University of Texas-Pan American

Type of breach: 
Year of Breach: 
Type of organization: 
Under Review: 
0
Date Breach Made Public: 
November 11, 2011
geo: 
Edinburg , TX
United States
Extra Info: 

Those with questions may email infosecurity@utpa.edu.

Records Breached: 

19,276 (No SSNs or financial information reported)

On September 1, 2011, a spreadsheet containing information on 19,276 students was accidentally made accessible from the internet due to a administrative error.  The spreadsheet contained the names, addresses, phone numbers, email addresses, majors, class or classes, levels, colleges, student ID numbers, and GPAs of students enrolled as of September 1 of 2011.  The problem was corrected on November 2 soon after it was discovered. The spreadsheet had been accessed 15 times by unknown parties between September 1 and November 2.  

Source: 
Databreaches.net

Spotsylvania County

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
January 6, 2012
geo: 
Spotsylvania , VA
United States
Records Breached: 

4,289

An employee discovered that it was possible to access current and former employee W-2 forms online via a Google search.  The W-2 form contained employee name, Social Security number, address, earnings, and taxes paid for 2009 and 2010.  The discovery was made on December 23 of 2011. 

Source: 
Media

St. Joseph Health System

Type of breach: 
Year of Breach: 
Type of organization: 
Under Review: 
0
Date Breach Made Public: 
February 15, 2012
geo: 
CA
United States
Extra Info: 

Patients from the California hospitals St. Jude Medical Center, Mission Hospital, Santa Rosa Memorial Hospital, Petaluma Valley Hospital, and Queen of the Valley were affected. No single California city is listed as the breach location.

Records Breached: 

31,800 (No SSNs or financial information reported)

Protected patient information may have been available on the internet for one year.  A patient's attorney contacted St. Jude officials to inform them that the information was available online. The patient health records included names, body mass index, blood pressure, lab results, smoking status, diagnoses lists, medication allergies, and demographic information such as gender, date of birth, language spoken, ethnicity, and race.  The information was removed from online and co no longer be accessed by unauthorized parties.

Source: 
PHIPrivacy.net

Delta Dental

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
March 22, 2012
geo: 
Sacramento , CA
United States
Records Breached: 

11,646 (no SSNs or financial information reported)

The unauthorized disclosure of paper records sometime around December 22, 2011 may have resulted in the exposure of protected health information.  

Source: 
HHS via PHIPrivacy.net

IndyMac Bank, IndyMac Resources, Inc.

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
March 19, 2012
geo: 
Dallas , TX
United States
Records Breached: 

Unknown

A security company searching the web for sensitive data uncovered personally identifiable information from IndyMac Bank and Indy Mac Resources employees, and possibly others associated with the firms.  IndyMac Bank failed sometime around July of 2008.  The information is related to IndyMac employee pension benefits analysis and appears to have been placed on a public web server by an employee of a contractor for IndyMac.

Source: 
California Attorney General

Kaiser Foundation Health Plan

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
March 19, 2012
geo: 
Oakland , CA
United States
Records Breached: 

30,000

Someone purchased a hard drive in September of 2011 and immediately notified law enforcement that it contained confidential information.  The external hard drive did not come from a Kaiser Permanente office.  It contained employee data that was as recent as 2009.  Current and former employees may have had their names, Social Security numbers, dates of birth, and addresses exposed. There is no evidence that the information from the hard drive was used for illegal purposes as of March of 2012.

Source: 
California Attorney General

New York State Electric & Gas (NYSEG), Rochester Gas and Electric (RG&E), Iberdrola USA

Type of breach: 
Year of Breach: 
Type of organization: 
Under Review: 
0
Date Breach Made Public: 
January 24, 2012
geo: 
Rochester , NY
United States
Extra Info: 

Affected customers may call 1-877-736-4495. More information can be found on the websites of the companies www.nyseg.com and www.rge.com.

Records Breached: 

878,000 NYSEG customers and 367,000 RG&E customers

An employee at a software development consulting firm that was contracted by Iberdrola USA, the parent company of both NYSEG and RG&E, allowed the information systems of clients to be accessed by an unauthorized party.  Customer Social Security numbers, birth dates, and in some cases, financial institution account numbers were exposed.  A total of 878,000 NYSEG customers and 367,000 RG&E electricity customers were affected.  An unknown number of additional customers from both companies who signed up for gas services, but not electricity services were also affected.

Source: 
Databreaches.net

RJL Insurance Services, LLC, RJL Wealth Management

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
March 14, 2012
geo: 
San Diego , CA
United States
Records Breached: 

Unknown

RJL Insurance Services became aware of a vulnerability in its computer network that may have resulted in the exposure of some electronic files.  The information was secured, but some RJL files were accessible for a period of two weeks in late September and early October of 2011.  Client names, Social Security numbers, driver's license numbers, and medical conditions may have been exposed.  

Source: 
California Attorney General

Blue Cross Blue Shield (BCBS) of North Carolina

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
March 2, 2012
geo: 
Durham , NC
United States
Records Breached: 

1,000 (No SSNs or financial information reported)

An employee of BCBS North Carolina accidentally sent an email that revealed the email addresses of all customers who received the email.  Customers received the email as notification of changes to their billing cycle on Wednesday, February 29.  The employee error meant that anyone who received the email could then send unwanted messages referencing BCBS or unrelated content to other customers who received the email.

Source: 
Media

University of Florida

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
February 22, 2012
geo: 
Gainesville , FL
United States
Records Breached: 

719

People who had an unclaimed check or refund from the University of Florida had their Social Security numbers posted on Florida's Unclaimed Property website.  The information had been posted in July of 2005 and is from debts prior to that time, but had been posted through January 12, 2012.  The University submitted its Annual Unclaimed Property Report to the Florida State Department of Financial Services.  The state accidentally posted the Social Security numbers in addition to the usual information.  The University of Florida was the only entity affected by the mistake.

Source: 
Databreaches.net

Pages

Showing 11-20 of 787 results
Subscribe to DISC