CVS Caremark

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
March 24, 2012
geo: 
Woonsocket , RI
United States
Records Breached: 

3,482 (No SSNs or financial information reported)

People who were members of Tufts Health Plan (Tufts Associated Health Maintenance Organization, Tufts Insurance Company) received letters meant for other members.  A programming error caused the addresses of members to be incorrect.  Names, medical conditions, and medications were exposed.

Source: 
PHIPrivacy.net

Wayne County

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
March 21, 2012
geo: 
Detroit , MI
United States
Records Breached: 

1,000

An employee of Wayne County's personnel department accidentally sent an email with a sensitive attachment.  People who were members of AFSCME Locals 25, 409, 1659, and 3309 received an email about health insurance with employee names, ID numbers, Social Security numbers, dates of birth, addresses, and other information available in an attached file.  The mistake was noticed immediately and a follow-up email was sent with instructions to destroy the previous email.

Source: 
Databreaches.net

Milk Inc.

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
March 16, 2012
geo: 
San Francisco , CA
United States
Records Breached: 

Unknown

An employee of another company discovered a security issue in Oink.  Oink is a "rate everything" application from mobile application developer Milk Inc.  The security issue allowed anyone to download personal information of another Oink user by entering another person's username.  Folders with associated email addresses, photos, and other user site information may have been exposed. Oink shutdown and the employees of Milk Inc. joined Google for a new project shortly after the issue was discovered.

Source: 
Databreaches.net

University of Tampa

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
March 16, 2012
geo: 
Tampa , FL
United States
Records Breached: 

30,000

A server management error caused files containing sensitive information to be made publicly accessible between July of 2011 and the breach's discovery on March 13, 2012.  A classroom exercise revealed that the information was compromised and the University of Tampa's IT office was immediately informed of the discovery.  The University of Tampa then notified Google and asked that the cached file be removed from the search engine.

Source: 
Databreaches.net

Humboldt State University

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
March 14, 2012
geo: 
Arcata , CA
United States
Records Breached: 

5,700

The personal information of students was accidentally sent in an email attachment as a response to a request for data.  The mistake was noticed immediately and all copies of the file were removed from the system of the party requesting data.  Student names, addresses, and Social Security numbers were exposed. Humboldt State University warned students to be vigilant about phishing, but stated that it is unlikely the data was misused.

Source: 
Databreaches.net

Phoenix Cardiac Surgery, P.C.

Type of breach: 
Year of Breach: 
Type of organization: 
Under Review: 
0
Date Breach Made Public: 
April 17, 2012
geo: 
Phoenix , AZ
United States
Extra Info: 

Patients in Prescott, Arizona may have also been affected.

Records Breached: 

Unknown

Phoenix Cardiac Surgery inadvertently posted the clinical and surgical appointments of patients on an Internet-based calendar that was publicly accessible.  The error went unnoticed for an unspecified amount of time.  The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) investigated the error and determined that Phoenix Cardiac Surgery had a number of Health Insurance Portability and Accountability Act (HIPAA) violations.  Phoenix Cardiac Surgery agreed to pay HHS a settlement totalling $100,000 and to comply with HIPAA.

Source: 
PHIPrivacy.net

Virginia Military Institute

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
April 17, 2012
geo: 
Lexington , VA
United States
Records Breached: 

258 (No SSNs or financial information reported)

A Virginia Military Institute (VMI) administrator emailed a spreadsheet with the grade point average of every member of VMI's senior class to the VMI student president.  The email should have only contained an attachment with the names and hometowns of potential 2012 graduates.  The second attachment was not only emailed to the student president, but was then forwarded to 258 senior students before the student president and VMI administration realized the mistake.

Source: 
Dataloss DB

University of Virginia

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
June 6, 2012
geo: 
Charlottesville , VA
United States
Records Breached: 

300 (Unknown number of SSNs)

Between 300 and 350 transcripts from Summer Language Institute applicants were accessible through the University of Virginia website.  The human error was discovered when a student searched Google for an image of himself.  Students who applied to the University's program within the last two years may have had their names, transcript information, and Social Security numbers exposed.  Technology experts at the University blocked public access to the information and asked Google to remove its cache of the sensitive pages on June 5, 2012.

Source: 
Databreaches.net

Investacorp, Inc.

Type of breach: 
Year of Breach: 
Type of organization: 
Under Review: 
0
Date Breach Made Public: 
May 29, 2012
geo: 
Miami , FL
United States
Extra Info: 

MML Investors Services LLC, First Rate Investment Systems, and Massachusetts Mutual Life Insurance Company (MassMutual) were affected by the breach.

Records Breached: 

Unknown

A vendor of the broker-dealer, National Financial Services (NFS), used by Investacorp was involved in a data security breach.  On or around March 12, 2012, Investacorp learned that an NFS vendor had inadvertently shared electronic files with another federally regulated broker-dealer that also uses NFS's services.  The incident occurred on November 29, 2011 and was first noticed on February 13, 2012. The information included client names, Social Security numbers, and certain types of account data.

Source: 
California Attorney General

University of California Los Angeles (UCLA) Health System

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
May 24, 2012
geo: 
Los Angeles , CA
United States
Records Breached: 

Unknown

The UCLA Health System placed an audit report on billing practices online in May.  It was later discovered that an employee had accidentally attached information containing the first name, last name, and five-digit billing code related to at least one patient's emergency department visit in May of 2011.  It is unclear how many people were affected and if others may have had additional information exposed.

Source: 
PHIPrivacy.net

Pages

Showing 81-90 of 788 results
Subscribe to DISC