World Travel Holdings (WTH)

Type of breach: 
Year of Breach: 
Type of organization: 
Under Review: 
0
Date Breach Made Public: 
December 17, 2012
geo: 
Wilmington , MA
United States
Extra Info: 

CruiseOne and Crusies Inc. are affiliated with WTH and also mailed notifications to their customers.

Records Breached: 

Unknown

An unauthorized party accessed WTH's booking system by misusing the log-in credentials of an authorized user.  Encrypted credit card numbers and expiration dates that were stored and could be decrypted in the system were exposed.

Source: 
California Attorney General

Sourcefire

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
November 27, 2012
geo: 
Columbia , MD
United States
Records Breached: 

500

The November 6 theft of an unencrypted laptop may have resulted in the exposure of employee Social security numbers.  It is unclear if other types of information were also exposed.  A total of 500 employees may have been affected.  

Source: 
Media

Workers United

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
December 21, 2012
geo: 
New York , NY
United States
Records Breached: 

Unknown

The theft of a hard drive from the office of an unnamed independent contractor resulted in the exposure of sensitive information.  The theft occurred on either October 13 or 14 of 2012 and Workers United learned of the issue on October 25.  A database with former Workers United member names and Social Security numbers was on the hard drive.

Source: 
Databreaches.net

Walz and Associates Law Firm

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
January 28, 2013
geo: 
Albuquerque , NM
United States
Records Breached: 

Unknown

A concerned citizen found hundreds of documents in a recycling center and notified a local news team.  The documents included criminal histories, depositions, medical records, personal phone numbers, and addresses.  Most were from the 1990's.  Most or all of the information did not need to be shredded because it was considered public record.  The local news team contacted a director from the solid waste division and the documents were removed for shredding.

Source: 
PHIPrivacy.net

Twitter

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
February 2, 2013
geo: 
San Francisco , CA
United States
Records Breached: 

250,000 (no SSNs or financial information exposed)

Online attackers were able to access the usernames, email addresses, session tokens, and encrypted passwords of 250,000 users.  Twitter notified affected users and told them to create a new password.  Anyone who used the same password and username or email combination for other sites is encouraged to change the password on other sites as well.

UPDATE (03/11/2013): Facebook, Microsoft, and Apple were all affected by a similar breach around the same time.

Source: 
Media

The New York Times

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
January 30, 2013
geo: 
New York , NY
United States
Records Breached: 

Unknown

The New York Times' computer system was hacked after Chinese government officials warned the Times about consequences for investigating the wealth of government family members.  The Times began monitoring its system closely on October 24 and noticed unusual activity on October 25 when an article about the wealth of a Chinese official's family was published.  The breach began on September 13 and was allowed to continue until January so that the hackers' behavior could be studied.

Source: 
Media

Schneider-Electric

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
February 7, 2013
geo: 
Palatine , IL
United States
Records Breached: 

Unknown

A vendor's mailing error resulted in the exposure of employee Social Security numbers.  Call for Candidacy letters were mailed sometime around January 16 that had Social Security numbers, names, and addresses visible through the address window of the letter.  

Source: 
California Attorney General

Talk Fusion

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
February 8, 2013
geo: 
Brandon , FL
United States
Records Breached: 

Unknown

A computer network attack resulted in the exposure of customer information.  The cyber attack was discovered on December 13, 2012 and affected customer databases with names, Social Security numbers, credit and debit card numbers, payment card expiration dates, payment card security codes, addresses, telephone numbers, dates of birth, and mothers' maiden names may have been exposed.

Source: 
California Attorney General

NBC.com

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
February 22, 2013
geo: 
New York , NY
United States
Records Breached: 

Unknown

NBC's website was attacked by malware in the form of a Citadel Trojan.  The purpose of the attack was most likely to steal usernames, passwords, and other personal information.  NBC is unclear on how the malware entered their system.

Source: 
Media

Los Angeles Times, OffersandDeals.latimes.com

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
February 13, 2013
geo: 
Los Angeles , CA
United States
Records Breached: 

Unknown

The Los Angeles Times learned that a segment of its website housed malicious code for six weeks.  The subdomain OffersandDeals.latimes.com redirected visitors to a malicious website.  The website then used code to receive compensation for web traffic.  The compromise appears to have occurred sometime before December 23, 2012.  An LA Times spokesperson initially responded to the breach by claiming that a glitch in Google's display ad exchange had caused a malicious script warning rather than actual malicious script.

Source: 
Media

Pages

Showing 41-50 of 620 results
Subscribe to BSO