AOH :: ISNQ6560.HTM

Week of Sunday, July 18, 2010




Week of Sunday, July 18, 2010
Week of Sunday, July 18, 2010



  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.

--1457021584-929888884-1280216940=:21267
Content-Type: TEXT/PLAIN; charset=utf-8
Content-Transfer-Encoding: QUOTED-PRINTABLE

=======================================================================
Open Security Foundation - DataLossDB Weekly Summary
Week of Sunday, July 18, 2010

45 Incidents Added.

=======================================================================
DataLossDB is a research project aimed at documenting known and reported 
data loss incidents world-wide. The Open Security Foundation asks for 
contributions of new incidents and new data for existing incidents. For 
any questions about the project or the data contained within this email 
or the website (http://www.datalossdb.org), please contact us at 
curators@datalossdb.org. 

=======================================================================
DataLossDB News/Updates

  No news this week!


=======================================================================
Incidents Added


Reported Date: 2010-07-22
Summary: 230,000 customer records stolen from online database
Organizations: Hell Pizza
http://datalossdb.org/incidents/3035 
---------------------

Reported Date: 2010-07-20
Summary: Website PlayNow.com exposes 130 customers names, credit card and bank account details 
Organizations: British Columbia Lottery Corporation
http://datalossdb.org/incidents/3031 
---------------------

Reported Date: 2010-07-19
Summary: Backup tape lost with by vendor exposes 800,000 patients medical details
Organizations: South Shore Hospital
http://datalossdb.org/incidents/3025 
---------------------

Reported Date: 2010-07-19
Summary: Boxes of personal information, including names, addresses, medical details, Social Security numbers improperly disposed in dumpster
Organizations: LV Financial Services
http://datalossdb.org/incidents/3030 
---------------------

Reported Date: 2010-07-19
Summary: Employee collects 'hundreds' of  customers credit card details commits fraud 
Organizations: Starbucks
http://datalossdb.org/incidents/3028 
---------------------

Reported Date: 2010-07-19
Summary: Employee accidentally posts 3000 clients Social Security numbers on a third party website
Organizations: Maryland Department of Human Resources 
http://datalossdb.org/incidents/3029 
---------------------

Reported Date: 2010-07-16
Summary: Stolen laptop exposes 5000 exployees unemployment insurance claims including Social Security numbers
Organizations: Connecticut Department of Labor
http://datalossdb.org/incidents/3032 
---------------------

Reported Date: 2010-07-07
Summary: 4,000,000 user names and email addresses stolen in hack
Organizations: Pirate Bay
http://datalossdb.org/incidents/3012 
---------------------

Reported Date: 2010-06-30
Summary: White Hat uses foursquare privacy hole to capture 875K check-Ins
Organizations: Foursquare
http://datalossdb.org/incidents/3011 
---------------------

Reported Date: 2009-12-11
Summary: Malicious software discovered on computer that processes credit cards
Organizations: InterContinental Hotels Group
http://datalossdb.org/incidents/2991 
---------------------

Reported Date: 2009-12-02
Summary: Client information including Social Security numbers inadvertently mailed to wrong address
Organizations: Ameriprise Financial
http://datalossdb.org/incidents/2993 
---------------------

Reported Date: 2009-11-30
Summary: Stolen laptop may have contained Social Security numbers
Organizations: Nuance
http://datalossdb.org/incidents/3020 
---------------------

Reported Date: 2009-11-16
Summary: Hacker gains access to website and installs keylogger to gain credentials
Organizations: Genworth Financial Trust Company
http://datalossdb.org/incidents/3005 
---------------------

Reported Date: 2009-09-28
Summary: Stolen laptop contained Social Security numbers, taxpayer information, addresses and national provider identifier numbers
Organizations: Mountain State Blue Cross Blue Shield
http://datalossdb.org/incidents/3021 
---------------------

Reported Date: 2009-09-11
Summary: Former employee improperly handled sensitive documents exposing customers personal information
Organizations: AT&T
http://datalossdb.org/incidents/3007 
---------------------

Reported Date: 2009-08-25
Summary: Hacker gains access to database, exposing personal information
Organizations: Assurity Financial Serices
http://datalossdb.org/incidents/2994 
---------------------

Reported Date: 2009-08-21
Summary: Malious software found on computer which parsed RAM for credit card numbers
Organizations: Handlery Hotel
http://datalossdb.org/incidents/3022 
---------------------

Reported Date: 2009-08-12
Summary: Virus on computer may have compromised login credentials to American Express Card processing accoutn
Organizations: CFA Institute
http://datalossdb.org/incidents/2990 
---------------------

Reported Date: 2009-08-04
Summary: Former employee stole 10 customers' credit card numbers and attempted to use
Organizations: T-Mobile
http://datalossdb.org/incidents/3027 
---------------------

Reported Date: 2009-07-28
Summary: Stolen computer at employees residence contained personal information
Organizations: The Mind Research Network, Hartford Hospital
http://datalossdb.org/incidents/3010 
---------------------

Reported Date: 2009-07-13
Summary: Second-hand hard drive found to have personal information of employees
Organizations: Lockheed Martin Corp
http://datalossdb.org/incidents/3034 
---------------------

Reported Date: 2009-06-30
Summary: Unauthorized access to accounts may have exposed other customer personal information
Organizations: MoneyGram
http://datalossdb.org/incidents/2997 
---------------------

Reported Date: 2009-06-30
Summary: Daily receipt bag containing names, payment checks and co-pays was lost
Organizations: UMassMemorial
http://datalossdb.org/incidents/3002 
---------------------

Reported Date: 2009-04-17
Summary: Invoices containing Social Security numbers were accidentally available to the public on website
Organizations: Humana Inc
http://datalossdb.org/incidents/3017 
---------------------

Reported Date: 2009-04-17
Summary: Employee accessed data in which they had no need to be searching
Organizations: Massachusetts General Hospital
http://datalossdb.org/incidents/2995 
---------------------

Reported Date: 2009-04-09
Summary: Financial account statement erroneously mailed to former agents, customers names and account information exposed
Organizations: Prudential Financial
http://datalossdb.org/incidents/3015 
---------------------

Reported Date: 2009-03-24
Summary: Employee left laptop by car during patient visit; laptop was stolen, exposing client information
Organizations: Partners Home Care Inc
http://datalossdb.org/incidents/3004 
---------------------

Reported Date: 2009-03-23
Summary: Personal data of over 800,000 Massachusetts residents exposed by internal breach
Organizations: Massachusetts Department of Health and Human Services
http://datalossdb.org/incidents/3014 
---------------------

Reported Date: 2009-01-23
Summary: Financial consultant stored boxes of client information at his garage, hired crew improperly disposed of material
Organizations: RBC Wealth Management
http://datalossdb.org/incidents/2992 
---------------------

Reported Date: 2009-01-06
Summary: 10 individuals sent applications with accidental attachment of another individuals information
Organizations: Idearc Media
http://datalossdb.org/incidents/3019 
---------------------

Reported Date: 2008-11-19
Summary: Inadvertant exposure of 226 customer names and credit card numbers
Organizations: British American Business Inc.
http://datalossdb.org/incidents/3016 
---------------------

Reported Date: 2008-11-19
Summary: Keylogger on employee home computer allows intruder to gain unauthorized access to accounts
Organizations: Commonwealth Equity Services
http://datalossdb.org/incidents/2998 
---------------------

Reported Date: 2008-10-28
Summary: Starter checks sent by third party to wrong addresses, exposing names, addresses and bank account details
Organizations: Citizens Financial Group, Inc
http://datalossdb.org/incidents/2999 
---------------------

Reported Date: 2008-09-25
Summary: Technical error in system allows 11 customers to see each others gas bills
Organizations: Bay State Gas Company
http://datalossdb.org/incidents/3026 
---------------------

Reported Date: 2008-09-04
Summary: Employee erroneously emails form to unintended recipient
Organizations: Metropolitan Life Insurance Company (MetLife)
http://datalossdb.org/incidents/3000 
---------------------

Reported Date: 2008-07-09
Summary: Confidential documents marked for destruction were taken by other department
Organizations: California Office of Systems Integration
http://datalossdb.org/incidents/3003 
---------------------

Reported Date: 2008-05-09
Summary: Files stolen from officer's vehicle, containing personal information of 50 people
Organizations: Massachusetts Division of Insurance
http://datalossdb.org/incidents/2996 
---------------------

Reported Date: 2008-03-13
Summary: 86 customers Credit Cards exposed through public blogging of calls
Organizations: Toshiba America Information Systems, Inc
http://datalossdb.org/incidents/3018 
---------------------

Reported Date: 2008-02-25
Summary: Internal email sent to employee without authority to view personal information 
Organizations: The Center for Discovery
http://datalossdb.org/incidents/3009 
---------------------

Reported Date: 2008-01-22
Summary: Stolen laptop contained personal identifiable information of employees
Organizations: GE Aviation Systems
http://datalossdb.org/incidents/3013 
---------------------

Reported Date: 2007-12-20
Summary: Unauthorized use of password of client exposes personal information of other clients
Organizations: Jackson National Life Insurance Company, INVEST Financial Corporation
http://datalossdb.org/incidents/3008 
---------------------

Reported Date: 2007-11-02
Summary: Shareholder accounts fraudulenty accessed by temporary employee
Organizations: Computershare Inc, Comcast Cable
http://datalossdb.org/incidents/3001 
---------------------

Reported Date: 2007-09-25
Summary: Unauthorized login exposes 2,297 customers Social Security numbers
Organizations: Merlin Information Services
http://datalossdb.org/incidents/3033 
---------------------

Reported Date: 2007-07-18
Summary: Policy information sent to incorrect address, customer information exposed
Organizations: Standard Life and Casualty Insurance
http://datalossdb.org/incidents/3023 
---------------------

Reported Date: 2007-07-11
Summary: Clerical error results in one account being exposed to another firm
Organizations: Bear Stearns & Co Inc
http://datalossdb.org/incidents/3006 
---------------------


=======================================================================
Blotter Posts


Added: 2010-07-24
Title: Federal agents uncover Palm Beach County-based identity-theft ring
http://feedproxy.google.com/~r/sun-sentinel/news/local/palmbeach/~3/fnjErBnEXGQ/fl-palm-id-theft-20100723,0,185161.story 
---------------------

Added: 2010-07-24
Title: Security dealers take on identity theft
http://www.securityinfowatch.com/Dealers/security-dealers-take-identity-theft 
---------------------

Added: 2010-07-24
Title: Former tax-preparation service worker sentenced for identity theft
http://www2.timesdispatch.com/news/2010/jul/23/frau23-ar-347584/ 
---------------------

Added: 2010-07-24
Title: Protecting your kids from ID theft
http://feeds.boston.com/click.phdo?i=36cd21a1c26a731449bdfab42e728765 
---------------------

Added: 2010-07-24
Title: CanadaPost to fortify mailboxes to stop mail theft
http://news.therecord.com/article/748875 
---------------------

Added: 2010-07-24
Title: Task Force Busts Alleged Credit Card Skimming Ring
http://feeds.nbclosangeles.com/click.phdo?i=98bfd402d9072a9ee55457afb855033a 
---------------------

Added: 2010-07-24
Title: How to Protect Yourself from ID Theft
http://www.infozine.com/news/stories/op/storiesView/sid/42441/ 
---------------------

Added: 2010-07-24
Title: AG advice to victims of South Shore data breach
http://feedproxy.google.com/~r/bostonherald/business/~3/VtTbMrGSB-Q/view.bg 
---------------------

Added: 2010-07-24
Title: What Personal Information Should Appear on Personal Checks?
http://www.buzzle.com/articles/what-personal-information-should-appear-on-personal-checks.html 
---------------------

Added: 2010-07-24
Title: Charges: MN Nursing Assistants Stole From Patients
http://wcco.com/crime/nursing.assistants.theft.2.1813682.html 
---------------------

Added: 2010-07-24
Title: Who is your agent? Lessons in identity theft.
http://feeds.boston.com/click.phdo?i=cf3eb51adc7730c75c91b25586e3fae4 
---------------------

Added: 2010-07-24
Title: A Poor Man=E2=80=99s Identity Theft Protection
http://www.usnews.com/blogs/my-money/2010/7/19/a-poor-mans-identity-theft-protection.html?s_cid=rss:my-money:a-poor-mans-identity-theft-protection 
---------------------


_______________________________________________
Dataloss Mailing List (dataloss@datalossdb.org) 

CREDANT Technologies, a leader in data security, offers advanced data 
encryption solutions. Protect sensitive data on desktops, laptops, 
smartphones and USB sticks transparently across your enterprise to 
ensure regulatory compliance. http://www.credant.com/stopdataloss 


--1457021584-929888884-1280216940=:21267
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_________________________________________________________________
Attend Black Hat USA 2010, hosted at Caesars Palace in Las Vegas, Nevada
July 24-29th, offering over 60 training sessions and 11 tracks of Briefings
from security industry elite. To sign up visit http://www.blackhat.com 
--1457021584-929888884-1280216940=:21267--

Site design & layout copyright © 1986-2014 CodeGods