Kaiser Foundation Health Plan

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
March 19, 2012
geo: 
Oakland , CA
United States
California US
Records Breached: 

30,000

Someone purchased a hard drive in September of 2011 and immediately notified law enforcement that it contained confidential information.  The external hard drive did not come from a Kaiser Permanente office.  It contained employee data that was as recent as 2009.  Current and former employees may have had their names, Social Security numbers, dates of birth, and addresses exposed. There is no evidence that the information from the hard drive was used for illegal purposes as of March of 2012.

Source: 
California Attorney General

New York State Electric & Gas (NYSEG), Rochester Gas and Electric (RG&E), Iberdrola USA

Type of breach: 
Year of Breach: 
Type of organization: 
Under Review: 
0
Date Breach Made Public: 
January 24, 2012
geo: 
Rochester , NY
United States
New York US
Extra Info: 

Affected customers may call 1-877-736-4495. More information can be found on the websites of the companies www.nyseg.com and www.rge.com.

Records Breached: 

878,000 NYSEG customers and 367,000 RG&E customers

An employee at a software development consulting firm that was contracted by Iberdrola USA, the parent company of both NYSEG and RG&E, allowed the information systems of clients to be accessed by an unauthorized party.  Customer Social Security numbers, birth dates, and in some cases, financial institution account numbers were exposed.  A total of 878,000 NYSEG customers and 367,000 RG&E electricity customers were affected.  An unknown number of additional customers from both companies who signed up for gas services, but not electricity services were also affected.

Source: 
Databreaches.net

RJL Insurance Services, LLC, RJL Wealth Management

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
March 14, 2012
geo: 
San Diego , CA
United States
California US
Records Breached: 

Unknown

RJL Insurance Services became aware of a vulnerability in its computer network that may have resulted in the exposure of some electronic files.  The information was secured, but some RJL files were accessible for a period of two weeks in late September and early October of 2011.  Client names, Social Security numbers, driver's license numbers, and medical conditions may have been exposed.  

Source: 
California Attorney General

Blue Cross Blue Shield (BCBS) of North Carolina

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
March 2, 2012
geo: 
Durham , NC
United States
North Carolina US
Records Breached: 

1,000 (No SSNs or financial information reported)

An employee of BCBS North Carolina accidentally sent an email that revealed the email addresses of all customers who received the email.  Customers received the email as notification of changes to their billing cycle on Wednesday, February 29.  The employee error meant that anyone who received the email could then send unwanted messages referencing BCBS or unrelated content to other customers who received the email.

Source: 
Media

University of Florida

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
February 22, 2012
geo: 
Gainesville , FL
United States
Florida US
Records Breached: 

719

People who had an unclaimed check or refund from the University of Florida had their Social Security numbers posted on Florida's Unclaimed Property website.  The information had been posted in July of 2005 and is from debts prior to that time, but had been posted through January 12, 2012.  The University submitted its Annual Unclaimed Property Report to the Florida State Department of Financial Services.  The state accidentally posted the Social Security numbers in addition to the usual information.  The University of Florida was the only entity affected by the mistake.

Source: 
Databreaches.net

Piedmont Behavioral Healthcare (PBH), Alamance-Caswell LME (AC LME)

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
February 25, 2012
geo: 
Concord , NC
United States
North Carolina US
Records Breached: 

50,000

A miscommunication caused AC LME to lose access to servers containing sensitive health information.  An Alamance County employee mistakenly changed a lock on the facility that housed data servers for AC LME.  It appears that AC LME forgot to inform the county that AC LME was extending a contract for server maintenance.  Former consumers of AC LME, including those who became PBH consumers on October 1, 2011, may have had their personal health information stored on these servers.

Source: 
HHS via PHIPrivacy.net

City of Rye

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
February 13, 2012
geo: 
Rye , NY
United States
New York US
Records Breached: 

Unknown

An unknown number of employee Social Security numbers were mistakenly disclosed after the City responded to a Freedom of Information law request.  The Social Security numbers were included along with payroll data to the entity that requested the information.  City officials verified that the information would not be passed on after the breach was discovered.

Source: 
Databreaches.net

University of North Carolina at Charlotte

Type of breach: 
Year of Breach: 
Type of organization: 
Under Review: 
0
Date Breach Made Public: 
February 15, 2012
geo: 
Charlotte , NC
United States
North Carolina US
Extra Info: 

UNC-Charlotte will post information about the breach here.  Those with questions may also call (855) 205-6937.

Records Breached: 

350,000

An online security breach occurred at the UNC-Charlotte campus and was discovered on January 31.  It is unclear how much information could have been accessed. The number of people affected was not revealed.  An email alert was sent to students and staff on February 15 in order to inform them that a "potentially significant data exposure of its Information Systems" had occurred.  The University also stated that it had corrected the known issues related to the breach.

Source: 
Databreaches.net

Medco Health Solutions, Inc.

Type of breach: 
Year of Breach: 
Type of organization: 
Under Review: 
0
Date Breach Made Public: 
March 22, 2012
geo: 
Willingboro , NJ
United States
New Jersey US
Extra Info: 

The location of the breach is listed as Medco's main office in New Jersey.

Records Breached: 

1,287 (No SSNs or financial information reported)

The unauthorized disclosure of paper records on November 30, 2011 may have resulted in the exposure of protected health information.  

Source: 
HHS via PHIPrivacy.net

Brigham Young University (BYU)

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
March 13, 2012
geo: 
Provo , UT
United States
Utah US
Records Breached: 

1,300 (No SSNs or financial information reported)

A staff member of the University Advisement Center at BYU accidentally included a complete list of international student names, email addresses, phone numbers, and student ID numbers in an email notification about a career workshop.  BYU immediately apologized for the error and noted that all of the student information except for student ID numbers could easily be found in the BYU directory.

Source: 
Databreaches.net

Pages

Showing 31-40 of 846 results
Subscribe to DISC