Columbia University

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
April 30, 2012
geo: 
New York , NY
United States
New York US
Records Breached: 

3,500

A programmer erroneously saved an internal test file onto a public server in January 2010.  Current and former employees had their names, Social Security numbers, addresses, and bank account numbers available on the internet from January 2010 until April of 2012.  A total of 3,000 current and former employees were affected, but an additional 500 sole proprietors were also affected.  It appears that the file was not accessed at anytime between January 2010 and March 10, 2012.  

Source: 
Dataloss DB

Memorial Sloan-Kettering Cancer Center

Type of breach: 
Year of Breach: 
Type of organization: 
Under Review: 
0
Date Breach Made Public: 
June 13, 2012
geo: 
New York , NY
United States
New York US
Extra Info: 

Memorial Sloan-Kettering's statement about the breach is posted on their website and can be found here.

Records Breached: 

880 (Unknown number of SSNs)

A routine check for sensitive information by Memorial Sloan-Kettering revealed that a PowerPoint presentation that was posted on two medical professional websites in 2006 contained embedded private information.  The information included patient names, phone numbers, addresses, and in some cases, Social Security numbers.  Anyone who accessed and manipulated the PowerPoint presentation could have viewed the information that was used to create certain graphs.  A total of five PowerPoint files contained sensitive information.

Source: 
PHIPrivacy.net

DocuSign, Inc.

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
June 9, 2012
geo: 
San Francisco , CA
United States
California US
Records Breached: 

Unknown

DocuSign user information was discovered to be accessible through a Google search. The information goes as far back as January 2012, and some information could be even older.  It is possible to see private emails, signatures, times, dates, locations, addresses, document names, and email addresses.  DocuSign claims that the information is available because a small number of DocuSign users have saved their own personal copies of their signed documents to publicly accessible and searchable locations outside of DocuSign's secure global network.  

Source: 
Databreaches.net

Franklin's Budget Car Sales, Inc.

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
June 9, 2012
geo: 
Statesboro , GA
United States
Georgia US
Records Breached: 

95,000

The FTC fined Franklin's Budget Car Sales for compromising consumers' personal information by allowing peer-to-peer software to be installed on its network.  Any computers that were connected to the peer-to-peer network could have accessed Franklin's network of consumer names, Social Security numbers, addresses, dates of birth, and driver's license numbers.  The FTC claimed that Franklin's failed to assess risks to the consumer information it collected and stored online and failed to adopt policies to prevent or limit unauthorized disclosure of information.

Source: 
Databreaches.net

EPN, Inc.

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
June 9, 2012
geo: 
Provo , UT
United States
Utah US
Records Breached: 

3,800

The FTC has fined EPN, Inc. for failing to implement reasonable security measures. The agency charged that the company did not have an appropriate information security plan, failed to assess risks to the consumer information it stored, did not adequately train employees, did not use reasonable measures to enforce compliance with its security policies, and did not use reasonable methods to prevent, detect and investigate unauthorized access to personal information on its networks.

Source: 
Databreaches.net

Texas A&M University

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
April 14, 2012
geo: 
College Station , TX
United States
Texas US
Records Breached: 

4,000

Alumni who graduated before 1985 and requested copies of their transcripts may have been affected by a breach involving accidental disclosure.  Certain alumni had their names, Social Security numbers, addresses, and telephone numbers in an electronic file that was emailed to an individual who would not normally have access to such information.  The person who received the email notified the University.

Source: 
Dataloss DB

Baylor Law School

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
April 4, 2012
geo: 
Waco , TX
United States
Texas US
Records Breached: 

442 (No SSNs or financial information reported)

An administrative error resulted in recently admitted students receiving an email with the information of all recently admitted students.  Student names, addresses, grades, LSAT scores, race, scholarship amount, and other types of personal information were available in the email attachment. No Social Security numbers or dates of birth were in the emailed spreadsheet.  Students were encouraged to treat the data with the confidentiality of a lawyer and immediately delete the email.  

Source: 
Databreaches.net

Kaiser Foundation Health Plan

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
March 19, 2012
geo: 
Oakland , CA
United States
California US
Records Breached: 

30,000

Someone purchased a hard drive in September of 2011 and immediately notified law enforcement that it contained confidential information.  The external hard drive did not come from a Kaiser Permanente office.  It contained employee data that was as recent as 2009.  Current and former employees may have had their names, Social Security numbers, dates of birth, and addresses exposed. There is no evidence that the information from the hard drive was used for illegal purposes as of March of 2012.

Source: 
California Attorney General

New York State Electric & Gas (NYSEG), Rochester Gas and Electric (RG&E), Iberdrola USA

Type of breach: 
Year of Breach: 
Type of organization: 
Under Review: 
0
Date Breach Made Public: 
January 24, 2012
geo: 
Rochester , NY
United States
New York US
Extra Info: 

Affected customers may call 1-877-736-4495. More information can be found on the websites of the companies www.nyseg.com and www.rge.com.

Records Breached: 

878,000 NYSEG customers and 367,000 RG&E customers

An employee at a software development consulting firm that was contracted by Iberdrola USA, the parent company of both NYSEG and RG&E, allowed the information systems of clients to be accessed by an unauthorized party.  Customer Social Security numbers, birth dates, and in some cases, financial institution account numbers were exposed.  A total of 878,000 NYSEG customers and 367,000 RG&E electricity customers were affected.  An unknown number of additional customers from both companies who signed up for gas services, but not electricity services were also affected.

Source: 
Databreaches.net

RJL Insurance Services, LLC, RJL Wealth Management

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
March 14, 2012
geo: 
San Diego , CA
United States
California US
Records Breached: 

Unknown

RJL Insurance Services became aware of a vulnerability in its computer network that may have resulted in the exposure of some electronic files.  The information was secured, but some RJL files were accessible for a period of two weeks in late September and early October of 2011.  Client names, Social Security numbers, driver's license numbers, and medical conditions may have been exposed.  

Source: 
California Attorney General

Pages

Showing 21-30 of 842 results
Subscribe to DISC