#RSS 2.0 RSS .92 Atom 0.3 Subscribe to the latest articles from the Home section of SC Magazine US Haymarket Media, Inc. Subscribe Contact Us About Us Advertising Editorial SC UK SC Asia SC Aus/NZ SC Magazine [pageid=1] [pageid=1] * Home * News + Features + Opinions + Newsletters * Products + First Looks + Reviews + Group Tests * Blogs + The News Team Blog + The Data Breach Blog + The IT Security Roundup * Whitepapers * Buyers Guide * Jobs * Events + Awards + Forum + Podcasts + Editorial Webcasts + Vendor Webcasts + EConference * Subscribe + Newsletters * Issue Archive * Topic Center: * Email Security * Compliance * Patch Management * Mobile/End Point Security * IT Security Training Subscribe to our RSS feeds RSS | Login | Register Home > The Data Breach Blog The Data Breach Blog Seniors’ data on stolen Pennsylvania government laptop time Posted December 19, 2007 * Comments(0) Burglars stole a Pennsylvania Department of Aging-issued laptop from the home of an employee, and the machine contained the personal data of about 21,000 senior citizens. What kind of personal information? Names, addresses, Social Security numbers and some medical data. What was the response? The agency is notifying the victims, and they will receive three months of free credit monitoring, expected to cost the state $23,000. Seniors can then extend the protection for a year at the state’s expense. Details: The laptop, which was double password protected but not encrypted, was stolen from the home of an employee attending a funeral. Police do not believe the thieves stole the laptop for the data residing on it. When the theft occurred, the department was in the process of extending encryption to all computers and is creating a central database so information does not need to be downloaded to individual machines. Quote:“We believe this was an isolated incident and that the provisions we’ve taken with contacting (consumer credit reporting agency) TransUnion and contacting the customers, should give our consumers and clients a sense of safety.” - Agency spokeswoman Michele Bell Gopinath. Source:pennlive.com, The Patriot News, “Stolen laptop holds data on seniors,” Dec. 19. Related Posts * Marines’ personal data potentially compromised The January theft of a laptop in Japan netted thieves the personally identifiable information of as ... * Senior citizens at risk for ID theft following Mass. state insurance plan breach A computer breach impacting Massacusetts' Prescription Advantage drug insurance plan placed tens of ... * Another VA breach – employees of West Virginia medical center have Social Security numbers exposed What happened? The human resources department of the Veterans Affairs Medical Center in Martinsburg,... * Pennsylvania public welfare agency computers stolen * Student hacker charged in Pennsylvania Filed under: Breaches, Government Iowa Department of Natural Resources contractor loses flash drive time Posted December 11, 2007 * Comments(0) A contractor with the Iowa Department of Natural Resources (DNR) lost a USB stick containing the PII of 7,000 people who work on wastewater and drinking water systems. What kind of personal information? Names and Social Security numbers. What happened? The contractor believes the jump drive fell off his desk and into a garbage can at a DNR office in Des Moines, Iowa. What was the response? The agency is notifying the victims and will provide them with free credit monitoring. Officials also are advising them to place a fraud alert on their credit files. Source:kcrg.com, KCRG-TV News, “DNR tells 7,000: Social Security numbers lost,” Dec. 11. Related Posts * Reno 911: University of Nevada professor loses memory stick A University of Nevada, Reno professor lost a flash drive containing the personal information of 16,... * Uh-Oh-io. Another breach in the Buckeye State as Bowling Green prof loses USB stick with student info Where did the breach take place? Bowling Green University in Bowling Green, Ohio. How many victims?... * Memory stick stolen from U of Cincy A flash drive was stolen from an employee at the University of Cincinnati. How many victims? 7,000 ... * Stolen laptop contains personal data of 800,000 Gap job applicants * Prof loses USB stick with PII of every 2006 Tex A&M-Corpus Christi student Filed under: Breaches, Government Hospital patient data on contractor’s laptop stolen time Posted December 11, 2007 * Comments(0) A laptop containing sensitive data on patients, employees and physicians from Sutter Lakeside Hospital in Lake County, Calif. was stolen from a contractor’s home. How many victims? 45,000. What kind of personal information? Names, addresses, phone numbers, birth dates and Social Security numbers. In some cases, the data included billing and diagnosis information. What happened?The contractor, who was performing an equipment upgrade, violated hospital policy when he downloaded the data onto the hard drive of a laptop. What was the response?The hospital mailed notification letters to the victims. In addition, it plans to provide additional training to managers, conduct audits of portable devices and re-evaluate its security polices. Details: The laptop was password protected but not encrypted. The hospital now plans to encrypt all of its computers. The contractor was fired. Quote: “We work in an environment where protecting individuals’ information is absolutely as important as providing quality service and care. Storing this type of information on a laptop hard drive is at variance with our organization’s strict policies.” - Hospital CEO Kelly Mather Source: RecordBee.com, The Record-Bee (Calif.), “Stolen laptop holds private information,” Dec. 10. Related Posts * Cancer not the only worry for 250 hospital patients in Alaska after laptop goes missing Where did the breach take place? Providence Alaska Medical Center in Anchorage, Alaska. How many vi... * Utah hospital loses laptop with patient records Some 4,800 patients may have had their names, Social Security numbers and health care information ex... * Personal information of 30,000 Sky Lakes Medical Center patients available online for month What happened? Patient records were available by web search during a four-week period after Sky Lake... * Stolen laptop contains personal data of 800,000 Gap job applicants * Laptops stolen from Indiana VA hospital Filed under: Breaches, Health Care In the dark: Indy energy company exposes customer info online for up to four years time Posted December 4, 2007 * Comments(0) The sensitive data of 3,000 residential customers of Indianapolis Power and Light were accidentally posted online for up to four years. What kind of personal information? Names, addresses and Social Security numbers. What happened? Some of information was posted online from 2003 until November 2007; other records were exposed for just a couple of weeks. What was the response? The power company sent notification letters to affected customers and is offering them one year of free credit monitoring. Details: A recent audit caught the security lapse. Source:TheIndyChannel.com, Channel 6 News, “Security lapse affects thousands of electric customers,” Dec. 4. Related Posts * Health benefits company exposes data online The personal information of about 128,000 WellPoint customers from several states was publicly avail... * Accounting firm loses laptop stolen containing energy company’s employee data Where did the breach take place? Chicago. How many victims? An undisclosed number of employees and ... * Outdoor retailer exposes customer info Where did the breach take place? Greensburg, Pa. What happened? Gander Mountain, a retail chain for... * Car contractor blamed for fourth Pfizer breach * HMO members’ personal info posted on website Filed under: Breaches, Manufacturing Senior citizens at risk for ID theft following Mass. state insurance plan breach time Posted December 3, 2007 * Comments(0) A computer breach impacting Massacusetts’ Prescription Advantage drug insurance plan placed tens of thousands of senior citizens at risk for identity theft. How many victims? 150,000 seniors. What kind of personal information? Undisclosed. What happened? Details are sketchy as to how the intrusion played out or was detected. What was the response? Letters were sent to victims, warning them of the breach and advising them to monitor their credit card and bank accounts. Police departments also have been notified. In addition, the Office of Elder Affairs is studying its policies to learn how a similar incident can be avoided in the future. Details: A suspect has been charged in the breach, but he or she was not named. Quote:“Prescription Advantage is taking this seriously. They have extensive security measures in place.” - Alison Goodwin, spokeswoman for the Massachusetts Executive Office of Health and Human Services. Source:SouthCoastToday.com, (Mass.) Standard-Times, “150,000 Bay State seniors notified of Prescription Advantage security breach,” Nov. 30. Related Posts * UPS loses data tape with personal information of 200,000 West Virginia officials are warning 200,000 current and former members of three health insurance pla... * Seniors’ data on stolen Pennsylvania government laptop Burglars stole a Pennsylvania Department of Aging-issued laptop from the home of an employee, and th... * Triple dose: Pfizer experiences yet another breach What happened? A Pfizer employee late last year removed confidential information from a company comp... * Personal info of every Ohio state employee - including the governor - stolen from intern’s car * University of Illinois students’ information distributed in mass email Filed under: Breaches, Government, Health Care time The Data Breach Blog Search This Blog: ____________________ SEARCH [pageid=1] [scmagazine.jpg] [EMBED] [320x50_podo.jpg] [pageid=1] Categories * Breaches * Education * Finance * Government * Health Care * High Tech * Manufacturing * Non-profit * Retail * Uncategorized Authors * Dan Kaplan (49) Archives * July 2008 * June 2008 * May 2008 * April 2008 * March 2008 * February 2008 * January 2008 * December 2007 * November 2007 * October 2007 * September 2007 * August 2007 * July 2007 * June 2007 * Blogroll + Absolute Software Laptop Security Blog + Attrition.org Data Loss Archive + Marco Ramilli’s Blog + WordPress.com + WordPress.org Home | News | Newsletters | Products | Blogs | Lists | Jobs | Events | Subscribe | Contact Us | About Us | Advertising | Editorial | Subscribe to our RSS feeds RSS This material may not be published, broadcast, rewritten or redistributed in any form without prior authorization. Your use of this website constitutes acceptance of Haymarket Media's Privacy Policy and Terms & Conditions