PRIVACY NEWS PRIVACY SERVICES
        
  PRIVACY ASSESSMENT 
Taking a snapshot of your current privacy status. We classify and inventory your personal data and highlight your top areas of privacy risk. Joining the Safe Harbor? We'll perform your due diligence.
more >>
      
  POLICY AND PROCESS DESIGN    

Providing you the documents you'll need for global compliance
including: privacy and security
policies, vendor assurance, incident response, subject data access, opt-out integration, and more. 
more >>

      
  EMPLOYEE AWARENESS   
Creating and delivering the content for multimedia, global awareness campaigns on privacy and security. We measure before-and-after employee comprehension to help
you demonstrate value.
more >>
    
Security Breaches
      
Date Article Title Publication Author Synopsis
1/23/2012 State to probe RG&E, NYSEG data breach Democrat and Chronicle Joseph Spector New York State Electric & Gas and Rochester Gas and Electric have announced that a consulting firm hired by the utilities allowed unauthorized access to customer accounts. 
1/17/2012 Patient Data Theft Sends IT Specialist To Jail Information Week Nicole Lewis After pleading guilty to charges of hacking his former employer's database, stealing patient data and deleting it from the company's system, Eric McNeal was sentenced to 13 months in prison, three years of post-release supervision and 120 hours of community service.
1/17/2012 Even Big Companies Cannot Protect Their Data New York Times Nicole Perlroth The New York Times delves into the ongoing string of online data breaches.
1/17/2012 Zappos Data Breach Response: Good Idea or Panic Mode? PC World Ellen Messmer Zappos' response to its recent breach affecting 24 million customers. 
1/13/2012 Data breach could affect 100,000 students MSNBC Associated Press The computer networks of a San Francisco community college have been infected with software viruses that illegally transmitted personal data from students and employees overseas.
1/6/2012 Spotsy schools respond to online breach fredericksburg.com Pamela Gould As many as 4,289 individuals may have had their personal information compromised after it was discovered that the Spotsylvania County school system's tax information was accessible online.
1/5/2012 Hackers' Threat to Publish Symantec Source Code Not a Reason to Worry eweek.com Fahmida Rashid  A group of hackers claims it has stolen the source code to antivirus software company Symantec's flagship product.
1/3/2012 Attorney Charges Breach Of Privacy In D-SNAP Hartford Courant Christopher Keating An attorney representing several Connecticut state employees says investigators made a "huge breach of privacy" when they released at least two subpoenas listing dozens of names and Social Security numbers.
12/30/2011 Anonymous exposes 860K Stratfor users (and 75K credit card numbers) Venture Beat Jolie O'Dell The hacker collective Anonymous has exposed the usernames, e-mail addresses and passwords of 860,000 users of the security think tank Stratfor.
12/29/2011 Hospital employee allegedly makes fun of patient's medical condition on Facebook; officials investigating Daily News Los Angeles Susan Abram Three breaches involving the sensitive personal and medical information of thousands of patients have been reported. 
12/28/2011 6 Worst Data Breaches Of 2011 Information Week Matthew J. Schwartz A report on the most significant data breaches of 2011.
12/21/2011 How hackers gave Subway a $3 million lesson in point-of-sale security ArsTechnica Sean Gallagher Romanian hackers allegedly infiltrated the point-of-sale (POS) systems of hundreds of small businesses, including more than 150 Subway franchises.
12/21/2011 Laptop Stolen, 1,500 Patients Affected Health Data Management Joseph Goedert The University of Mississippi Medical Center and the Mississippi Department of Health are notifying 1,400 patients involved in a study that their personal information was compromised when a laptop was stolen.
12/20/2011 UCLA Hospitals Sued Over Patient Data Breach law.com Amanda Bronstad A class-action lawsuit has been filed against the University of California at Los Angeles Health System after a theft of medical records and other personal information on nearly 16,000 patients.
12/16/2011 Data Breaches:  A Year in Review Privacy Rights Clearinghouse Privacy Rights Clearinghouse The Privacy Rights Clearinghouse (PRC) has released its 2011 breach tracking report, highlighting what it considers the six most significant breaches of the year. 
12/7/2011 Data Breach Hits 3.5 Million Online Poker Players Security News Daily Matt Liebowitz A defunct gambling site experienced a breach affecting 3.5 million members.
12/3/2011 Contra Costa County warns of patient privacy breach San Jose Mercury News Rick Hurd In California, Contra Costa County officials have begun notifying thousands of county hospital patients that their personal information was exposed in a breach.
11/23/2011 Sutter Health sued over theft of computer containing patient data Sacramento Bee Darrell Smith A patient of Sutter Medical Foundation has filed a class-action lawsuit in Sacramento Superior Court after the personal information of more than four million Sutter patients was compromised in a breach.
11/18/2011 APEC committee alerted to possible data breach Star Advertiser Dan Nakaso Personal details of certain APEC committee members may have been exposed in a data breach. 
11/17/2011 Sutter Medical Foundation patients' privacy breached Scaramento Bee DV Smith The personal information of more than four million patients of the Sutter Medical Foundation was compromised when a password-protected but unencrypted computer was stolen from the foundation's offices in October.
11/17/2011 Theft of data on 4M patients part of wider problem Boston Globe Don Thompson and Marcus Wohlsen  A report on the scope of data breaches in the healthcare sector during the past two years.
11/11/2011 Hackers hit Steam gaming service in latest data breach v3.co.uk Shaun Nichols Hackers have infiltrated the systems of Valve--a games developer--and accessed customer data from the company's Steam networking service. 
11/10/2011 Market spikes eurozone’s guns  Financial Times Staff Writer "Having a good plan in place can seriously reduce the costs resulting from the breach as, in these kinds of situations, the longer things run without being dealt with in the proper fashion, the more costly it can get." 
http://b.scorecardresearch.com/b?rn=51396965&C1=2&C2=1000009&C4=http%3A%2F%2Feasley.patch.com%2Farticles%2Fpatient-information-found-on-hard-drive&C5=us.patch&C7=http%3A%2F%2Feasley.patch.com%2Farticles%2Fpatient-information-found-on-hard-drive&C8=Confidential%20Patient%20Information%20Found%20on%20Hard%20Drive%20-%20Easley%2C%20SC%20Patch
11/9/2011
Confidential Patient Information Found on Hard Drive Richmond Times-Dispatch Jeff Brush Breaches of healthcare and student data have been reported in three states. 
11/7/2011 Adidas websites go offline after security breach The Inquirer Lawrence Latif Adidas has taken down some of its websites after it learned of a "sophisticated, criminal cyber attack." 
10/27/2011 New Survey by the Ponemon Institute Finds that Data Breaches Can Cause Lasting and Costly Damage to the Reputation of Affected Organizations PR News Wire Ponemon Institute A recent survey has found that it takes an organization recovering from a data breach one year to repair damage done to its reputation. 
10/24/2011 Leak of Emory patient records could affect thousands ajc.com David Ibata Georgia's Emory Healthcare has notified 7,300 patients of a data breach in which 32 patients' hospital bills were taken, including their Social Security numbers (SSNs), and nine have become victim to identity theft.
10/19/2011 FBI Probes Sale Of Hospital Patient Information WESH.com   The FBI is investigating a breach of patient records at Florida Hospital.
10/12/2011 Data Breach at Delaware Nemours Facility Affects 1.6M Patients, Employees Becker's Hospital Review Sabrina Rodak Nemours has reported the loss of unencrypted computer backup tapes containing information on 1.6 million patients and their guarantors, vendors and employees.
10/12/2011 Sony halts 93,000 online accounts after new breach Google Associated Press Sony announced that it has locked 93,000 online network user accounts because of an unusual amount of sign-in attempts from an unauthorized user.
10/5/2011 Patient Data Landed Online After a Series of Missteps New York Times Kevin Sack A report on the causes of last month's Stanford Hospital data breach and how a "series of missteps" often leads to major data breaches. 
9/26/2011 What to Do if You've Been Hacked Wall Street Journal Ben Worthen The frequency and scale of recent data breaches is causing many companies to reevaluate their data protection mechanisms and question what to do in the event of a cyberattack. 
9/22/2011 Man unknowingly buys medical records Times Daily Hannah Mask A man intending to buy a storage unit in Alabama inadvertently purchased about 20 boxes of personal medical records.
9/22/2011 Alleged Hacker Arrested in Sony Pictures Data Breach myFOXla.com City News An arrest has been made in the Sony Pictures data breach case.
9/21/2011 Data breaches affect 2m in Mass Boston Globe Hiawatha Bray The Office of the Attorney General of Massachusetts has released statistics detailing the number of residents impacted by data breaches over the past 18 months. 
9/16/2011 CT tax worker arrested in data breach Hartford Business   A Connecticut state employee faces up to six years in prison for breaching the privacy of taxpayers.
9/12/2011 Vending machine company announces major data breach Computerworld Jaikumar Vijayan    A vending machine company has announced that a hacker accessed its point-of-sale systems, exposing the payment card data of waterpark visitors in Tennessee and Wisconsin.
9/9/2011 IU medical school warns of possible data breach Chicago Tribune Associated Press The Indiana University School of Medicine says the theft of a physician's laptop may have resulted in the loss of 3,000 patients' confidential information.
9/8/2011 Patient Data Posted Online in Major Breach of Privacy New York Times Kevin Sack Stanford University's hospital has confirmed that the records of 20,000 emergency room patients were available online for almost a year. 
9/7/2011 GlobalSign stops secure certificates after hack claim BBC News   A security company has suspended issuing authentication certificates for secure websites in response to claims that an unauthorized individual accessed the company's servers.
9/6/2011 Data breaches cost organizations a staggering $156.7 billion over six years InfoSecurity.com   A recent study found that from 2005 through 2010, data breaches cost companies $156.7 billion dollars.
8/31/2011 Hackers may have stolen over 200 SSL certificates Computerworld Gregg Keizer Targeted attacks have affected two U.S.-based agencies and a Dutch company, reports indicate. 
8/29/2011 Nokia Hacked: Forum Suspended After Data Breach Wall Street Journal Ben Rooney Nokia says its developer forum website has been hacked, requiring it to shut down the site until "further investigations and security assessments" have been completed.
8/29/2011 Facial Biometrics Pose Privacy Woes GovInfo Security Eric Chabrow Beth Givens, founder and director of the Privacy Rights Clearinghouse, says that breaches of facial biometric data are a major concern and that IT security managers need to encrypt the information to protect an individual's right to privacy.
8/27/2011 Former justice arrested after FBI probe Buffalo News Dan Herbeck Authorities have arrested a former justice for the Village of Depew, NY, in connection with illegal disposal of medical records.
8/25/2011 Maine admits to data breach of voter registration system InfoSecurity.com   Maine Secretary of State Charlie Summers has announced that malware infected a computer belonging to a town office, potentially compromising the personal information of close to one million voters.
8/25/2011 RBS breach of email security policy exposes staff pay rates searchsecurity.com Ron Condon The pay rates of 3,000 contract staff were exposed when a staff member at the employment agency Hays e-mailed 800 RBS employees with the details.
8/22/2011 Yale warns 43,000 about 10-month-long data breach Computerworld Jaikumar Vijayan    Yale University says a 2010 change in the way Google indexed and located FTP servers led to the exposure of sensitive data on 43,000 individuals.
8/22/2011 NYU Langone Medical Center's Hospital for Joint Diseases Notifies Patients Of Potential Data Breach med.nyu.edu   In three separate incidents, medical clinics have informed patients that their data was either accessed by unauthorized individuals or inappropriately discarded. 
8/17/2011 AT&T sues two over scheme to steal customer data SC Magazine Angela Moscarlito AT&T is suing two Utah residents for allegedly enacting a data-mining scheme that gleaned information from the company's customer database during a five-year period. 
8/16/2011 Purdue warns ex-students of data breach jconline.com   Social Security numbers of more than 7,000 former Purdue University students may have been compromised last year when one of the school's servers was breached by an unauthorized user. 
8/11/2011 University of Wisconsin Malware May Have Exposed Student, Staff Data Security News Daily Matt Liebowitz The University of Wisconsin-Milwaukee has announced that the personal information of 75,000 students, alumni and staff may have been exposed as a result of malware discovered on a university server on June 30. 
8/10/2011 Cisco report sheds light on advanced persistent threat trend silicon.com Gordon Smith In its latest global threat report, Cisco has found that data breaches have been "seemingly nonstop" in 2011, with unique instances of malware more than doubling.
8/9/2011 Companies Lose $2.5 Million from Missing Memory Sticks, Study Says PC World John P. Mello Jr. Lost memory sticks holding sensitive data can be detrimental to a company's bottom line.
8/6/2011 'Anonymous' Hacks U.S. Law Enforcement Sites, Steals Data Huffington Post Raphael G. Satter A report on the theft of data from approximately 70 law enforcement websites across the U.S. 
8/5/2011 Brigham and Women’s discloses patient data breach Boston Herald Staff Writer Beth Israel Deaconess Medical Center is notifying more than 2,000 patients of a data breach that occurred when a vendor performing computer maintenance did not restore security controls to a hospital computer.
8/1/2011 WellPoint reaches tentative accord in data breach suit American Medical News Pamela Lewis Dolan WellPoint has reached a preliminary settlement in a class-action lawsuit involving the exposure of 600,000 health applicants' sensitive data.
http://b.scorecardresearch.com/b?rn=21160783&C1=2&C2=1000009&C4=http%3A%2F%2Fbelmont.patch.com%2Farticles%2Fag-fines-belmont-savings-75k-for-id-breech&C5=us.patch&C7=http%3A%2F%2Fbelmont.patch.com%2Farticles%2Fag-fines-belmont-savings-75k-for-id-breech&C8=AG%20Fines%20Belmont%20Savings%20%247.5K%20for%20ID%20Breach%20-%20Belmont%2C%20MA%20Patch
8/1/2011
AG Fines Belmont Savings $7.5K for ID Breach Belmont Patch Franklin Tucker Massachusetts Attorney General Martha Coakley has imposed a $7,500 fine on a bank for failing to protect customer data.
7/25/2011 Ten steps every organization should take to address global data security breach notification requirements IAPP Brian Hengesbaugh As data security breach notification requirements become more widespread on a global scale, businesses are at greater risk for brand damage, customer loss and regulatory scrutiny. 
7/22/2011 Ponemon study: Cyber attacks more frequent, severe Network World Tim Greene A Ponemon Institute study has found that 90 percent of businesses experienced a data breach in the past year, and attacks were more severe and difficult to prevent. 
7/20/2011 Toshiba cops to data breach potentially affecting 7,520 US customers InfoSecurity.com   A server containing the personal information of approximately 7,520 Toshiba customers has been compromised by hackers. 
7/18/2011 Beth Israel reports potential data breach Boston Globe Hiawatha Bray Beth Israel Deaconess Medical Center is notifying more than 2,000 patients of a potential data breach involving their personal information. 
7/18/2011 Government scolded for data breach notification delays NextGov Aliya Silverstein The Treasury Inspector General for Tax Administration has criticized the IRS for not notifying taxpayers quickly enough when their personal information had been compromised.
7/14/2011 Hackers Gained Access to Sensitive Military Files New York Times Thom Shanker and Elizabeth Bumiller Deputy Defense Secretary William Lynn has announced that a foreign intelligence service accessed 24,000 Pentagon files by hacking into an unnamed government contractor in March. 
7/11/2011 Anonymous Hackers Breach Booz Allen Hamilton, Dump 90,000 Military Email Addresses Forbes Andy Greenberg The hacker group Anonymous claims to have released the e-mail addresses and encrypted passwords of 90,000 military personnel that it accessed through a defense contractor's server. 
7/7/2011 Combs names chief privacy officer KXAN.com   After experiencing a breach that exposed the sensitive data of 3.5 million Texans, the state comptroller's office has hired a chief privacy officer. 
7/6/2011 Washington Post says job seeker data was breached cnetnews.com Elinor Mills Hackers accessed an employment website last week, exposing the user IDs and e-mail addresses of about 1.27 million job seekers.
7/5/2011 Ind. AG: WellPoint to pay $100K over data breach Google Associated Press Indiana Attorney General Greg Zoeller announced that an Indiana-based insurer will pay a $100,000 fine and take other steps for waiting months to notify 32,000 customers of a data breach. 
7/5/2011 Report: Morgan Stanley warns 34,000 clients of data breach cnetnews.com Elinor Mills Two CD-ROMs containing the personal information of approximately 34,000 Morgan Stanley Smith Barney customers have gone missing.
7/3/2011 Mass. data breaches strike 5 million Boston Herald Greg Turner Barbara Anthony of the Massachusetts Office of Consumer Affairs and Business Regulation highlights the number of data breaches the state has been notified of since its reporting law was passed almost four years ago. 
7/1/2011 New theory of harm in data breach cases IAPP Andrew Clearwater Plaintiffs in data breach claims have been unsuccessful in convincing courts that they have suffered harms as a result of a breach, but "a new theory that claims a property right in personal information has recently been tried." 
6/28/2011 Data breach victims more likely to be fraud targets: Study Reuters   Victims of a data breach are more than four times as likely to become victims of fraud than other consumers, Reuters reports. 
6/27/2011 California agency suffers second major data breach in six months InfoSecurity.com   The California Department of Public Health (CDPH) has been breached for the second time in six months.
6/27/2011 Preparation for hacker attacks helps in protecting, insuring firms Business Insurance Rodd Zolkos A report on the growing concern businesses have in the face of increased hacker attacks and cybersecurity risks. 
6/24/2011 Citigroup did little to assist victims of privacy breach, critics say Globe and Mail Maria Aspan and Ross Kerber Citigroup's handling of its recent data breach is drawing criticism. 
6/24/2011 Sony laid off employees before data breach- lawsuit Reuters Dan Levine A lawsuit was filed in a U.S. District Court against Sony alleging the company knew it was at a high risk of being attacked by hackers because it had previously sustained smaller breaches.
6/23/2011 NATO Reports 'Probable Data Breach' to One of Its Websites TIME  Doug Aamoth The North Atlantic Treaty Organization (NATO) has released a statement announcing that a NATO-related website, operated by a third party, has been compromised.
6/22/2011 Citi Breach Builds Momentum for Federal Data Security Standards Insurance Networking Kate Davidson Recent high-profile data breaches are building momentum for a national standard for breach notification.
6/19/2011 Sega says 1.3 million users affected by cyber attack Reuters Yoko Kubota A recent rash of cyberattacks continues, this time affecting 1.3 million members of Sega's online video game network, Sega Pass. 
6/17/2011 Firms Adjust to Hacks Wall Street Journal Ben Worthen and Anton Troinovski A report on the shift companies are taking in response to data breaches. 
6/14/2011 Citigroup Is Asked for Data-Breach Details by Connecticut Attorney General Bloomberg Karen Freifeld and Donal Griffin  Connecticut Attorney General George Jepsen has written a letter to Citigroup's CEO and general counsel asking for more information about its recent data breach. 
6/14/2011 Recent hacker attacks have more companies eyeing cyber risk coverage Business Insurance Reuters The "cyberinsurance" industry is experiencing an up-tick in business with recent high-profile breaches driving companies' desire to protect themselves from spending potentially millions of dollars on breach-related costs. 
6/11/2011 Employees' info exposed in another state data breach KCENTV.com   The personal information of approximately 4,900 Texas state employees may have been released to the public.
6/9/2011 Citi Says Credit Card Customers’ Data Was Hacked New York Times Chris V. Nicholson and Eric Dash Citigroup has announced that about one percent of its North American credit card customer data was exposed when hackers breached its security.
6/8/2011 SEC Says Companies Should Disclose Cyber Attacks in Filings Bloomberg Kelly Riddell In a letter to Senate Commerce Committee Chairman Jay Rockefeller (D-WV), the U.S. Securities and Exchange Commission (SEC) said that publicly traded companies should notify investors about cyber attacks that present a "specific and material risk." 
6/7/2011 Fed sees slow growth but no double-dip  Financial Times   A report on lessons that should be gleaned from data breaches that have affected several large companies.
6/7/2011 RSA Faces Angry Users After Breach New York Times Nelson D. Schwarts and Christopher Drew Industry experts say RSA Security's admission--after a hacking attack in March--that its SecurID tokens are vulnerable came too late.
6/6/2011 HIPAA Violation Charged in Records Theft Gov Info Security Howard Anderson An Alabama woman has been charged with a HIPAA violation after allegedly stealing the personal information of 4,500 Trinity Medical Center patients.
6/5/2011 Nintendo Is Hit by Hackers, but Breach Is Deemed Minor New York Times Hiroko Tabuchi Nintendo announced that one of its affiliate servers in the U.S. was illegally accessed "a few weeks ago." 
6/2/2011 Hacker Group Claims Responsibility for New Sony Break-In New York Times Riva Richmond A report on a hacker group that has claimed it breached SonyPictures.com, accessing the personal information of approximately one million customers.
5/31/2011 Lockheed Martin investigates possible link between cyber attack and RSA data breach Computer Weekly Warwick Ashford A U.S. defense contractor has announced it has improved remote access security following a breach that disrupted its computer networks.
5/27/2011 Personal data compromised for 4,000 at San Juan school district Sacramento Bee Diana Lambert The personal information--including Social Security numbers--of 4,000 employees at a California school district has been compromised.
5/26/2011 Insider data breach costs Bank of America over $10 million, says Secret Service InfoSecurity.com   The FBI and Secret Service have arrested 95 suspects in a data breach involving Bank of America.
5/24/2011 Sony Discovers Data Breach in Greece Wall Street Journal Juro Osawa Sony has announced that it has found a data breach in one of its Sony Music Entertainment Greece units. 
5/23/2011 Small firms learn size doesn't matter to hackers Los Angeles Times Cyndia Zwahlen Small firms that think they are not a target for hackers should think again.
5/20/2011 Sony Subsidiary's User Accounts Hacked Wall Street Journal Daisuke Wakabayashi
So-net Entertainment Corp., a Sony subsidiary, has announced that a hacker accessed its customer rewards site and stole gift points worth approximately $1,225. 
5/19/2011 Data breach affects about 4,000 SEC workers Los Angeles Times Shan Li The Securities and Exchange Commission has notified about 4,000 agency employees that their Social Security numbers and other payroll information were included in an unencrypted e-mail.
5/18/2011 Virus puts state’s unemployed residents at risk Boston Herald Greg Turner Hackers installed a virus that corrupted about 1,500 computers in the Massachusetts unemployment system, compromising the personal data of as many as 210,000 out-of-work residents of the state.
5/18/2011 Sony finds another security flaw, shutters site Reuters Liana B. Baker Sony has shut down a website that was designed to help those affected by their data breaches.
5/17/2011 Sony Faces More Questions From U.S. Lawmakers About Data Breach Bloomberg Eric Engleman Reps. Mary Bono Mack (R-CA) and G.K. Butterfield (D-NC) sent a letter to Sony requesting more information about last month's data breaches that affected approximately 100 million users. 
5/12/2011 Michaels Customers Warned To Be On Lookout WCVB TV Associated Press Michaels Stores, Inc., has announced that approximately 90 PIN pads in at least 20 U.S. states have shown "signs of tampering." 
5/12/2011 Lawyers take aim at Sony hack Globe and Mail Dan Levine Sony faces at least 25 lawsuits in U.S. federal courts that stem from recently reported data breaches.
5/9/2011 As Sony Counts Hacking Costs, Analysts See Billion-Dollar Repair Bill Wall Street Journal Juro Osawa A report on the financial impact on Sony after the data breaches. 
5/5/2011 Sony's insurers to help foot bill for data breach Reuters Liana B. Baker and Jim Finkle Reuters reports that Sony may be looking to its insurers to help pay for costs resulting from last month's data breaches. 
5/5/2011 LastPass warns of possible data breach SC Magazine Darren Paul Online password manager LastPass has warned users of a potential data breach and is asking customers to alter their master passwords.
5/4/2011 X Factor contestants warned after 250,000 data breach TechWorld John E. Dunn A report on a television show's data breach resulting in the loss of 250,000 individuals' personal information. 
5/4/2011 New laws urged on Sony data breach Financial Times Joseph Menn In response to Sony's recent data breaches, U.S. lawmakers are pressing for legislation that would set up national standards in cases of data breaches.
5/3/2011 Senator Presses Sony on Theft of Customer Data New York Times Nick Bilton Reaction from the data breaches of Sony's PlayStation Network and its Online Entertainment service continue. 
5/2/2011 Sony hit by second security breach by hackers Washington Post Hayley Tsukayama Sony has been hit by a second data breach that may affect up to 24.6 million users. 
5/1/2011 A Contrite Sony Vows Tighter Security Wall Street Journal Daisuke Wakabayashi
Sony apologized for the security breach that may have affected up to 77 million users and announced it will create a new chief information security officer position to oversee consumer data protection.
4/29/2011 Texas comptroller takes blame for major breach Computerworld Jaikumar Vijayan    A report that Texas Comptroller Susan Combs has, in a statement, apologized for her office's recent data breach, saying she takes "full responsibility for it." 
4/28/2011 Sony sued for PlayStation Network data breach cnetnews.com Erica Ogg A lawsuit has been filed against Sony for not taking "reasonable care to protect, encrypt and secure the private and sensitive data of its users." 
4/28/2011 Analysis: What's so special about Sony's massive data breach? Reuters John Finkle Reuters analyzes the extent and scope of the recent breach of Sony's PlayStation Network, which has "earned a place in the annals of Internet crime." 
4/28/2011 Yankees Detail Ticket Holder Data Breach The Street Michael Baron An employee for the New York Yankees sent an e-mail to "several hundred" season ticket holders with an attached spreadsheet containing their personal information of all recipients. 
4/27/2011 Holding Companies Accountable for Privacy Breaches New York Times Nick Bilton There seem to be few repercussions for companies that lose customers' sensitive data, opines Nick Bilton. 
4/26/2011 Sony tells customers their personal data might be at risk The Hill Gautham Nagesh Sony started warning customers that its Sony PlayStation Network was breached sometime between April 17 and 19 by an "external intruder," potentially affecting 77 million users. 
4/26/2011 Texas Spends $1.8 Million on Data Breach As Lawsuits Loom eweek.com Fahmida Y. Rashid A recent data breach at the Texas Comptroller's Office has resulted in the firing of four employees and more than $1.8 million spent on notifications, a call center and consultants to assess damages and improve security--and lawsuits may be on the horizon.
4/19/2011 Data Loss Plummets, Verizon Report Finds Information Week Thomas Claburn Verizon Business will release its 2011 Data Breach Investigations Report, outlining findings from almost 800 data breach incidents in 2010. 
4/19/2011 Data thieves target smaller prey SC Magazine Liz Tay A report on Verizon Business's recently released 2011 Data Breach Investigations report that shows data thieves are targeting "smaller, softer and less reactive" businesses, such as retail and hospitality companies. 
4/18/2011 Glaxo Warns Consumers' Email Addresses, Names Were Compromised Austin Business Journal Jeanne Whalen The Texas Office of the Comptroller announced that citizens affected by its recent breach have been receiving fraudulent phone calls.
4/14/2011 Comptroller losing cover for data breach Postcards   After Texas Comptroller Susan Combs announced a breach at her office that left 3.5 million Texans' data available on the Internet for about a year, Combs and her spokesman raised issue with the offices that sent them the data.
4/14/2011 WordPress.com Data Breach Puts Millions of Bloggers at Risk Security News Daily Paul Wagenseil A host site for more than 19 million blogs has announced a data breach. 
4/13/2011 Fairview-Southdale missing records for 1,200 patients Minnesota Public Radio Elizabeth Stawicki The health information of approximately 133,000 individuals might have been compromised after the theft of a department laptop and 50 paper files.
4/12/2011 3.5 million Texans' data compromised online statesman.com Kate Alexander Texas Comptroller Susan Combs announced that human error resulted in confidential data on 3.5 million Texans ending up accessible online for about a year. 
4/12/2011 Data breach notification fatigue: Do consumers (eventually) tune out? CSO George Hulme The Texas Attorney General's Office is investigating a breach by the comptroller's department that may be the largest in the state's history, exposing the personal data of 3.5 million individuals. 
4/11/2011 'Minimal' financial impact of massive data breach could reach $100M IT World Kevin Fogarty Kevin Fogarty explores the financial repercussions of Alliance Data Systems subsidiary Epsilon's data breach, stating that it could cost the company more than $100 million--mostly due to lost sales. 
4/9/2011 Patient data stolen from Philadelphia's Family Planning Council eSecurity Planet Robert Moran A former chief pilot at US Airways handed over names, addresses, Social Security numbers and possibly the passport information of 3,000 of the airline's pilots to a third-party pilot group in 2009.
4/7/2011 Servers breached at Fortune 100 company Help Net Security Zeljka Zorz Hartford Financial Services Group has announced that its servers were breached by password-stealing Trojans, affecting about 300 people--mostly employees and contractors of the company.
4/6/2011 Epsilon Data Breach Highlights Cloud-Computing Security Concerns eweek.com Fahmida Y. Rashid As Alliance Data Systems apologizes and works to rebuild its clients' trust, the fallout from last week's Epsilon data breach continues. 
4/6/2011 House Lawmakers Want Info About Data Breach National Journal Juliana Gruenwald The House Subcommittee on Commerce, Manufacturing and Trade wrote to e-mail marketing company Epsilon giving it an April 18 deadline for delivering information on the company's recent data breach. 
4/5/2011 MidState Medical Center informs 93,500 patients of data breach Hartford Business Greg Bordonaro Connecticut's MidState Medical Center is now on the growing list of medical centers that have reported a data loss. 
4/4/2011 After Breach, Companies Warn of E-Mail Fraud New York Times Miguel Helft Privacy experts say a large-scale data breach at e-mail marketer Epsilon has put millions at greater risk of being scammed through phishing attempts. 
4/2/2011 Massive Breach at Epsilon Compromises Customer Lists of Major Brands Security Week Mike Lennon The world's largest provider of permission-based e-mail marketing, Epsilon, has announced that a hacker gained access to some of its files, exposing multiple companies' consumer data.
4/1/2011 Oklahoma Health System Loses PC Holding Personal Data of 84,000 Patients eweek.com Brian T. Horowitz The Saint Francis Health System in Tulsa, OK, has announced the theft of a PC containing personal information for 84,000 patients. 
3/31/2011 Health clinic investigating possible leak of porn actors' personal information Los Angeles Times   Officials at a California clinic that caters to performers say they are investigating the possibility of a criminal breach of patient information.
3/30/2011 Clarksburg VA Medical Center patient list left in car for months, but not to worry, VA says Office of Inadequate Security Admin Human error and theft have left thousands of personal records vulnerable to inappropriate access across the U.S. Washington's Wenatchee Valley College accidentally included 3,800 former students' Social Security numbers (SSNs) in records sent to a local law firm in response to a public records request. 
3/30/2011 BP Spills Personal Data Of 13,000 Oil Leak Victims eweek.com Sophie Curtis A BP employee lost an unencrypted laptop containing the personal information of 13,000 people who filed compensation claims after the Gulf of Mexico oil spill.
3/30/2011 Tech-Expert Group Gets Hacked Security News Daily Matt Liebowitz A laptop stolen from the Rancho Los Amigos Rehabilitation center contained personal health information on 667 patients who received electromyography tests.
3/28/2011 Most Companies Keeping Mum On Data Breaches Huffington Post Amy Lee The results of a recent study by cybersecurity vendor McAfee indicate that six in 10 companies pick and choose which data breaches to report and half of those that have experienced a breach make changes to fix and protect their systems from future breaches.
3/27/2011 Maine, Play.com, GSN Customers Hit by Third-Party Data Breach eweek.com Fahmida Y. Rashid Hackers gained access to consumer data through third-party service providers in three recent breaches affecting the Maine Bureau of Parks and Lands, Play.com and Game Show Network members. 
3/25/2011 Computer files lost at Maryville Chicago Tribune Staff Report The Maryville Academy, a social service agency in Illinois that cares for abused children, has announced that computer files containing the personal information of 3,900 children Maryville has served have either been misplaced or stolen.
3/24/2011 TripAdvisor: E-mail addresses stolen in data breach cnetnews.com Elinor Mills A travel Web site is alerting customers that their personal information may have been breached. 
3/24/2011 Data breach may have exposed park passholders WCSH News News Center Individuals who purchased their Maine State Parks passes online last year may have had their credit card information breached.
3/22/2011 SecurID Customers Advised To Prepare For Worst Case Information Week Matthew J. Schwartz Experts say that those affected by the breach last week at a company that provides computer security products to a number of corporations and governments should brace themselves for the worst case scenario.
3/22/2011 SSNs of Laredo ISD Students Missing In Data Breach Texas Tribune Morgan Smith and Julian Aquilar A disk containing the Social Security numbers of 24,903 students in a Texas school district has gone missing. 
3/17/2011 SecurID Company Suffers a Breach of Data Security New York Times John Markoff A company that provides computer security products to a number of corporations and governments says it has suffered a sophisticated data breach that could potentially compromise those products.
3/10/2011 UMass Amherst Data Breach Affects 942 Patients Becker's Hospital Review Jamie Oh A malware program infected a University of Massachusetts Amherst Health Services workstation from June through October of last year, possibly exposing personal data of some of its patients. 
3/9/2011 University Data Breaches Underscore Need for Employee Security Training eweek.com Fahmida Y. Rashid Recent breaches at universities, while unrelated, underscore the need for educating employees on the dangers of misplacing organizational data.
3/8/2011 Data Breach Costs Continue Climbing Information Week Thomas Claburn The cost of a data breach for a U.S. company continues to rise, reaching $7.2 million in 2010, an increase of nine percent from the previous year. 
3/5/2011 Blue Cross and Blue Shield of Florida Corrects and Alerts Customers of System Error Resulting in Some Member Information Being Sent to Incorrect Addresses Sacramento Bee BCBSFL Blue Cross and Blue Shield of Florida (BCBSF) has alerted about 7,400 of its members that for three months it has been mailing explanation of benefits forms to old addresses. 
3/4/2011 300,000 clients of umbilical cord blood bank at risk of ID theft Network World Paul McNamara Cord Blood Registry (CBR), the world's largest stem cell bank, has notified about 300,000 people that their data may have been have been exposed when storage tapes and a laptop were stolen from an employee's locked car last December.
3/4/2011 Thousands of Alaska Students' Personal Information Accidentally Released KTUU.com Jason Lamb The University of South Carolina has notified 31,000 current and former faculty, staff and students throughout its eight campuses about a breach that exposed their personal information--including Social Security numbers (SSNs).
3/1/2011 HBGary Federal CEO Aaron Barr Quits Due to Anonymous Attack eweek.com Fahmida Y. Rashid Three weeks after the "hacktivist" group Anonymous breached HBGary Federal's servers, the company's CEO has resigned. 
3/1/2011 Insurance company punished for improper disposal of documents WREX News   A report on the Office of the State of Illinois Director of Insurance's decision to fine an insurance company for its improper disposal of private insurance documents. 
2/25/2011 Lost device compromises medical information of 2,777 patients Detroit Free Press Robin Erb The Henry Ford Health System reported that an unencrypted flash drive containing patient data was lost on January 31.
2/17/2011 Lincoln National fined $600K for lax data security BusinessWeek Daniel Wagner The Financial Industry Regulatory Authority (FINRA) has reached an agreement with Lincoln Financial Securities Inc. 
2/16/2011 CAMC acknowledges patient data vulnerability TMCnet.com   West Virginia's Attorney General's Office (AG) is assisting the Charleston Area Medical Center (CAMC) in informing patients of a vulnerability on one of its servers. 
2/15/2011 Letters expose Social Security numbers of child care providers Chronicle-Telegram Associated Press A company hired by the Ohio Department of Job and Family Services mailed 8,000 letters to day care providers with member numbers--which in some cases are the providers' Social Security numbers--printed on the outside of the envelopes. 
2/15/2011 Maine State Police Investigate Credit and Debit Card Data Breach MPBN.net   Investigators have determined that hackers from outside the company accessed the payment card data of Day's Jewelers customers. 
2/14/2011 Senate Judiciary names Franken head of new privacy, tech subcommittee Washington Post Cecilia Kang Sen. Al Franken (D-MN) has been selected to chair the new Senate Judiciary Subcommittee for Privacy, Technology and the Law.
2/12/2011 Data Are Stolen From Hospitals Wall Street Journal Joseph DeAvila Confidential information on about 1.7 million New York City hospital patients and employees dating back as far as 20 years was stolen in December.
2/10/2011 Some eHarmony user information stolen cnetnews.com Steven Musil The online dating site eHarmony has announced that a hacker used a vulnerability to access the usernames, e-mail addresses and passwords of users of its informational site eHarmony Advice. 
2/9/2011 Oregon Prisons Hit by Worker Info Breach KTVZ.com   The Oregon Department of Corrections (DOC) announced that a non-employee had access to a thumb drive that may have contained the payroll information of up to 550 staffers from at least three correctional facilities. 
2/8/2011 San Francisco Reports Data Breach Affecting Medi-Cal Beneficiaries CaliforniaHealthline   A data breach at California's Medicaid program has affected about 2,400 beneficiaries.
2/7/2011 Nasdaq admits security breach, denies data access by hackers Business Banking Review Staff Writer Nasdaq OMX Group says it found suspicious files on its U.S. computer servers.
2/7/2011 Union: Iowa hospital worker denies records breach Washington Post Ryan J Foley One of the University of Iowa Hospitals and Clinics employees fired for breaching football players' medical records says she did nothing wrong.
2/3/2011 Iowa hospital fires three after privacy breach involving players MSNBC Ben Kercheval The University of Iowa Hospitals and Clinics will fire three employees following an investigation into a data breach involving inappropriate access to 13 athletes' medical records.
2/2/2011 Private UW medical records sold at surplus store KING 5 News Allen Schauffler A report on private medical records one customer found inside furniture sold at a surplus store. 
1/26/2011 DHHS Alerts Clients of Missing Records WNCT George Crocker The North Carolina Department of Health and Human Services (DHHS) has announced that they may have thrown out computer disks containing personal information during an office renovation.
1/24/2011 Trapster.com hacked, leaving millions of smartphone users exposed SC Magazine Dan Raywood A mobile application developer has warned of a data breach that could affect up to 10 million users.
1/24/2011 Students' Personal Data Posted Online WCVB TV   Two educational institutions are informing those potentially affected by data breaches. 
1/18/2011 Two Are Charged With Fraud in iPad Security Breach New York Times Nick Bilton and Jenna Wortham Federal prosecutors have charged two men with fraud and conspiracy in obtaining and distributing the e-mail addresses of 114,000 iPad 3G owners.
1/17/2011 Hacker breaches security at Pentagon Federal Credit Union Washington Post Lisa Rein Hackers breached a Pentagon Federal Credit Union (PenFed) laptop, exposing the personal and banking information of an undisclosed number of active-duty military personnel and others connected to the Pentagon.
1/17/2011 Agency: Records of employees may have been breached Aiken Standard Associated Press South Carolina officials have notified those covered by the state's insurance program that their personal information may have been breached.
1/12/2011 UConn reports data breach of online retail site Network World John Cox The University of Connecticut has notified customers of its Husky-branded online sports store that their billing and payment information may have been exposed when its database was hacked. 
1/7/2011 Report: Military and government data breached 104 times in 2010 NextGov Brian Kalish An Identity Theft Resource Center study that showed 15.7 percent of the 662 data breaches reported last year involved military and government agencies. 
1/7/2011 Report: Military and government data breached 104 times in 2010 NextGov Brian Kalish The University of Maine System (UMS) and the University of Hawaii (UH) are taking steps to secure data after breaches affected thousands at their campuses last year. 
1/6/2011 Infected Laptop Leads to Data Breach at Pentagon Federal Credit Union Softpedia L. Constantin The Pentagon Federal Credit Union (PenFed) is notifying customers that a malware attack penetrated a database which contains current and former members' names, addresses, Social Security numbers, payment card numbers and more.
1/4/2011 US racked up 662 reported data breaches in 2010 InfoSecurity.com   The Identity Theft Resource Center (ITRC) has revealed that 662 data breaches were reported in the U.S. in 2010, up about 33 percent from 2009. 
1/3/2011 Personnel records found dumped outside Plano library WFAA.com Brad Watson A reports that medical records, Social Security numbers and other personal information were found in a box outside a Plano, Texas library. 
12/31/2010 Honda car owners hit by data breach ZDNET Vivian  Yeo American Honda has alerted millions of customers that their personal information was hacked.
12/22/2010 Microsoft BPOS cloud service hit with data breach Computerworld Andreas Udo de Haes A report a breach of address book data belonging to customers of Microsoft's Business Productivity Online Suite (BPOS) Standard occurred in the company's data centers in North America, Europe and Asia. 
12/21/2010 Data Breach Could Test Massachusetts Law ThePost.com Paul Roberts The CitySights NY tour company has notified certain state attorneys general that the financial data of more than 100,000 customers was stolen when a SQL injection attack hit one of its Web servers. 
12/20/2010 Stolen laptop contained medical data on thousands of patients Wisconsin State Journal David Wahlberg Dean Health System and St. Mary's Hospital sent letters to 3,288 of their surgical patients on Saturday telling them their data was compromised when a laptop was stolen from a doctor's home.
12/16/2010 CDPH Reports 'Big' Data Security Breach Health Leaders Media Cheryl Clark The California Department of Public Health (CDPH) announced that it is missing a magnetic tape containing sensitive personal and medical information on up to 2,550 staff and residents of Southern California skilled nursing facilities.
12/15/2010 Feds probe '100 site' data breach:  McDonald's Silverpopped The Register Dan Goodin More details have emerged in the theft of McDonald's customer data. 
12/15/2010 Hacker breaches OSU computers Columbus Dispatch Encarnacion Pyle The Ohio State University is notifying 760,000 individuals that hackers may have accessed their personal information after officials discovered unauthorized activity on a university server.
12/13/2010 Mesa hospital missing data files for more than 2,200 patients azcentral.com Stephanie Russo Mountain Vista Medical Center in Mesa, AZ, has informed 2,284 endoscopy patients that their data was contained on compact memory cards that were discovered missing on October 13.
12/11/2010 McDonald's and Walgreens Warn Customers of Data Theft WalletPop Mitch Lipka McDonald's is notifying customers that certain personal details have been exposed by thieves who broke into a database.
12/10/2010 UW-Madison warns 60,000 of card data theft Wisconsin State Journal Samara Kalk Derby University of Wisconsin-Madison discovered on October 26 that hackers accessed records containing identification cards that included names, photos and ID numbers of former students, faculty and staff members.
12/8/2010 Nasa suffers data breach after failing to wipe end-of-life PCs v3.co.uk Phil Muncaster An internal investigation has revealed "significant weaknesses in the sanitization and disposition processes" at NASA space and research centers.
12/3/2010 'Long-term' Employee Responsible for Mesa County Data Breach KJCT8.com Don Coleman A long-term Mesa County, CO, IT employee was fired after a data breach exposed secure law enforcement files and personal information, including some belonging to people who reported crimes.
11/24/2010 Healthcare Breach In Puerto Rico Could Affect More Than 400,000 darkreading.com Tim Wilson Two healthcare providers are alerting thousands of patients that their data may have been exposed. 
11/19/2010 Six California hospitals fined for medical record security breaches Los Angeles Times Staff Writer State officials have fined six California hospitals and a nursing home for failing to prevent unauthorized access to confidential patient medical information.
11/19/2010 UH sued over data breach Honolulu Star-Advisor Gene Park Since 2005, one in every three residents of Hawaii have had their personal records breached, and more than half of those breaches have come in the form of online security incidents involving the University of Hawaii.
11/19/2010 CIOs See Smartphones As Data Breach Time Bomb Information Week Matthew J. Schwartz A recent survey found that eight out of 10 CIOs rank data breaches as their top security concern and think that using smartphones in the workplace increases their vulnerability to attack.
11/18/2010 VA's Baker briefs Congress on data breaches Federal News Radio   Department of Veterans Affairs CIO Roger Baker described two recent data breach incidents during a monthly briefing for congress.
11/17/2010 Verizon launches hacking information service v3.co.uk Iain Thomson Verizon Business has launched an information-sharing service that it hopes will help improve companies' approaches to risk management.
11/16/2010 Downtime Rated Top Risk Of Data Breaches Information Week Matthew J. Schwartz A reports on a recent survey showing that a majority of organizations are ill-prepared for a data breach.
11/15/2010 Florida hospital admits to data breach affecting 1500 patients Info Security   Two healthcare facilities have announced data breaches this week involving the exposure of patient records and personal information. 
11/14/2010 It's not a privacy 'breach' when information about you is out there already Washington Post Rob Pegoraro With high-profile incidents raising concerns and the U.S. Congress considering privacy legislation, not every case reported in the media actually meets the definition of a privacy breach. 
11/6/2010 U.S. Workers Are on Alert After Breach of Data New York Times Ashley Southall The General Services Administration is taking steps to protect its employees' identities after a data breach exposed the personal information of 12,000.
10/29/2010 APNewsBreak: University Posts Info Of 40K Students National Public Radio Associated Press The University of Hawaii (UH) this week removed the names, grades, disabilities and other sensitive information of 40,101 of its former students after the information sat on an unprotected server for almost a year.
10/26/2010 Medicaid data breach 'like an onion' Healthcare IT News Molly Merrill The recent security breach of 280,000 individuals' personal health information highlights the need for data encryption, says one security expert. 
10/21/2010 Medical-data breach said to be major Philadelphia Inquirer Jane M. Von Bergen Two health plans have notified the Pennsylvania Department of Public Welfare about the loss of a flash drive containing information on 280,000 Medicaid recipients.
10/15/2010 University of North Florida breach exposes data on 107,000 individuals Computerworld Jaikumar Vijayan    Intruders accessed a University of Northern Florida server last month, exposing the data of 107,000 current and prospective students, adding to the list of four dozen similar breaches at universities this year. 
10/14/2010 Mismailing Causes VA Information Breach GovInfoSecurity   The Department of Veterans Affairs (VA) is offering about 4,000 vets free credit monitoring services because in August their Social Security numbers were mailed to the wrong person.
10/11/2010 FTC: No Major PHR Breaches So Far Gov Info Security   No major breaches affecting 500 or more individuals have been reported since the Federal Trade Commission's (FTC) breach notification rule for personal health records took effect.
10/8/2010 Miss. Guard personnel information compromised Army Times Shelia Byrd Officials are looking into the exposure of data on nearly 3,000 active members of the Mississippi National Guard.
10/7/2010 Cancer researcher fights UNC demotion The Herald-Sun Gregory Childress As the result of an incident involving the University of Texas Medical Branch, a 34-year-old Texas woman has been sentenced to 15 years in federal prison and ordered to pay $163,185.19 restitution for unlawful possession of fraudulent identification documents and conspiracy to commit identity theft. 
9/29/2010 UF notifies former students of privacy breach University of Florida News   The University of Florida has notified 239 former students that their personal information may have been compromised.
9/27/2010 ‘Snippets’ of Patient Data Are Accidentally Posted New York Times Anemona Hartocollis New York-Presbyterian Hospital/Columbia University Medical Center announced Monday that pieces of 6,800 patients' data were mistakenly exposed on the Internet.
9/24/2010 ChoicePoint Data Breach Victims Await Their Pittance eSecurity Planet Larry Barrett The Federal Trade Commission (FTC) began sending checks for $18.17 last week to 14,023 victims of the 2008 ChoicePoint breach.
9/23/2010 Legal groups criticize state for disclosing names of people with HIV Bay Area Reporter Seth Hemmelgarn Advocacy groups are criticizing the California Department of Healthcare Services for releasing the names of about 5,000 residents with HIV to a healthcare contractor, while Alaska officials fear a breach at the Alaska AIDS Assistance Association may have compromised the information of 2,000 individuals. 
9/17/2010 Man gets prison for Discover card fraud Orange County Register Larry Welborn A man who purchased on the black market data stolen in the Hannaford Bros. 2007-2008 breach has been sentenced to prison. 
9/17/2010 Rice University Exposes Student, Employee Data eSecurity Planet Larry Barrett Rice University is notifying more than 7,000 students and employees that their personal information was exposed when a portable storage device containing student and employee names, addresses, birth dates, salaries, emergency contact information and, in some cases, Social Security numbers was stolen. 
9/13/2010 CCNY Students Feel Sting of Data Security Mishap eSecurity Planet Larry Barrett School officials at City College of New York are alerting more than 7,000 students that their personal information may have been compromised after a school laptop was stolen.
9/9/2010 Missing files little threat, hospital says Boston Globe Elizabeth Cooney A Massachusetts hospital has concluded its investigation into the disappearance of backup computer tapes containing the personal information of approximately 800,000 individuals.
9/9/2010 Hotel operator warns of data breach ComputerWorld Jaikumar Vijayan    HEI Hospitality, the owner of Marriott, Sheraton, Westin and other hotel brands, is the latest in a growing number of operators to announce a breach of its point-of-sale system. 
9/5/2010 Stolen and sold: Private details of thousands of World Cup fans Daily Mail Jason Lewis A criminal investigation has been launched into the theft and sale of personal details of as many as 250,000 individuals from the U.S., UK, Switzerland, Portugal, the Netherlands, Poland, Italy, Germany, France, Spain and Croatia who purchased tickets to the 2006 World Cup from official FIFA outlets.
9/2/2010 Delaware government: State retiree sues over data leak Delaware Online Chris Barrish A Delaware woman has filed a class-action lawsuit after her personal information was exposed on a state Web site, reports. 
9/1/2010 Heartland to pay Discover $5M for 2008 data breach Associated Press Associated Press Heartland Payment Systems, Inc., agreed on Wednesday to pay Discover Financial Services $5 million to resolve issues related to its 2008 data breach.
8/31/2010 State retiree data breached Delaware Online J.L. Miller A report that a benefits consulting company working with the state government inadvertently posted to the Internet the Social Security numbers, birth dates and gender of about 22,000 state retirees. 
8/31/2010 Military social security cards & other papers found in dumpster Heartland News Jeff Cunningham A viewer alerted Heartland News after finding high school diplomas, birth certificates and Social Security cards in a dumpster behind a Missouri Armed Forces Recruiting Center. 
8/27/2010 Connecticut Insurance Regulators Requiring Data Breach Notification Insurance Journal   Following a string of incidents involving the exposure of residents' personal information, insurance regulators in the state of Connecticut are placing notification requirements on insurers and their agents, requiring that they let the state insurance commissioner know within five days of discovering a breach. 
8/26/2010 500 Million Sensitive Records Breached Since 2005 Privacy Rights Clearinghouse   More than a half billion sensitive records have been breached since 2005, according to the most recent estimates from the Privacy Rights Clearinghouse (PRC), which keeps track of such breaches in its Chronology of Data Breaches project. 
8/24/2010 Judge approves Countrywide ID theft settlement kypost.com Brett Barrouquere A federal judge has approved a settlement between Countrywide Financial Corp. and millions of customers whose information was exposed in what has been described as "the biggest reported case of data theft by a financial insider." 
8/20/2010 Businesses Cash In on Web Privacy Concerns CNBC Julia Boorstin As online data breaches increase to 100 million in the U.S. alone, the numbers of data protection startups are increasing as well.
8/19/2010 Stolen UConn laptop had applicants' Social Security numbers New Haven Register Register Staff Officials at the University of Connecticut (UConn) are notifying more than 10,000 individuals that their personal information was on a laptop computer stolen from the school's West Hartford campus.
8/19/2010 Stolen Yale laptop held patient data; Blumenthal investigating breach New Haven Register Register Staff Yale School of Medicine is alerting 1,000 people that their health information has been compromised after a laptop containing non-encrypted information was stolen last month.
8/12/2010 Heartland denies systems involved in new data breach Computerworld Jaikumar Vijayan    The company that "suffered the largest ever data breach involving payment card data" last year, is downplaying reports linking it to a data breach at a Texas restaurant chain.
8/11/2010 VA Data Breaches Go Live Nextgov Bob Brewin Veterans Affairs Department (VA) Chief Information Officer Roger Baker told a press briefing that the department has begun posting monthly data breach reports on the Internet.
8/11/2010 Broward College students warned of ID theft risk after leak Miami Herald Michael Vasquez A software upgrade at the College Center for Library Automation exposed the personal information of about 126,000 Florida public college students and faculty.
8/2/2010 Rampant hotel data theft SC Magazine Angela Moscarlito Data theft continues to be prevalent in the hotel industry, with breaches occurring on a weekly basis.
7/21/2010 Universities Struggle with Wave of Data Breaches Campus Technology Dian Schaffhauser Florida International University (FIU) and the University of Maine (UMaine) reported breaches affecting thousands of students. 
7/20/2010 Hospital files with data of 800,000 are missing Boston Globe Martin Finucane and Kay Lazar The South Shore Hospital has announced that 800,000 records may have been lost during shipping to an off-site contractor responsible for destroying the records.
7/19/2010 U Hawaii Data Breach Echoes 2009 Incident Campus Technology Dian Schaffhauser The University of Hawaii informed the Honolulu police and the FBI that a server was breached at their parking office, possibly exposing the personal information of 53,000 people. 
7/19/2010 State employee posts nearly 3,000 SSNs online Baltimore Sun Liz F. Kay A Maryland Department of Human Resources (DHR) employee has been placed on administrative leave after posting the Social Security numbers and other personal information of nearly 3,000 DHR clients online.
7/17/2010
Buena Vista University's database privacy breached
Des Moines Register Jens Manuel Krogstad A report that a database security breach at Buena Vista University may have exposed the names, Social Security numbers and license numbers of 93,000 people affiliated with the university dating back to 1987.
7/14/2010 OSU: Computer virus infects computer with info about 34,000 employees KVAL TV   While the University of North Carolina institutes new policies to beef up data security after a state audit showed system vulnerabilities, officials at Oregon State University are notifying 34,000 current and former employees that their personal information was recently exposed by a computer virus.
7/8/2010 University Databases In the Bull's Eye darkreading.com Ericka Chickowski A data breach affecting 53,000 at The University of Hawaii (UH) Manoa is the latest in a recent string of university data breaches. 
7/6/2010 State’s error unveiled Social Security numbers Boston Globe Todd Wallack The Massachusetts secretary of state's office is alerting 139,000 investment advisers that their personal information has been exposed.
7/6/2010 UF officials notify patients of privacy breach University of Florida News Melanie Ross Two universities are notifying thousands of individuals that their personal information may have been exposed. 
7/5/2010 Credit Card Hackers Visit Hotels All Too Often New York Times Joe Sharkey A recent study by SpiderLabs found that the hotel industry was involved in 38 percent of all credit card hacking cases last year.
6/30/2010 CSUSB investigating student data breach The Desert Sun Michelle Mitchell Two educational institutions are looking into data breaches involving personal information. 
6/30/2010 Foursquare Puts Money Before Privacy Wired Ryan Singel Internet site Foursquare published a notice Wednesday about a privacy breach that shared all users' location information across the Web, regardless of whether they had chosen to opt out of such broadcasts through their privacy settings.
6/29/2010 WellPoint: Data breach caused by attorneys and faulty security update The Tech Herald Steve Ragan WellPoint has notified 470,000 health insurance applicants that a security glitch may have exposed their Social Security numbers and other personal information. 
6/29/2010 UMaine students who sought mental health services' data compromised Sun Journal Staff Writer The University of Maine Police Department is investigating a data breach that exposed nearly 5,000 students' personal and medical information. 
6/29/2010 New York hospital loses data on 130,000 via FedEx Business Week Robert McMillan A New York hospital is notifying some 130,000 patients that their personal information may have been compromised. 
6/24/2010 700-Plus Credit Cards Stolen from Hotel ABC News Scott Mayerowitz Hackers broke into the computer system of a luxury hotel chain and, over a three-month period, stole the credit card information of hundreds of guests.
6/23/2010 Personal data accessed on Blue Cross website OC Register Courtney Perkes Approximately 230,000 Anthem Blue Cross customers received notification this week that personal information--including Social Security and credit card numbers--may have been accessed.
6/23/2010 Florida university notifies students and faculty of possible data exposure InfoSecurity.com   A Florida university is notifying 19,407 students and 88 faculty members that their personal data may have been exposed.
6/18/2010 Microsoft opens center for reports of identity and data theft USA Today Byron Acohido Microsoft has launched a coalition to serve as a clearinghouse for reports about caches of stolen data stored on the Internet.
6/14/2010 FCC Issues Warning, FBI Investigates iPad Breach eSecurity Planet Kenneth Corbin The Federal Communications Commission is warning businesses and consumers about data security in light of two recent information breaches.
6/10/2010 AT&T Discloses Breach of iPad Owner Data Wall Street Journal Spencer Ante AT&T acknowledged that a small group of computer experts known as Goatse Security accessed 114,000 e-mail addresses of iPad users through a security hole in AT&T's Web site. 
6/8/2010 FTC Approves Final Settlement Order with Dave & Busters; FTC Rejects COPPA Safe Harbor Application Federal Trade Commission Press Release The Federal Trade Commission (FTC) has approved a final settlement order with entertainment operation Dave & Buster's, settling charges that the company failed to protect consumers' information.
6/8/2010 Penn State Warns Of More Cyber-Breaches CBS News Associated Press More people than additionally estimated may have been affected by a data breach at Penn State University.
6/7/2010 23andMe Sends Wrong DNA Test Results To 96 Customers Tech Crunch Jason Kincaid 23andMe, a company that provides genome testing by mail to its customers, has announced that "up to 96" customer samples were incorrectly processed by the company's contracted laboratory. 
6/4/2010 Insurer says it's not liable for University of Utah's $3.3M data breach Computerworld Jaikumar Vijayan    A Colorado insurance company has filed a federal lawsuit claiming it is not responsible for reimbursing the University of Utah for costs related to a 2008 data breach.
6/3/2010 University of Louisville Patients' Data Exposed eSecurity Planet Larry Barrett AvMed Health Plan officials say a December data breach involving missing laptops may have affected three times as many customers as previously estimated, bringing the number to more than one million. 
6/2/2010 Privacy Breaches May Expose More Social Security Data At Penn State StateCollege.com Adam Smeltz During routine security procedures, Penn. State information-technology staff discovered that two campus computers were infected with malicious software, potentially exposing as many as 25,572 alumni Social Security numbers (SSNs).
5/28/2010 Missing records on stolen laptop from Cincinnati Children's Hospital cincinnati.com Peggy O'Farrell Officials at a Cincinnati hospital are increasing employee training after a data breach affecting more than 61,000 patients.
5/19/2010 Heartland, MasterCard Settle Over Data Breach PC World Nancy Gohring In its third settlement related to a 2008 data breach, Heartland Payment Systems has agreed to pay out up to $41.1 million to MasterCard issuers that lost money as a result of the breach.
5/14/2010 Los Angeles Firemen's CU Has Data Breach  Credit Union Times David Morrison The Los Angeles Firemen's Credit Union has notified some of its members that their personal information, including account and Social Security numbers, may have been compromised.
5/14/2010 VA reports new data breaches Federal Times Tim Kauffman A House committee will discuss recent data breaches at the Veterans Affairs Department during a hearing. 
5/13/2010 Information on 207,000 Army Reservists Stolen GovInfoSecurity Eric Chabrow The Army Reserve is notifying 207,000 reservists that a laptop containing their sensitive data and that of their family members was stolen from the office of a government contractor.
5/7/2010 Court gives preliminary OK to $4M consumer settlement in Heartland case Computerworld Jaikumar Vijayan    A Texas federal court gave preliminary approval of a $4 million settlement in a consumer class action lawsuit against Heartland Payment Systems Inc.
4/29/2010 Data on 24,600 hospital patients missing Courier Journal Laura Ungar A psychiatric hospital in Kentucky is urging 24,600 affected patients to place fraud alerts on their credit reports after a flash drive containing their personal information went missing.
4/28/2010 Data breaches in U.S. cost more Network World Ellen Messmer The average cost of a data breach in the United States is higher than breach costs in Australia, France, Germany and the UK.
4/28/2010 Man indicted in probe of UMC privacy leak Las Vegas Sun Marshall Allen An FBI probe into a privacy breach involving hospital patients' records has resulted in a federal grand jury indicting a man who is alleged to have paid a hospital employee for the information.
4/23/2010 How Blippy users' credit cards got into Google cnetnews.com Tom Krazit Four users of a social networking service based on sharing information about purchases with other users have had their credit card information exposed via Internet searches. 
4/21/2010 Army discloses theft of medical patients' data Chron.com Associated Press Officials have alerted patients of an Army hospital in Texas that their personal information may have been exposed.
4/19/2010 Certegy to pay $975K, undergo annual security audit SC Magazine Dan Kaplan Certegy Check Services will pay $850,000 to the state of Florida for a 2007 data breach that impacted nearly six million personal records.
4/17/2010 Data stolen from 628,000 Virginians recovered, Minn. agency says Virginian Pilot Carolyn Shapiro A student loan firm that reported the theft of data pertaining to 3.3 million borrowers late last month says all of the data has been recovered.
4/13/2010 Va. Beach human services workers fired for privacy breaches Virginian Pilot Deidre Fernandes Eight Virginia Beach human services employees have been fired or disciplined in the past year for wrongfully accessing personal information contained in state databases.
4/9/2010 BCBS Data Theft Now Affects 1 Million Health Data Management Joseph Goedert The number of those affected by the BlueCross BlueShield of Tennessee data theft last October has increased to 998,422 since the last count in March.
4/5/2010 Countrywide Sold Private Info, Class Claims Courthouse News Service Tim Hull Sixteen named plaintiffs have filed a class action suit against Countrywide Financial, Countrywide Home Loans and Bank of America, which bought Countrywide, alleging Countrywide Financial employees stole and sold customers' personal financial information. 
4/5/2010 John Muir Health to notify 5,450 patients of data breach San Francisco Business Times Chris Rauber A California Hospital is providing one year of free identity theft protection to 5,450 patients whose personal and health information was potentially breached after the theft of two laptop computers.
4/2/2010 Navy took more than a year to announce personal data breach Washington Post Federal Diary Government employee organizations are asking the Navy for identity-theft insurance following the notification that the personal data of 244 employees was inadvertently released to a "non-government entity." 
3/30/2010 JC Penney tried to block publication of data breach Computerworld Jeremy Kirk JC Penney and The Wet Seal have been named among the retailers targeted in a 2008 data breach that resulted in the theft of 130 million credit card numbers.
3/30/2010 State AGs Stepping Up HITECH Enforcement Health Leaders Media Dom Nicastro Connecticut Attorney General Richard Blumenthal is investigating his second case involving HIPAA violations in three months.
3/27/2010 Data stolen from firm that handles student loans in Virginia Washington Post Martin Weil A student loan firm is providing credit monitoring and protection services to some 3.3 million people affected by a data breach.
3/26/2010 Computer hacker gets 20-year term Boston Globe Todd Wallack The man who orchestrated the theft of millions of credit and debit card numbers from major companies was sentenced to 20 years in prison.
3/26/2010 Durex India eStore spills customers' personal details The Register John Leyden An Indian Web site that sold Durex condoms has threatened legal action against the person who exposed a data breach on the site. 
3/25/2010 Dave & Buster's Settles FTC Charges it Failed to Protect Consumers' Information Federal Trade Commission   The entertainment operation Dave & Buster's, Inc., has agreed to settle Federal Trade Commission charges that the company failed to protect consumers' information.
3/18/2010 Data Breaches Are Heaviest at Hotels Wall Street Journal Sarah Nassauer Hotels are attractive targets for hackers seeking customer credit card data.
3/10/2010 Companies urged to share data breach information searchsecurity.com Marcia Savage When it comes to battling cybercriminals, the key is to share data breach information with law enforcement officials.
3/10/2010 Arkansas National Guard Loses Hard Drive eSecurity Planet Larry Barrett Members of the Arkansas National Guard are learning this week that their personal information may have been exposed. 
3/9/2010 VA investigating security breach of veterans' medical data NextGov Bob Brewin The Veterans Affairs (VA) Department's inspector general has launched an investigation into a potential breach incident.
3/5/2010 Westin hotel in LA reports possible data breach Computerworld James Niccolai The Westin Bonaventure Hotel and Suites in Los Angeles is offering free credit monitoring services for customers whose payment card information may have been exposed. 
3/1/2010 Data theft creates notification nightmare for BlueCross PC World Robert McMillan The theft of 57 unencrypted hard drives from BlueCross-BlueShield of Tennessee has given thieves access to personal data on upwards of 500,000 customers and is costing millions to fix.
2/28/2010 Wyndham Hotels hacked again v3.co.uk Phil Muncaster Wyndham Hotels and Resorts has notified the U.S. Secret Service and several state attorneys that hackers stole customer names and payment card information from its computer system.
2/23/2010 Federal Trade Commission links wide data breach to file sharing Washington Post Cecilia Kang A Federal Trade Commission probe has uncovered widespread leakage of sensitive data onto peer-to-peer file-sharing networks.
2/22/2010 Valdosta State University server improperly accessed SC Magazine Angela Moscarlito A Georgia university is alerting some 170,000 students and staff that their Social Security numbers may have been exposed.
2/20/2010 Error affects about 3,900 TennCare enrollees KnoxNews.com Kristi Nelson Tennessee's Medicaid management system is offering one year of free identity theft safeguards to 3,900 people after a computer glitch sent their personal information to the wrong mailing addresses.  
2/12/2010 Shell employees' details leaked to environmental campaigners Financial Times Ed Crooks Contact information for 176,000 employees and contractors of Royal Dutch Shell has been sent to environmental and human rights campaign groups.
2/11/2010 Equifax tax forms expose worker Social Security numbers cnetnews.com Elinor Mills An unknown number of current and former employees of a credit reporting firm received W-2 forms in the mail with their Social Security numbers visible through the envelope's window.
2/10/2010 Hackers Break Into Ceridian's Payroll System eSecurity Planet Larry Barrett A Minnesota payroll company is advising more than 1,900 of its customer companies that their employees' personal, sensitive data may have been compromised.
2/6/2010 Error circulates state workers' bank data The Columbus Dispatch Alan Johnson The personal banking information of 6,000 Ohio state employees, including the governor, was mistakenly sent in an e-mail to dozens of payroll officers at state agencies.
2/5/2010 Commerce breach of personal data just the tip of the iceberg Washington Post Joe Davidson In an e-mail to employees, Commerce Secretary Gary Locke called recent breach incidents involving employees' personal information "simply unacceptable."
2/4/2010 Business Associates Can Pay Directly for Breaches Media Health Leaders Dom Nicastro A top official at the Office of Civil Rights (OCR) says business associates could be liable for health data breaches. 
2/4/2010 Minn.-based Ceridian reports data security breach Minnesota Public Radio Elizabeth Dunbar A Minnesota payroll company is changing all customer passwords after discovering a security breach.
2/4/2010 Highmark tells customers personal information lost Pittsburgh Post-Gazette Bill Toland A Pittsburg healthcare provider is offering some 3,700 policyholders one free year of credit monitoring after documents containing their names and Social Security numbers (SSNs) were lost.
2/3/2010 Inquiry sought in data breach Des Moines Register William Petroski Iowa's Senate majority leader will request an inquiry into how a hacker gained access to a state computer system.
1/29/2010 Social Security numbers found lying in street Chicago Tribune Lisa Black and John Keilman Hundreds of partially shredded documents containing sensitive, personal information--including Social Security numbers--were found on a Chicago street last week.
1/27/2010 UCSF says laptop with 4,400 patient records stolen, then recovered San Francisco Business Times Chris Rauber The University of California San Francisco (UCSF) is alerting 4,400 patients that their medical files were potentially exposed after the November theft of an employee's laptop, which was later recovered. 
1/27/2010 Commerce Dept. slow to notify employees of security breach Washington Post Joe Davidson A data breach at the U.S. Department of Commerce occurred on December 4, exposing the personally identifiable information of agency employees.
1/26/2010 Tab for Response to Data Breach Hits $7 Million for BCBS of Tennessee iHealthBeat   Blue Cross Blue Shield (BCBS) of Tennessee says that the October 2009 theft of 57 hard drives from the organization's training facility compromised the personally identifiable information of as many as 500,000 BCBS Tennessee subscribers. 
1/26/2010 Bank sues victim of $800,000 cybertheft Computerworld Jaikumar Vijayan PlainsCapital Bank of Lubbock, Texas, has filed a lawsuit against its customer, Plano-based Hillary Machinery, following the theft of $800,000 from the company by cyberthieves operating out of Italy and Romania.
1/25/2010 Survey: Data breaches from malicious attacks doubled last year cnetnews.com Elinor Mills According to the Ponemon Institute's annual Cost of a Data Breach study, released today, the financial impact of a privacy failure rose to a per-record average of $204 and a per-incident average of $6.75 million.
1/22/2010 US State Department clerk sentenced for passport peeking Associated Press   A State Department file clerk has been sentenced to one year of probation and 75 hours of community service for illegally accessing the confidential passport applications of 70 celebrities in 2007.
1/20/2010 Law Firms in Heartland Cases Criticizing Proposed Settlement  Credit Union Times David Morrison Two law firms representing credit unions and other card issuers are expressing disappointment over a proposed settlement in a case against Heartland Payment Systems.
1/20/2010 Chase bank seems a bit too loose with clients' data Los Angeles Times David Lazarus A Chase Bank customer, who regularly told the bank that she did not wish for it to share her personal information with other organizations was dismayed recently when she received a letter from the bank informing her that information about her that had been shared with another company was exposed online.
1/20/2010 Mortgage Broker Who Dumped Consumer Records Settles FTC Charges Federal Trade Commission   A mortgage broker charged with improperly disposing of consumers' personal financial records has paid a $35,000 settlement to the Federal Trade Commission (FTC). 
1/19/2010 Health Net's missing drive could cost it millions The Register Chris Meller The data breach that affected 1.5 million members of health insurance provider Health Net may end up costing the company millions of dollars.
1/19/2010 Legislative auditor plans follow-up investigation on data breach Minnesota Public Radio Sara Aslanian Minnesota's legislative auditor said this week he plans an investigation into a Texas company's problematic background-checking program that resulted in a data breach affecting 500 new state employees. 
1/15/2010 Financial Firm Notifies 1.2M After Password Mistake PC World Robert MacMillan Financial services firm Lincoln National has begun notifying as many as 1.2 million customers after discovering that a policy of shared passwords.
1/14/2010 Kaiser patient medical records compromised San Francisco Chronicle Victoria Colliver The personal and sensitive medical information of about 15,500 patients of Northern California Kaiser were compromised after an external storage drive was stolen from an employee's car.
1/14/2010 NY Bank Suffers Online Breach Bank Info Security Linda McGlasson Suffolk County National Bank (SCNB) has disclosed that the servers hosting its online banking service suffered a breach lasting six days in November.
1/13/2010 Significant downturn in data breach notifications IT Wire David Heath A report that the number of data breaches reported to the media has declined significantly over the past 18 months. 
1/11/2010 NARA talks about lessons learned from lost PII incident Federal News Radio Gary Stern Gary Stern, general counsel for the National Archives and Records Administration (NARA), spoke with Federal News Radio about recent data breaches at the agency, including what happened, how the agency is  responding and lessons learned from the experience. 
1/8/2010 Heartland to Pay up to $60 Million to Visa Over Breach PC World Grant Gross In the latest settlement related to the 2008 Heartland Payment Systems data breach, PCWorld reports that U.S. and international Visa debit and credit card issuers will receive payments totaling as much as $60 million to pay for costs incurred as a result of the security gaffe that affected more than 130 million card holders. 
12/31/2009 Hacker may have accessed EWU student information Seattle Times Tri-City Herald Officials at Eastern Washington University (EWU) are notifying up to 130,000 current and former students that their personal information may have been exposed in a security breach.
12/30/2009 Facebook App Maker Hit With Data-Breach Class Action Wired David Kravets Third-party app provider RockYou.com is facing a proposed class-action lawsuit.
12/30/2009 Hacker Gonzalez pleads guilty in Heartland breach cnetnews.com Elinor Mills A Miami hacker has pleaded guilty to charges associated with the Heartland Payment Systems and Hannaford Brothers data breaches.
12/30/2009 Penn State notifies 30,000 of computer security breach Pittsburgh Post-Gazette Bill Schackner A report that Penn State has begun the process of notifying nearly 30,000 individuals that their personally identifiable information (PII), including Social Security numbers, may have been compromised as a result of three separate malware infections discovered in late December.
12/29/2009 Parties agree to settlement over Countrywide data breach SC Magazine Dan Kaplan A federal judge in Kentucky granted preliminary approval to settle a class-action lawsuit related to the Countrywide Financial data breach that exposed the personal data of millions.
12/22/2009 Did Hackers Steal Millions from Citigroup? ABC News Huma Khan, Pierre Thomas and Jason Ryan Citigroup is denying a Wall Street Journal report that Eastern European cybercriminals hacked the company's network and made off with tens of millions of dollars.
12/21/2009 UPDATE 1-Heartland to settle class actions over cyber breach Reuters   A report that Heartland Payment Systems will settle class action lawsuits stemming from a data breach the credit card processor sustained during a period from 2007 through 2008. 
12/17/2009 Heartland Pays Amex $3.6 Million Over 2008 Data Breach PC World Robert McMillan Heartland Payment Systems will pay American Express $3.6 million to settle charges related to its 2008 data breach.
12/16/2009 Mass. Supreme Court throws out lawsuit against BJs over '04 data breach Computerworld Jaikumar Vijayan The Massachusetts Supreme Judicial Court upheld a lower court's decision to dismiss a lawsuit against BJ's Wholesale Club over its 2004 data breach.
12/16/2009 RockYou Hacker: 30% of Sites Store Plain Text Passwords Read Write Web Jolie O'Dell News emerged that a hacker successfully infiltrated the database of social network RockYou.com and located the login information of more than 32 million users.
12/15/2009 UCSF belatedly announces September data breach San Francisco Business Journal Chris Rauber The University of California San Francisco (UCSF) has notified 600 patients that their personal information may have been exposed.
12/11/2009 Warnings issued after possible security breach Minnesota Public Radio Sasha Aslanian The State of Minnesota has requested that all state agencies stop using a private background investigation firm following the possible disclosure of 500 state employees' personally identifiable information (PII) on the company's Web site.
12/9/2009 Verizon: Data Breaches Getting More Sophisticated Wired Kim Zetter A new study by Verizon has found that cybercriminals are using increasingly sophisticated techniques to steal information, but that most hackers still gain access to sensitive information in known, preventable ways. 
12/8/2009 24,000 employees affected by data breach The Observer Sarah Mervosh A report by the University of Notre Dame independent newspaper, The Observer, states more than 24,000 employees of the school had their personally identifiable information exposed when the information was posted to an unsecure, publicly accessible Internet site. 
12/7/2009 Blumenthal suspects HealthNet disk was stolen Hartford Business   Connecticut Attorney General Richard Blumenthal has notified federal investigators of what he believes to have been the theft of a computer disk containing the personal, financial and medical information of more than 450,000 subscribers of HealthNet insurance.
12/4/2009 EIU warns of student data security breach Chicago Tribune Associated Press Eastern Illinois University officials have mailed letters to prospective and current students who may have been affected by a data breach.
11/24/2009 The Year Of The Mega Data Breach Forbes Andy Greenberg Forbes reports on the numbers of data breaches during the first 11 months of 2009. 
11/21/2009 PATIENT PRIVACY: FBI probing UMC data leaks  Las Vegas Review-Journal Scott Wyland The Federal Bureau of Investigation is now involved in the investigation into the sharing of University Medical Center (UMC) patients' health records.
11/20/2009 Hospital privacy leak could harm patients Las Vegas Sun Marshall Allen Someone at University Medical Center (UMC) is leaking the records of accident victims to attorneys. 
11/18/2009 Health Net Loses Information for 450,000 Clients nbcconnecticut.com Leanne Gendreau Connecticut Attorney General (AG) Richard Blumenthal has expressed outrage that six months passed before health insurer Health Net notified the state and police about a breach of confidential data.
11/9/2009 Conn. AG investigates insurer's data breach Hartford Courant Associated Press Connecticut's attorney general (AG) is looking into Blue Cross Blue Shield's (BCBS) loss of confidential information on 800,000 doctors.
10/30/2009 68,000 CalOptima Members at Risk in Data Breach Consumer Affairs   CalOptima has reported that CDs containing the personal information of Orange County, California Medicaid recipients are missing.
10/29/2009 CalOptima recovers discs with personal data on 68,000 members Computerworld Jaikumar Vijayan    CalOptima has recovered discs containing the personal data of 68,000 members.
10/28/2009 Report Suggest Consumers Don't Understand Data Breach Notifications Credit Union Times David Morrison A report on study findings that suggest consumers do not understand the importance of data breach notifications and, as a result, fail to protect themselves from fraud. 
10/27/2009 UW says 40 computers hacked Wisconsin State Journal   The University of Wisconsin-Madison is the latest campus to report a breach of students' personal information.
10/22/2009 Zurich loses data on 51,000 UK customers Times Online Miles Costello Zurich Insurance has notified customers in three countries that their personal details went missing during a routine data transfer last year, and their whereabouts remain unknown.
10/22/2009 Security Flaws Discovered in Calif. EDD Website CBS 5 Local News Anna Werner The Swiss foreign ministry announced a shutdown of its computer system after a "professional virus attack" allowed hackers in.
10/20/2009 Data collector charged $275,000 for leaking personal data The Register Dan Goodin A report on ChoicePoint's settlement with the Federal Trade Commission. 
10/19/2009 ChoicePoint to Pay Fine for Second Data Breach PC World Grant Gross The Federal Trade Commission (FTC) announced yesterday that data broker ChoicePoint will pay a fine to resolve charges that it failed to implement data protection measures required by the agency after its 2004 security breach.
10/15/2009 Computer data on 103,000 VA Adult Ed Students Misplaced Washington Post Michael Alison Chandler The personally identifiable information of more than 100,000 former adult education students in Virginia was exposed as a result of a misplaced USB flash drive on which their data was stored.
10/15/2009 PayChoice Suffers Another Data Breach Washington Post Brian Krebs For the second time in a month, hackers have gained the login credentials of PayChoice clients.
10/14/2009 Women's data breach probed News & Observer Eric Ferreri When the University of North Carolina-Chapel Hill sent letters to women notifying them of a data breach related to their medical data used in a UNC mammography study, many expressed concern about both the compromise and their involvement in the study.
10/9/2009 MD Bank Dumps Identities into Trash ABC News Joce Sterman A number of customers in Rodgers Forge, Maryland were upset to learn that the institution which recently took over the local branch of the former Bradford Bank has been less than protective of their personal and banking information. 
10/7/2009 City Admits Lapse in Data Release New York Times Sewell Chan New York City officials admitted to a security blunder yesterday that occurred when municipal data was released to local programmers working on New York City-specific software applications in a project known as BigApp. 
10/6/2009 Heartland, After The Hacking Information Week Thomas Claburn Nearly 10 months after disclosing a months-long data breach that affected millions of consumers, the financial impact of the Heartland data breach continues to unfold. 
10/6/2009 850,000 doctors could be hit by potential data breach from insurer's stolen laptop amednews.com Emily Berry A report that the impact of the theft of a Blue Cross-Blue Shield (BCBS) employee's laptop computer could be as large as 850,000 and include every physician in the BCBS network. 
10/6/2009 Google targeted in e-mail scam BBC News Jonathan Fildes Google's Gmail service is the latest to have been targeted by a phishing scheme. 
10/6/2009 Microsoft warns of Hotmail privacy breach SmartCompany.com Patrick Stafford Microsoft is warning hundreds of millions of Hotmail users to take precautions after their account details were posted on a third-party Web site.
10/5/2009 Lawsuits over Heartland data breach folded into one Computerworld Jaikumar Vijayan    A lawsuit consolidating 16 separate class-action complaints against Heartland Payment Systems has been filed in U.S. District Court for the Southern District of Texas.
10/5/2009 Microsoft acknowledges Windows Live ID breach SC Magazine Chuck Miller Microsoft Corporation acknowledged the compromise of thousands of Windows Live user login credentials after they were exposed on a third party Web site. 
10/3/2009 Blue Cross physicians warned of data breach Boston Globe Kay Lazar Blue Cross-Blue Shield (BCBS) is warning tens of thousands of physicians about a breach involving their personal information.
10/2/2009 Soldiers' Data Still Being Downloaded Overseas, Firm Says Washington Post Ellen Nakashima A private cybersecurity monitoring firm says it continues to find the sensitive data of U.S. soldiers on unauthorized computers in foreign nations such as China and Pakistan
10/1/2009 Probe Targets Archives' Handling of Data on 70 Million Vets Wired Ryan Singel The inspector general of the National Archives and Records Administration (NARA) is investigating a potential data breach involving the sensitive data of 76 million military veterans.
10/1/2009 Data breach hits payroll firm PayChoice Network World Ellen Messmer A New Jersey payroll processor has acknowledged a breach of its processing operations.
9/30/2009 2nd Update: Express Scripts: Extortionist Has Even More Data Wall Street Journal   Express Scripts, one of the nation's largest pharmacy benefits managers, has mailed letters to 700,000 members after new details emerged about the scope of data stolen by an unknown person a year ago.
9/25/2009 UNC data breach exposes 163,000 SSNs Computerworld Jaikumar Vijayan    The University of North Carolina is notifying 163,000 women that their personally identifiable information was exposed in a security breach.
9/16/2009 Data Breach Highlights Role Of 'Money Mules' Washington Post Brian Krebs Maine's Downeast Energy & Building Supply notified about 850 customers that the company had experienced a security breach that drained them of $200,000 and potentially exposed customers' personal data.
9/14/2009 Heartland on Defense at Senate Hearing Government Information Security Eric Chabrow Heartland Payment Systems CEO Robert Carr appeared before the Senate Homeland Security and Governmental Affairs Committee to answer questions about the data breach that impacted hundreds of millions of cardholders. 
9/11/2009 TD Ameritrade data theft settlement nears approval Associated Press Josh Funk The U.S. District Court judge presiding over the hearing on a proposed TD Ameritrade Holding Corp. settlement with customers did not make a final decision on the deal.
9/9/2009 DuPont Alleges Second Insider Breach In Two Years darkreading.com Tim Wilson Chemical giant DuPont has fired an employee for allegedly stealing trade secrets.
9/9/2009 Heartland Update: Judge to Hear Motions to Dismiss Class Action Suits Bank Info Security Linda McGlasson Preliminary hearings have begun in the case against Heartland Payment Systems.
9/9/2009 NHS body admits losing sensitive data on over 6,000 job applicants Out-Law News   The Information Commissioner's Office (ICO) is reminding all that "password-protected laptops are not secure." 
9/7/2009 Phony debt collectors raise fear of national data breach Augusta Chronicle Kelvin Collins The Better Business Bureau (BBB) has issued a national alert about a new scam that elicits confidential information from consumers.
9/3/2009 TJX agrees to settle another breach lawsuit for $525,000 Computerworld Jaikumar Vijayan    Retail giant TJX has settled for $525,000 a lawsuit with a group of banks for costs incurred following the company's 2006 data breach. 
8/25/2009 Insider risk problem revealed BBC News Maggie Shiels The majority of data breaches result from inadvertent employee error, say experts. 
8/22/2009 BU reports data breach of 400 ROTC members Boston Globe Abbie Ruzicka Another Massachusetts university has reported a data breach. 
8/21/2009 Hackers gained access to UMass info Telegram.com Priyanka Dayal  University of Massachusetts at Amherst officials say they have taken steps to shore up information security practices since learning last fall of a breach that exposed the personal information of alumni. 
8/19/2009 Inside The Year's Biggest Data Breach Forbes.com Taylor Buley Forbes reports on the ease with which hackers responsible for some of the largest data breaches to date were able to infiltrate the breached entities' networks. 
8/13/2009 Amex cardholders' data stolen by employee The Associated Press   An American Express employee has been arrested for stealing corporate data and the company is notifying some card holders that their information may have been compromised.
8/12/2009 U.C. Berkeley Alumni Data is Breached The Snitch Anna McCarthy A SF Weekly blog reports that those affiliated with the University of California Berkeley are again being notified that hackers may have accessed their private details. 
8/10/2009 BofA warns Mass. Security breach Charlotte Business Journal Tim McLaughlin Bank of America and Citigroup have issued new credit and debit cards to customers in Massachusetts, letting them know that their account numbers may have been compromised.
8/10/2009 Twitter breach revives cloud security fears Computerworld Jaikumar Vijayan    A data breach involving Twitter's use of an application hosted by Google has prompted calls for a reversal in the City of Los Angeles' recent decision to switch to cloud-based applications.
8/4/2009 Inmate found with sensitive info Concord Monitor Lauren R. Dorgan New Hampshire officials are looking into how an inmate obtained sensitive information on state Corrections Department employees.
8/3/2009 Federal Eye: Personal Data Mishandled at Commerce Dept. Washington Post Ed O'Keefe Commerce Department employees have been notified that their sensitive personal information was exposed last month.
7/29/2009 Security experts' sites hacked on eve of Black Hat conference cnetnews.com Elinor Mills With the collective gaze of the security community fixed on Las Vegas and the Black Hat security conference, a number of high-profile security experts have been targeted by hackers. 
7/27/2009 Network Solutions starts healing process after data breach DMNews Lauren Bell Following disclosure of a data breach that may have compromised the credit card data of more than 573,000 patrons of small commercial Web sites, Internet domain administer and host Network Solutions has initiated a crisis response effort. 
7/24/2009 Network Solutions Hack Compromises 573,000 Credit, Debit Accounts Washington Post Brian Krebs Brian Krebs reports that a data breach at Internet domain administrator and host Network Solutions has compromised personal and financial data for more than 573,000. 
7/20/2009 Data Explosion Expands Breach Exposure, But Insurers More Open To Handling Risk National Underwriter Phil Gusman The amount of data stored electronically continues to explode, creating more potential for privacy breaches.
7/17/2009 Hotline for UCSD patients swamped SignOnSanDiego.com David Hasemyer The University of California-San Diego Moores Cancer Center notified 30,000 individuals that their personal information may have been stolen by hackers.
7/14/2009 Canyons School District: Sorry about that missing employee info Salt Lake Tribune Kristen Stewart A school district in Utah has notified more than 6,000 employees that a thumb drive containing their personal information has been lost. 
7/13/2009 LexisNexis issues data breach warning after alleged mafia bust Computerworld Robert McMillan Consumer databases have become coveted scouring grounds for identity thieves and other fraudsters. 
7/10/2009 Boxes of medical records found in Salt Lake dumpster KUTV Brian Mullahy Medical records, including names, credit card numbers, Social Security numbers and cancelled checks were found in a dumpster behind a Salt Lake City shoe distribution center.
7/6/2009 Lessons from the Data Breach at Heartland BusinessWeek Rachel King BusinessWeek goes in depth with Heartland Payment Systems CEO Robert Carr on the data security breach his company experienced late last year. 
6/24/2009 Cornell probes theft of laptop with personal data Associated Press   Cornell University announced that police are investigating the theft of a school laptop containing the personal information--including Social Security numbers--of approximately 45,000 students, alumni, faculty and staff. 
6/23/2009 TJ Maxx Settles Data Breach Charges ConsumerAffairs.com   Retailer TJX will pay $9.75 million to settle charges related to its 2007 data breach that exposed the financial details of thousands of customers.
6/19/2009 Malicious Attacks Most Blamed in '09 Data Breaches Washington Post Brian Krebs Nearly 40 percent of data breaches reported since January were the work of hackers or employees, according to Identity Theft Resource Center (ITRC) figures.
6/18/2009 Court Stiffs Veterans Caught in Privacy Breach Wired David Kravets The 11th U.S. Circuit Court of Appeals decided that veterans whose personal data was stolen could not recover financial damages for mental anguish.
6/17/2009 Heartland CEO says data breach was 'devastating' Computerworld Jaikumar Vijayan    Even before it happened, the possibility of a data breach was what kept him up at night, Heartland Payment Systems chairman and CEO Bob Carr told Computerworld. 
6/14/2009 AP IMPACT: Weak security enables credit card hacks Associated Press Jordan Robertson An Associated Press investigation into credit card hacks has revealed that industry-accepted safeguards are lacking. 
6/9/2009 T-Mobile Confirms Stolen Data Is Genuine PC World Jeremy Kirk T-Mobile today confirmed that hackers accessed information from its servers, as alleged, but the company does not believe customer data is in danger.
6/8/2009 Aetna named in security-breach lawsuit Hartford Business Greg Bordonaro A class-action suit has been filed against health insurer Aetna for alleged data protection and privacy failures.
6/4/2009 Printing glitch leads to 'breach' Kennebec Journal Betty Adams The Maine state Office of Information Technology has notified nearly 600 residents that certain information about their unemployment benefits was mailed to the wrong recipients.
6/2/2009 In Legal First, Data-Breach Suit Targets Auditor Wired Kim Zetter A bank is suing the security auditor that certified CardSystems Solutions three months before hackers breached its systems in 2004.
6/2/2009 Batteries.com, insurance firm report data breaches Computer World Grant Gross Online retailer Batteries.com said in a letter to New Hampshire's Attorney General on May 18 that hackers breached its server in February, stealing names, addresses and credit card information. 
5/29/2009 Heartland Update: More than 650 Institutions Impacted Bank Info Security Linda McGlasson The number of banks reporting card compromises as a result of the Heartland Payment Systems data breach has reached 656.
5/28/2009 Aetna Contacts 65,000 after web site data breach PC World Jeremy Kirk Aetna is erring "on the side of caution" in notifying 65,000 people about a breach of its Web site.
5/20/2009 Heartland Payment Systems CEO discusses breach, previews speech IAPP   Not a week had passed after the announcement of what some have described as the largest data breach ever, when the CEO of Heartland Payment Systems, Robert Carr, began calling for better industry cooperation and new efforts directed at preventing future breaches. 
5/20/2009 Heartland Data Breach: Hearing Set for Class Action Suits Bank Info Security Linda McGlasson Multiple financial institutions have filed suits against Heartland Payment Systems for its payment processing system security breach last year. 
5/20/2009 HIV-positive patients sue hospital over records lost on train Boston Globe Elizabeth Cooney Two of the Massachusetts General Hospital patients whose records were among those lost on an MBTA train in March have filed suit against the hospital and the employee responsible for the loss.
5/19/2009 Investigation into huge loss of computerized Clinton data New York Times David Johnston The FBI is investigating the loss of a computer hard drive from the National Archives record center.
5/13/2009 Most claims dismissed in Hannaford data breach suit Computerworld Jaikumar Vijayan    A U.S. District Court judge has dismissed most of the civil claims associated with the Hannaford Bros. data breach disclosed in March 2008.
5/12/2009 D.C. Agency Accidentally E-Mails Personal Data About College Financial Aid Application Washington Post Bill Turque The personal details of 2,400 students were exposed by a government agency.
5/11/2009 TD Ameritrade data theft settlement goes to court OK Associated Press Josh Funk A U.S. District Court judge has approved the settlement agreement for a class-action suit against TD Ameritrade Holding Corp.
5/11/2009 Inside a data leak audit Network World Sandra Gittlen An inside look at the data leakage audit of a Boston-based pharmaceutical firm. 
5/8/2009 Hackers Say They Have Va. Prescription Drug Data, Demand $10 Milion The Washington Post Brian Krebs Virginia officials say they have no evidence that personal information is at risk due to a breach of its Prescription Monitoring Program database, but are urging residents to watch their finances just the same.
5/8/2009 Hackers breach UC-Berkeley database; infor for 160,000 students, alums at risk San Jose Mercury News Matt Krupnick Hackers have stolen the personal information of 160,000 current and former University of California-Berkeley students.
5/7/2009 Security breach leads to Heartland Payment 1Q loss Forbes.com David Pitt The Heartland Payment Systems security breach contributed to a first-quarter loss for the company. 
5/7/2009 Missile data, medical records found on discarded hard disks The Register John Leyden University researchers purchased 300 drives from eBay and other retailers, finding that 34 percent of disk drives still contained confidential data.
5/4/2009 Heartland earns back spot on PCI approved list Network World   Heartland Payment Systems is back on Visa Inc.'s list of compliant vendors.
5/2/2009 LexisNexis warns 32,000 people about data breach Associated Press Amy Westfeldt LexisNexis has notified tens of thousands that their personal information was exposed in a database security breach.
4/29/2009 Likely cause of Ill. Data breach pervasive Associated Press   Officials at the Illinois Department on Aging say "employee error" likely caused a breach of sensitive information.
4/28/2009 Identifying the source of corporate threats  NetworkWorld Davi Ottenheimer  The Verizon Business RISK team recently released its "2009 Data Breach Investigations Report," which gives a fresh look into the question of whether insiders or outsiders are the larger threat group. 
4/28/2009 Federal Reserve IT Analyst Arrest Highlights Internal Threat  Information Week George Hulme A recent arrest stokes the debate that was rekindled with the recent release ofVerizon  Business' 2009 Data Breach Investigations Report.
4/28/2009 Mountain of private information found in abandoned warehouse WWLTV News Bigad Shaban The confidential records of Orleans Parish public-school employees have been discovered in an abandoned and unsecured warehouse in New Orleans.
4/27/2009 Data Security Breaches Present Emerging Risks, Opportunities for Agents  Insurance Journal Patricia-Ann Tom Data security represents both a new market opportunity to sell insurance coverage and a new risk - especially for independent insurance agencies that may not be compliant with data security laws or have plans in place to protect their own companies from data breaches.
4/27/2009 Study: Many Employees Undermine Data Breach Prevention Strategies  Insurance Journal   Many employees disable the encryption solutions on their laptops, putting their employers at risk for data breaches, according to a study by Absolute Software Corp. and the Ponemon Institute.
4/27/2009 The Real Costs Of Laptop Loss Dark Reading John Sawyer Numbers like $49,346 as the averags cost of a lost laptop is certainly enough to turn some managerial heads.
4/24/2009 Unencrypted laptop with 1 million SSNs stolen from state SC Magazine Dan Kaplan The sensitive personal information of more than a million Oklahomans has been compromised
4/24/2009 After mass security lapse, RBS Worldpay gets IRS contract No bad deed goes unrewarded  The Register Dan Goodin RBS Worldpay - the electronic payment processor that admitted it exposed sensitive financial records for millions of customers - has been awarded a contract by the Internal Revenue Service to process tax return payments next year.
4/24/2009 Oklahomans Demand Better Identity Security Recent Breaches Raise Concern Across State  KOCO (Oklahoma City)   Oklahomans are demanding action after two security breaches in less than a month, both linked to state agencies.
4/24/2009 DHS alerts clients to theft Tulsa World Althea Peterson The Oklahoma Department of Human Services sent letters to clients in nearly half a million households this week stating that their names and personal information might have been stolen from a DHS employee's laptop computer.
4/23/2009 SunTrust Banks Announce Security Breach  WESH.com   A bank that serves Central Florida has become the victim of a security breach, and its customers could be at risk.
4/22/2009 Typical lost or stolen laptop costs companies nearly $50,000, study finds Mercury News Steve Johnson The results of an Intel-commissioned study on business costs associated with lost or stolen laptops. 
4/22/2009 Employee info device missing from FairPoint AP via The Telegraph  Clarke Canfield A portable data storage device containing the personal information of more than 4,000 employees of FairPoint Communications Inc. has been reported missing.
4/22/2009 Many Companies Don't Report Data Breaches as a Risk Factor MX Logic   Thirty-eight percent of Fortune 500 companies fail to report the threat of a data breach in the "risk factors" section of their SEC 10-K filing, according to a recent survey by international specialist insurer Hiscox.
4/21/2009 Pentagon Fighter Jet Data Breach Was Avoidable  ChannelWeb Andrew Hickey The hack into the Pentagon's computer system that led to the theft of information related to the $300 billion Joint Strike Fighter project could have been prevented.
4/21/2009 Fraud specialists want more transparency on data breaches  MX Logic   A survey released ahead of this week's RSA Conference in San Francisco shows that network security fraud specialists want more transparency in reporting of data breaches.  
4/21/2009 Affinion Security Center Publishes Data Breach Response Guide  PR News Wire   As incidents of corporate data breaches continue to rise, the rules and regulations requiring compliance for breach notification and response from financial institutions, creditors and many other businesses have strengthened. 
4/20/2009 Crime rings behind 91% of data theft: report  Information Age JJ Robinson Cybercrime rings are organised, sophisticated and highly effective when it comes to data theft, reveals a new report from frontline forensic investigators.
4/20/2009 Proposed breach notification rule would affect more health vendors  Nextgov Bob Brewin Rules proposed by the Federal Trade Commission on April 16 on disclosure of breaches of personal health information would greatly expand the number of companies that would be subject to notifying individuals if their personal health data was exposed because records were lost or stolen, or because a hacker broke into a computer health network.
4/20/2009 Five Ways To Survive a Data Breach Investigation  IT World Bill Brenner Security experts say it all the time: If a company thinks it has suffered a data security breach, the key to getting at the truth unscathed is to have a response plan in place for what needs to be done and who needs to be in charge of certain tasks. 
4/20/2009 Study: Mistakes, Not Insiders, to Blame for Most Breaches  Quantcast
IT World
Joan Goodchild 2008 was a banner year for security breaches, according to new research from Verizon.
4/17/2009 Data Breach Notification Law Across the World from California to Australia DocuTicker   Examining the specifics of data breach notification frameworks in multiple jurisdictions.
4/16/2009 Proposed rule would require notice about breaches ModernHealtcare Joseph Conn The Federal Trade Commission, in compliance with the American Recovery and Reinvestment Act of 2009, issued a formal notice seeking public comment on a proposed rule requiring vendors of personal health record systems and related entities to provide notice to consumers in the event of a security breach.  
4/16/2009 Verizon Breach Report Challenges Conventional Wisdom  Information Week Mike Fratto Verizon (NYSE: VZ) Business' most recent 2009 Data Breach Investigations Report is a must-read report if you're involved in IT.
4/16/2009 FTC Issues Proposed PHR Breach Rule Health Data Management Joseph Goedert The Federal Trade Commission has issued a proposed rule that would require personal health records vendors and related entities to notify consumers when their identifiable health information has been breached. 
4/16/2009 Criminal gangs on the hunt for weak business security  IT Pro Asavin Wattanajantra Organised criminals are trawling businesses looking for weak defences ripe for an attempt at a data breach.
4/15/2009 E-Mobsters Continue Brazen Data Extortion  eWeek Matthew Hines The Verizon Business Data Breach [report] that was published today seems to have raised a few eyebrows.
4/15/2009 More Data Breached In 2008 Than In Previous Four Years Combined Information Week Thomas Claburn The findings of the 2009 Verizon Business Data Breach Investigations Report, which revealed that the number of breached records in 2008--285 million--surpassed the total number of records breached in the previous four years combined. 
4/15/2009 Over 280 million records compromised last year Damning report finds simple steps still being ignored  VNUNet Phil Muncaster More than 280 million records were compromised in 2008, according to a new Data Breach Investigations Report from global comms and IT provider Verizon Business.  
4/14/2009 Five Ways to Survive a Data Breach Investigation  CIO