infosec-news January 2011 archive
Main Archive Page > Month Archives  > infosec-news archives
infosec-news: [ISN] [Dataloss Weekly Summary] Week of Sunday, De

[ISN] [Dataloss Weekly Summary] Week of Sunday, December 26, 2010

From: InfoSec News <alerts_at_nospam>
Date: Tue Jan 04 2011 - 10:57:03 GMT
To: isn@infosecnews.org

========================================================================

Open Security Foundation - DataLossDB Weekly Summary
Week of Sunday, December 26, 2010

28 Incidents Added.

========================================================================

DataLossDB is a research project aimed at documenting known and reported
data loss incidents world-wide. The Open Security Foundation asks for
contributions of new incidents and new data for existing incidents. For
any questions about the project or the data contained within this email
or the website (http://www.datalossdb.org), please contact us at
curators@datalossdb.org.

========================================================================

DataLossDB News/Updates

  No news this week!

========================================================================

Incidents Added

Reported Date: 2010-12-28
Summary: Binder of medical marijuana records with Social Security Numbers, names, addresses, dates of birth, driver's license numbers, telephone numbers, and copies of birth certificates found in a dumpster
Organizations: Apothecary of Colorado
http://datalossdb.org/incidents/3311
---------------------

Reported Date: 2010-12-23
Summary: 4.9 million names, addresses, e-mail addresses, user names and VINs exposed from email list
Organizations: American Honda Motor Co., Inc
http://datalossdb.org/incidents/3294
---------------------

Reported Date: 2010-12-23
Summary: 3159 patientĀ¹s full name, date of birth, medical record number, healthcare providerĀ¹s name, encounter date, and diagnosis information stolen from laptop in parked car
Organizations: Mankato Clinic
http://datalossdb.org/incidents/3306
---------------------

Reported Date: 2010-12-22
Summary: 1600 Names, Social Security numbers and employment information exposed in unsecured job applicant SQL database on the Web
Organizations: Community First Credit Union, Cambrium Group
http://datalossdb.org/incidents/3315
---------------------

Reported Date: 2010-12-22
Summary: 35,000 statements sent to the wrong address that includes name, bank details and recent transactions
Organizations: Santander
http://datalossdb.org/incidents/3321
---------------------

Reported Date: 2010-12-21
Summary: Payment card information misused by employee who also accessed name, address, date of birth, insurance info, and Social Security numbers in customer database
Organizations: Kinetic Concepts Inc.
http://datalossdb.org/incidents/3307
---------------------

Reported Date: 2010-12-16
Summary: Employee steals thousands of background check applications containing dates of birth and Social Security numbers and uses them to open credit card and other accounts
Organizations: Integrated Biometrics Technology
http://datalossdb.org/incidents/3317
---------------------

Reported Date: 2010-12-16
Summary: 1500 names, dates of birth, addresses and personal information on laptop stolen from locked room in hospital
Organizations: Calderdale Royal Hospital, Calderdale and Huddersfield NHS Foundation Trust
http://datalossdb.org/incidents/3319
---------------------

Reported Date: 2010-12-01
Summary: Names, addresses, Social Security numbers and driver license numbers exposed as manager throws out a box of job applications in a dumpster by mistake.
Organizations: KMax Systems
http://datalossdb.org/incidents/3318
---------------------

Reported Date: 2010-11-30
Summary: Specific management system software program infected by malicious software expose debit and credit cards
Organizations: Shell Vacations Hospitality
http://datalossdb.org/incidents/3296
---------------------

Reported Date: 2010-11-22
Summary: 147 names, phone numbers and Social Security numbers stolen from storage device in a secure room
Organizations: Dartmouth College
http://datalossdb.org/incidents/3316
---------------------

Reported Date: 2010-11-20
Summary: A former employee accessed a secure area and logged into hospital computer records that contain patient information
Organizations: Coliseum Hospital
http://datalossdb.org/incidents/3310
---------------------

Reported Date: 2010-11-19
Summary: Account numbers and card expiration dates may have been exposed by a breach at a third-party payment service.
Organizations: 1st Source Bank
http://datalossdb.org/incidents/3322
---------------------

Reported Date: 2010-11-12
Summary: Laptop stolen from an employee in the Human Resources Department contained names, addresses and Social Security numbers
Organizations: Hanger Orthopedic Group
http://datalossdb.org/incidents/3308
---------------------

Reported Date: 2010-11-10
Summary: Names, addresses, grades, Social Security numbers, date of birth and records of payments received stolen from laptop in locked off-campus site.
Organizations: Methodist Theological School
http://datalossdb.org/incidents/3323
---------------------

Reported Date: 2010-10-25
Summary: 180 names and Social Security numbers exposed as an employee took home a list with information and then tried to email to work
Organizations: U.S. Department of Veterans Affairs
http://datalossdb.org/incidents/3309
---------------------

Reported Date: 2010-10-15
Summary: Social Security numbers and bank account information stolen from a laptop at corporate office
Organizations: Kayser-Roth Corporation
http://datalossdb.org/incidents/3314
---------------------

Reported Date: 2010-10-08
Summary: Stolen portable hard drive contained former nursing students' Social Security Numbers
Organizations: Armstrong Atlantic State University
http://datalossdb.org/incidents/3312
---------------------

Reported Date: 2010-10-08
Summary: 240 names, Social Security numbers, date of birth, mailing addresses, medical data (health information), and other financial information exposed as guard finds an unencrypted thumb drive inside the facility doors.
Organizations: U.S. Department of Veterans Affairs
http://datalossdb.org/incidents/3313
---------------------

Reported Date: 2010-09-21
Summary: A propgraming error allows the Social Security numbers of the writing agent to be seen through the contracted broker's portal
Organizations: CareFirst
http://datalossdb.org/incidents/3303
---------------------

Reported Date: 2010-07-15
Summary: Confirmation information containing account number, name, transaction records were mailed to the wrong customers
Organizations: Principal Financial Group
http://datalossdb.org/incidents/3297
---------------------

Reported Date: 2010-07-14
Summary: Back-up hard drive containing names, Social Security numbers, and other financial information was stolen.
Organizations: Ameriprise Financial
http://datalossdb.org/incidents/3298
---------------------

Reported Date: 2010-07-07
Summary: 268 underwriting files found outside headquarters containing names, Social Security numbers, account numbers, medical information and driver license numbers
Organizations: Knights of Columbus
http://datalossdb.org/incidents/3299
---------------------

Reported Date: 2010-06-30
Summary: Names, Social Security Numbers and date of birth exposed after discovery of stolen backup tapes
Organizations: Science Applications International Corp (SAIC)
http://datalossdb.org/incidents/3295
---------------------

Reported Date: 2010-06-30
Summary: Spreadsheet with 799 names and Social Security numbers of current/former employees accidentally left exposed on network drive during upgrade
Organizations: K. Hovnanian Enterprises
http://datalossdb.org/incidents/3300
---------------------

Reported Date: 2010-06-24
Summary: Employee sold lists of customer information to a third party
Organizations: State Farm Insurance
http://datalossdb.org/incidents/3301
---------------------

Reported Date: 2010-06-21
Summary: Call center employee copies credit card numbers of 22 customers
Organizations: T-Mobile
http://datalossdb.org/incidents/3302
---------------------

Reported Date: 2010-06-11
Summary: Names, addresses, Social Security numbers, date of birth and DJS number stolen from laptop locked trunk of parked car.
Organizations: VisionQuest
http://datalossdb.org/incidents/3305
---------------------

========================================================================

Blotter Posts

Added: 2011-01-01
Title: Medical ID theft at Deaconess Hospital
http://www.14wfie.com/story/13751151/medical-id-theft-at-deaconess-hospital
---------------------

Added: 2011-01-01
Title: Federal study gives trends of identity theft
http://www.tulsaworld.com/site/articlepath.aspx?articleid=20101227_12_A9_Aboutm21505&rss_lnk=11
---------------------

Added: 2011-01-01
Title: Sophisticated Vancouver theft ring busted
http://www.cbc.ca/canada/british-columbia/story/2010/12/30/bc-andrew-cross-stolen-goods.html?ref=rss
---------------------

Added: 2011-01-01
Title: CD Pirate Walks Federal Plank in Computer Gaming Case
http://blogs.forbes.com/billsinger/2010/12/30/cd-piracy-bi/?utm_source=allactivity&utm_medium=rss&utm_campaign=20101230
---------------------

_______________________________________________
Dataloss Mailing List (dataloss@datalossdb.org)

CREDANT Technologies, a leader in data security, offers advanced data encryption solutions.
Protect sensitive data on desktops, laptops, smartphones and USB sticks transparently
across your enterprise to ensure regulatory compliance.
http://www.credant.com/stopdataloss

___________________________________________________________
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery
Network, Cisco Switches, SAS 70 Type II Datacenter.
Find peace of mind, Defend your Critical Infrastructure.
http://www.tegataiphoenix.com/