Institutional Shareholder Services

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
May 23, 2013
geo: 
Boston , MA
United States
Records Breached: 

100 (No SSNs or financial information reported)

An employee of Institutional Shareholder Services (ISS) shared nonpublic voting data in exchange for $15,000 in concert tickets and $20,000 in meals.  From 2007 through early 2012 an ISS employee provided nonpublic information on how over 100 ISS clients were voting on proxy ballots to a firm that gathers shareholder votes.  ISS will pay The Securities and Exchange Commission $300,000 to settle civil charges and penalties.

Source: 
Media

Vendini, Inc.

Type of breach: 
Year of Breach: 
Type of organization: 
Under Review: 
0
Date Breach Made Public: 
May 22, 2013
geo: 
San Francisco , CA
United States
Extra Info: 

Those with questions may call Vendini at 800-836-0473.

Vendini's blog statement can be read here: http://blog.vendini.com/

Records Breached: 

22,900

Anyone who used Vendini for ticket purchases may have had their financial information exposed during a March breach.  A hacker accessed Vendini's server and may have obtained customer names, addresses, email addresses, credit card numbers, and credit card expiration dates.  A total of 22,900 customers from Augusta, Maine may have been affected.  It is unclear if people from other states were also affected.

UPDATE (06/12/2013): The unauthorized intrusion was first detected on April 25.  

Source: 
Media

Tinder

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
July 24, 2013
geo: 
West Hollywood , CA
United States
Records Breached: 

Unknown

Tinder advertises to users that their physical location information is never shown to other users.  An outside engineer discovered an issue with the Tinder app that allowed the locations of users to be available for at least two weeks.  Last known locations, Facebook IDs, dates of birth, gender, and names were available.  

Source: 
Media

NASDAQ.com

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
July 18, 2013
geo: 
New York , NY
United States
Records Breached: 

Unknown

Hackers were able to steal passwords from a NASDAQ Community forum.  It is likely that only passwords  and non-financial inforimation was stolen.  NASDAQ alerted users to the issue and took the website offline to upgrade its security.  There is concern that the hackers will use the email and password information to send phishing messages and obtain access to various financial accounts.

Source: 
Media

Facebook

Type of breach: 
Year of Breach: 
Type of organization: 
Under Review: 
0
Date Breach Made Public: 
June 21, 2013
geo: 
Menlo Park , CA
United States
Records Breached: 

6,000,000 (No SSNs or financial information involved)

Facebook discovered a bug that may have allowed unauthorized users to view the personal contact information of Facebook users.  The people who could have used the information would have had some kind of connection to them or some kind of contact information, but users may have thought their email and phone numbers were hidden from these connections.  People who used the Download Your Information (DYI) tool may have been able to access the contact information.  The issue was discovered by an external group of security researches involved with the White Hat program.

Source: 
Media

Adobe, Washington Administrative Office of the Courts

Type of breach: 
Year of Breach: 
Type of organization: 
Under Review: 
0
Date Breach Made Public: 
May 13, 2013
geo: 
Olympia , WA
United States
Records Breached: 

160,000

Up to 160,000 people may have had their information exposed by a breach.  Anyone who was booked into a city or county jail int he state of Washington between September of 2011 and December of 2012 may have had their Social Security number exposed.

Source: 
Media

TJG, Inc., Target Marketing

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
May 29, 2013
geo: 
Ashland , VA
United States
Records Breached: 

Unknown

The Target Marketing website was accessed by unauthorized parties on May 14.  People who used debit or credit cards on the online e-commerce platform may have had their names, email addresses, payment card numbers, expiration dates, and CVV codes accessed.

UPDATE (05/29/2013): Shumsky in Dayton, Ohio was also affected. Shumsky customers may have had their names, addresses, email addresses, credit/debit card numbers, payment card expiration dates, and CVV codes accessed.

Source: 
California Attorney General

Anasazi Hotel, LLC

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
May 30, 2013
geo: 
Sante Fe , NM
United States
Records Breached: 

Unknown

Anasazi Hotel learned that it was a common link in a number of fraudulent credit card activities.  An investigation revealed that Anasazi's network had been accessed and customer credit card information had been accessed.  Malware that could transmit customer names and credit card information was on Anasazi's system.  Anyone who used a credit card at Anasazi between June 18, 2012 and March 21, 2013 may have been affected.

Source: 
California Attorney General

RentPath, Inc. (Primedia)

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
May 31, 2013
geo: 
Norcross , GA
United States
Records Breached: 

56,000

An independent contractor with access to Primedia's network operations group was found to have stolen hardware.  The issue was discovered on June 20, 2012.  Applicants, employees, and former employees may have had several different types of personal information stolen. Approximately 56,000 Social Security numbers were discovered among the various types of information.  Approximately 30,000 former employees, employees, and applicants were identified and notified of the breach.  The other 26,000 have yet to be identified.

Source: 
California Attorney General

Drupal.org

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
May 30, 2013
Extra Info: 

Drupal is a volunteer-based organization and doesn't have a central location.

Records Breached: 

Unknown

A hacker or hackers exploited a vulnerability in a third-party software and used it to access accounts on drupal.org. The hackers were able to upload files to the association.drupal.org and compromised Drupal's serer. Accounts on groups.drupal.org may have also been exposed. Usernames, email addresses, hashed passwords, and country information may have been exposed.

Source: 
Media

Pages

Showing 51-60 of 651 results
Subscribe to BSO