This incident has 0 proposed changes. Know of details that have changed? Submit them Showing Incident 2673 To_xml

SUMMARY

5,000 past and current employees' information including bank account information, social security numbers and birth dates compromised
Records 5,000
Record Types SSN NAA ACC DOB FIN
Breach Type Hack
Data Family Electronic
Source Inside - Malicious
Organization Washington Schools Information Processing Cooperative (WSIPC)
Other Affected/Involved Organizations Evergreen Public Schools, Vancouver Public Schools
Lawsuit? NO/UNKNOWN
Data Recovered? NO/UNKNOWN
Arrest? NO/UNKNOWN
Submitted By: jkouns

TIMELINE

DateEvent
None. Add Data Incident Occurred
None. Add Data Incident Discovered By Organization
2010-03-24 Organization Reports Incident
None. Add Data Organization Mails Notifications
None. Add Data Records Recovered
None. Add Data Lawsuit Filed
None. Add Data Arrest Made

SIMILAR INCIDENTS

recordsdateorganizations

MAP OF INCIDENT LOCATION

Address: Vancouver, WA 98668, USA
Have a better address for this incident? Suggest it!

suggest a new reference

REFERENCES

suggest a new attachment

ATTACHMENTS

COSTS SUMMARY

Known Actual Costs

No known costs for this incident.

Estimated Costs

Ponemon Institute Direct Costs Estimate 1 $300,000.00
  1. Note that these estimates are based on the Ponemon Institute's 2009 direct costs figures from their 2009 Annual Study: Cost of a Data Breach. We multiply $60.00 by the number of records to obtain this figure. Keep in mind that depending on the breach, the direct costs are not always suffered by the breached organizations. In the case of credit card number breaches, the direct costs can often be suffered by banks and card issuers. Also note that this is only an estimate.

COMMENTS

by Anonymous on 2010-03-28 (almost 2 years ago)

The data loss in this incident did not occur at Evergreen School District. The case of identity theft was rather at Vancouver Public Schools.

by jkouns [Senior Researcher] on 2010-03-28 (almost 2 years ago)

That password gained him entry to Evergreen’s student records system and, later, Vancouver Public Schools’ payroll data accessed on hardware run by the Washington School Information Processing Cooperative, physically housed at Educational Service District 112 headquarters in Vancouver.

Berge first gained access to Evergreen’s computer system in August, “but didn’t get anything useful for committing crimes,” said Mike Vaughn, Clark County deputy prosecutor.

Three months passed before Berge used Evergreen’s computer system to open an account and gain entry to the Vancouver data. Vaughn suspects Berge made several attempts to hack and stake out Vancouver’s system before actually obtaining the personal information, he said.

by Anonymous on 2010-03-30 (almost 2 years ago)

Under 'Other Organizations', the Washington Schools Information Processing Cooperative (WSIPC) should also be listed, as that was the system compromised which actually allowed the more extensive identity theft.

New Comment

captcha
Are you human?

Incidents:

Data Types:

Sectors:

Sources:

Breach Types:

Sponsored By: Credant_200x51 Rbs Tenable Zecurion
Use of the DataLossDB, and its exports, RSS feeds, reports, or other materials produced on this site by the Open Security Foundation requires authorization and potential licensing arrangements. For more information, please e-mail officers@opensecurityfoundation.org with a brief summary of how you would like to use this information; product, service, research, etc.
© 2005 - 2012, Open Security Foundation, All Rights Reserved.