Virginia Military Institute

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
April 17, 2012
geo: 
Lexington , VA
United States
Records Breached: 

258 (No SSNs or financial information reported)

A Virginia Military Institute (VMI) administrator emailed a spreadsheet with the grade point average of every member of VMI's senior class to the VMI student president.  The email should have only contained an attachment with the names and hometowns of potential 2012 graduates.  The second attachment was not only emailed to the student president, but was then forwarded to 258 senior students before the student president and VMI administration realized the mistake.

Source: 
Dataloss DB

Phoenix Cardiac Surgery, P.C.

Type of breach: 
Year of Breach: 
Type of organization: 
Under Review: 
0
Date Breach Made Public: 
April 17, 2012
geo: 
Phoenix , AZ
United States
Extra Info: 

Patients in Prescott, Arizona may have also been affected.

Records Breached: 

Unknown

Phoenix Cardiac Surgery inadvertently posted the clinical and surgical appointments of patients on an Internet-based calendar that was publicly accessible.  The error went unnoticed for an unspecified amount of time.  The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) investigated the error and determined that Phoenix Cardiac Surgery had a number of Health Insurance Portability and Accountability Act (HIPAA) violations.  Phoenix Cardiac Surgery agreed to pay HHS a settlement totalling $100,000 and to comply with HIPAA.

Source: 
PHIPrivacy.net

Texas A&M University

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
April 14, 2012
geo: 
College Station , TX
United States
Records Breached: 

4,000

Alumni who graduated before 1985 and requested copies of their transcripts may have been affected by a breach involving accidental disclosure.  Certain alumni had their names, Social Security numbers, addresses, and telephone numbers in an electronic file that was emailed to an individual who would not normally have access to such information.  The person who received the email notified the University.

Source: 
Dataloss DB

Baylor Law School

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
April 4, 2012
geo: 
Waco , TX
United States
Records Breached: 

442 (No SSNs or financial information reported)

An administrative error resulted in recently admitted students receiving an email with the information of all recently admitted students.  Student names, addresses, grades, LSAT scores, race, scholarship amount, and other types of personal information were available in the email attachment. No Social Security numbers or dates of birth were in the emailed spreadsheet.  Students were encouraged to treat the data with the confidentiality of a lawyer and immediately delete the email.  

Source: 
Databreaches.net

Seton Healthcare Family, HealthLOGIX

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
April 10, 2012
geo: 
Austin , TX
United States
Records Breached: 

555 (No SSNs or financial information reported)

A computer mailing error caused Seton member Medicaid health plan cards to be sent to incorrect addresses.  The cards were mailed by Seton's vendor HealthLOGIX on March 9. Seton became aware of the breach when members began calling about receiving the incorrect cards a week after the mistake.  Seton Health Plan members enrolled in the STAR/Medicaid plan were affected and may have had their names and dates of birth exposed.

Source: 
PHIPrivacy.net

City of Providence

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
March 21, 2012
geo: 
Providence , RI
United States
Records Breached: 

3,000

The city of Providence accidentally provided the Social Security numbers of almost 3,000 former employees when releasing information for a public records request.  GoLocalProv filed an Access to Public Records Act request in order to obtain information about pension recipients in Providence.  The city's legal team responded by emailing a .pdf file with retiree names, dates of retirement, dates for cost-of-living-adjustments, and monthly pension received each month.

Source: 
Media

Office of the Texas Attorney General

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
April 27, 2012
geo: 
Austin , TX
United States
Records Breached: 

6.5 million

Lawyers responsible for challenging a voter ID law in Texas requested the Texas voter database for analysis.  The Texas Attorney General's office released encrypted discs with the personal records of 13 million Texas voters, but half still contained Social Security numbers.  A state police officer was dispatched to New York, Washington D.C., and Boston to retrieve the encrypted discs when the opposing lawyers revealed that a mistake had occurred.

Source: 
Media

First Data Corporation

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
May 11, 2012
geo: 
Atlanta , GA
United States
Records Breached: 

15,399

On April 25, 2012, First Data learned that certain limited personal information about approximately 108,500 merchants who currently process with First Data or who applied for processing services had been shared outside of the company. The names, addresses, and Social Security numbers of merchants who submitted applications to First Data for merchant processing services were purposely disclosed to an outside party in January and February of 2012.  First Data later discovered that this action was not clearly permitted in some merchant contracts.

Source: 
California Attorney General

Columbia University

Type of organization: 
Year of Breach: 
Type of breach: 
Under Review: 
0
Date Breach Made Public: 
April 30, 2012
geo: 
New York , NY
United States
Records Breached: 

3,500

A programmer erroneously saved an internal test file onto a public server in January 2010.  Current and former employees had their names, Social Security numbers, addresses, and bank account numbers available on the internet from January 2010 until April of 2012.  A total of 3,000 current and former employees were affected, but an additional 500 sole proprietors were also affected.  It appears that the file was not accessed at anytime between January 2010 and March 10, 2012.  

Source: 
Dataloss DB

Memorial Sloan-Kettering Cancer Center

Type of breach: 
Year of Breach: 
Type of organization: 
Under Review: 
0
Date Breach Made Public: 
June 13, 2012
geo: 
New York , NY
United States
Extra Info: 

Memorial Sloan-Kettering's statement about the breach is posted on their website and can be found here.

Records Breached: 

880 (Unknown number of SSNs)

A routine check for sensitive information by Memorial Sloan-Kettering revealed that a PowerPoint presentation that was posted on two medical professional websites in 2006 contained embedded private information.  The information included patient names, phone numbers, addresses, and in some cases, Social Security numbers.  Anyone who accessed and manipulated the PowerPoint presentation could have viewed the information that was used to create certain graphs.  A total of five PowerPoint files contained sensitive information.

Source: 
PHIPrivacy.net

Pages

Showing 81-90 of 796 results
Subscribe to DISC