Veterans Administration Medical Center (Biloxi)

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
September 16, 2011
geo: 
Biloxi , MS
United States
Mississippi US
Records Breached: 

1,814

The VA believes an employee's office at the Veterans Administration Medical Center in Biloxi was inappropriately accessed without proper authorization on July 21.  A number of medical files with veteran names, Social Security numbers, dates of birth and other personal information like medical diagnoses were found spread on the office floor.  The breach could affect veterans, deceased veterans and VA employees in seven counties in southern Mississippi, four counties in southern Alabama, and seven counties in the Florida Panhandle. 

Source: 
PHIPrivacy.net

Department of Veterans Affairs

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
August 8, 2011
geo: 
Fayetteville , NC
United States
North Carolina US
Records Breached: 

Unknown

A dishonest VA worker used his tax return preparation business to submit fraudulent tax returns.  VA patient personal information such as names, Social Security numbers and birth dates were used to create fake dependents on people's tax returns.  The VA worker then collected fees from customers in exchange for fraudulently increasing the dollar amount of their tax returns. He was convicted in February and sentenced to 11 years in federal prison. The employee handled information from VA patients in North Carolina and Virginia.

Source: 
PHIPrivacy.net

University of Arizona

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
August 4, 2011
geo: 
Tucson , AZ
United States
Arizona US
Records Breached: 

Unknown

A hacker accessed the employee listserv on or around August 4.  This allowed an unauthorized party to send an offensive photo and additional lewd messages through the University's mailing list.  The listserv is normally only used by administrators to transmit official University business.  It is unclear if any information was exposed.

Source: 
Databreaches.net

Department of Veterans Affairs

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
August 3, 2011
geo: 
Washington , DC
United States
District Of Columbia US
Records Breached: 

Unknown

The inspector general at the VA found that IT contractors had accessed the VA's electronic health record system without appropriate security clearances.  An tipster had left a message about the situation on a departmental hotline in the summer of 2010.  Contractor personnel were found to be improperly sharing user accounts when accessing VA networks and the Veterans Health Information System and Technology Architecture systems. Employees of the contracting company were unaware of proper IT security protocol.

Source: 
PHIPrivacy.net

Passaic County Jail

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
January 6, 2010
geo: 
Paterson , NJ
United States
New Jersey US
Records Breached: 

Unknown

Inmates used the library logs at Passaic to obtain the personal information of other inmates. The inmates then called outside conspirators in order to defraud American Express and inmates of over $450,000.  Fake American Express credit cards were created from the information and used to deposit funds into Bank of America accounts or to make purchases. The scheme occurred between September of 2007 and April of 2008.

Source: 
Dataloss DB

Minnesota Department of Labor & Industry

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
January 19, 2010
geo: 
St. Paul , MN
United States
Minnesota US
Records Breached: 

759

It was discovered that an hourly employee of 19 years was forging checks by using the information of companies who were fined for OSHA violations.  The employee had handled checks for 12 years and may have been involved in a larger fraud operation.  The employee was arrested and fraudulently obtained less than a thousand dollars on average from each company.  A total of 759 companies who paid OSHA fines between January 1, 2009 and November 18, 2010 were affected.  One business owner discovered that a fraudulent check had been cashed for $745 after he paid an OSHA fine of $315.

Source: 
Dataloss DB

Colorado Department of Health Care Policy and Financing (HCPF)

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
July 1, 2011
geo: 
Denver , CO
United States
Colorado US
Records Breached: 

3,590 (No SSNs or financial information reported)

A disk with the information of medical-aid applicants was lost on its way between HCPF and another agency. It contained applicant names, state identification numbers, and addresses. The disk was discovered missing on May 6.

Source: 
PHIPrivacy.net

California Department of Public Health (CDPH)

Type of breach: 
Year of Breach: 
Type of organization: 
Under Review: 
0
Date Breach Made Public: 
June 24, 2011
geo: 
Sacramento , CA
United States
California US
Extra Info: 

Additional information can be found at the CDPH's website.  Current and former employees with questions may also call (877) 421-9634.

Records Breached: 

9,000

The workers' compensation information of 9,000 current and former state employees was copied onto a private hard drive without authorization.  The hard drive was removed from the state offices by an employee, but was recovered.  The CDPH security system detected unusual activity on April 5 and the employee responsible was discovered.  The employee was placed on administrative leave until the completion of the investigation.  Most current CDPH and California Department of Health Care Services (DHCS) employees were affected.

Source: 
Databreaches.net

Teachers Retirement System of Texas

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
June 17, 2011
geo: 
Austin , TX
United States
Texas US
Records Breached: 

Unknown

A breach of the Teachers Retirement System (TRS) of Texas has been discovered.  A retired principal learned that the TRS had mailed an envelope to her bank.  Due to the window-style of the envelope, her personal information was clearly visible through the TRS envelope.  The number of people affected by TRS's practice is unknown.  TRS changed their procedures so that content cannot be seen from the outside of the envelope.  TRS also plans to take the sensitive information off of letters in the future.

Source: 
Databreaches.net

Casa Grande Justic Court

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
June 5, 2011
geo: 
Casa Grande , AZ
United States
Arizona US
Records Breached: 

200

A court clerk took court documents home in an attempt to hide the fact that she had not done the work.  The employee was fired and could be charged with tampering with public records.  No malicious intent is suspected.  It is believed that the employee hid years of backlogged records and eventually took them home to continue concealing them.

Source: 
Databreaches.net

Pages

Showing 1-10 of 722 results
Subscribe to GOV