Breach Roundup
Where two organizations are implicated, the first is the one which collected the data, the second is Ernst and Young the one that lost it.
- Texas Guaranteed Student Loan/Hummingbird, 1.3m SSNs, “lost equipment.” “Toronto firm at centre of security breach” [link to http://www.thestar.com/NASApp/cs/ContentServer?pagename=thestar/Layout/Article_Type1&c=Article&cid=1149113029270&call_pageid=968350072197&col=969048863851 no longer works]
- Hotels.com/Ernst and Young, 243,000 credit cards, lost laptop. “Hotels.com customer info may be at risk” [link to http://news.yahoo.com/s/ap/20060604/ap_on_hi_te/hotels_com_data_theft no longer works] Who cares? It’s just credit cards, but this is getting enough press that the roundup felt incomplete without it.
- Food conglomerate Royal Ahold (Stop & Shop, Giant, Tops, etc)/EDS, impact hidden by company, lost laptop. Royal Ahold Loses Personal Data of Former Employees.
Apparently, they haven’t yet learned that transparency is good. Related, “Royal Ahold Execs Fined After Conviction.” [link to http://msnbc.msn.com/id/12915580/ no longer works]
- Miami University of Ohio, 851 student SSNs, dismal process. “Miami U. reports 2nd security breach.” [link to http://www.cleveland.com/news/plaindealer/index.ssf?/base/news/1149150686240780.xml&coll=2 no longer works]
- IRS, 291 Employee SSNs and Fingerprints, Lost laptop. “Lost IRS laptop stored employee fingerprints.”
- University of Kentucky, 1300 employee SSNs, spreadsheet on a web server. “UK tells 1,300 past, current employees that personal data was accessible online.” [link to http://www.kentucky.com/mld/heraldleader/14717374.htm no longer works]
- Rhode Island YMCA, 65,000 CC, ‘some’ SSNs, lost laptop. “YMCA laptop with 65,000 members’ information stolen.” [link to http://www.projo.com/digitalbulletin/content/projo-20060601-ymca.4420eea2.html no longer works] Props to the Providence Journal for getting the apostrophe correct.
- Medicaid/Buckeye Community Health Plan, 72,000 recipient SSNs, stolen laptops, “Computers stolen with data on 72,000 Medicaid recipients.” [link to http://story.cincinnatisun.com/p.x/ct/9/id/0739850fae5ac103/cid/d3350bca3cdaf0d1 no longer works]
- Veterans Administration, 50,000 active duty personnel, same laptop. “IDs of active military personnel on stolen laptop” [link to http://www.heraldtribune.com/apps/pbcs.dll/article?AID=/20060604/BREAKING/60604004 no longer works]
Many of these via Dataloss mail list.