While the University of North
Carolina institutes new policies
to beef up data security after a
state audit showed system
vulnerabilities, officials at
Oregon State University are
notifying 34,000 current and
former employees that their
personal information was
recently exposed by a computer
virus. |
|
7/8/2010 |
University Databases In the
Bull's Eye |
darkreading.com |
Ericka Chickowski |
A data breach affecting 53,000
at The University of Hawaii (UH)
Manoa is the latest in a recent
string of university data
breaches. |
|
7/6/2010 |
State’s error unveiled Social
Security numbers |
Boston Globe |
Todd Wallack |
The Massachusetts secretary of
state's office is alerting
139,000 investment advisers that
their personal information has
been exposed. |
|
7/6/2010 |
UF officials notify patients of
privacy breach |
University of Florida News |
Melanie Ross |
Two universities are notifying
thousands of individuals that
their personal information may
have been exposed. |
|
7/5/2010 |
Credit Card Hackers Visit Hotels
All Too Often |
New York Times |
Joe Sharkey |
A recent study by SpiderLabs
found that the hotel industry
was involved in 38 percent of
all credit card hacking cases
last year. |
|
6/30/2010 |
CSUSB investigating student data
breach |
The Desert Sun |
Michelle Mitchell |
Two educational institutions are
looking into data breaches
involving personal information. |
|
6/30/2010 |
Foursquare Puts Money Before
Privacy |
Wired |
Ryan Singel |
Internet site Foursquare
published a notice Wednesday
about a privacy breach that
shared all users' location
information across the Web,
regardless of whether they had
chosen to opt out of such
broadcasts through their privacy
settings. |
|
6/29/2010 |
WellPoint: Data breach caused by
attorneys and faulty security
update |
The Tech Herald |
Steve Ragan |
WellPoint has notified 470,000
health insurance applicants that
a security glitch may have
exposed their Social Security
numbers and other personal
information. |
|
6/29/2010 |
UMaine students who sought
mental health services' data
compromised |
Sun Journal |
Staff Writer |
The University of Maine Police
Department is investigating a
data breach that exposed nearly
5,000 students' personal and
medical information. |
|
6/29/2010 |
New York hospital loses data on
130,000 via FedEx |
Business Week |
Robert McMillan |
A New York hospital is notifying
some 130,000 patients that their
personal information may have
been compromised. |
|
6/24/2010 |
700-Plus Credit Cards Stolen
from Hotel |
ABC News |
Scott Mayerowitz |
Hackers broke into the computer
system of a luxury hotel chain
and, over a three-month period,
stole the credit card
information of hundreds of
guests. |
|
6/23/2010 |
Personal data accessed on Blue
Cross website |
OC Register |
Courtney Perkes |
Approximately 230,000 Anthem
Blue Cross customers received
notification this week that
personal information--including
Social Security and credit card
numbers--may have been accessed. |
|
6/23/2010 |
Florida university notifies
students and faculty of possible
data exposure |
InfoSecurity.com |
|
A Florida university is
notifying 19,407 students and 88
faculty members that their
personal data may have been
exposed. |
|
6/18/2010 |
Microsoft opens center for
reports of identity and data
theft |
USA Today |
Byron Acohido |
Microsoft has launched a
coalition to serve as a
clearinghouse for reports about
caches of stolen data stored on
the Internet. |
|
6/14/2010 |
FCC Issues Warning, FBI
Investigates iPad Breach |
eSecurity Planet |
Kenneth Corbin |
The Federal Communications
Commission is warning businesses
and consumers about data
security in light of two recent
information breaches. |
|
6/10/2010 |
AT&T Discloses Breach of iPad
Owner Data |
Wall Street Journal |
Spencer Ante |
AT&T acknowledged that a small
group of computer experts known
as Goatse Security accessed
114,000 e-mail addresses of iPad
users through a security hole in
AT&T's Web site. |
|
6/8/2010 |
FTC Approves Final Settlement
Order with Dave & Busters; FTC
Rejects COPPA Safe Harbor
Application |
Federal Trade Commission |
Press Release |
The Federal Trade Commission
(FTC) has approved a final
settlement order with
entertainment operation Dave &
Buster's, settling charges that
the company failed to protect
consumers' information. |
|
6/8/2010 |
Penn State Warns Of More
Cyber-Breaches |
CBS News |
Associated Press |
More people than additionally
estimated may have been affected
by a data breach at Penn State
University. |
|
6/7/2010 |
23andMe Sends Wrong DNA Test
Results To 96 Customers |
Tech Crunch |
Jason Kincaid |
23andMe, a company that provides
genome testing by mail to its
customers, has announced that
"up to 96" customer samples were
incorrectly processed by the
company's contracted laboratory. |
|
6/4/2010 |
Insurer says it's not liable for
University of Utah's $3.3M data
breach |
Computerworld |
Jaikumar Vijayan |
A Colorado insurance company has
filed a federal lawsuit claiming
it is not responsible for
reimbursing the University of
Utah for costs related to a 2008
data breach. |
|
6/3/2010 |
University of Louisville
Patients' Data Exposed |
eSecurity Planet |
Larry Barrett |
AvMed Health Plan officials say
a December data breach involving
missing laptops may have
affected three times as many
customers as previously
estimated, bringing the number
to more than one million. |
|
6/2/2010 |
Privacy Breaches May Expose More
Social Security Data At Penn
State |
StateCollege.com |
Adam Smeltz |
During routine security
procedures, Penn. State
information-technology staff
discovered that two campus
computers were infected with
malicious software, potentially
exposing as many as 25,572
alumni Social Security numbers
(SSNs). |
|
5/28/2010 |
Missing records on stolen laptop
from Cincinnati Children's
Hospital |
cincinnati.com |
Peggy O'Farrell |
Officials at a Cincinnati
hospital are increasing employee
training after a data breach
affecting more than 61,000
patients. |
|
5/19/2010 |
Heartland, MasterCard Settle
Over Data Breach |
PC World |
Nancy Gohring |
In its third settlement related
to a 2008 data breach, Heartland
Payment Systems has agreed to
pay out up to $41.1 million to
MasterCard issuers that lost
money as a result of the breach. |
|
5/14/2010 |
Los Angeles Firemen's CU Has
Data Breach |
Credit Union Times |
David Morrison |
The Los Angeles Firemen's Credit
Union has notified some of its
members that their personal
information, including account
and Social Security numbers, may
have been compromised. |
|
5/14/2010 |
VA reports new data breaches |
Federal Times |
Tim Kauffman |
A House committee will discuss
recent data breaches at the
Veterans Affairs Department
during a hearing. |
|
5/13/2010 |
Information on 207,000 Army
Reservists Stolen |
GovInfoSecurity |
Eric Chabrow |
The Army Reserve is notifying
207,000 reservists that a laptop
containing their sensitive data
and that of their family members
was stolen from the office of a
government contractor. |
|
5/7/2010 |
Court gives preliminary OK to
$4M consumer settlement in
Heartland case |
Computerworld |
Jaikumar Vijayan |
A Texas federal court gave
preliminary approval of a $4
million settlement in a consumer
class action lawsuit against
Heartland Payment Systems Inc. |
|
4/29/2010 |
Data on 24,600 hospital patients
missing |
Courier Journal |
Laura Ungar |
A psychiatric hospital in
Kentucky is urging 24,600
affected patients to place fraud
alerts on their credit reports
after a flash drive containing
their personal information went
missing. |
|
4/28/2010 |
Data breaches in U.S. cost more |
Network World |
Ellen Messmer |
The average cost of a data
breach in the United States is
higher than breach costs in
Australia, France, Germany and
the UK. |
|
4/28/2010 |
Man indicted in probe of UMC
privacy leak |
Las Vegas Sun |
Marshall Allen |
An FBI probe into a privacy
breach involving hospital
patients' records has resulted
in a federal grand jury
indicting a man who is alleged
to have paid a hospital employee
for the information. |
|
4/23/2010 |
How Blippy users' credit cards
got into Google |
cnetnews.com |
Tom Krazit |
Four users of a social
networking service based on
sharing information about
purchases with other users have
had their credit card
information exposed via Internet
searches. |
|
4/21/2010 |
Army discloses theft of medical
patients' data |
Chron.com |
Associated Press |
Officials have alerted patients
of an Army hospital in Texas
that their personal information
may have been exposed. |
|
4/19/2010 |
Certegy to pay $975K, undergo
annual security audit |
SC Magazine |
Dan Kaplan |
Certegy Check Services will pay
$850,000 to the state of Florida
for a 2007 data breach that
impacted nearly six million
personal records. |
|
4/17/2010 |
Data stolen from 628,000
Virginians recovered, Minn.
agency says |
Virginian Pilot |
Carolyn Shapiro |
A student loan firm that
reported the theft of data
pertaining to 3.3 million
borrowers late last month says
all of the data has been
recovered. |
|
4/13/2010 |
Va. Beach human services workers
fired for privacy breaches |
Virginian Pilot |
Deidre Fernandes |
Eight Virginia Beach human
services employees have been
fired or disciplined in the past
year for wrongfully accessing
personal information contained
in state databases. |
|
4/9/2010 |
BCBS Data Theft Now Affects 1
Million |
Health Data Management |
Joseph Goedert |
The number of those affected by
the BlueCross BlueShield of
Tennessee data theft last
October has increased to 998,422
since the last count in March. |
|
4/5/2010 |
Countrywide Sold Private Info,
Class Claims |
Courthouse News Service |
Tim Hull |
Sixteen named plaintiffs have
filed a class action suit
against Countrywide Financial,
Countrywide Home Loans and Bank
of America, which bought
Countrywide, alleging
Countrywide Financial employees
stole and sold customers'
personal financial information. |
|
4/5/2010 |
John Muir Health to notify 5,450
patients of data breach |
San Francisco Business Times |
Chris Rauber |
A California Hospital is
providing one year of free
identity theft protection to
5,450 patients whose personal
and health information was
potentially breached after the
theft of two laptop computers. |
|
4/2/2010 |
Navy took more than a year to
announce personal data breach |
Washington Post |
Federal Diary |
Government employee
organizations are asking the
Navy for identity-theft
insurance following the
notification that the personal
data of 244 employees was
inadvertently released to a
"non-government entity." |
|
3/30/2010 |
JC Penney tried to block
publication of data breach |
Computerworld |
Jeremy Kirk |
JC Penney and The Wet Seal have
been named among the retailers
targeted in a 2008 data breach
that resulted in the theft of
130 million credit card numbers. |
|
3/30/2010 |
State AGs Stepping Up HITECH
Enforcement |
Health Leaders Media |
Dom Nicastro |
Connecticut Attorney General
Richard Blumenthal is
investigating his second case
involving HIPAA violations in
three months. |
|
3/27/2010 |
Data stolen from firm that
handles student loans in
Virginia |
Washington Post |
Martin Weil |
A student loan firm is providing
credit monitoring and protection
services to some 3.3 million
people affected by a data
breach. |
|
3/26/2010 |
Computer hacker gets 20-year
term |
Boston Globe |
Todd Wallack |
The man who orchestrated the
theft of millions of credit and
debit card numbers from major
companies was sentenced to 20
years in prison. |
|
3/26/2010 |
Durex India eStore spills
customers' personal details |
The Register |
John Leyden |
An Indian Web site that sold
Durex condoms has threatened
legal action against the person
who exposed a data breach on the
site. |
|
3/25/2010 |
Dave & Buster's Settles FTC
Charges it Failed to Protect
Consumers' Information |
Federal Trade Commission |
|
The entertainment operation Dave
& Buster's, Inc., has agreed to
settle Federal Trade Commission
charges that the company failed
to protect consumers'
information. |
|
3/18/2010 |
Data Breaches Are Heaviest at
Hotels |
Wall Street Journal |
Sarah Nassauer |
Hotels are attractive targets
for hackers seeking customer
credit card data. |
|
3/10/2010 |
Companies urged to share data
breach information |
searchsecurity.com |
Marcia Savage |
When it comes to battling
cybercriminals, the key is to
share data breach information
with law enforcement officials. |
|
3/10/2010 |
Arkansas National Guard Loses
Hard Drive |
eSecurity Planet |
Larry Barrett |
Members of the Arkansas National
Guard are learning this week
that their personal information
may have been exposed. |
|
3/9/2010 |
VA investigating security breach
of veterans' medical data |
NextGov |
Bob Brewin |
The Veterans Affairs (VA)
Department's inspector general
has launched an investigation
into a potential breach
incident. |
|
3/5/2010 |
Westin hotel in LA reports
possible data breach |
Computerworld |
James Niccolai |
The Westin Bonaventure Hotel and
Suites in Los Angeles is
offering free credit monitoring
services for customers whose
payment card information may
have been exposed. |
|
3/1/2010 |
Data theft creates notification
nightmare for BlueCross |
PC World |
Robert McMillan |
The theft of 57 unencrypted hard
drives from BlueCross-BlueShield
of Tennessee has given thieves
access to personal data on
upwards of 500,000 customers and
is costing millions to fix. |
|
2/28/2010 |
Wyndham Hotels hacked again |
v3.co.uk |
Phil Muncaster |
Wyndham Hotels and Resorts has
notified the U.S. Secret Service
and several state attorneys that
hackers stole customer names and
payment card information from
its computer system. |
|
2/23/2010 |
Federal Trade Commission links
wide data breach to file sharing |
Washington Post |
Cecilia Kang |
A Federal Trade Commission probe
has uncovered widespread leakage
of sensitive data onto
peer-to-peer file-sharing
networks. |
|
2/22/2010 |
Valdosta State University server
improperly accessed |
SC Magazine |
Angela Moscarlito |
A Georgia university is alerting
some 170,000 students and staff
that their Social Security
numbers may have been exposed. |
|
2/20/2010 |
Error affects about 3,900
TennCare enrollees |
KnoxNews.com |
Kristi Nelson |
Tennessee's Medicaid management
system is offering one year of
free identity theft safeguards
to 3,900 people after a computer
glitch sent their personal
information to the wrong mailing
addresses. |
|
2/12/2010 |
Shell employees' details leaked
to environmental campaigners |
Financial Times |
Ed Crooks |
Contact information for 176,000
employees and contractors of
Royal Dutch Shell has been sent
to environmental and human
rights campaign groups. |
|
2/11/2010 |
Equifax tax forms expose worker
Social Security numbers |
cnetnews.com |
Elinor Mills |
An unknown number of current and
former employees of a credit
reporting firm received W-2
forms in the mail with their
Social Security numbers visible
through the envelope's window. |
|
2/10/2010 |
Hackers Break Into Ceridian's
Payroll System |
eSecurity Planet |
Larry Barrett |
A Minnesota payroll company is
advising more than 1,900 of its
customer companies that their
employees' personal, sensitive
data may have been compromised. |
|
2/6/2010 |
Error circulates state workers'
bank data |
The Columbus Dispatch |
Alan Johnson |
The personal banking information
of 6,000 Ohio state employees,
including the governor, was
mistakenly sent in an e-mail to
dozens of payroll officers at
state agencies. |
|
2/5/2010 |
Commerce breach of personal data
just the tip of the iceberg |
Washington Post |
Joe Davidson |
In an e-mail to employees,
Commerce Secretary Gary Locke
called recent breach incidents
involving employees' personal
information "simply
unacceptable." |
|
2/4/2010 |
Business Associates Can Pay
Directly for Breaches |
Media Health Leaders |
Dom Nicastro |
A top official at the Office of
Civil Rights (OCR) says business
associates could be liable for
health data breaches. |
|
2/4/2010 |
Minn.-based Ceridian reports
data security breach |
Minnesota Public Radio |
Elizabeth Dunbar |
A Minnesota payroll company is
changing all customer passwords
after discovering a security
breach. |
|
2/4/2010 |
Highmark tells customers
personal information lost |
Pittsburgh Post-Gazette |
Bill Toland |
A Pittsburg healthcare provider
is offering some 3,700
policyholders one free year of
credit monitoring after
documents containing their names
and Social Security numbers
(SSNs) were lost. |
|
2/3/2010 |
Inquiry sought in data breach |
Des Moines Register |
William Petroski |
Iowa's Senate majority leader
will request an inquiry into how
a hacker gained access to a
state computer system. |
|
1/29/2010 |
Social Security numbers found
lying in street |
Chicago Tribune |
Lisa Black and John Keilman |
Hundreds of partially shredded
documents containing sensitive,
personal information--including
Social Security numbers--were
found on a Chicago street last
week. |
|
1/27/2010 |
UCSF says laptop with 4,400
patient records stolen, then
recovered |
San Francisco Business Times |
Chris Rauber |
The University of California San
Francisco (UCSF) is alerting
4,400 patients that their
medical files were potentially
exposed after the November theft
of an employee's laptop, which
was later recovered. |
|
1/27/2010 |
Commerce Dept. slow to notify
employees of security breach |
Washington Post |
Joe Davidson |
A data breach at the U.S.
Department of Commerce occurred
on December 4, exposing the
personally identifiable
information of agency employees. |
|
1/26/2010 |
Tab for Response to Data Breach
Hits $7 Million for BCBS of
Tennessee |
iHealthBeat |
|
Blue Cross Blue Shield (BCBS) of
Tennessee says that the October
2009 theft of 57 hard drives
from the organization's training
facility compromised the
personally identifiable
information of as many as
500,000 BCBS Tennessee
subscribers. |
|
1/26/2010 |
Bank sues victim of $800,000
cybertheft |
Computerworld |
Jaikumar Vijayan |
PlainsCapital Bank of Lubbock,
Texas, has filed a lawsuit
against its customer,
Plano-based Hillary Machinery,
following the theft of $800,000
from the company by cyberthieves
operating out of Italy and
Romania. |
|
1/25/2010 |
Survey: Data breaches from
malicious attacks doubled last
year |
cnetnews.com |
Elinor Mills |
According to the Ponemon
Institute's annual Cost of a
Data Breach study, released
today, the financial impact of a
privacy failure rose to a
per-record average of $204 and a
per-incident average of $6.75
million. |
|
1/22/2010 |
US State Department clerk
sentenced for passport peeking |
Associated Press |
|
A State Department file clerk
has been sentenced to one year
of probation and 75 hours of
community service for illegally
accessing the confidential
passport applications of 70
celebrities in 2007. |
|
1/20/2010 |
Law Firms in Heartland Cases
Criticizing Proposed Settlement |
Credit Union Times |
David Morrison |
Two law firms representing
credit unions and other card
issuers are expressing
disappointment over a proposed
settlement in a case against
Heartland Payment Systems. |
|
1/20/2010 |
Chase bank seems a bit too loose
with clients' data |
Los Angeles Times |
David Lazarus |
A Chase Bank customer, who
regularly told the bank that she
did not wish for it to share her
personal information with other
organizations was dismayed
recently when she received a
letter from the bank informing
her that information about her
that had been shared with
another company was exposed
online. |
|
1/20/2010 |
Mortgage Broker Who Dumped
Consumer Records Settles FTC
Charges |
Federal Trade Commission |
|
A mortgage broker charged with
improperly disposing of
consumers' personal financial
records has paid a $35,000
settlement to the Federal Trade
Commission (FTC). |
|
1/19/2010 |
Health Net's missing drive could
cost it millions |
The Register |
Chris Meller |
The data breach that affected
1.5 million members of health
insurance provider Health Net
may end up costing the company
millions of dollars. |
|
1/19/2010 |
Legislative auditor plans
follow-up investigation on data
breach |
Minnesota Public Radio |
Sara Aslanian |
Minnesota's legislative auditor
said this week he plans an
investigation into a Texas
company's problematic
background-checking program that
resulted in a data breach
affecting 500 new state
employees. |
|
1/15/2010 |
Financial Firm Notifies 1.2M
After Password Mistake |
PC World |
Robert MacMillan |
Financial services firm Lincoln
National has begun notifying as
many as 1.2 million customers
after discovering that a policy
of shared passwords. |
|
1/14/2010 |
Kaiser patient medical records
compromised |
San Francisco Chronicle |
Victoria Colliver |
The personal and sensitive
medical information of about
15,500 patients of Northern
California Kaiser were
compromised after an external
storage drive was stolen from an
employee's car. |
|
1/14/2010 |
NY Bank Suffers Online Breach |
Bank Info Security |
Linda McGlasson |
Suffolk County National Bank
(SCNB) has disclosed that the
servers hosting its online
banking service suffered a
breach lasting six days in
November. |
|
1/13/2010 |
Significant downturn in data
breach notifications |
IT Wire |
David Heath |
A report that the number of data
breaches reported to the media
has declined significantly over
the past 18 months. |
|
1/11/2010 |
NARA talks about lessons learned
from lost PII incident |
Federal News Radio |
Gary Stern |
Gary Stern, general counsel for
the National Archives and
Records Administration (NARA),
spoke with
Federal News Radio
about recent data breaches at
the agency, including what
happened, how the agency is
responding and lessons learned
from the experience. |
|
1/8/2010 |
Heartland to Pay up to $60
Million to Visa Over Breach |
PC World |
Grant Gross |
In the latest settlement related
to the 2008 Heartland Payment
Systems data breach,
PCWorld
reports that U.S. and
international Visa debit and
credit card issuers will receive
payments totaling as much as $60
million to pay for costs
incurred as a result of the
security gaffe that affected
more than 130 million card
holders. |
|
12/31/2009 |
Hacker may have accessed EWU
student information |
Seattle Times |
Tri-City Herald |
Officials at Eastern Washington
University (EWU) are notifying
up to 130,000 current and former
students that their personal
information may have been
exposed in a security breach. |
|
12/30/2009 |
Facebook App Maker Hit With
Data-Breach Class Action |
Wired |
David Kravets |
Third-party app provider
RockYou.com is facing a proposed
class-action lawsuit. |
|
12/30/2009 |
Hacker Gonzalez pleads guilty in
Heartland breach |
cnetnews.com |
Elinor Mills |
A Miami hacker has pleaded
guilty to charges associated
with the Heartland Payment
Systems and Hannaford Brothers
data breaches. |
|
12/30/2009 |
Penn State notifies 30,000 of
computer security breach |
Pittsburgh Post-Gazette |
Bill Schackner |
A report that Penn State has
begun the process of notifying
nearly 30,000 individuals that
their personally identifiable
information (PII), including
Social Security numbers, may
have been compromised as a
result of three separate malware
infections discovered in late
December. |
|
12/29/2009 |
Parties agree to settlement over
Countrywide data breach |
SC Magazine |
Dan Kaplan |
A federal judge in Kentucky
granted preliminary approval to
settle a class-action lawsuit
related to the Countrywide
Financial data breach that
exposed the personal data of
millions. |
|
12/22/2009 |
Did Hackers Steal Millions from
Citigroup? |
ABC News |
Huma Khan, Pierre Thomas and
Jason Ryan |
Citigroup is denying a
Wall Street
Journal
report that
Eastern European cybercriminals
hacked the company's network and
made off with tens of millions
of dollars. |
|
12/21/2009 |
UPDATE 1-Heartland to settle
class actions over cyber breach |
Reuters |
|
A report that Heartland Payment
Systems will settle class action
lawsuits stemming from a data
breach the credit card processor
sustained during a period from
2007 through 2008. |
|
12/17/2009 |
Heartland Pays Amex $3.6 Million
Over 2008 Data Breach |
PC World |
Robert McMillan |
Heartland Payment Systems will
pay American Express $3.6
million to settle charges
related to its 2008 data breach. |
|
12/16/2009 |
Mass. Supreme Court throws out
lawsuit against BJs over '04
data breach |
Computerworld |
Jaikumar Vijayan |
The Massachusetts Supreme
Judicial Court upheld a lower
court's decision to dismiss a
lawsuit against BJ's Wholesale
Club over its 2004 data breach. |
|
12/16/2009 |
RockYou Hacker: 30% of Sites
Store Plain Text Passwords |
Read Write Web |
Jolie O'Dell |
News emerged that a hacker
successfully infiltrated the
database of social network
RockYou.com and located the
login information of more than
32 million users. |
|
12/15/2009 |
UCSF belatedly announces
September data breach |
San Francisco Business Journal |
Chris Rauber |
The University of California San
Francisco (UCSF) has notified
600 patients that their personal
information may have been
exposed. |
|
12/11/2009 |
Warnings issued after possible
security breach |
Minnesota Public Radio |
Sasha Aslanian |
The State of Minnesota has
requested that all state
agencies stop using a private
background investigation firm
following the possible
disclosure of 500 state
employees' personally
identifiable information (PII)
on the company's Web site. |
|
12/9/2009 |
Verizon: Data Breaches Getting
More Sophisticated |
Wired |
Kim Zetter |
A new study by Verizon has found
that cybercriminals are using
increasingly sophisticated
techniques to steal information,
but that most hackers still gain
access to sensitive information
in known, preventable ways. |
|
12/8/2009 |
24,000 employees affected by
data breach |
The Observer |
Sarah Mervosh |
A report by the University of
Notre Dame independent
newspaper,
The Observer,
states more than 24,000
employees of the school had
their personally identifiable
information exposed when the
information was posted to an
unsecure, publicly accessible
Internet site. |
|
12/7/2009 |
Blumenthal suspects HealthNet
disk was stolen |
Hartford Business |
|
Connecticut Attorney General
Richard Blumenthal has notified
federal investigators of what he
believes to have been the theft
of a computer disk containing
the personal, financial and
medical information of more than
450,000 subscribers of HealthNet
insurance. |
|
12/4/2009 |
EIU warns of student data
security breach |
Chicago Tribune |
Associated Press |
Eastern Illinois University
officials have mailed letters to
prospective and current students
who may have been affected by a
data breach. |
|
11/24/2009 |
The Year Of The Mega Data Breach |
Forbes |
Andy Greenberg |
Forbes
reports on the numbers of data
breaches during the first 11
months of 2009. |
|
11/21/2009 |
PATIENT PRIVACY: FBI probing UMC
data leaks |
Las Vegas Review-Journal |
Scott Wyland |
The Federal Bureau of
Investigation is now involved in
the investigation into the
sharing of University Medical
Center (UMC) patients' health
records. |
|
11/20/2009 |
Hospital privacy leak could harm
patients |
Las Vegas Sun |
Marshall Allen |
Someone at University Medical
Center (UMC) is leaking the
records of accident victims to
attorneys. |
|
11/18/2009 |
Health Net Loses Information for
450,000 Clients |
nbcconnecticut.com |
Leanne Gendreau |
Connecticut Attorney General
(AG) Richard Blumenthal has
expressed outrage that six
months passed before health
insurer Health Net notified the
state and police about a breach
of confidential data. |
|
11/9/2009 |
Conn. AG investigates insurer's
data breach |
Hartford Courant |
Associated Press |
Connecticut's attorney general
(AG) is looking into Blue Cross
Blue Shield's (BCBS) loss of
confidential information on
800,000 doctors. |
|
10/30/2009 |
68,000 CalOptima Members at Risk
in Data Breach |
Consumer Affairs |
|
CalOptima has reported that CDs
containing the personal
information of Orange County,
California Medicaid recipients
are missing. |
|
10/29/2009 |
CalOptima recovers discs with
personal data on 68,000 members |
Computerworld |
Jaikumar Vijayan |
CalOptima has recovered discs
containing the personal data of
68,000 members. |
|
10/28/2009 |
Report Suggest Consumers Don't
Understand Data Breach
Notifications |
Credit Union Times |
David Morrison |
A report on study findings that
suggest consumers do not
understand the importance of
data breach notifications and,
as a result, fail to protect
themselves from fraud. |
|
10/27/2009 |
UW says 40 computers hacked |
Wisconsin State Journal |
|
The University of
Wisconsin-Madison is the latest
campus to report a breach of
students' personal information. |
|
10/22/2009 |
Zurich loses data on 51,000 UK
customers |
Times Online |
Miles Costello |
Zurich Insurance has notified
customers in three countries
that their personal details went
missing during a routine data
transfer last year, and their
whereabouts remain unknown. |
|
10/22/2009 |
Security Flaws Discovered in
Calif. EDD Website |
CBS 5 Local News |
Anna Werner |
The Swiss foreign ministry
announced a shutdown of its
computer system after a
"professional virus attack"
allowed hackers in. |
|
10/20/2009 |
Data collector charged $275,000
for leaking personal data |
The Register |
Dan Goodin |
A report on ChoicePoint's
settlement with the Federal
Trade Commission. |
|
10/19/2009 |
ChoicePoint to Pay Fine for
Second Data Breach |
PC World |
Grant Gross |
The Federal Trade Commission
(FTC) announced yesterday that
data broker ChoicePoint will pay
a fine to resolve charges that
it failed to implement data
protection measures required by
the agency after its 2004
security breach. |
|
10/15/2009 |
Computer data on 103,000 VA
Adult Ed Students Misplaced |
Washington Post |
Michael Alison Chandler |
The personally identifiable
information of more than 100,000
former adult education students
in Virginia was exposed as a
result of a misplaced USB flash
drive on which their data was
stored. |
|
10/15/2009 |
PayChoice Suffers Another Data
Breach |
Washington Post |
Brian Krebs |
For the second time in a month,
hackers have gained the login
credentials of PayChoice
clients. |
|
10/14/2009 |
Women's data breach probed |
News & Observer |
Eric Ferreri |
When the University of North
Carolina-Chapel Hill sent
letters to women notifying them
of a data breach related to
their medical data used in a UNC
mammography study, many
expressed concern about both the
compromise and their involvement
in the study. |
|
10/9/2009 |
MD Bank Dumps Identities into
Trash |
ABC News |
Joce Sterman |
A number of customers in Rodgers
Forge, Maryland were upset to
learn that the institution which
recently took over the local
branch of the former Bradford
Bank has been less than
protective of their personal and
banking information. |
|
10/7/2009 |
City Admits Lapse in Data
Release |
New York Times |
Sewell Chan |
New York City officials admitted
to a security blunder yesterday
that occurred when municipal
data was released to local
programmers working on New York
City-specific software
applications in a project known
as BigApp. |
|
10/6/2009 |
Heartland, After The Hacking |
Information Week |
Thomas Claburn |
Nearly 10 months after
disclosing a months-long data
breach that affected millions of
consumers, the financial impact
of the Heartland data breach
continues to unfold. |
|
10/6/2009 |
850,000 doctors could be hit by
potential data breach from
insurer's stolen laptop |
amednews.com |
Emily Berry |
A report that the impact of the
theft of a Blue Cross-Blue
Shield (BCBS) employee's laptop
computer could be as large as
850,000 and include every
physician in the BCBS network. |
|
10/6/2009 |
Google targeted in e-mail scam |
BBC News |
Jonathan Fildes |
Google's Gmail service is the
latest to have been targeted by
a phishing scheme. |
|
10/6/2009 |
Microsoft warns of Hotmail
privacy breach |
SmartCompany.com |
Patrick Stafford |
Microsoft is warning hundreds of
millions of Hotmail users to
take precautions after their
account details were posted on a
third-party Web site. |
|
10/5/2009 |
Lawsuits over Heartland data
breach folded into one |
Computerworld |
Jaikumar Vijayan |
A lawsuit consolidating 16
separate class-action complaints
against Heartland Payment
Systems has been filed in U.S.
District Court for the Southern
District of Texas. |
|
10/5/2009 |
Microsoft acknowledges Windows
Live ID breach |
SC Magazine |
Chuck Miller |
Microsoft Corporation
acknowledged the compromise of
thousands of Windows Live user
login credentials after they
were exposed on a third party
Web site. |
|
10/3/2009 |
Blue Cross physicians warned of
data breach |
Boston Globe |
Kay Lazar |
Blue Cross-Blue Shield (BCBS) is
warning tens of thousands of
physicians about a breach
involving their personal
information. |
|
10/2/2009 |
Soldiers' Data Still Being
Downloaded Overseas, Firm Says |
Washington Post |
Ellen Nakashima |
A private cybersecurity
monitoring firm says it
continues to find the sensitive
data of U.S. soldiers on
unauthorized computers in
foreign nations such as China
and Pakistan |
|
10/1/2009 |
Probe Targets Archives' Handling
of Data on 70 Million Vets |
Wired |
Ryan Singel |
The inspector general of the
National Archives and Records
Administration (NARA) is
investigating a potential data
breach involving the sensitive
data of 76 million military
veterans. |
|
10/1/2009 |
Data breach hits payroll firm
PayChoice |
Network World |
Ellen Messmer |
A New Jersey payroll processor
has acknowledged a breach of its
processing operations. |
|
9/30/2009 |
2nd Update: Express Scripts:
Extortionist Has Even More Data |
Wall Street Journal |
|
Express Scripts, one of the
nation's largest pharmacy
benefits managers, has mailed
letters to 700,000 members after
new details emerged about the
scope of data stolen by an
unknown person a year ago. |
|
9/25/2009 |
UNC data breach exposes 163,000
SSNs |
Computerworld |
Jaikumar Vijayan |
The University of North Carolina
is notifying 163,000 women that
their personally identifiable
information was exposed in a
security breach. |
|
9/16/2009 |
Data Breach Highlights Role Of
'Money Mules' |
Washington Post |
Brian Krebs |
Maine's Downeast Energy &
Building Supply notified about
850 customers that the company
had experienced a security
breach that drained them of
$200,000 and potentially exposed
customers' personal data. |
|
9/14/2009 |
Heartland on Defense at Senate
Hearing |
Government Information Security |
Eric Chabrow |
Heartland Payment Systems CEO
Robert Carr appeared before the
Senate Homeland Security and
Governmental Affairs Committee
to answer questions about the
data breach that impacted
hundreds of millions of
cardholders. |
|
9/11/2009 |
TD Ameritrade data theft
settlement nears approval |
Associated Press |
Josh Funk |
The U.S. District Court judge
presiding over the hearing on a
proposed TD Ameritrade Holding
Corp. settlement with customers
did not make a final decision on
the deal. |
|
9/9/2009 |
DuPont Alleges Second Insider
Breach In Two Years |
darkreading.com |
Tim Wilson |
Chemical giant DuPont has fired
an employee for allegedly
stealing trade secrets. |
|
9/9/2009 |
Heartland Update: Judge to Hear
Motions to Dismiss Class Action
Suits |
Bank Info Security |
Linda McGlasson |
Preliminary hearings have begun
in the case against Heartland
Payment Systems. |
|
9/9/2009 |
NHS body admits losing sensitive
data on over 6,000 job
applicants |
Out-Law News |
|
The Information Commissioner's
Office (ICO) is reminding all
that "password-protected laptops
are not secure." |
|
9/7/2009 |
Phony debt collectors raise fear
of national data breach |
Augusta Chronicle |
Kelvin Collins |
The Better Business Bureau (BBB)
has issued a national alert
about a new scam that elicits
confidential information from
consumers. |
|
9/3/2009 |
TJX agrees to settle another
breach lawsuit for $525,000 |
Computerworld |
Jaikumar Vijayan |
Retail giant TJX has settled for
$525,000 a lawsuit with a group
of banks for costs incurred
following the company's 2006
data breach. |
|
8/25/2009 |
Insider risk problem revealed |
BBC News |
Maggie Shiels |
The majority of data breaches
result from inadvertent employee
error, say experts. |
|
8/22/2009 |
BU reports data breach of 400
ROTC members |
Boston Globe |
Abbie Ruzicka |
Another Massachusetts university
has reported a data breach. |
|
8/21/2009 |
Hackers gained access to UMass
info |
Telegram.com |
Priyanka Dayal |
University of Massachusetts at
Amherst officials say they have
taken steps to shore up
information security practices
since learning last fall of a
breach that exposed the personal
information of alumni. |
|
8/19/2009 |
Inside The Year's Biggest Data
Breach |
Forbes.com |
Taylor Buley |
Forbes
reports on the ease with which
hackers responsible for some of
the largest data breaches to
date were able to infiltrate the
breached entities' networks. |
|
8/13/2009 |
Amex cardholders' data stolen by
employee |
The Associated Press |
|
An American Express employee has
been arrested for stealing
corporate data and the company
is notifying some card holders
that their information may have
been compromised. |
|
8/12/2009 |
U.C. Berkeley Alumni Data is
Breached |
The Snitch |
Anna McCarthy |
A SF Weekly
blog reports that those
affiliated with the University
of California Berkeley are again
being notified that hackers may
have accessed their private
details. |
|
8/10/2009 |
BofA warns Mass. Security breach |
Charlotte Business Journal |
Tim McLaughlin |
Bank of America and Citigroup
have issued new credit and debit
cards to customers in
Massachusetts, letting them know
that their account numbers may
have been compromised. |
|
8/10/2009 |
Twitter breach revives cloud
security fears |
Computerworld |
Jaikumar Vijayan |
A data breach involving
Twitter's use of an application
hosted by Google has prompted
calls for a reversal in the City
of Los Angeles' recent decision
to switch to cloud-based
applications. |
|
8/4/2009 |
Inmate found with sensitive info |
Concord Monitor |
Lauren R. Dorgan |
New Hampshire officials are
looking into how an inmate
obtained sensitive information
on state Corrections Department
employees. |
|
8/3/2009 |
Federal Eye: Personal Data
Mishandled at Commerce Dept. |
Washington Post |
Ed O'Keefe |
Commerce Department employees
have been notified that their
sensitive personal information
was exposed last month. |
|
7/29/2009 |
Security experts' sites hacked
on eve of Black Hat conference |
cnetnews.com |
Elinor Mills |
With the collective gaze of the
security community fixed on Las
Vegas and the Black Hat security
conference, a number of
high-profile security experts
have been targeted by hackers. |
|
7/27/2009 |
Network Solutions starts healing
process after data breach |
DMNews |
Lauren Bell |
Following disclosure of a data
breach that may have compromised
the credit card data of more
than 573,000 patrons of small
commercial Web sites, Internet
domain administer and host
Network Solutions has initiated
a crisis response effort. |
|
7/24/2009 |
Network Solutions Hack
Compromises 573,000 Credit,
Debit Accounts |
Washington Post |
Brian Krebs |
Brian Krebs reports that a data
breach at Internet domain
administrator and host Network
Solutions has compromised
personal and financial data for
more than 573,000. |
|
7/20/2009 |
Data Explosion Expands Breach
Exposure, But Insurers More Open
To Handling Risk |
National Underwriter |
Phil Gusman |
The amount of data stored
electronically continues to
explode, creating more potential
for privacy breaches. |
|
7/17/2009 |
Hotline for UCSD patients
swamped |
SignOnSanDiego.com |
David Hasemyer |
The University of California-San
Diego Moores Cancer Center
notified 30,000 individuals that
their personal information may
have been stolen by hackers. |
|
7/14/2009 |
Canyons School District: Sorry
about that missing employee info |
Salt Lake Tribune |
Kristen Stewart |
A school district in Utah has
notified more than 6,000
employees that a thumb drive
containing their personal
information has been lost. |
|
7/13/2009 |
LexisNexis issues data breach
warning after alleged mafia bust |
Computerworld |
Robert McMillan |
Consumer databases have become
coveted scouring grounds for
identity thieves and other
fraudsters. |
|
7/10/2009 |
Boxes of medical records found
in Salt Lake dumpster |
KUTV |
Brian Mullahy |
Medical records, including
names, credit card numbers,
Social Security numbers and
cancelled checks were found in a
dumpster behind a Salt Lake City
shoe distribution center. |
|
7/6/2009 |
Lessons from the Data Breach at
Heartland |
BusinessWeek |
Rachel King |
BusinessWeek
goes in depth with Heartland
Payment Systems CEO Robert Carr
on the data security breach his
company experienced late last
year. |
|
6/24/2009 |
Cornell probes theft of laptop
with personal data |
Associated Press |
|
Cornell University announced
that police are investigating
the theft of a school laptop
containing the personal
information--including Social
Security numbers--of
approximately 45,000 students,
alumni, faculty and staff. |
|
6/23/2009 |
TJ Maxx Settles Data Breach
Charges |
ConsumerAffairs.com |
|
Retailer TJX will pay $9.75
million to settle charges
related to its 2007 data breach
that exposed the financial
details of thousands of
customers. |
|
6/19/2009 |
Malicious Attacks Most Blamed in
'09 Data Breaches |
Washington Post |
Brian Krebs |
Nearly 40 percent of data
breaches reported since January
were the work of hackers or
employees, according to Identity
Theft Resource Center (ITRC)
figures. |
|
6/18/2009 |
Court Stiffs Veterans Caught in
Privacy Breach |
Wired |
David Kravets |
The 11th U.S. Circuit Court of
Appeals decided that veterans
whose personal data was stolen
could not recover financial
damages for mental anguish. |
|
6/17/2009 |
Heartland CEO says data breach
was 'devastating' |
Computerworld |
Jaikumar Vijayan |
Even before it happened, the
possibility of a data breach was
what kept him up at night,
Heartland Payment Systems
chairman and CEO Bob Carr told
Computerworld. |
|
6/14/2009 |
AP IMPACT: Weak security enables
credit card hacks |
Associated Press |
Jordan Robertson |
An Associated Press
investigation into credit card
hacks has revealed that
industry-accepted safeguards are
lacking. |
|
6/9/2009 |
T-Mobile Confirms Stolen Data Is
Genuine |
PC World |
Jeremy Kirk |
T-Mobile today confirmed that
hackers accessed information
from its servers, as alleged,
but the company does not believe
customer data is in danger. |
|
6/8/2009 |
Aetna named in security-breach
lawsuit |
Hartford Business |
Greg Bordonaro |
A class-action suit has been
filed against health insurer
Aetna for alleged data
protection and privacy failures. |
|
6/4/2009 |
Printing glitch leads to
'breach' |
Kennebec Journal |
Betty Adams |
The Maine state Office of
Information Technology has
notified nearly 600 residents
that certain information about
their unemployment benefits was
mailed to the wrong recipients. |
|
6/2/2009 |
In Legal First, Data-Breach Suit
Targets Auditor |
Wired |
Kim Zetter |
A bank is suing the security
auditor that certified
CardSystems Solutions three
months before hackers breached
its systems in 2004. |
|
6/2/2009 |
Batteries.com, insurance firm
report data breaches |
Computer World |
Grant Gross |
Online retailer Batteries.com
said in a letter to New
Hampshire's Attorney General on
May 18 that hackers breached its
server in February, stealing
names, addresses and credit card
information. |
|
5/29/2009 |
Heartland Update: More than 650
Institutions Impacted |
Bank Info Security |
Linda McGlasson |
The number of banks reporting
card compromises as a result of
the Heartland Payment Systems
data breach has reached 656. |
|
5/28/2009 |
Aetna Contacts 65,000 after web
site data breach |
PC World |
Jeremy Kirk |
Aetna is erring "on the side of
caution" in notifying 65,000
people about a breach of its Web
site. |
|
5/20/2009 |
Heartland Payment Systems CEO
discusses breach, previews
speech |
IAPP |
|
Not a week had passed after the
announcement of what some have
described as the largest data
breach ever, when the CEO of
Heartland Payment Systems,
Robert Carr, began calling for
better industry cooperation and
new efforts directed at
preventing future breaches. |
|
5/20/2009 |
Heartland Data Breach: Hearing
Set for Class Action Suits |
Bank Info Security |
Linda McGlasson |
Multiple financial institutions
have filed suits against
Heartland Payment Systems for
its payment processing system
security breach last year. |
|
5/20/2009 |
HIV-positive patients sue
hospital over records lost on
train |
Boston Globe |
Elizabeth Cooney |
Two of the Massachusetts General
Hospital patients whose records
were among those lost on an MBTA
train in March have filed suit
against the hospital and the
employee responsible for the
loss. |
|
5/19/2009 |
Investigation into huge loss of
computerized Clinton data |
New York Times |
David Johnston |
The FBI is investigating the
loss of a computer hard drive
from the National Archives
record center. |
|
5/13/2009 |
Most claims dismissed in
Hannaford data breach suit |
Computerworld |
Jaikumar Vijayan |
A U.S. District Court judge has
dismissed most of the civil
claims associated with the
Hannaford Bros. data breach
disclosed in March 2008. |
|
5/12/2009 |
D.C. Agency Accidentally E-Mails
Personal Data About College
Financial Aid Application |
Washington Post |
Bill Turque |
The personal details of 2,400
students were exposed by a
government agency. |
|
5/11/2009 |
TD Ameritrade data theft
settlement goes to court OK |
Associated Press |
Josh Funk |
A U.S. District Court judge has
approved the settlement
agreement for a class-action
suit against TD Ameritrade
Holding Corp. |
|
5/11/2009 |
Inside a data leak audit |
Network World |
Sandra Gittlen |
An inside look at the data
leakage audit of a Boston-based
pharmaceutical firm. |
|
5/8/2009 |
Hackers Say They Have Va.
Prescription Drug Data, Demand
$10 Milion |
The Washington Post |
Brian Krebs |
Virginia officials say they have
no evidence that personal
information is at risk due to a
breach of its Prescription
Monitoring Program database, but
are urging residents to watch
their finances just the same. |
|
5/8/2009 |
Hackers breach UC-Berkeley
database; infor for 160,000
students, alums at risk |
San Jose Mercury News |
Matt Krupnick |
Hackers have stolen the personal
information of 160,000 current
and former University of
California-Berkeley students. |
|
5/7/2009 |
Security breach leads to
Heartland Payment 1Q loss |
Forbes.com |
David Pitt |
The Heartland Payment Systems
security breach contributed to a
first-quarter loss for the
company. |
|
5/7/2009 |
Missile data, medical records
found on discarded hard disks |
The Register |
John Leyden |
University researchers purchased
300 drives from eBay and other
retailers, finding that 34
percent of disk drives still
contained confidential data. |
|
5/4/2009 |
Heartland earns back spot on PCI
approved list |
Network World |
|
Heartland Payment Systems is
back on Visa Inc.'s list of
compliant vendors. |
|
5/2/2009 |
LexisNexis warns 32,000 people
about data breach |
Associated Press |
Amy Westfeldt |
LexisNexis has notified tens of
thousands that their personal
information was exposed in a
database security breach. |
|
4/29/2009 |
Likely cause of Ill. Data breach
pervasive |
Associated Press |
|
Officials at the Illinois
Department on Aging say
"employee error" likely caused a
breach of sensitive information. |
|
4/28/2009 |
Identifying the source of
corporate threats |
NetworkWorld |
Davi Ottenheimer |
The Verizon Business RISK team
recently released its "2009 Data
Breach Investigations Report,"
which gives a fresh look into
the question of whether insiders
or outsiders are the larger
threat group. |
|
4/28/2009 |
Federal Reserve IT Analyst
Arrest Highlights Internal
Threat |
Information Week |
George Hulme |
A recent arrest stokes the
debate that was rekindled with
the recent release ofVerizon
Business' 2009 Data
Breach Investigations Report. |
|
4/28/2009 |
Mountain of private information
found in abandoned warehouse |
WWLTV News |
Bigad Shaban |
The confidential records of
Orleans Parish public-school
employees have been discovered
in an abandoned and unsecured
warehouse in New Orleans. |
|
4/27/2009 |
Data Security Breaches Present
Emerging Risks, Opportunities
for Agents |
Insurance Journal |
Patricia-Ann Tom |
Data security represents both a
new market opportunity to sell
insurance coverage and a new
risk - especially for
independent insurance agencies
that may not be compliant with
data security laws or have plans
in place to protect their own
companies from data breaches. |
|
4/27/2009 |
Study: Many Employees Undermine
Data Breach Prevention
Strategies |
Insurance Journal |
|
Many employees disable the
encryption solutions on their
laptops, putting their employers
at risk for data breaches,
according to a study by Absolute
Software Corp. and the Ponemon
Institute. |
|
4/27/2009 |
The Real Costs Of Laptop Loss |
Dark Reading |
John Sawyer |
Numbers like $49,346 as the
averags cost of a lost laptop is
certainly enough to turn some
managerial heads. |
|
4/24/2009 |
Unencrypted laptop with 1
million SSNs stolen from state |
SC Magazine |
Dan Kaplan |
The sensitive personal
information of more than a
million Oklahomans has been
compromised |
|
4/24/2009 |
After mass security lapse, RBS
Worldpay gets IRS contract No
bad deed goes unrewarded |
The Register |
Dan Goodin |
RBS Worldpay - the electronic
payment processor that admitted
it exposed sensitive financial
records for millions of
customers - has been awarded a
contract by the Internal Revenue
Service to process tax return
payments next year. |
|
4/24/2009 |
Oklahomans Demand Better
Identity Security Recent
Breaches Raise Concern Across
State |
KOCO (Oklahoma City) |
|
Oklahomans are demanding action
after two security breaches in
less than a month, both linked
to state agencies. |
|
4/24/2009 |
DHS alerts clients to theft |
Tulsa World |
Althea Peterson |
The Oklahoma Department of Human
Services sent letters to clients
in nearly half a million
households this week stating
that their names and personal
information might have been
stolen from a DHS employee's
laptop computer. |
|
4/23/2009 |
SunTrust Banks Announce Security
Breach |
WESH.com |
|
A bank that serves Central
Florida has become the victim of
a security breach, and its
customers could be at risk. |
|
4/22/2009 |
Typical lost or stolen laptop
costs companies nearly $50,000,
study finds |
Mercury News |
Steve Johnson |
The results of an
Intel-commissioned study on
business costs associated with
lost or stolen laptops. |
|
4/22/2009 |
Employee info device missing
from FairPoint |
AP via The Telegraph |
Clarke Canfield |
A portable data storage device
containing the personal
information of more than 4,000
employees of FairPoint
Communications Inc. has been
reported missing. |
|
4/22/2009 |
Many Companies Don't Report Data
Breaches as a Risk Factor |
MX Logic |
|
Thirty-eight percent of Fortune
500 companies fail to report the
threat of a data breach in the
"risk factors" section of their
SEC 10-K filing, according to a
recent survey by international
specialist insurer Hiscox. |
|
4/21/2009 |
Pentagon Fighter Jet Data Breach
Was Avoidable |
ChannelWeb |
Andrew Hickey |
The hack into the Pentagon's
computer system that led to the
theft of information related to
the $300 billion Joint Strike
Fighter project could have been
prevented. |
|
4/21/2009 |
Fraud specialists want more
transparency on data breaches |
MX Logic |
|
A survey released ahead of this
week's RSA Conference in San
Francisco shows that network
security fraud specialists want
more transparency in reporting
of data breaches. |
|
4/21/2009 |
Affinion Security Center
Publishes Data Breach Response
Guide |
PR News Wire |
|
As incidents of corporate data
breaches continue to rise, the
rules and regulations requiring
compliance for breach
notification and response from
financial institutions,
creditors and many other
businesses have strengthened. |
|
4/20/2009 |
Crime rings behind 91% of data
theft: report |
Information Age |
JJ Robinson |
Cybercrime rings are organised,
sophisticated and highly
effective when it comes to data
theft, reveals a new report from
frontline forensic
investigators. |
|
4/20/2009 |
Proposed breach notification
rule would affect more health
vendors |
Nextgov |
Bob Brewin |
Rules proposed by the Federal
Trade Commission on April 16 on
disclosure of breaches of
personal health information
would greatly expand the number
of companies that would be
subject to notifying individuals
if their personal health data
was exposed because records were
lost or stolen, or because a
hacker broke into a computer
health network. |
|
4/20/2009 |
Five Ways To Survive a Data
Breach Investigation |
IT World |
Bill Brenner |
Security experts say it all the
time: If a company thinks it has
suffered a data security breach,
the key to getting at the truth
unscathed is to have a response
plan in place for what needs to
be done and who needs to be in
charge of certain tasks. |
|
4/20/2009 |
Study: Mistakes, Not Insiders,
to Blame for Most Breaches |
|
Joan Goodchild |
2008 was a banner year for
security breaches, according to
new research from Verizon. |
|
4/17/2009 |
Data Breach Notification Law
Across the World from California
to Australia |
DocuTicker |
|
Examining the specifics of data
breach notification frameworks
in multiple jurisdictions. |
|
4/16/2009 |
Proposed rule would require
notice about breaches |
ModernHealtcare |
Joseph Conn |
The Federal Trade Commission, in
compliance with the American
Recovery and Reinvestment Act of
2009, issued a formal notice
seeking public comment on a
proposed rule requiring vendors
of personal health record
systems and related entities to
provide notice to consumers in
the event of a security breach. |
|
4/16/2009 |
Verizon Breach Report Challenges
Conventional Wisdom |
Information Week |
Mike Fratto |
Verizon (NYSE: VZ) Business'
most recent 2009 Data Breach
Investigations Report is a
must-read report if you're
involved in IT. |
|
4/16/2009 |
FTC Issues Proposed PHR Breach
Rule |
Health Data Management |
Joseph Goedert |
The Federal Trade Commission has
issued a proposed rule that
would require personal health
records vendors and related
entities to notify consumers
when their identifiable health
information has been breached. |
|
4/16/2009 |
Criminal gangs on the hunt for
weak business security |
IT Pro |
Asavin Wattanajantra |
Organised criminals are trawling
businesses looking for weak
defences ripe for an attempt at
a data breach. |
|
4/15/2009 |
E-Mobsters Continue Brazen Data
Extortion |
eWeek |
Matthew Hines |
The Verizon Business Data Breach
[report] that was published
today seems to have raised a few
eyebrows. |
|
4/15/2009 |
More Data Breached In 2008 Than
In Previous Four Years Combined |
Information Week |
Thomas Claburn |
The findings of the 2009 Verizon
Business Data Breach
Investigations Report, which
revealed that the number of
breached records in 2008--285
million--surpassed the total
number of records breached in
the previous four years
combined. |
|
4/15/2009 |
Over 280 million records
compromised last year Damning
report finds simple steps still
being ignored |
VNUNet |
Phil Muncaster |
More than 280 million records
were compromised in 2008,
according to a new Data Breach
Investigations Report from
global comms and IT provider
Verizon Business. |
|
4/14/2009 |
Five Ways to Survive a Data
Breach Investigation |
CIO |
