Breach Notices Round Up
Because of the volume, I’m going to consolidate these:
- US Marine Corp/Naval Postgraduate School, 207,750 SSNs, dismal process. From Stars and Stripes, “Thousands of Marines may be at risk for identity theft after loss of portable drive,” [link to http://www.estripes.com/article.asp?section=104&article=35264&archive=true no longer works] via Dataloss list. Marines affected should know there’s an “active duty military” alert you can add to their credit files (in addition to the standard fraud alert), and why the heck does the Postgrad school need SSNs to study retention rates?
- California Dept. of Social Services, 94,000 SSNs + Medical records, dismal process. 94,000 Get Identity Theft Warning Letters in Los Angeles, ID Theft Secrets blog.
- Vermont State College, 14,000+ Student/teacher/staff SSNs, laptop in car in Montreal. From “VSC laptop theft creates security concerns,” via InfoSec News.
- Progessive Casualty Corp, 13 SSNs, Employee. See Computerworld, “Data breach at Progressive highlights insider threat.” [link to http://www.computerworld.com/securitytopics/security/holes/story/0,10801,110303,00.html no longer works] Via Dataloss. Interesting because there was probably no legal requirement to inform.
- Ross-Simons, unknown # credit card applicants, unknown means. From “Reuters, via Dataloss.
- University of Medicine and Dentistry of New Jersey, 2,000 SSN, Hackers. From “Hackers Access Financial Data At UMDNJ,” via ISN.
- Astratel, undisclosed # of ISP records, undisclosed failing. “Austrailian IT News,” [link to http://australianit.news.com.au/articles/0,7204,18665780^15306^^nbv^15306,00.html?from=rss no longer works] via “Incident: Glitch at Australian ISP exposes customer data,” Canadian Privacy Law blog. Note lack of Australian disclosure law.