March 2010
S M T W T F S
« Feb    
 123456
78910111213
14151617181920
21222324252627
28293031  

Legal Disclaimer

Your use of this Blog does not create an attorney-client relationship. Your e-mail or comments do not create an attorney-client relationship. We have no duty to keep confidential the information that is submitted to this blog. This blog is not a substitute for, nor does it constitute legal advice. Only an attorney who knows the details of your particular situation and is properly licensed in the applicable state (or states) is able to appropriately and properly address any legal issues you may have.

Blog Categories

Significant Security Breaches

Information Categories with Description

Short NameDescription
CCNCredit Card Numbers
SSNSocial Security Numbers (or Non-US Equivalent)
NAANames and/or Addresses
EMAEmail Addresses
MISCMiscellaneous
MEDMedical
ACCAccount Information (Financial)
DOBDate of Birth
FINFinancial Information

Short NameDescription
Disposal ComputerDiscovery of computers not disposed of properly
Disposal DocumentDiscovery of documents not disposed of properly
Disposal TapeDiscovery of backup tapes not disposed of properly
Disposal DriveDiscovery of disk drives not disposed of properly
EmailEmail communication exposed to unintended third party
Fraud SeFraud or scam (usually insider-related), social engineering
HackComputer-based intrusion, data not generally publically exposed
Lost ComputerLost computer (unspecified type in media reports)
Lost DocumentDiscovery of documents not disposed of properly through loss (not theft)
Lost DriveLost data drive, unspecified if IDE, SCSI, thumb drive, etc)
Lost LaptopLost laptop (generally specified as a laptop in media reports)
Lost MediaMedia (i.e. disks) reported to have been lost by a third party
Lost TapeLost backup tapes
Missing LaptopMissing laptop, unknown or disputed whether lost or stolen
Snail MailPersonal information in "snail mail" exposed to unintended third party
Stolen ComputerStolen desktop (or unspecified computer type in media reports)
Stolen DocumentDocuments either reported or known to have been stolen by a third party
Stolen DriveStolen data drive, unspecified if IDE, SCSI, thumb drive, etc)
Stolen LaptopStolen Laptop (generally specified as a laptop in media reports)
Stolen MediaMedia (disks or other) generally reported or known to have been stolen by a third party
Stolen TapeStolen backup tapes
UnknownUnknown or unreported breach type
VirusExposure to personal information via virus or trojan (i.e. keystroke logger, possibly classified as hack)
WebComputer/web-based intrusion, data typically available to the general public via search engines, public pages, etc.

Significant Security Breaches Past 3 Years

DateNameBusinessTypeBreachTypeDataTypeInsideOutsideTotalAffected
1/12/2007MoneyGramBizHackNAA/ACCOutside79000
1/13/2007North Carolina Department of RevenueGovStolenLaptopSSN/NAAOutside30000
1/17/2007TJX Companies Inc.BizHackCCN/NAAOutside94000000
1/18/2007Talvest Mutual FundsBizLostMediaACC/NAAOutside470000
1/22/2007Chicago Board of ElectionGovSnailMailSSN/NAAInside-Accidental1300000
1/25/2007Wahiawa Women Infants and ChildrenMedFraudSeSSNInside-Malicious11500
1/26/2007Anthem Blue Cross Blue ShieldMedStolenTapeSSN/NAAOutside50000
1/29/2007Halifax Bank of ScotlandBizSnailMailACC/NAAOutside75000
1/29/2007Vermont Agency of Human ServicesGovHackSSN/NAAOutside70000
2/2/2007Birmingham Veterans Affairs Medical CenterGovStolenMediaSSN/NAAOutside1835000
2/7/2007Johns Hopkins HospitalMedLostTapeSSN/NAA/ACC/FINOutside52000
2/8/2007St. Mary's HospitalMedStolenLaptopSSN/NAAOutside130000
2/10/2007State of IndianaGovHackCCN/NAAOutside76600
2/10/2007Department for Work and PensionsGovSnailMailACC/NAAInside-Accidental26000
2/14/2007Kaiser PermanenteMedStolenLaptopMED/SSNOutside22000
2/15/2007Iowa Department of EducationGovHackSSN/NAAOutside160000
2/22/2007SpeedmarkBizStolenComputerSSN/NAA/EMAOutside36000
2/23/2007Worcestershire County CouncilGovStolenLaptopFIN/NAAOutside16239
2/24/2007Japan PostGovStolenDocumentNAA/ACCOutside290000
3/3/2007Johnny's Selected SeedsBizHackCCNOutside11500
3/12/2007Dai Nippon Printing CompanyBizFraudSeCCN/NAAInside-Malicious8637405
3/14/2007WellPointMedLostMediaSSN/NAAOutside75000
3/24/2007Group Health Cooperative Health Care SystemMedStolenLaptopSSN/NAAOutside31000
3/26/2007U.S. Army Training and Doctrine CommandGovStolenLaptopSSN/NAAOutside16000
3/27/2007HalifaxBizStolenDocumentACC/NAAOutside13000
3/27/2007Nottinghamshire HealthcareMedStolenLaptopNAA/DOBOutside11500
3/29/2007Los Angeles County Child Support ServicesGovStolenLaptopSSN/NAAOutside243000
4/6/2007HorticaBizLostTapeSSN/NAAOutside268000
4/10/2007Georgia Department of Community HealthBiz/GovLostMediaSSN/NAAOutside2900000
4/11/2007ChildNetBizStolenLaptopSSN/NAAOutside12000
4/12/2007Fulton County GeorgiaGovDisposal_DocumentSSN/NAAOutside75000
4/20/2007United States Department of AgricultureGovWebSSN/NAAOutside38700
4/24/2007The Neiman Marcus GroupBizStolenComputerSSN/NAA/DOB/FINOutside160000
5/1/2007JPMorgan ChaseBizLostTapeSSN/ACCOutside47000
5/4/2007United States Transportation Security AdministrationGovLostMediaSSN/FINOutside100000
5/5/2007Marks & SpencerBizStolenLaptopFIN/NAAOutside26000
5/10/2007Highland HospitalMedStolenComputerSSN/NAAOutside13000
5/17/2007Georgia Department of Human ResourcesGovDisposal_DocumentSSN/MEDOutside140000
5/17/2007Alcatel-LucentBizLostMediaSSN/NAA/DOB/FINOutside300000
5/19/2007Illinois Department of Financial and Professional RegulationGovHackSSN/NAAOutside300000
5/19/2007Texas Commission on Law Enforcement Officers Standards and EducationGovStolenLaptopSSN/NAAOutside97000
5/25/2007North Carolina Department of TransportationGovHackSSN/NAAOutside25000
6/1/2007Bank of ScotlandBizLostMediaACC/NAAOutside62000
6/11/2007PfizerBizHackSSN/NAAInside-Accidental17000
6/14/2007Coastal Community Credit UnionBizStolenTapeSSN/CCNOutside120000
6/15/2007State of OhioGovStolenMediaSSN/NAAOutside1300000
6/27/2007Milwaukee PCBizUnknownCCNOutside65000
7/3/2007Fidelity National Information ServicesBizFraudSeFIN/CCNInside-Malicious8500000
7/7/2007Securitas Security Services USA Inc.BizStolenLaptopSSN/NAAOutside100000
7/9/2007Resona BankBizLostDocumentACC/NAAOutside980000
7/17/2007Western UnionBizHackCCN/NAAOutside20000
7/17/2007Kingston Technology Co.BizHackCCN/NAAOutside27000
7/20/2007SAICBizUnknownSSN/NAAInside-Accidental867000
7/24/2007St. Vincent HospitalMedWebSSN/NAAOutside51000
7/26/2007Newcastle City CouncilGovWebFIN/CCNOutside54000
7/26/2007United States Marine CorpsEdu/GovWebSSN/NAAOutside10554
7/26/2007AflacBizStolenLaptopSSN/ACCOutside152000
7/28/2007Yuba County CaliforniaGovStolenLaptopSSN/NAAOutside70000
8/3/2007Capital HealthMedStolenComputerMED/NAAOutside20000
8/7/2007Merrill LynchBizStolenMediaSSNOutside33000
8/10/2007Tele2BizHackSSN/NAAOutside60000
8/15/2007Sky Lakes Medical CenterMedWebSSN/NAAOutside30000
8/16/2007Toshiba General HospitalMedStolenLaptopMED/NAAOutside51156
8/22/2007California Public Employees Retirement SystemGovSnailMailSSN/NAAOutside445000
8/23/2007New York City Financial Information Services AgencyGovStolenLaptopFINOutside280000
8/26/2007American Ex-Prisoners of WarBizStolenMediaSSN/NAAOutside35000
8/28/2007Connecticut Department of Revenue ServicesGovStolenLaptopSSN/NAAOutside106000
9/4/2007PfizerBizFraudSeCCN/SSN/NAA/EMA/MISC/ACC/DOBInside-Malicious34000
8/30/2007McKesson SpecialtyMedStolenComputerSSN/MEDOutside68767
9/11/2007Pennsylvania Public Welfare DepartmentGovStolenComputerMED/SSNOutside375000
9/11/2007Gander MountainBizStolenComputerCCN/NAAOutside112000
9/12/2007TennCareMedLostMediaSSN/NAAOutside67000
9/14/2007TD AmeritradeBizHackNAA/EMA/ACCOutside6300000
9/28/2007Gap Inc.BizStolenLaptopSSNOutside800000
10/2/2007The Nature ConservancyBizHackSSN/NAAOutside14000
10/4/2007Massachusetts Division of Professional LicensureGovSnailMailSSN/NAAOutside450000
10/5/2007KartenhausBizHackCCN/NAAOutside66000
10/16/2007AdministaffBizStolenLaptopSSN/NAAOutside159000
10/23/2007West Virginia Public Employees Insurance AgencyGovLostTapeSSN/NAAOutside200000
10/30/2007Hartford Financial Services GroupBizLostTapeMISCInside-Accidental237000
10/30/2007Pathology Group of the Mid-SouthMedStolenComputerSSN/NAAOutside75000
11/5/2007HM Revenue and CustomsGovLostMediaSSN/NAAOutside15000
11/7/2007Cabarrus County Emergency Medical ServicesMedLostLaptopSSN/NAAOutside28000
11/13/2007The Foreign and Commonwealth OfficeGovWebMISCOutside50000
11/15/2007Roudebush VA Medical CenterMedStolenComputerSSN/NAAOutside12000
11/16/2007U.S. Department of Veterans AffairsGovFraudSeSSNInside-Malicious1800000
11/20/2007HM Revenue and CustomsGovLostMediaSSN/NAA/FIN/DOBOutside25000000
11/23/2007Allied Irish Banks plcBizSnailMailACC/NAAOutside15000
11/27/2007TelsellBizHackCCNOutside30000
11/30/2007Prescription AdvantageGovFraudSeSSN/NAA/MEDUnknown150000
12/5/2007Memorial Blood CentersMedStolenLaptopSSN/NAAOutside268000
12/6/2007Oak Ridge National LaboratoryGovHackSSN/NAAOutside12000
12/7/2007Citizens AdviceBizStolenLaptopFIN/NAAOutside60000
12/10/2007Sutter Lakeside HospitalMedStolenLaptopSSN/NAAOutside45000
12/17/2007West Penn Allegheny Health SystemMedStolenLaptopSSN/NAAOutside42000
12/19/2007Pennsylvania Department of AgingGovStolenLaptopSSN/NAAOutside20632
12/21/2007Skipton Financial ServicesBizStolenLaptopSSN/FINOutside14000
12/28/2007Davidson County Election CommissionGovStolenLaptopSSN/NAAOutside337000
12/28/2007United States Air ForceGovLostLaptopSSN/NAAOutside10501
1/8/2008Electronic Data Systems (EDS)Biz/GovSnailMailSSN/NAAOutside260000
1/17/2008GE MoneyBizLostTapeCCN/SSNOutside650000
1/18/2008United Kingdom Ministry of DefenceGovStolenLaptopSSN/NAAOutside605767
1/24/2008Fallon Community Health PlanMedStolenLaptopMED/NAAOutside29800
1/28/2008T. Rowe Price Retirement Plan ServicesBizStolenComputerSSN/NAAOutside35000
1/29/2008Horizon Blue Cross Blue Shield of New JerseyMedStolenLaptopSSN/NAAOutside300000
1/30/2008Davidson CompaniesBizHackSSN/NAAOutside226000
2/13/2008LifebloodMedMissingLaptopSSN/NAAOutside321000
2/14/2008Tenet Healthcare CorporationMedFraudSeSSN/NAAInside-Malicious37000
2/27/2008Health Net Federal ServicesGovWebSSNOutside103000
2/26/2008Kraft FoodsBizStolenLaptopSSN/NAAOutside20000
3/6/2008Cascade Healthcare CommunityMedHackCCN/NAAOutside11500
3/10/2008Blue Cross Blue Shield of Western New YorkMedMissingLaptopSSN/NAAOutside40000
3/17/2008HannafordBizHackCCNOutside4200000
3/21/2008Compass BankBizStolenDriveACC/NAAInside-Malicious1000000
3/22/2008Stock & Option SolutionsBizStolenLaptopSSN/NAA/FINOutside51000
3/26/2008The Dental NetworkMedWebSSN/NAA/DOBOutside75000
3/31/2008Advance Auto Parts Inc.BizHackFINOutside56000
4/1/2008Okemo Mountain ResortBizHackCCN/NAAOutside46569
4/8/2008WellPointMedWebSSN/MEDOutside128000
4/8/2008WellCareMedWebSSN/MEDOutside71000
4/11/2008New York-Presbyterian HospitalMedFraudSeSSN/NAAInside-Malicious49841
4/19/2008Central Collection BureauBizStolenComputerSSN/NAAOutside700000
4/22/2008Bank of Ireland GroupBizStolenLaptopACC/NAAOutside31500
4/22/2008Boots Dental PlanMedStolenTapeACCOutside34000
4/22/2008CollegeInvestBizLostDriveNAAInside-Accidental200000
5/1/2008Staten Island University HospitalMedStolenComputerSSN/NAAOutside88000
5/7/2008Bank of New York MellonBizLostTapeSSN/NAAOutside12500000
5/8/2008Hongkong and Shanghai Banking CorporationBizStolenComputerFIN/NAAOutside159000
5/11/2008Chilean Ministry of EducationGovHackSSN/NAAOutside6000000
5/12/2008PfizerBizStolenLaptopFIN/NAAOutside13000
5/29/2008State Street CorpBizStolenComputerSSN/NAA/DOBOutside45500
6/4/2008Canadian Canola Growers AssociationGovStolenLaptopSSN/NAAOutside32000
6/10/2008Cotton TradersBizHackCCN/NAAOutside38000
6/10/2008University of Utah Hospitals and ClinicsMedStolenTapeSSN/NAAOutside2200000
6/18/2008Castlecroft Medical PracticeMedStolenLaptopMED/NAAOutside11000
6/27/2008Montgomery WardBizHackCCN/NAAOutside52000
7/7/2008Florida Agency for Health Care AdministrationGovWebSSN/NAAOutside55000
5/6/2008LPL FinancialBizHackSSN/NAA/ACC/FINOutside10219
6/16/2008Greensboro Gynecology AssociatesMedStolenTapeSSN/NAA/MISCOutside47000
7/24/2008Village of Tinley Park, IllinoisGovLostTapeSSNOutside20400
7/24/2008Saint Mary's Regional Medical CenterMedHackSSN/NAAUnknown128000
7/29/2008Blue Cross Blue Shield of GeorgiaMedSnailMailSSN/NAA/MEDOutside202000
7/21/2008Anheuser-Busch Companies Inc.BizStolenLaptopSSN/NAA/MISC/DOBOutside190000
8/1/2008Countrywide Home LoansBizFraudSeSSN/NAAInside-Malicious2200000
6/30/2008Colchester Hospital University NHS Foundation TrustMedStolenLaptopNAA/MED/DOBOutside21000
8/11/2008Ireland Department of Social and Family AffairsGovStolenLaptopACCOutside380000
7/26/2008United States Transportation Security AdministrationGovStolenLaptopNAA/DOBUnknown33000
7/8/2008Whitaker Lane PracticeMedLostTapeNAA/MED/DOBOutside11851
7/21/2008UK Ministry of JusticeGovLostLaptopSSN/NAA/MISC/DOBOutside14000
8/18/2008InterActive Financial Marketing Group (IFMG)BizHackSSN/NAA/DOBOutside92095
8/19/2008PA ConsultingBizLostMediaNAA/MISC/DOBInside-Accidental94000
8/20/2008The Princeton ReviewBizWebDOBOutside108000
8/19/2008Barclays Bank PLCBizSnailMailCCNInside17000
8/26/2008Graphic DataBizDisposal_DriveCCN/NAA/ACC/DOBOutside1000000
8/28/2008Louisiana Real Estate CommissionGovWebSSN/NAAInside-Accidental13000
8/27/2008Ohio Police & Fire Pension FundGovEmailSSN/NAAInside13000
9/6/2008GS CaltexBizLostMediaSSN/NAA/EMAOutside11000000
9/10/2008St. Paul's SurgeryMedStolenTapeNAA/MISC/DOBOutside15396
9/12/2008Forever 21BizHackCCNOutside98930
9/15/2008The Whittington Hospital NHS TrustMedLostMediaSSN/NAA/DOB/FINInside-Accidental17990
9/11/2008Texas Lottery CommissionGovFraudSeSSN/NAA/ACCInside89000
9/26/2008Royal Air ForceGovStolenDriveNAA/MISC/DOBOutside50000
10/6/2008T-MobileBizLostDriveNAA/EMAInside17000000
10/10/2008United Kingdom Ministry of DefenceGovLostDriveSSN/NAA/MISC/DOB/FINUnknown1700000
10/9/2008DeloitteBizStolenLaptopSSN/NAA/DOB/FINOutside100000
9/16/2008Norwegian Tax AuthoritiesGovSnailMailSSN/NAA/FINInside-Accidental3950000
10/23/2008Medical Mutual of OhioMedLostMediaMISCOutside36000
11/4/2008Baylor Health Care System Inc.MedStolenLaptopSSN/NAA/MEDOutside100000
11/3/2008Arizona Department of Economic SecurityGovStolenDriveSSN/NAA/MED/DOBOutside40000
11/5/2008North Carolina Division of Aging and Adult ServicesGovStolenLaptopSSNOutside85045
11/18/2008British National PartyGovWeb/StolenDocumentNAA/EMA/MISCInside-Malicious13500
11/24/2008StarbucksBizStolenLaptopSSN/NAAOutside97000
9/19/2008City of Coral Springs, FLBiz/GovHackSSN/NAA/DOBOutside12120
11/25/2008Luxottica GroupBizHackSSN/NAAOutside59419
5/20/2008Sandown Health CentreMedLostTapeMEDOutside38000
11/27/2008C-W GroupBizStolenTapeCCN/NAA/FINInside3200000
12/2/2008Florida Agency for Workforce InnovationGovWebSSN/NAAOutside250000
12/23/2008Federal Emergency Management AgencyGovWebSSNInside-Accidental16857
12/23/2008RBS WorldpayBizHackCCN/SSNUnknown1500000
12/25/2008Pulte Homes Las Vegas DivisionBizStolenTapeNAA/MISC/ACCOutside16000
12/22/2008Wyndham HotelsBizHackCCN/NAAOutside21000
12/8/2008CheckFree Corporation (FiServ)BizHackACCOutside5000000
2/23/2007Flex Compensation, Inc.BizStolenLaptopSSN/ACC/FINOutside63400
12/12/2008Creditek, LLCBizStolenLaptopSSN/NAA/DOBOutside68857
1/9/2007Mercer Health and BenefitsMedStolenLaptopSSN/NAAOutside10500
1/20/2009Kanawha-Charleston Health Department MedFraudSeSSN/NAAInside-Malicious11000
5/23/2008R.E. Moulton, Inc.MedStolenLaptopSSN/NAAOutside19000
2/6/2007Merchant AmericaBizHackCCN/NAA/MISC/ACC/FINOutside130000
6/19/2008Aon Consulting WorldwideBizStolenLaptopSSN/NAAOutside57160
4/3/2007Commerce Banc Insurance ServicesBizStolenLaptopSSN/NAA/MEDOutside12876
2/2/2008New York City Department of FinanceGovSnailMailSSN/NAAInside-Accidental12000
2/6/2009Kaiser PermanenteMedUnknownMISCOutside29500
6/25/2007UnitedHealthcareMedFraudSeSSN/NAAInside-Malicious17000
2/9/2009United States Federal Aviation Administration (FAA)GovHackSSN/NAAOutside45000
1/31/2009Emily Morgan HotelBizUnknownCCNUnknown17000
6/5/2007vFinance Investments Inc.BizHackMISC/FINOutside29000
4/9/2007JPMorgan ChaseBizEmailSSN/NAAInside-Accidental21659
6/25/2008UnileverBizHackNAA/EMA/MISC/ACC/DOBOutside12000
2/18/2009Rio Grande Food ProjectBizStolenLaptopSSN/NAA/DOBOutside36000
2/20/2009Arkansas Department of Information SystemsGovLostTapeSSN/NAA/MISC/DOBUnknown807000
2/8/2007District Council 37 Health and Security Plan (DC 37)BizLostMediaSSN/NAA/MEDInside31500
3/4/2009New York City Police DepartmentGovStolenTapeSSN/FINInside-Malicious80000
3/6/2009Bottle DomainsBizHackCCN/NAA/MISCOutside60000
3/6/2009Idaho National LaboratoryBiz/GovSnailMailSSN/DOBOutside59000
3/18/2009WalgreensGov/BizEmailSSN/NAA/DOBInside-Accidental28000
3/4/2009Jackson Memorial HospitalMedStolenDriveNAA/MISC/DOBUnknown200000
4/2/2009Wigan Borough CouncilGovStolenLaptopNAA/MISC/DOBOutside33000
4/11/2009Peninsula Orthopaedic AssociatesMedStolenTapeSSN/NAA/MISC/MEDOutside100000
4/13/2009VHA Inc.Med/BizStolenLaptopSSN/MISCOutside14380
4/23/2009Oklahoma Department of Human ServicesGovStolenLaptopSSN/NAA/DOBOutside1000000
2/19/2008Irish Blood Transfusion ServiceMedStolenLaptopNAA/MED/DOBOutside177618
4/30/2009Oklahoma Housing Finance AgencyGovStolenLaptopSSN/NAA/DOBOutside225000
5/1/2009LexisNexisBizFraudSeSSN/NAA/DOBOutside32000
5/4/2009Fulton County Board of Registration and ElectionsGovDisposal_DocumentSSN/NAAInside-Accidental100000
Collection of significant security breach notifications based on letters sent to various jurisdictions in the United States under the Freedom of Information Act.
Improve the web with Nofollow Reciprocity.