Saint Mary's Hospital, Naugatuck Valley Community College

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
April 23, 2012
geo: 
Waterbury , CT
United States
Connecticut US
Records Breached: 

Unknown

A Naugatuck Valley Community College instructor used patient X-rays from St. Mary's Hospital to teach radiology technology.  The instructor obtained the X-rays by using his Saint Mary's employee login to access medical records.  The X-rays were used without permission and contained patient names, dates of birth, and physician notes.  The instructor told students not to disclose the practice.

Source: 
PHIPrivacy.net

University of Arkansas for Medical Sciences (UAMS)

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
April 20, 2012
geo: 
Little Rock , AR
United States
Arkansas US
Records Breached: 

7,000 (No SSNs or financial information reported)

A UAMS physician sent financial data to an individual who was not a member of UAMS's workforce in February of 2012.  Patient identifiers had not been removed from the data and UAMS learned of the error on April 6.  Patients of interventional radiology seen at UAMS between 2009 and 2011 had their names, UAMS account numbers, dates of service, interventional radiology procedures, diagnosis codes, charges, and payments exposed.

Source: 
PHIPrivacy.net

EPN, Inc.

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
June 9, 2012
geo: 
Provo , UT
United States
Utah US
Records Breached: 

3,800

The FTC has fined EPN, Inc. for failing to implement reasonable security measures. The agency charged that the company did not have an appropriate information security plan, failed to assess risks to the consumer information it stored, did not adequately train employees, did not use reasonable measures to enforce compliance with its security policies, and did not use reasonable methods to prevent, detect and investigate unauthorized access to personal information on its networks.

Source: 
Databreaches.net

Franklin's Budget Car Sales, Inc.

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
June 9, 2012
geo: 
Statesboro , GA
United States
Georgia US
Records Breached: 

95,000

The FTC fined Franklin's Budget Car Sales for compromising consumers' personal information by allowing peer-to-peer software to be installed on its network.  Any computers that were connected to the peer-to-peer network could have accessed Franklin's network of consumer names, Social Security numbers, addresses, dates of birth, and driver's license numbers.  The FTC claimed that Franklin's failed to assess risks to the consumer information it collected and stored online and failed to adopt policies to prevent or limit unauthorized disclosure of information.

Source: 
Databreaches.net

Department of Health and Human Services Maine

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
July 19, 2012
geo: 
Augusta , ME
United States
Maine US
Records Breached: 

79

A computer system glitch caused the personal information of public assistance applicants to be sent to random addresses in the department's system.  The error occurred in December, but was not noticed until June.  Multiple rounds of forms had been mailed out by that time.  A total of 31 forms contained the Social Security numbers, bank account numbers, and other information of 79 household members.

Source: 
PHIPrivacy.net

American Stock Transfer & Trust Company, LLC

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
April 13, 2012
geo: 
Brooklyn , NY
United States
New York US
Records Breached: 

Unknown

Mail packages containing the beneficiary statements of certain shareholders for the year of 2011 were mailed to incorrect addresses on April 2, 2012.  The statements contained names, tax identification numbers of the intended shareholders, and addresses.  Shareholders of a single, unnamed issuer that used American Stock Transfer as a sub-transfer agent most likely had their information mailed to a different shareholder than the shareholder listed on the beneficiary statement.

Source: 
Dataloss DB

University of Alabama - Birmingham (UAB)

Type of breach: 
Year of Breach: 
Type of organization: 
Under Review: 
0
Date Breach Made Public: 
April 25, 2012
geo: 
Birmingham , AL
United States
Alabama US
Extra Info: 

Former students with questions may call 1-855-822-8510 or email info-help@uab.edu.

Records Breached: 

8,000

People who were undergraduate students at UAB between 1995 and 2006 may have had their information accessed online.  The information included Social Security numbers and academic records.  It was accidentally made available on a publicly accessible server for an unspecified amount of time.  The breach was discovered on March 27. 

Source: 
Dataloss DB

Groupon

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
July 2, 2012
geo: 
Chicago , IL
United States
Illinois US
Records Breached: 

170 (No SSNs or financial information reported)

An ongoing flaw in Groupon's email link encryption exposes the emails of some Groupon users when specific terms are added into Google searches of Groupon's site.  Groupon believes that the problem is caused by users publicly pasting their Groupon deals online.  Groupon is working on a solution to exclude the results.

Source: 
Databreaches.net

University of Florida

Type of breach: 
Year of Breach: 
Type of organization: 
Under Review: 
0
Date Breach Made Public: 
July 2, 2012
geo: 
Gainesville , FL
United States
Florida US
Extra Info: 

The University of Florida maintains a page with their privacy breach incidents herehttp://privacy.ufl.edu/

Records Breached: 

220

The information of former students and applicants was available online.  Former students and applicants who signed up for a roommate service online through Levin College of Law in the early 2000s had their Social Security numbers exposed.  The breach was discovered in May of 2012; the College of Law stopped using the software for the roommate service in the mid-2000s. Former students and applicants were mailed notifications on June 25.

Source: 
Databreaches.net

Wilson County School District

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
April 8, 2012
geo: 
Wilson , TN
United States
Tennessee US
Records Breached: 

Unknown

The names and schools of students who met with graduation coaches, as well as their reasons for meeting were not completely removed from distributed meeting materials.  

Source: 
Dataloss DB

Pages

Showing 11-20 of 844 results
Subscribe to DISC