Wilson County School District

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
April 8, 2012
geo: 
Wilson , TN
United States
Tennessee US
Records Breached: 

Unknown

The names and schools of students who met with graduation coaches, as well as their reasons for meeting were not completely removed from distributed meeting materials.  

Source: 
Dataloss DB

Bethpage Federal Credit Union

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
June 12, 2012
geo: 
Bethpage , NY
United States
New York US
Records Breached: 

86,000

An employee accidentally posted data onto a file transfer protocol site that was not secure on May 3.  The data contained customer VISA debit card names, addresses, dates of birth, card expiration dates and checking and savings account numbers.  The error was discovered on June 3. The data was accessed, but there was no evidence of identity theft or fraud as of June 12.  New cards were issued to 25% of the affected members and the remaining members will have their affected cards deactivated on June 30.

Source: 
Databreaches.net

BlueCross Blue Shield of North Carolina

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
June 25, 2012
geo: 
Durham , NC
United States
North Carolina US
Records Breached: 

100

A mailing software error caused the private information of current and former Blue Cross Blue Shield members to be mailed to other members.  The error was discovered on April 12.  The records were more than 10 years old and included patient names, Social Security numbers, type of medical care received, and other protected health information.

Source: 
PHIPrivacy.net

Columbia University

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
April 30, 2012
geo: 
New York , NY
United States
New York US
Records Breached: 

3,500

A programmer erroneously saved an internal test file onto a public server in January 2010.  Current and former employees had their names, Social Security numbers, addresses, and bank account numbers available on the internet from January 2010 until April of 2012.  A total of 3,000 current and former employees were affected, but an additional 500 sole proprietors were also affected.  It appears that the file was not accessed at anytime between January 2010 and March 10, 2012.  

Source: 
Dataloss DB

Memorial Sloan-Kettering Cancer Center

Type of breach: 
Year of Breach: 
Type of organization: 
Under Review: 
0
Date Breach Made Public: 
June 13, 2012
geo: 
New York , NY
United States
New York US
Extra Info: 

Memorial Sloan-Kettering's statement about the breach is posted on their website and can be found here.

Records Breached: 

880 (Unknown number of SSNs)

A routine check for sensitive information by Memorial Sloan-Kettering revealed that a PowerPoint presentation that was posted on two medical professional websites in 2006 contained embedded private information.  The information included patient names, phone numbers, addresses, and in some cases, Social Security numbers.  Anyone who accessed and manipulated the PowerPoint presentation could have viewed the information that was used to create certain graphs.  A total of five PowerPoint files contained sensitive information.

Source: 
PHIPrivacy.net

DocuSign, Inc.

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
June 9, 2012
geo: 
San Francisco , CA
United States
California US
Records Breached: 

Unknown

DocuSign user information was discovered to be accessible through a Google search. The information goes as far back as January 2012, and some information could be even older.  It is possible to see private emails, signatures, times, dates, locations, addresses, document names, and email addresses.  DocuSign claims that the information is available because a small number of DocuSign users have saved their own personal copies of their signed documents to publicly accessible and searchable locations outside of DocuSign's secure global network.  

Source: 
Databreaches.net

Franklin's Budget Car Sales, Inc.

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
June 9, 2012
geo: 
Statesboro , GA
United States
Georgia US
Records Breached: 

95,000

The FTC fined Franklin's Budget Car Sales for compromising consumers' personal information by allowing peer-to-peer software to be installed on its network.  Any computers that were connected to the peer-to-peer network could have accessed Franklin's network of consumer names, Social Security numbers, addresses, dates of birth, and driver's license numbers.  The FTC claimed that Franklin's failed to assess risks to the consumer information it collected and stored online and failed to adopt policies to prevent or limit unauthorized disclosure of information.

Source: 
Databreaches.net

EPN, Inc.

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
June 9, 2012
geo: 
Provo , UT
United States
Utah US
Records Breached: 

3,800

The FTC has fined EPN, Inc. for failing to implement reasonable security measures. The agency charged that the company did not have an appropriate information security plan, failed to assess risks to the consumer information it stored, did not adequately train employees, did not use reasonable measures to enforce compliance with its security policies, and did not use reasonable methods to prevent, detect and investigate unauthorized access to personal information on its networks.

Source: 
Databreaches.net

Tarpon Springs High School

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
May 9, 2012
geo: 
Tarpon Springs , FL
United States
Florida US
Records Breached: 

400

A guidance counselor accidentally sent an attachment with sensitive information to students via email.  The email was sent to members of the senior class and the attachment contained the names and student ID numbers of seniors.  Student Social Security numbers were used as student ID numbers in most cases.

Source: 
Dataloss DB

University of Virginia

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
June 6, 2012
geo: 
Charlottesville , VA
United States
Virginia US
Records Breached: 

300 (Unknown number of SSNs)

Between 300 and 350 transcripts from Summer Language Institute applicants were accessible through the University of Virginia website.  The human error was discovered when a student searched Google for an image of himself.  Students who applied to the University's program within the last two years may have had their names, transcript information, and Social Security numbers exposed.  Technology experts at the University blocked public access to the information and asked Google to remove its cache of the sensitive pages on June 5, 2012.

Source: 
Databreaches.net

Pages

Showing 31-40 of 899 results
Subscribe to DISC