This incident has 0 proposed changes. Know of details that have changed? Submit them Showing Incident 2470

SUMMARY

37,000 customers' employees' names; addresses; dates of birth; Social Security numbers; passport numbers; alien registration numbers; driver’s license numbers; and military identification numbers accessed on web
Records	37,000
Record Types	SSN NAA MISC DOB
Breach Type	Web
Data Family	Electronic
Source	Inside - Accidental
Organization	Lookout Services Inc
Other Affected/Involved Organizations	State of Minnesota
Lawsuit?	YES
Data Recovered?	NO/UNKNOWN
Arrest?	NO/UNKNOWN
Submitted By:	kirniki

TIMELINE

Date	Event
2009-10-15	Incident Occurred
New Timeline Item For Incident Occurred Date Reference URL Spam Check: Are you human?
None. Add Data	Incident Discovered By Organization
New Timeline Item For Incident Discovered By Organization Date Reference URL Spam Check: Are you human?
2009-12-11	Organization Reports Incident
New Timeline Item For Organization Reports Incident Date Reference URL Spam Check: Are you human?
2010-01-03	Organization Mails Notifications
New Timeline Item For Organization Mails Notifications Date Reference URL Spam Check: Are you human?
None. Add Data	Records Recovered
New Timeline Item For Records Recovered Date Reference URL Spam Check: Are you human?
2009-12-10	Lawsuit Filed
New Timeline Item For Lawsuit Filed Date Reference URL Spam Check: Are you human?
None. Add Data	Arrest Made
New Timeline Item For Arrest Made Date Reference URL Spam Check: Are you human?

SIMILAR INCIDENTS

records	date	organizations
21,000	2006-08-23	Affiliated Computer Services (ACS), United States Department of Education

MAP OF INCIDENT LOCATION

Address: Bellaire, TX, USA
Have a better address for this incident? Suggest it!

suggest a new reference

REFERENCES

suggest a new attachment

ATTACHMENTS

Filed_First_Amended_Petition.pdf Petition in Lookout v. State of Washington suit.

COSTS SUMMARY

Known Actual Costs

No known costs for this incident.

Estimated Costs

Ponemon Institute Direct Costs Estimate ¹

$2,220,000.00

Note that these estimates are based on the Ponemon Institute's 2009 direct costs figures from their 2009 Annual Study: Cost of a Data Breach. We multiply $60.00 by the number of records to obtain this figure. Keep in mind that depending on the breach, the direct costs are not always suffered by the breached organizations. In the case of credit card number breaches, the direct costs can often be suffered by banks and card issuers. Also note that this is only an estimate.

COMMENTS

by Anonymous on 2009-12-11 (about 2 years ago)

Data from companies and agencies all over the country who used Lookout Services Inc. was accessible over the internet unincrypted and without the use of any log in at all. This unsecured data has been exposed for at a minimum of several months and most likely much much longer! Please check with you employer and insist they contact authorities, Lookout Services Inc. and seek legal advice. It appears Lookout Services are denying much of the problem and should be investigated immediately.

by d2d [Data Loss Maven] on 2009-12-14 (about 2 years ago)

added lookout services' response to the incident. added to references.

by Dissent [DataLoss Archaeologist] on 2011-05-03 (9 months ago)

FTC initiated a complaint about Lookout in 2011 and proposed settlement against them in May 2011.

Incidents:

Data Types:

Sectors:

Sources:

Breach Types:

Disposal Computer | Disposal Document | Disposal Tape | Disposal Drive
Disposal Mobile | Email | Fax | Fraud Se
Hack | Lost Computer | Lost Document | Lost Drive
Lost Laptop | Lost Media | Lost Mobile | Lost Tape
Missing Document | Missing Laptop | Missing Media | Snail Mail
Stolen Computer | Stolen Document | Stolen Drive | Stolen Laptop
Stolen Media | Stolen Mobile | Stolen Tape | Unknown
Virus | Web |