Ortho-Clinical Diagnostics Inc. (OCD)

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
November 29, 2007
geo: 
Raritan , NJ
United States
New Jersey US
Records Breached: 

4,285

An electronic folder that resided on a share drive at OCD was accessed by authorized users of the Johnson & Johnson computer system in North America for approximately six months.  The file should have only been accessed by authorized human resources personnel and included current and former employee Social Security numbers, addresses, phone numbers, pre-employment screening information, compensation information and other employment data.  The information in the folder dates back to January of 2002. 

Source: 
Dataloss DB

Virgin Mobile

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
October 25, 2007
geo: 
Palo Alto , CA
United States
California US
Records Breached: 

Unknown

Unauthorized third parties attempted to or succeeded in accessing customer account during May.  It appears that the third parties used techniques to gather access customer accounts through customer care telephone lines as opposed to Virgin's website.  It was determined that people were calling customer service and claiming to be a customer or relative of a customer, and obtaining account information.  Third parties may have also called customer service and guessed common surnames and common passwords or secret answers in order to access customer accounts.

Source: 
Dataloss DB

New England School of Law

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
October 29, 2007
geo: 
Boston , MA
United States
Massachusetts US
Records Breached: 

5,098

Personal information of alumni was available on the page of the School's website through a Google Internet search. The information included names, Social Security numbers, dates of birth, addresses and telephone numbers. The information was immediately removed from the website after the mid-October discovery.

Source: 
Dataloss DB

Community First Credit Union, Cambrium Group

Type of breach: 
Year of Breach: 
Type of organization: 
Under Review: 
0
Date Breach Made Public: 
December 22, 2010
geo: 
Appleton , WI
United States
Wisconsin US
Extra Info: 

The location listed is the office of Community First Credit Union.

http://privacy.wi.gov/databreaches/databreaches.html

Records Breached: 

1,600

Cambrium Group, a contractor for Community First Credit Union, placed an unsecured Community First job applicant SQL database online. The database was discovered on October 20 of 2010. The employment information included names, dates of birth, education, addresses, telephone numbers, Social Security numbers and other information typical of applications.

Source: 
Dataloss DB

Geisinger Health System

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
December 28, 2010
geo: 
Wilkes-Barre , PA
United States
Pennsylvania US
Records Breached: 

2,928 (No SSNs or financial information reported)

A former physician emailed patient medical information to his home email account in an unencrypted manner. The information included patient names, medical record numbers, procedures and indications. The physician deleted the information from his computer, home network and servers.  The incident occurred on or around November 3.

Source: 
PHIPrivacy.net

Blue Cross Blue Shield North Carolina

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
August 7, 2007
geo: 
Durham , NC
United States
North Carolina US
Records Breached: 

2,940

Letters were accidentally mailed with subscriber Social Security numbers visible through envelope windows.

Source: 
Dataloss DB

University of New Hampshire

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
August 17, 2007
geo: 
Durham , NH
United States
New Hampshire US
Records Breached: 

29

An MS Excel spreadsheet containing names and Social Security numbers of graduate students at the University was posted within the University's website on or around April 17, 2007.  Specifically, the spreadsheet contained the credit hour and tuition information associated with "inter-college" graduate programs.  In addition to the credit hour and tuition information that were visible at the top of the spreadsheet, the bottom of the report also included the names and Social Security numbers of students. A staff member recognized the mistake on July 27.

Source: 
Dataloss DB

Veterans Affairs Chicago HCS

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
December 21, 2010
geo: 
Chicago , IL
United States
Illinois US
Records Breached: 

878 (No full SSNs or financial information reported)

The Orthopedics Department was using Yahoo.com to keep track of patient scheduling. The information had been stored on Yahoo.com since July of 2007 and multiple current and former residents of the center had access to the password and account. Patients had their name, date and type of surgery and final four digits of Social Security number exposed. The information was deleted from the web page on November 29.

Source: 
PHIPrivacy.net

St. Paul Veterans Service Center

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
December 21, 2010
geo: 
Saint Paul , MN
United States
Minnesota US
Records Breached: 

58

Fifty-eight VA guardianship files were accidentally shared by a federal fiduciary office. Fifty-seven veterans were affected when the fiduciary office accidentally sent the files to another fiduciary office that was not authorized to receive the information. The information included names and Social Security numbers.

Source: 
PHIPrivacy.net

Verus Inc., Concord Hospital

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
June 9, 2007
geo: 
Records Breached: 

9,297

Patient names, addresses, Social Security numbers and dates of birth were unprotected on the Internet. A subcontractor named Verus that handles Concord's online billing was responsible for the breach.

Source: 
Dataloss DB

Pages

Showing 691-700 of 832 results
Subscribe to DISC