University of Texas-Pan American

Type of breach: 
Year of Breach: 
Type of organization: 
Under Review: 
0
Date Breach Made Public: 
November 11, 2011
geo: 
Edinburg , TX
United States
Extra Info: 

Those with questions may email infosecurity@utpa.edu.

Records Breached: 

19,276 (No SSNs or financial information reported)

On September 1, 2011, a spreadsheet containing information on 19,276 students was accidentally made accessible from the internet due to a administrative error.  The spreadsheet contained the names, addresses, phone numbers, email addresses, majors, class or classes, levels, colleges, student ID numbers, and GPAs of students enrolled as of September 1 of 2011.  The problem was corrected on November 2 soon after it was discovered. The spreadsheet had been accessed 15 times by unknown parties between September 1 and November 2.  

Source: 
Databreaches.net

United States Postal Service (USPS)

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
November 12, 2011
geo: 
Washington , DC
United States
Records Breached: 

5,400 (No full credit card numbers or SSNs revealed)

A customer logged onto her USPS online store account and was able to see the name, address, and the final four digits of another customer's credit card number.  The customer alerted the USPS customer service, but was told that the error had already been noted. On October 28, USPS became aware that a coding issue during an update had resulted in an error that exposed credit card information.  Customers were notified of the problem on November 8.  The error was subsequently fixed.

Source: 
Databreaches.net

Jefferson County Public Schools

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
December 15, 2011
geo: 
Louisville , KY
United States
Records Breached: 

6,500 (No SSNs or financial information exposed)

Around 6,500 ACT Explore test results for 8th graders were mailed to incorrect addresses.  The breach was discovered when parents began calling the district.  Parents were asked to shred the tests.  The exact cause of the mailing error is unknown.

Source: 
Databreaches.net

Department of Veterans Affairs, Ancestry.com

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
January 20, 2012
geo: 
Washington , DC
United States
Records Breached: 

2,200

VA officials gave veteran Social Security numbers, names, and possibly other information to Ancestry.com in March of 2011 in response to a Freedom of Information Act request from the genealogy site.  The records should have only contained the information of deceased veterans, but instead contained the information of over 2,200 living veterans. The information was then posted in 2011 and taken down in January of 2012.

Source: 
Databreaches.net

MDwise

Type of breach: 
Year of Breach: 
Type of organization: 
Under Review: 
0
Date Breach Made Public: 
January 11, 2012
geo: 
Indianapolis , IN
United States
Extra Info: 

People with Healthy Indiana Plan, Care Select, or Hoosier Healthwise memberships may have been affected.

Records Breached: 

2,700 (No SSNs or financial information reported)

An upgrade of MDwise's customer record computer system in February 2011 resulted in the leak of records from several organizations.  Anyone searching by name could have accessed the information online.  Members of Healthy Indiana Plan, Care Select, and Hoosier Healthwise may have had their names, addresses, Medicaid numbers, and doctors' names and addresses exposed online.  Administrators corrected the error as soon as it was detected.  

Source: 
PHIPrivacy.net

United Airlines

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
December 30, 2011
geo: 
Chicago , IL
United States
Records Breached: 

20 (No SSNs or financial information reported)

A customer checking frequent flyer miles on United Airlines' mobile website was able to view the names, Mileage Plus numbers, future flight itineraries with confirmation codes, and previous trips of other Unite Airlines customers.  The information could have allowed anyone to change another passenger's seating assignment or cancel a flight by using confirmation codes and last names.  

Source: 
Databreaches.net

Vermont Department of Taxes

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
January 11, 2012
geo: 
Montpelier , VT
United States
Records Breached: 

1,332

The Vermont Department of Taxes website accidentally displayed the Social Security numbers of 1,332 individuals and the federal ID numbers of 245 businesses for two hours.  The personal data was contained in a weekly group of property transfer tax returns.  The three parties who were able to access the information were identified and contacted.  

Source: 
Databreaches.net

Advanced Occupation Medicine Specialists (AOMS)

Type of breach: 
Year of Breach: 
Type of organization: 
Under Review: 
0
Date Breach Made Public: 
January 11, 2012
geo: 
Bellwood , IL
United States
Extra Info: 

Patients with questions may call the AOMS security-breach hotline at 855-684-6179 to receive additional instructions and information.

Records Breached: 

7,226

Letters dictated by AOMS providers were accidentally uploaded onto a non-secure server in Europe. The information then became publicly searchable via internet.  AOMS learned of the breach on October 12, 2011.  People who were seen at AOMS for injuries and/or work-related examinations from July, 2009 through October 12, 2011 may have been affected by the breach.  No names, contact information, personal information, test results, financial information or Social Security numbers were exposed.

Source: 
HHS via PHIPrivacy.net

Lawrence Memorial Hospital, Mid Continent Credit Servies, Inc. (Blue Sky Credit), BrickWire LLC

Type of breach: 
Year of Breach: 
Type of organization: 
Under Review: 
0
Date Breach Made Public: 
November 4, 2011
geo: 
Lawrence , KS
United States
Extra Info: 

Those with questions may call 785-505-4945 or email lmhcompllance@lmh.org.

Records Breached: 

10,000

A breach of a website hosted by BrickWire LLC resulted in the exposure of patient names, phone numbers, email addresses, health care providers, payment amounts, dates of payment, credit card information and checking account information.  Lawrence Memorial Hospital's vendor Blue Sky Credit used BrickWire LLC for the online bill-pay service offered to Lawrence Memorial's patients.  The personal and financial information of patients who paid through the website was accidentally made available on the Internet between September 20, 2011 and October 28, 2011. 

Source: 
PHIPrivacy.net

CVS Caremark

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
March 24, 2012
geo: 
Woonsocket , RI
United States
Records Breached: 

3,482 (No SSNs or financial information reported)

People who were members of Tufts Health Plan (Tufts Associated Health Maintenance Organization, Tufts Insurance Company) received letters meant for other members.  A programming error caused the addresses of members to be incorrect.  Names, medical conditions, and medications were exposed.

Source: 
PHIPrivacy.net

Pages

Showing 41-50 of 796 results
Subscribe to DISC