Home | Advertise | Donate | Speaking Engagements | Consulting

Data Security Breach Statistics

2008 Summary

Records Compromised by Breach Source 2008

Incidents by Breach Source 2008

Security Breaches

Date	Name	Records Compromised	Description
1/2/2008	Workers Compensation Fund	2800	Officials with one of Utah's largest insurance companies are searching for a stolen laptop containing Social Security numbers and other personal information for about 2,800 people and 1,400 companies. The computer was taken from a car parked in the home garage of an auditor for the Workers Compensation Fund.
1/3/2008	Dorothy Hains Elementary School		The library door was kicked in and the circulation computer was stolen, something the principal desperately wants back because it has the Social Security numbers of students and teachers on it.
1/3/2008	Robotics Industries Association		A hacker accessed the administration site for Robotics Online gaining access to individual orders that contained credit card information. Seven residents of NH were affected, but national totals were not indicated.
1/4/2008	Maryland Department of Assessments and Taxation	900	The Maryland Department of Assessments and Taxation Web site may have exposed Social Security numbers online because the application system did not have a necessary security certificate to encrypt the information before it was sent out over the Internet. Roughly 900 people used the system.
1/4/2008	Florida Department of Children and Families		Social Security numbers, birth dates and other information about day-care workers in Orange, Seminole and Osceola counties were among the data on five laptop computers that were stolen from the DCF office near Orlando.
1/4/2008	Health Net	5000	Thousands of Health Net employees in Connecticut and other states have been notified that their names and Social Security numbers were on a laptop computer that was stolen more than a month ago from a company vendor. The laptop had information on about 5,000 employees companywide and an undisclosed number of health-care providers outside the Northeast.
1/5/2008	New Mexico State University		A computer hard drive containing the names and Social Security numbers of current and former NMSU employees is missing from the Pan American Center.
1/7/2008	Geeks.com		Personal and financial data may have been compromised by an intrusion into the systems of the online retailer's Web site. Compromised information included the names, addresses, telephone numbers and Visa credit card numbers.
1/7/2008	Sears/ManageMyHome.com		Sears' ManageMyHome.com site exposed customer purchase data to any online visitor who asked about it.
1/8/2008	Wisconsin Department of Health and Family Services	260000	Social Security numbers were printed on about 260,000 informational brochures sent by a vendor hired by the state to recipients of SeniorCare and other state programs.
1/9/2008	University of Georgia	4250	Former and perspective residents of a university housing complex effected by a hacker that was able to access a server containing personal information, including Social Security numbers. A computer with an overseas IP address was able to access the personal information ù including Social Security numbers, names and addresses ù of 540 current graduate students living in graduate family housing and 3,710 former students and applicants.
1/10/2008	Select Physical Therapy	4000	The company dumped about 4,000 pieces of sensitive customer information in garbage containers behind its facility. The records included Social Security numbers, credit and debit card account numbers, names, addresses and telephone numbers.
1/11/2008	University of Iowa	216	Iowa College of Engineering has notified some of its former students that some of their personal information, including Social Security numbers, was inadvertently exposed on the Internet for several months.
1/11/2008	Virginia Department of Social Services	1500	The Department of Social Services has mailed about 1,500 letters to warn of a 'potential security breach' involving a department computer that police suspect was used to commit fraud. A woman is accused of using her work computer while employed by Social Services last summer to apply for a credit card using her landlord's information. She was charged with two felony counts, credit card fraud and forgery, and is accused of spending nearly $1,000 on the card.
1/11/2008	University of Akron	800	A portable hard drive containing personal information is missing and may have been discarded or destroyed. The device contained Social Security numbers, names and addresses of students and graduates.
1/12/2008	California State University Stanislaus		A possible data breach occurred on a food vendor's computer server. Credit card numbers, cardholder names and expiration dates were exposed, leaving hundreds, possibly thousands, of university students, staff and guests open to identity theft, with victims reporting fake charges on their cards. Social Security numbers were not accessible.
1/14/2008	Tennessee Tech University	990	A portable storage drive containing the names and Social Security numbers of 990 students has been lost. A school employee transferred the information onto a portable flash drive when the printer where he was working did not print. The employee noticed the drive was missing the next morning.
1/15/2008	Naval Surface Warfare Center Dahlgren Division	100	Officials at the Naval Surface Warfare Center are warning past and present employees that their identities and credit ratings could be at risk. Two pages of a Naval Surface Warfare Center Employment Verification Report was found when four people were arrested in Bensalem Township, Pa., last week for attempted identity fraud. The report included names, Social Security numbers, birth dates, position titles, tenure codes, pay grades, salaries and other information about the employees.
1/15/2008	Wisconsin Department of Revenue	5000	Taxpayers in northeastern Wisconsin had their Social Security numbers exposed in a state mailing. A folding error, apparently the result of a faulty machine, allowed the Social Security numbers to be seen through the clear address window of the envelope.
1/16/2008	University of Wisconsin-Madison	529	The personal information, including e-mail addresses, phone numbers, Social Security numbers and campus ID numbers of faculty and staff who made purchases from the DoIT computer shop had been accessible on a campus Internet site.
1/17/2008	GE Money	650000	Personal information on customers of J.C. Penney and up to 100 other retailers could be compromised after a computer tape went missing. The missing information includes Social Security numbers for about 150,000 people.
1/23/2008	Baylor University		A student employee breached the security of the Baylor Information Network to access the Bear ID and passwords of those logging on to the BIN. This access didn't include sensitive information like Social Security Numbers, financial information or academic records. It was just unlawful access to Bear IDs and passwords. The information did, however, give access to Baylor e-mail and Blackboard accounts.
1/24/2008	Fallon Community Health Plan	29800	A vendor computer containing personal information on patients of Fallon Community Health Plan has been stolen. The data included names, dates of birth, some diagnostic information and medical ID numbers. Some of which may be based on Social Security numbers.
1/25/2008	OmniAmerican Bank	100	An international gang of cyber criminals hacked into the bank's records. They stole account numbers, created new PINs, fabricated debit cards, then withdrew cash from ATMs in Eastern Europe, Russia, Ukraine, Britain, Canada and New York. Fewer than 100 accounts, some of them dormant, were compromised.
1/25/2008	Penn State University	677	A university laptop containing archived information and Social Security numbers for 677 students attending Penn State between 1999 and 2004 was recently stolen from a faculty member.
1/28/2008	T. Rowe Price Retirement Plan Services	35000	Current and former participants in ôseveral hundredö retirement plans had their names and Social Security numbers contained in files on computers that were stolen.
1/29/2008	Georgetown University	38000	A hard drive containing the Social Security numbers of Georgetown students, alumni, faculty and staff was reported stolen from the office of Student Affairs.
1/29/2008	Horizon Blue Cross Blue Shield of New Jersey	300000	More than 300,000 members names, Social Security numbers and other personal information were contained on a laptop computer that was stolen. The laptop was being taken home by an employee who regularly works with member data.
1/29/2008	Wake County North Carolina Emergency Medical Services	4642	A Panasonic Toughbook used by county paramedics to store patient information on ambulance runs went missing from the WakeMed emergency department and now is thought to have been stolen. The laptop contained names, addresses and Social Security numbers.
1/30/2008	Davidson Companies	226000	A computer hacker broke into a database and obtained the names and Social Security numbers of virtually all of the Great Falls financial services company's clients. The database also included information such as account numbers and balances.
1/31/2008	University of Minnesota Reproductive Medicine Center	3100	A doctor at the fertility clinic, lost a flash drive that he used to back up his computer. The drive holds details of infertility treatments for 3,100 patients going back to 1999. The lost drive did not seem to contain any financial or Social Security information.
1/31/2008	South Carolina Department of Health and Environmental Control	400	A laptop containing the names and Social Security numbers of state health department employees is missing. The computer was inside a worker's vehicle when it was stolen last week from a convenience store. State officials say the password-protected computer contains personal information of state health department workers from Spartanburg, Cherokee, Union, Greenville and Pickens counties.
2/1/2008	Marine Corps Bases Japan	4000	A laptop was stolen , which contained personally identifiable information for clients of Marine Corps Community Services' New Parent Support Program. The laptop may contain names, ranks, Social Security numbers, dates of birth, children's names and mailing addresses of U.S. military service members, U.S. government employees and Status of Forces Agreement personnel on Okinawa and Marine Corps Air Station Iwakuni. It does not include driver's license numbers or bank and credit card information.
2/2/2008	Diocese of Providence	5000	Four computers were taken, and one had personal information on current and former Catholic school employees. The theft possibly exposed names, addresses and Social Security numbers.
2/7/2008	Memorial Hospital	4300	A laptop containing the personal information of full and part time employees and retirees is missing. The missing computer contains their names, addresses, birth dates, ID numbers and Social Security numbers.
2/8/2008	MLSGear.com		Injection attacks on web servers hosted by a third-party service provider has compromised the personal data of an unspecified number of individuals who had shopped on Major League Soccer's MLSgear.com Web site. The compromised information included names, addresses, credit card data, debit card data, and MLSgear.com passwords.
2/10/2008	Administrative Systems, Inc		A desktop computer stolen from an Administrative Systems, Inc. (ASI) office in Seattle contained names and sensitive information about customers or employees of several of the firm's clients: Continental American Medical, EyeMed Vision/Kelly Services Vision, and Jefferson Pilot Financial Dental. Personal details may have included name, date of birth, mailing address, and Social Security number, depending on the service being provided.
2/11/2008	Jefferson County Colorado Public Schools	2900	A special education technician had a personal laptop and jump drive stolen during a home robbery. Student name and date of birth, Student ID number, School location If the student has received district transportation additional information such as parent or guardian name and contact information, may also have been on the jump drive. The stolen information did not contain any Social Security numbers or financial information.
2/12/2008	Modesto California City Schools / Clovis Unified / Los Angeles Department of Water and Power / Torrance Unified School District / Nestle Waters North America	40000	A computer hard drive holding the names, addresses, birth dates and Social Security numbers of Modesto City SchoolsÆ employees was stolen.
2/12/2008	Long Island University	30000	Students tax forms mailed to them last week in were in defective mailers. The mailers containing each student's annual 1098-T 'Tuition Statement' were supposed to have adhesive on all four sides. But one side of each envelope was missing adhesive. The statement contains the student's name, address and Social Security number.
2/13/2008	Milwaukee County		Milwaukee County officials mistakenly released numerous confidential court records for a citizens group's Web site that detail payments for tests and other costs linked to to mental competency, paternity and guardianship cases. Entries for psychiatric examinations and guardianship fees in which the clients' names were still listed,
2/13/2008	Middle Tennessee State University	1500	A professor left the university computer unattended in the mass communication department about two weeks ago and an unidentified person is believed to have used the machine to send spam e-mails. The computer contained the names and Social Security numbers of past and current students.
2/13/2008	Lifeblood	321000	Laptop computers with birth dates and other personal information of roughly 321,000 blood donors are missing and presumed stolen. Stored inside both computers were names, birth dates and addresses at the time of the individual's last donation or attempted donation. In most cases, the donors' Social Security numbers were also stored, along with driver's licenses, telephone numbers, e-mail addresses, ethnicity, marital status, blood type and cholesterol levels. Social Security numbers had been used to track blood from the donor to the recipients.
2/14/2008	Tenet Healthcare Corporation	37000	A ex-employee worked at a Frisco, Texas, billing center for less than two years, and is confirmed to have stolen the names, Social Security numbers and other personal information of about 90 patients. The employee also had access to 37,000 other accounts.
2/15/2008	Crosslines Ministries of Carthage	2000	One of the largest aid agencies in Carthage was burglarized and files, containing the personal information of about 2,000 families, were stolen. Kaiser said among the items stolen were paper files containing names, addresses, Social Security numbers and other personal information of individuals served by Crosslines.
2/15/2008	First Magnus Financial		Outside a University of Phoenix Building in Ft. Lauderdale, files and paperwork belonging to the defunct First Magnus Financial were just lying in stacked boxes inside an industrial garbage container. The paperwork contained Social Security numbers, credit card information, addresses, and properties.
2/15/2008	Lexmark International		The employee personal data was inadvertently exposed, it included Social Security numbers, dates of birth, along with names and addresses. The data was accessed by two unknown parties when the data was loaded to a company file sharing site.
2/15/2008	Systematic Automation Inc	40000	Police filed possession of stolen property charges against a prison parolee who was arrested for having a computer with more than 40,000 names, addresses and Social Security numbers of California residents. The computer was stolen from Systematic Automation Inc., which processes individualized annual statements customized for employees with a summary of their health and other employee benefits. The hard drive contained employee information from 19 agencies. Some of the larger agencies include the Modesto City Schools, Clovis Unified School District, Los Angeles Department of Water and Power, and the Torrance Unified School District.
2/16/2008	Texas A&M University	3000	A computer file containing the names and Social Security numbers of current and former Texas A&M University agricultural employees was inadvertently posted online and accessible to the public for three weeks.
2/25/2008	Mecklenburg County North Carolina	400	A County employee's car was stolen, and in that car was a printout of bank draft transactions within the Park and Recreation Department. bank account information of an unknown number of people in Mecklenburg County has been stolen.
2/27/2008	Health Net Federal Services	103000	Thousands of doctors in eleven states had their personal information openly posted on a company website. Social Security numbers were part of the personal information exposed. The states involved include Wisconsin, Michigan, Illinois, Indiana, Ohio, Pennsylvania, Tennessee, Iowa, Missouri, Kentucky and West Virginia.
2/29/2008	Wellesley Health Department	480	Information in an envelope that had been mailed by the townÆs health department to a Medicare office in Boston say when the envelope arrived, it was open and the contents were missing. The material included social security numbers, addresses and dates of birth of seniors who had received flu shots from the town last fall.
3/3/2008	Kraft Foods	20000	A company-owned laptop computer was stolen from an employee of Kraft Foods traveling on company business. The laptop contained the names and may have contained Social Security numbers.
3/5/2008	Nevada Department of Public Safety	109	A private firm working for the Nevada Department of Public Safety has lost personal information provided by individuals seeking jobs with the agency. Data included Social Security numbers, addresses and background check information.
3/6/2008	Cascade Healthcare Community	11500	A computer virus may have exposed to outside eyes the names, credit card numbers, dates of birth and home addresses individuals who donated to Cascade Healthcare Community.
3/8/2008	MTV Networks	5000	Computer files with confidential data on employees at MTV Networks were breached by someone outside the company. Personal information in the files included names, birth dates, Social Security numbers and compensation data.
3/10/2008	Blue Cross Blue Shield of Western New York	40000	A laptop hard-drive containing vital information about members has gone missing. Blue-Cross Blue-Shield of Western New York says it is notifying its members about identity theft concerns after one of it's company laptops went missing.
3/10/2008	Central Florida Regional Hospital	28	The medical records of Central Florida Regional Hospital patients were sold last month at a Salt Lake City surplus store for about $20. The records were sold to a local school teacher looking for scrap paper for her fourth-grade class. The records contained detailed medical histories, phone numbers, addresses, Social Security numbers and insurance information.
3/10/2008	Texas Department of Health and Human Services		Information, including Social Security numbers that could be used to steal Medicaid clients' identity may have been stored on two computers stolen during a burglary. Computers could have contained personal information only on e-mails. The e-mails, however, would normally contain only an individual's case number. It is unlikely those e-mails would have listed Social Security numbers.
3/12/2008	Harvard University	10000	Harvard Graduate School of Arts and Sciences (GSAS) Web server may have compromised 10,000 sets of personal information from applicants and students, including 6,600 Social Security numbers and 500 Harvard ID numbers.
3/13/2008	University Health Care	4800	PatientÆs information could have been compromised, when a laptop with names, Social Security numbers and personal health information was stolen from University Healthcare. The hospital says that someone broke into a locked office and took a lap top and a flash drive.
3/15/2008	Broward County School District	38000	A Atlantic Technical High School senior hacked into a district computer and collected Social Security numbers and addresses of district employees.
3/15/2008	Sterling Insurance and Associates		A server stolen from the locked offices contained names, addresses, and Social Security numbers, dates of birth, driver's license numbers, and/or account information for an unspecified number of customers.
3/15/2008	Utah Division of Finance	500	Computer files containing the personal information of approximately 500 individuals may have been accessed by unauthorized persons during a security breach. An initial investigation indicates it is highly unlikely the person who breached the computer system was able to access any personal information.
3/17/2008	Binghamton University	300	A university employee mistakenly sent an e-mail attachment containing the names, grade point averages and Social Security numbers of junior and senior accounting students to another group of School of Management students.
3/17/2008	Hannaford	4200000	This security breach affects all of its 165 stores in the Northeast, 106 Sweetbay stores in Florida and a smaller number of independent groceries that sell Hannaford products. The company is currently aware of about 1,800 cases of reported fraud related to the security breach. Credit and debit card numbers were stolen during the card authorization transmission process, but no personal information was divulged.
3/17/2008	Minneola City	9	Nine Minneola firefighters are trying to keep their names clean after their personal information ended up on the city's Web site. The city clerk accidentally published the information. Social security numbers, phone numbers, addresses and personal information from union application cards found its way onto the city's Web site for over 36 hours.
3/19/2008	Affordable Realty		Social Security numbers and financial records of customers. Affordable Realty occupied office space inside the Ben Agree building on Dort Highway for years. The company was evicted and all of its sensitive customer information ended up outside in a dumpster or on the ground nearby.
3/20/2008	Pennsylvania Department of State	30000	The state was forced to pull the plug on a voter registration Web site after it was found to be exposing sensitive data about voters. Because of a Web programming error, the Web site was allowing anyone on the Internet to view data such as the voter's name, date of birth, driver's license number, and political party affiliation. On some forms, the last four digits of Social Security numbers could also be seen.
3/20/2008	Lasell College	20000	A hacker accessed data containing personal information on about current and former students, faculty, staff and alumni. Information included names and Social Security numbers.
3/21/2008	Compass Bank	1000000
3/21/2008	Rhode Island Department of Administration	1400	A state computer disk containing Social Security numbers is missing. The information was discovered missing within the last two weeks when human resources staff members who had relocated from Providence to Cranston could not find the data on the server.
3/22/2008	Agilent Technologies	51000	A laptop containing sensitive and unencrypted personal data on current and former employees of Agilent Technologies was stolen from the car of an Agilent vendor. The data includes employee names, Social Security numbers, home addresses and details of stock options and other stock-related awards. Agilent blamed the San Jose vendor, Stock & Option Solutions, for failing to scramble or otherwise safeguard the data - 'in violation of the contracted agreement.'
3/23/2008	Western Carolina University	555	Someone had hacked into a computer server and had access to the Social Security numbers of 555 graduates of the university who had signed up for a newsletter.
3/24/2008	National Institutes of Health	2500	A laptop was stolen from the trunk of a car. It contained information about heart disease patients, including their names, dates of birth and diagnoses of their medical conditions.
3/24/2008	Super 8 Motel
3/26/2008	The Dental Network	75000	A security breach of The Dental Network web site left access to member personal data, including names, Social Security numbers, addresses and dates of birth unprotected for approximately two weeks. The Dental Network is an independent licensee of the Blue Cross and Blue Shield Association.
3/26/2008	BNY Mellon Shareowner Services	3500	The company lost a box of computer data tapes storing personal information including names, Social Security numbers and possibly bank account numbers.
3/28/2008	Museum of Science Boston	140	The museum has notified 140 patrons that their names, credit card numbers, and other personal information were exposed on the museum's website because of a contractor's error.
3/28/2008	Antioch University	70000	A computer system that contained personal information on about 70,000 people was breached by an unauthorized intruder three times. The system contained the names, Social Security numbers, academic records and payroll documents for current and former students, applicants and employees.
3/29/2008	Department of Human Resources		A thief has stolen computer records containing identifying information on current and former employees of the state Department of Human Resources, including names, Social Security numbers, birth dates and home contact information. An external hard drive that stored a database was removed by an unauthorized person.
3/29/2008	San Quentin State Prison	3500	A flash memory drive containing names, birth dates and driver's license numbers of people who either volunteered or visited San Quentin State Prison in a group tour has been lost.
3/31/2008	Advance Auto Parts	56000
4/1/2008	Okemo Mountain Resort
4/4/2008	University of California Irvine	7000
4/4/2008	Harley-Davidson, Inc.(HOG)	60000	A laptop computer containing certain HOG members' personal information was determined to be missing from their facilities. The personal information stored on the computer included names, addresses, credit card numbers, their expiration dates, and driver's license numbers.
4/7/2008	Pfizer	800	A laptop was stolen by a burglar from the home of a contractor who helps arrange planning travel and meetings for Pfizer. Information on the laptop included names, credit card numbers and, in some instances, credit card expiration dates, various addresses and phone numbers, hotel loyalty program numbers and other information. It did not appear that any Social Security numbers or PIN codes were exposed
4/7/2008	Redbox		Redbox rents DVD movies via vending machine in drugstores and supermarkets throughout the country. They announced that they'd found credit card skimmers attached to three of their kiosks.
4/7/2008	Army Acquisition Support Center	24	"A spreadsheet containing a ""hidden"" column of Social Security numbers belonging to about two dozen officers and civilian employees of one Army agency was left on the agency's website for five months after being notified of the presence of the personal information. The center has temporarily shut down its website to scrub the information from the spreadsheet."
4/8/2008	Wellpoint	128000	Personal information that may have included Social Security numbers and pharmacy or medical data for customers in several states was exposed online over the past year.
4/8/2008	WellCare	71000	Private records of members of health insurance programs for the poor or working poor were accidentally made available on the Internet for several days. Those whose data was made available on the Internet included members of Medicaid, the federal health program for the poor, and PeachCare for Kids, a federal-state insurance plan for children of the working poor. About 10,500 members' Social Security numbers may have been viewed by unauthorized people on the Internet, all members of Medicaid or PeachCare. There is a possibility that an initial 59,000 members may have had some personal information made accessible.
4/9/2008	Norfolk's Community Services Board	30	The personal information of clients of Norfolk's Community Services Board was compromised when a case worker's briefcase was stolen. The briefcase was left in the worker's car in a Virginia Beach parking garage, but someone smashed a window and stole it. It's unclear what information was in the files but that it likely included Social Security numbers.
4/10/2008	Joliet West High School		A student using a school computer last month was able to access personal information about every student enrolled. The student allegedly downloaded a list of names and Social Security numbers to his iPod.
4/11/2008	New York-Presbyterian Hospital/Weill Cornell Medical Center	49841	One of the hospitals employees may have stolen records containing the names, phone numbers and, in some cases, social security numbers of some of it's patients patients.
4/12/2008	West Seneca School District	1800	Several current and former students are believed to have broken into the school district’s computer system and copied secure files that included the personal information and Social Security numbers of school employees
4/13/2008	University of Toledo	6488	Personal information of the University of Toledo employees, the majority having worked on the Health Science Campus in 1993 and 1999 - last month was inadvertently placed on a server to which all employees had access. The information, which was used for payroll purposes, included names, addresses, and Social Security numbers and was accessible for about 24 hours.
4/14/2008	Utah Department of Workforce Services		A former state employee who took applications from people seeking food stamps and other welfare aid worked with three others to steal the identity of Utah residents and charge tens of thousands of dollars in purchases.
4/14/2008	Stokes County Schools	800	A school computer containing the names, test scores and Social Security numbers of students from three Stokes County high schools was stolen from a locked closet.
4/15/2008	First Federal Bank of California		"This bank was not the only financial institute impacted by a security breach that occurred in a banking in a ""subsystem of a financial data processor,"" Fiserv, Inc. of Wisconsin last month.The bank said that it was ""company policy"" not to reveal any details about the breach including the number of banks involved, how many customers were impacted, the depth of information breached, how extensive the breach was geographically even which federal agencies were involved. However, non-public private account information might be at risk."
4/16/2008	Hexter Elementary School		Employee and volunteer records were found at a recycling bin near the school. It's unknow what type of documents were found.
4/16/2008	University of Virginia	7000	A laptop stolen from a University of Virginia employee contained sensitive information about students, staff and faculty members. Stolen from an unidentified employee from an undisclosed location in Albemarle County, the laptop contained a confidential file filled with names and Social Security numbers.
4/17/2008	University of Miami	2100000	Computer tapes containing confidential information of Miami patients was stolen last month when thieves took a case out of a van used by a private off-site storage company. The data included names, addresses, Social Security numbers or health information.
4/17/2008	Connecticut State University System / Buffalo State / Northwest Missouri State University	28879	At least 18 colleges are scrambling to inform tens of thousands of students they are at risk of having their identities stolen. A laptop computer that was stolen from a vendor contained the data of current and former students from the four state universities, including Western Connecticut State University. The computer was password-protected but contained unencrypted files with personally identifiable data, including names and Social Security numbers.
4/19/2008	Central Collection Bureau	700000	A computer server containing Social Security numbers and other personal information was stolen last month from a Southside debt-collection bureau. The information includes customer-billing records for Indiana businesses, including Citizens Gas & Coke Utility, St. Vincent Health and Methodist Medical Group.
4/20/2008	Helping Homeless Veterans and Families		Hundreds of files containing medical histories and Social Security numbers were found in the trash on Indianapolis' east side. The records belong to homeless veterans. A lot of the things inside the folders are confidential information about the clients including Social Secrutiy numbers.
4/21/2008	Brunswick Corp	700	An electronic devices that scans customers' drivers' licenses to make sure they're of legal drinking age was stolen from a company-owned bowling facility in suburban Naperville. The device contains information such as driver's license number, date of birth and first and last names of customers whose licenses were scanned.
4/22/2008	University of Massachusetts		Hackers breached the computer system used by UMass Amherst's Health Services, potentially gaining access to thousands of medical records. More than half of the student population at UMass Amherst are patients on record at the University Health Services.
4/22/2008	CollegeInvest	200000	Customers had personal information stored on a computer hard drive that disappeared during a recent move. CollegeInvest moved to a new office space recently using an international relocation firm that offered specialists in moving computer equipment. CollegeInvest discovered while unpacking at the new location that a hard drive was missing.
4/22/2008	LendingTree		"Outside loan companies may have accessed information, including Social Security numbers, between October 2006 and early 2008 and used it to market their own mortgages to LendingTree customers. Several former employees may have shared confidential passwords with ""a handful"" of lenders that were not approved by the company."
4/22/2008	HealthNow New York		Clients may be at risk for identity theft, after a former employees laptop computer went missing with confidential information several months ago. The potential information includes names, dates of birth, Social Security numbers, addresses, employer group names, and health insurance identifier numbers.
4/22/2008	Fishback Financial Corp		There has been an unauthorized access to one of the database servers by a third party. The database includes names, addresses and Social Security numbers.
4/22/2008	Central New England HealthAlliance	384	Personal data could be at risk of exposure after a home health nurse reported that her handheld computer was missing. The unencrypted data include names, Social Security numbers, and health insurance records.
4/22/2008	Smithtown Post Office		A Smithtown postal worker was arrested after he stole credit cards from the mail and went on a shopping spree.
4/23/2008	University of Texas Health Science Center	2000	About 2,000 medical bills were mailed last week with patients' Social Security numbers visible on the envelope.
4/23/2008	Southern Connecticut State University	11000	Southern Connecticut State University is taking action to prevent its students from becoming victims of identity theft. The move comes after a website with student and alumni information was found to be easily accessible to hackers. It appears that no financial information was accessed but Social Security numbers were vulnerable.
4/24/2008	Harmony Information Systems		A computer program housing personal information about Wisconsin seniors and disabled people had a significant security hole. A senior center volunteer in McFarland said he could see hundreds of files of people's private information from across the country in the system run by Virginia-based Harmony Information Systems. The information is entered into an electronic record that includes the person's name and Social Security number.
4/24/2008	Collections Lawyers Pellegrino & Feldstein	530	Consumer information somehow escaped the New Jersey law offices of and ended up posted on several websites. The Liberty Coalition discovered cached versions of an Excel file that contained the full names, Social Security numbers, dates of birth, addresses, account numbers, and financial information.
4/25/2008	Canton WiseBuys		Someone apparently hacked into the Canton WiseBuys store computer system during a changeover between December 5 and December 20. The hacker obtained personal identification and banking numbers of hundreds of customers.
4/25/2008	Baltimore State Highway Department	1800	An employee transferred personnel transaction data from a secure drive to a SHA shared drive. Sensitive personal information concerning employees, included names and Social Security numbers.
4/25/2008	University of Colorado	9500	"Three computers in the Division of Continuing Education and Professional Studies were compromised, leaving people open to potential identity theft. One of the three computers had personal data, including names, Social Security numbers, addresses and grades. UPDATE (5/1/08) Upon further analysis, the University concluded that no personal data had been exposed. 9,500 records were initially thought to be comprised, but later this was revised to zero."
4/27/2008	General Internal Medicine of Lancaster		A laptop was stolen from a doctors office containing the Social Security numbers of patients.
4/28/2008	Coos County Oregon	500
4/28/2008	Hough, MacAdam & Wartnik	500	A notebook computer was stolen from a locked vehicle. The notebook's hard drive may have contained names, Social Security numbers, and other personal information.
5/1/2008	Lunardi's Supermarket	100	"An ATM and credit card reader in a checkout aisle at the Los Gatos Lunardi's supermarket was recently switched, resulting in cases of identity theft. Victims all had their card numbers stolen after officials from Lunardi's contacted them about a problem with one of their card readers.""It was a switched card reader at one of the aisles,"""
5/1/2008	Staten Island University Hospital	88000	Computer equipment stolen from an administrator contained personal information from patients. Social Security numbers and health insurance numbers were contained in computer files on a desktop computer and the backup hard drive.
5/1/2008	University of California San Francisco	6313
5/1/2008	Cove Creek Mortgage/Front Range Mortgage		Sensitive mortgage files with people's personal information were recently found in a Dumpster. The files and computers contained sensitive information on many former customers of Front Range Mortgage, including names and addresses, Social Security numbers and bank, credit card and investment account information.
5/2/2008	Marine Corps Reserve Center	17000	A former U.S. military contractor has pleaded guilty to exceeding authorized access to a computer and aggravated identity theft after he was accused of selling names and Social Security numbers of 17,000 military employees.
5/2/2008	Iredell County Tax Collector	468	A courier vehicle providing services for First Citizens Bank was stolen in Charlotte. The stolen shipment contained a computer report of taxpayer's check information, including account numbers, check numbers, check amounts and routing numbers from various banks on which the checks were drawn. There were also copies of tax bills that contained taxpayer names, addresses and other public information related to tax payments.
5/5/2008	Target America Inc./UCSF	6313	Information on UCSF patients was accessible on the Internet. The information accessible online included names and addresses of patients along with names of the departments where medical care was provided. Some patient medical record numbers and the names of the patients' physicians also were available online.
5/6/2008	Finjan	5878	Researchers at security vendor Finjan uncovered a server containing the sensitive email and Web-based data of thousands of people, including healthcare information, credit card numbers and business personnel documents and other sensitive data. Finjan notified more than 40 major international financial institutions located in the United States, Europe and India whose customers were compromised as well as various law enforcements around the world. Server logs contained a mountain of healthcare information, including personal data, health data, treatment, medications, insurance details, Social Security Numbers, and healthcare providers' data, including physician's name. Banking data, including credit card numbers and account login numbers were also discovered on the server.
5/6/2008	International Visa Service	1000	An employee has been arrested and charged with stealing the personal information of people who were applying for a passport and sold the identities on the black market.
5/6/2008	Northeast Security		News Channel 8 found Social Security numbers, bank account numbers and even canceled checks inside a dumpster. The files appear to belong to Northeast Security, a subcontractor for Safe Home Security, based out of Rocky Hill. Northeast Security recently moved out of a West Haven storefront, and it seems they left their clients personal information behind.
5/6/2008	Ohio State University Agricultural Technical Institute	192	Personal information on faculty and staff members was accidentally emailed to about 680 students. The email contained spreadsheet information listing the names, positions, salaries and Social Security numbers.
5/7/2008	Bank of New York Mellon	4500000
5/7/2008	SAIC	4690	(877) 277-8001 SAIC stockholders are at risk of identity theft after a box of magnetic backup tapes went missing. The tapes contained names, addresses, Social Security numbers, stock account information, transaction activity and possibly bank account numbers for current or former shareholders.
5/8/2008	Dominican University	5000	Two students were able to access records on a staff network storage area. The files accessed were three spreadsheets that included the students names, addresses, phone numbers, birthdays and Social Security numbers.
5/8/2008	Las Cruces Public Schools	1800	A part-time computer analyst for Las Cruces Public Schools inadvertently posted personal data for 50 special education students and 1,750 district employees on the Internet. Information posted included Social Security number, date of birth, name, the nature of disability and caseworker's name.
5/9/2008	Princeton University Tower Club	103	Tower Club is taking steps to protect 103 of its alumni in the classes of 2006 and 2007 after a spreadsheet listing their names and Social Security numbers was e-mailed to current club members. The document was attached to an apparently unrelated e-mail that informed current members about a club event. The spreadsheet was attached unintentionally because of a technical glitch in an email program.
5/12/2008	Pfizer	13000	About 13,000 employees at Pfizer Inc., including about 5,000 from Connecticut, had their personal information compromised when a company laptop and flash drive were stolen. No Social Security numbers were on the laptop, but names, home addresses, home telephone numbers, employee ID numbers, positions and salaries were possibly compromised. Other information possibly lost included the department employees worked in, the Pfizer site where the employees worked, the name of employees’ managers and descriptions of their jobs.
5/12/2008	Dave & Buster's	5000
5/14/2008	Oklahoma State University	70000	A breach in an Oklahoma State University computer server exposed names, addresses and Social Security numbers of students, staff and faculty who bought parking and transit services permits in the past six years.
5/15/2008	BB&T Insurance		A BB&T Insurance laptop containing the personnel information of some Harrisonburg City Schools employees was stolen. The laptop, used by an outside sales representative to develop an insurance proposal for the school system, was stolen from a car. The information contained names, dates of birth, Social Security numbers, and, in some cases, medical history.
5/16/2008	Chester County School District	50000	A 15-year-old student gained access to files on a computer at Downingtown West High School. Private information, including names, addresses and Social Security numbers, of more than 50,000 people were accessed. The student apparently used a flash drive to save the personal data of about 40,000 taxpayers and 15,000 students.
5/16/2008	Amateur Athletic Union		Boxes filled with personal information were found in a dumpster. Information on athletes and their guardians included Social Security numbers and copies of birth certificates.
5/16/2008	Spring Independent School District	8000	A laptop computer containing the personal information of students was stolen from a employee’s car. The car burglars made off with her school laptop and an external flash drive. The flash drive contains students’ Social Security numbers, personal information, schools those students attend, as well as their grade level and birthdates. The drive also contained the Texas Assessment of Knowledge and Skills test results.
5/16/2008	Greil Memorial Psychiatric Hospital		Index cards containing patients personal information, names, dates of birth, even Social Security numbers are gone. Hundreds of records have simply disappeared.
5/17/2008	University of Louisville	20	Documents being copied and taken from a private office in the president’s office, to its Internal Audit Office and Department of Public Safety may have resulted in a security breach. The documents contained personal information — including Social Security numbers, student and employee identification numbers and salary information — for current and recent student employees. The university learned of the theft when salary information was shared anonymously with some employees in the office.
5/20/2008	New York University	273	Duke University's Fuqua School of Business is notifying former New York University students that some of their personal information was inadvertently accessible by targeted Internet searches. The personal data included names and Social Security numbers and was contained in the faculty member's research records. The information could have been accessed only if searched by specific student names, along with a search code for Social Security numbers.
5/20/2008	University of Florida College of Medicine - Jacksonville	1900	A UF assistant professor of plastic surgery at the UF College of Medicine-Jacksonville, stored unsecured digital photographs of his patients and identifying information -- such as names, dates of birth, Social Security numbers, and Medicare numbers -- on a computer. He then gave the computer to a family he was friends.
5/21/2008	Oklahoma Corporation Commission	5000	The Oklahoma Corporation Commission is removing hard drives from all surplus computer equipment after a server containing the names and Social Security numbers of thousands of residents was sold at an auction.
5/22/2008	Downingtown Area School District	56000
5/22/2008	HealthSpring	9000	A laptop computer containing personal information of about 450 state residents was stolen. The laptop, believed to contain names, dates of birth and Social Security numbers of about 9,000 individuals, was stolen from a HealthSpring employee's locked car.
5/23/2008	R.E. Moulton	19000	Thieves broke intothe Irving, Texas regional office and stole a laptop computer containing personally information of numerous individuals, including names and Social Security numbers.
5/28/2008	University of California San Francisco	3569	During routine monitoring of a campus computer network, UCSF discovered unusual data traffic on one of its computers. During the investigation, UCSF determined that an unauthorized movie-sharing program had been installed on one computer by an unknown individual. Installation of this program required high-level system access. The computer contained files with lists of patients from the UCSF pathology department’s database. The data included information such as patient names, dates of pathology service, health information and, in some cases, Social Security numbers.
5/29/2008	State Street Corp	45500	Computer equipment containing personal information on customers and employees of a State Street unit was stolen. The computer equipment was stolen from a vendor hired by Investors Financial Services to provide legal support services. The personal information included names, addresses and social security numbers.
5/30/2008	Circuit Court of Louisville	312	(502) 595-3273 Louisville Metro Police made an arrest, and during that arrest they found 312 stolen court traffic files in that person's possession. All of the files contain personal information of people in Louisville such as, name, address, date of birth and in some cases Social Security numbers and copies of drivers’ licenses.
5/31/2008	Pocono Mountain School District	11000	A hacker apparently broke into the computers at Pocono Mountain School District and may have tapped into confidential information concerning students and their parents. Information may have included the students' birth dates, Social Security numbers, student IDs, home phones, and the parents' names, phone numbers and emergency phone numbers. ''If you see any unauthorized activity, promptly contract your service provider and or the office of the director of technology at 570-873-7121, ext. 10151,''
6/2/2008	Walter Reed Army Medical Center	1000	Records with confidential information on about 2,100 people have been lost and might have been mistakenly shredded. The files contained copies of letters informing applicants that they were ineligible for the unemployment insurance. They were dated between May 2 and May 20 and contained names, addresses and Social Security numbers.
6/2/2008	Connecticut Department of Labor	1200	Sensitive information on patients at Walter Reed Army Medical Center and other military hospitals was exposed in a security breach. The computer file that was breached did not include information such as medical records, or the diagnosis or prognosis for patients, but may have included names, Social Security numbers, birth dates as well as other information.
6/3/2008	Oregon State University	4700	http://www.privacyrights.org/ar/ChrondataBreaches.htm
6/4/2008	AT&T		A laptop was stolen from the car of an employee. The data on the computer was not encrypted -- a violation of company policy -- and included names, Social Security numbers and in some cases, salary and bonus information.
6/6/2008	Stanford University	72000	Stanford University determined that a university laptop, which was recently stolen, contained confidential personnel data. The university is not disclosing details about the theft as an investigation is under way.
6/7/2008	East Tennessee State University	6200	6,200 people may have had there identities compromised by the theft of a desktop computer. The computer is password protected and files cannot be easily accessed. But there is a small possibility that the information could be compromised.
6/7/2008	Southington Water Department	26	Documents with the names and Social Security numbers of 26 people were found scattered by the Quinnipiac River.
6/9/2008	University of South Carolina	7000	Several items were stolen from an office in the Moore School of Business. Among the items was a desktop computer. As a result of the computer being stolen, it is possible that some personally identifiable data could have been compromised.
6/10/2008	1st Source Bank		1st Source Bank is replacing ATM cards this month for all its account holders after cyber-thieves accessed an unknown amount of debit-related data.
6/10/2008	University of Utah Hospitals and Clinics	2200000	Billing records of 2.2 million patients at the University of Utah Hospitals and Clinics were stolen from a vehicle after a courier failed to immediately take them to a storage center. The records, described only as backup information tapes, contained Social Security numbers of 1.3 million people treated at the university over the last 16 years.
6/10/2008	University of Florida	11300	Current and former students had their Social Security numbers, names and addresses accidentally posted online. The information became available when former student employees of the Office for Academic Support and Institutional Service, or OASIS, program created online records of students participating in the program between 2003 and 2005.
6/10/2008	Wheeler's Moving Company		Personal files with tax information, Social Security numbers and license numbers, were found in a Boca Raton dumpster.
6/11/2008	Dickson County TN Board of Education	850	A computer containing sensitive personal was stolen from the Dickson County Board of Education. The computer belongs to the new director of schools and was loaded with the name and Social Security number of every school employee from the 2006-2007 school year, a total of 850.
6/12/2008	Columbia University	5000	A student employee had posted a database of students' housing information on a Google-hosted Web site. Their Social Security numbers had been searchable online for the last 16 months.
6/13/2008	Texas Insurance Claims Services		Hundreds of files with people's names, Social Security numbers and policy numbers were found in a Richardson dumpster.
6/15/2008	Conn. Department of Administrative Services		Department of Administrative Services posted the Social Security numbers of individual contractors on a state Web site. An audit also uncovered the Social Security numbers of prospective nursing employees accessible on an agency Web site for 19 months until a complaint was lodged.
6/18/2008	Domino's Pizza		Investigators found credit card numbers blowing in the wind. These piles and papers contained hundreds of old receipts from Domino's Pizza stores. The former owner had been discarding boxes of old records and somehow all those receipts got loose.
6/19/2008	Petroleum Wholesale		The company dumped hundreds of records in a publicly accessible trash container outside its former headquarters. The records included receipts with customers' names and full credit or debit card numbers, including expiration dates. The records also included returned checks and forms containing customers' names and bank routing, driver's license and Social Security numbers.
6/19/2008	Citibank		A Citibank server that processes ATM withdrawals at 7-Eleven convenience stores had been breached. The computer intrusion into the Citibank server led to two Brooklyn men making hundreds of fraudulent withdrawals from New York City cash machines, pocketing at least $750,000 in cash.
6/23/2008	CNET Networks / Google		Burglars stole computer systems from the offices of the company that administers the Internet publisher's benefit plans. The computers contained names, birth dates, Social Security numbers and employment information of the beneficiaries of CNET's health insurance plans. CNET was only one of several clients affected.
6/23/2008	Bank Atlantic		Bank Atlantic confirms they had a data loss, involving their MasterCard debit cards. It happened through a local merchant, but at this time, isn't saying which one.
6/24/2008	California Department of Consumer Affairs	5000	A Microsoft Word document was improperly transmitted electronically outside of the department. The document contained the salaries and titles of everyone on the document. It may have also compromised their names and Social Security numbers.
6/24/2008	Southeast Missouri State University	800	A former employee has been indicted on two charges of identity fraud and one charge of computer trespass after being found in possession of 800 student names and Social Security numbers.
6/26/2008	Texas Department of Public Safety	826	http://www.privacyrights.org/ar/ChrondataBreaches.htm
6/27/2008	Montgomery Ward	51000	Hackers extracted stolen information from an online database that held credit card account information.
7/2/2008	University of Nebraska at Kearney	2035	Officials at the University of Nebraska at Kearney discovered a security breach involving nine university computers. Of the nine computers involved, five contained names and partial or complete Social Security numbers.
7/2/2008	Baptist Health	1800	Due to a breach by an unauthorized person in the information systems, there is a possibility that some personal information, such as name, address, date of birth, Social Security number, and reason for coming to Baptist Health. No information in the patient’s “medical records” and no information about the patient’s diagnosis or prognosis was accessed.
7/4/2008	Clark County Nevada District Court	380	A contracted vendor released personal information on about 380 potential jurors to an employee's private e-mail address. The information provided to the e-mail account could have included names, addresses, Social Security numbers and birth dates.
7/7/2008	Florida Agency for Health Care Administration	55000	A security breach in the Organ and Tissue Donor Registry may have exposed thousands of donors' personal information, including their Social Security numbers. Other data included donors' names, addresses, birth dates and driver license numbers.
7/8/2008	LPL Financial	10219	Hackers potentially got their hands on clients unencrypted names, addresses and Social Security numbers. Hackers compromised the logon passwords of 14 financial advisers and four assistants.
7/9/2008	Wagner Resource Group		Sometime late last year, an employee of a McLean investment firm used the online file-sharing network LimeWire. In doing so, he inadvertently opened the private files of his firm to the public. That exposed the names, dates of birth and Social Security numbers of about 2,000 of the firm's clients, including a number of high-powered lawyers and Supreme Court Justice Stephen G. Breyer.
7/10/2008	Williamson County (TN) Schools	4000	Social Security numbers and other personal information of 4,000 children were posted on the Internet.
7/11/2008	Fort Lewis	900	A laptop computer that was reported stolen from an Army employee’s truck contained personal information on about 800 to 900 Fort Lewis soldiers. UPDATE (7/11/08) :A 17-year-old Lacey boy faces a charge of suspicion of possession of stolen property after Tumwater police uncovered items from vehicle prowls, including a stolen Army laptop containing information about up to 900 Fort Lewis soldiers.
7/14/2008	Washington Metropolitan Area Transit Authority	4700	Metro accidentally published the Social Security numbers of past and present employees on its Web site. The numbers were posted with a solicitation to companies for workers' compensation and risk management services.
7/15/2008	Indiana State University	2500	"A password-protected laptop computer containing personal information for current and former Indiana State University students was stolen. The laptop contained data for students who took economics classes from 1997 through the spring semester 2008. The information includes names, grades, e-mail addresses and student identification numbers and in some cases Social Security numbers.
UPDATE (7/22/08) :The laptop computer was mailed anonymously back to the professor it was stolen from six days after it was stolen along with other personal items."
7/15/2008	Weber Law Firm		Sheriff's deputies uncovered hundreds of people's personal financial files that had been discarded in a dumpster in northwest Houston. Box after box of records including personal financial records, documents with Social Security numbers, people's medical files and more were found in the dumpster.
7/15/2008	Missouri National Guard	2000	The Missouri National Guard has called for a criminal investigation after it learned that the personal information of as many as 2,000 soldiers had been breached. The Guard would not release how the personal information had been taken -- whether by computer hackers or other means -- because it has asked for a full law enforcement investigation into the matter.
7/15/2008	University of Texas at Austin	2500	The personal information of University of Texas students and faculty has been exposed on the Internet. An independent watchdog discovered more than five dozen files containing confidential graduate applications, test scores, and Social Security numbers. The files were inadvertently posted by at least four different UT professors to a file server for the School of Biological Sciences.
7/16/2008	Greensboro Gynecology Associates	47000	A backup tape of patient information was stolen from an employee who was taking the tape to an off-site storage facility for safekeeping. The stolen information included patients' names, addresses, Social Security numbers, employers, insurance companies, policy numbers and family members.
7/17/2008	Department of Consumer Affairs	5000	A Consumer Affairs personnel specialist in Sacramento, emailed an alpha personnel file containing names and Social Security numbers of the department's more than 5,000 staff to a personal Yahoo email account at the end of the day, her last day at the department.
7/17/2008	University of Maryland	23000	University of Maryland accidentally released the addresses and Social Security numbers of thousands of students. A brochure with on-campus parking information was sent by U.S. Mail to students. The University discovered the labels on the mailing had the students' Social Security numbers on it.
7/17/2008	Bristol-Myers Squibb	42000	A backup computer-data tape containing employees' personal information, including Social Security numbers, was stolen recently. The backup data tape was stolen while being transported from a storage facility. The information on the tapes included names, addresses, dates of birth, Social Security numbers and marital status, and in some cases bank-account information. Data for some employees' family members also were on the tape.
7/18/2008	Falkirk and District Royal Infirmary	89
7/19/2008	Minneapolis Veterans Home	336	A backup computer server stolen from the Minneapolis Veterans Home contained telephone numbers, addresses, next-of-kin information, dates of birth, Social Security numbers and some medical information, including diagnoses for the home's 336 residents.
7/23/2008	San Francisco Human Services Department		Potentially thousands of files contaning personal information was exposed after a San Francisco agency left confidential files in unsecured curbside garbage and recycling bins. In some cases entire case files were discarded. Blown up copies of social security cards, driver's licenses, passports, bank statements and other sensitive personal information were all left in these unlocked bins.
7/24/2008	Village of Tinley Park Illinois	20400	Computer backup tapes that contain thousands of Social Security numbers of Tinley Park residents have been lost. The tapes containing information from as long ago as 15 years were lost while being transferred from the village hall to another site within the Chicago suburb.
7/24/2008	Hillsborough Community College	2000	Hillsborough Community College warned its employees to monitor their bank accounts because an HCC programmer's laptop was stolen from a hotel parking lot in Georgia. The programmer had been working on a payroll project for a group of employees using their names, bank-routing numbers, retirement information and Social Security numbers.
7/24/2008	University of Houston	259	The names and Social Security numbers of University of Houston students were inadvertently posted on the Internet for more than two years. The posting occurred when a math department lecturer posted student grades on a UH Web server in October 2005.
7/24/2008	St Marys Regional Medical Center	128000	A unauthorized person may have accessed the Saint Mary's database. The database, used for Saint Mary's health education classes and wellness programs, contained personal information such as names and addresses, limited health information and some Social Security numbers. The database did not contain medical records or credit card information.
7/25/2008	Ohio University	492	A clerical error led to the online posting of the names and Social Security numbers of people who spoke at Ohio University's Centers for Osteopathic Research and Education. A spreadsheet that contained the information had been accessible since March 20 and was discovered when a nurse found the information last week while conducting online research. In addition to names and Social Security numbers, the spreadsheet included contact numbers, addresses, their speaking topics and federal employer identification numbers.
7/25/2008	Grady Memorial Hospital		Hospital records were stolen. It remains unknown how many patient records were stolen, which patients were affected or how the records were stolen. The records pertained to recorded physician comments that Grady sent to a vendor to transcribe into medical notes. The records were stolen from a subcontractor employed by the vendor.
7/26/2008	Connecticut College	2815	A Connecticut College library system was breached by hackers apparently looking to set up chat rooms or send spam e-mails. The systems database included the names, addresses and Social Security or driver's license numbers of approximately 2,800 Connecticut College library patrons, 12 Wesleyan University patrons and three from Trinity.
7/28/2008	Facebook		Facebook accidentally publicly revealed personal information about its members, which could be useful to identity thieves. The full dates of birth of many of Facebook's 80 million active users were visible to others, even if the individual member had requested that the information remained confidential. 80 million Not added to total since the breach is not SSNs or financial account data.
7/29/2008	Blue Cross Blue Shield of Georgia	202000	Benefit letters containing personal and health information were sent to the wrong addresses last week. The letters included the patient's name and ID number, the name of the medical provider delivering the service, and the amounts charged and owed. A small percentage of letters also contained the patient's Social Security numbers.
7/29/2008	Anheuser-Busch		A laptop containing personal information of current and former employees, including some from Hampton Roads, was stolen from a St. Louis-area Anheuser-Busch office. Information contained on the computer included employees' Social Security numbers, home addresses and marital status.
7/30/2008	City of Yuma Arizona	300	"The Social Security numbers of about 300 city of Yuma employees were ""unintentionally released"" in an e-mail sent to city administrative personnel."
7/31/2008	University of Texas at Dallas	9100	"A security breach in UTD’s computer network may have exposed Social Security numbers along with names, addresses, email addresses or telephone numbers.
4,406 students who were on the Dean’s List or graduated between 2000 and 2003
3,892 students who were contacted to take part in a survey by the Office of Undergraduate Education in 2002
88 staff members from Facilities Management
716 faculty and staff members listed in a space inventory record from 2001."
8/1/2008	Tennessee Valley Authority		A laptop stolen from TVA contained Social Security numbers and reflects generally inadequate policies and procedures for tracking computers at the agency. The laptop was one of approximately 26 computer and computer-related items stolen from TVA between May 26, 2006, and Nov. 30, 2007, according to the IG, although the report stated it was unclear whether sensitive information was present on any of the laptops or PCs stolen from TVA.
8/1/2008	Delphi Automotive / Ohio Department of Job and Family Services	2600	A flash drive with Social Security numbers and other personal information from former Dayton-area Delphi workers was removed from the unattended laptop of a state employee and is missing. The drive included the names, addresses, telephone numbers as well as the Social Security numbers of the workers.
8/1/2008	Stepping Hill Hospital	1581
8/2/2008	Clarkson University	245	non-malicious student intruder gained access to a restricted server and promptly reported the vulnerability to campus authorities. Approximately 245 employees and former employees had personal information, including name, social security number, and date of birth, compromised during the security breach. The file containing personal information was a record of employees that had university credit cards known as purchase cards (or p-cards). Any university member requesting a p-card must provide their social security number and date of birth on the application form.
8/2/2008	Countrywide Financial Corp	2000000	The FBI on Friday arrested a former Countrywide Financial Corp. employee and another man in an alleged scheme to steal and sell sensitive personal information, including Social Security numbers. The breach occurred over a two-year period though July. The insider was a senior financial analyst at Full Spectrum Lending, Countrywide's subprime lending division. The alleged data thief was said to have downloaded about 20,000 customer profiles each week and sold files with that many names for $500, according to the affidavit. He typically would e-mail the data in Excel spreadsheets to his buyers, often using computers at Kinko's copying and business center stores. Some, perhaps most, and possibly all the names were being sold to people in the mortgage industry to make new pitches.
8/3/2008	Oakland School District		Thieves stole 10 desktop computers containing employees' personal information from the Oakland school district's main office. District officials are still determining what information was on each computer, but the machines may contain personal information provided to the district when employees were hired. It is unknown how many employees' records were on the computers.
8/4/2008	Arapahoe Community College	15000	A contractor who manages the student information database had a flash drive lost or stolen. Information on the drive included the names, addresses, credit card numbers and Social Security numbers.
8/5/2008	"The Clear Program
""Fast-pass"" Registered Travel program
for airline passengers, operated by
Verified Identity Pass for the U.S.
Transportation Security Admin."	33000	A laptop containing personal information for about 33,000 people was reported stolen in a possible security breach for the Clear Program. The laptop was stolen at San Francisco International Airport. The stolen information included names, addresses, dates of birth, and driver's license numbers or passport numbers.
8/7/2008	Harris County Hospital District	1200	A lower-level Harris County Hospital District administrator downloaded medical and financial records for patients with HIV, AIDS and other medical conditions onto a flash drive that later was lost or stolen. This may have been a violation of law. The data on the device included the patients' names, medical record numbers, billing codes, the facilities where the office visits occurred and other billing information. It also included the patients' Medicaid or Medicare numbers, which can indicate their Social Security numbers or those of their spouses.
8/11/2008	Ireland Department of Social and Family Affairs	380000
8/12/2008	Wells Fargo	5000	"Wells Fargo is notifying customers that hackers have accessed their confidential personal data by illegally using its access codes. Personal information including names, addresses, dates of birth, Social Security numbers, driver's licence numbers and in some cases, credit account information was accessed by ""unauthorised persons""."
8/12/2008	Child Protective Services		Hundreds of private, personal records were discarded with the trash, including records detailing medical histories of clients with diseases and drug addictions. Documents showing sexual abuse and information that could be used for identity theft, such as Social Security numbers, were also found in the trash.
8/14/2008	Wuesthoff Medical Center	500	Hundreds of people in Brevard County found out their personal information was stolen. Names, Social Security numbers and even personal medical information were posted on the Internet.
8/18/2008	Department for Work and Pensions	9000
8/18/2008	Keller High School	45	Keller family's received a mailing from Keller High School last week. Upon opening it, they found two enrollment forms. One was an emergency-care authorization form. But the other was a student information form containing another classmate’s Social Security number, student ID number, home address, phone number and contact information for his parents at home and at work. They quickly realized that their child’s private information, which they used to set up their college fund and other accounts, was mailed to someone else.
8/18/2008	Dominion Enterprises / InterActive Financial Marketing Group	92095	A computer server within InterActive Financial Marketing Group (IFMG), a division of Dominion Enterprises located in Richmond, Virginia, was hacked into and illegally accessed by an unknown and unauthorized third party between November 2007 and February 2008. The data intrusion resulted in the potential exposure of personal information, including the names, addresses, birth dates, and Social Security numbers of 92,095 applicants who submitted credit applications to IFMG's family of special finance Web sites.
8/19/2008	Kingston Tax Service		Office computers were stolen from the business. On each of the computers is information which can be used by identity thieves including credit card information and Social Security numbers.
8/20/2008	Barclays Bank PLC	17000
8/20/2008	The Princeton Review	108000	The test-preparatory firm accidentally published the personal data and standardized test scores of tens of thousands of Florida students on its Web site. One file on the site contained information on about 34,000 students in the public schools in Sarasota, Fl. Another folder contained dozens of files with names and birth dates for 74,000 students in the school system of Fairfax County, Va.
8/21/2008	PA Consulting / The Home Office	94000
8/22/2008	Louisiana Real Estate Commission	13000	A glitch during a computer upgrade caused the names, addresses and Social Security numbers of licensed agents to be exposed on the Internet. The commission was transferring its online programs to a new server when the sensitive electronic file, which is not normally posted on the Internet, was left unsecured and slipped in among the commission materials that could be seen online.
8/22/2008	Korean Ministry of Education	7617
8/22/2008	Liberty McDonald's Restaurant		An employee at a Liberty McDonald's restaurant, took credit or debit cards from drive-through customers and used a device she had hidden near the window to swipe the cards to record their numbers. The information on the device then was downloaded and used to make new cards either in the names of the persons to which the original cards belonged or in the names of the perpetrators.
8/23/2008	Best Western	0
8/26/2008	Royal Bank of Scotland / NatWest / American Express	1000000
8/26/2008	Pennsylvania Public Welfare Department	2845	Paper jams in a state Department of General Services mail inserter caused benefit renewal packets to go to the wrong Pennsylvania welfare client's homes. Nearly half of them included the intended recipients' Social Security numbers.
8/26/2008	Prince William Co. Public Schools	2600	Personal information of some students, employees and volunteers was accidentally posted online by a Prince William County Public Schools employee. Information for more than 2,600 people was exposed through a file-sharing program by an employee working from home on a personal computer. The compromised information included: names, addresses and student identification numbers of more than 1,600 students; names and Social Security numbers of 65 employees; other confidential information for about 250 employees; and the names, addresses and e-mail addresses of more than 700 volunteers.
8/27/2008	Kansas State University	86	An instructor for classes offered through the Division of Continuing Education, taught through the UFM Community Learning Center, reported an overnight theft of numerous items from a car, which was parked outside a Manhattan residence. Items taken included a backpack with a list of names and Social Security numbers of 86 K-State students who had taken that instructor’s classes from fall 2007 through summer 2008.
8/27/2008	YMCA		Customers who paid for items at a YMCA fund-raiser with checks or credit cards are being warned about a burglary at which credit and debit card numbers were taken.
8/28/2008	The Washington Trust Co.	1000	The Washington Trust Co. has notified about 1,000 customers that their debit and credit card accounts might have been compromised in a suspected security breach at an unidentified MasterCard merchant. The company is investigating a suspected security breach of a U.S. e-commerce-based merchant's Web server which contained debit card data.
8/28/2008	Reynoldsburg (Ohio) City School District	4259	Reynoldsburg school officials were phasing out the use of Social Security numbers in the district's student database when someone stole a laptop containing that information. The district laptop, taken from a computer technician's car, also included names, addresses and phone numbers for two-thirds of the district's enrollment.
8/29/2008	Wachovia Bank		It was confirmed that the Camelot branch, at Cape Coral Parkway and Chiquita Boulevard, has had several debit cards’ identities stolen because someone placed what’s known as a “skimming” device on the ATM. The device collected each person’s card information, including personal identification numbers, and allowed the suspect to create different debit cards with that information.
8/30/2008	"National Technical Institute for the Deaf
Rochester Institute of Technology"	13800	A recently stolen laptop contained the names, birth dates and Social Security numbers of about 12,700 applicants to the National Technical Institute for the Deaf and another 1,100 people at Rochester Institute of Technology. The laptop belonged to an employee and was stolen on Monday from an office at NTID. People at RIT, who are not affiliated with NTID, are affected because their personal information was being used as part of a control group in an internal study.
8/30/2008	Ohio Police & Fire Pension System	13000	A former mailroom supervisor at the Ohio Police & Fire Pension System forwarded the names, addresses and Social Security numbers from his work e-mail address to his personal e-mail address before quitting his job. The file contains information for 13,000 of the approximately 24,000 retired members of the Ohio Police & Fire Pension System, most of whom are former police officers.
8/30/2008	Southwest Medical Association		Thousands of medical charts were found in an abandoned storage unit that was purchaced for $25.
9/2/2008	Clarkson University	245
9/5/2008	East Burke (Morganton, NC) High School	163	For the past five years, East Burke High School's web site exposed files containing personal information including names, Social Security numbers, addresses, phone numbers, job titles, email addresses and unlisted phone numbers of teachers, bus drivers, custodians and other staff members on the Internet.
9/6/2008	National Offender Management Service	5000
9/6/2008	GS Caltex	11000000
9/9/2008	University of Pittsburgh	0	A laptop containing personal information including names and Social Security numbers was stolen. The laptop, stolen from Mervis Hall was being used by an employee to conduct surveys of alumni that are used in college rankings.
9/10/2008	Ivy Tech Community College	0	An employee of the college used an internal file sharing system to send a file that consisted of students enrolled in the spring 2008 semester for distance education courses. The employee intended to share the file with a single employee of the college. Instead, due to a clerical error, the invitation to view the file was sent to a list of all Indianapolis region employees.
9/10/2008	Franklin Savings and Loan	25000	An unauthorized person gained access to a database containing personal information such as names, addresses, phone numbers, account numbers, account balances and Social Security numbers.
9/11/2008	Marshall University	198	The names and Social Security numbers of Marshall University students were openly available on the Internet.
9/11/2008	University of Iowa College of Engineering	500	Some students are being notified by the college that their personal information may have been exposed in a recent computer breach. The compromised computer contained a file with names and Social Security numbers of students stored on its hard drive.
9/12/2008	Tennessee State University	9000	A flash drive containing the financial information and Social Security numbers of students was reported missing. The flash, which contained financial records of TSU students dating back to 2002.
9/13/2008	State Farm Insurance	137	An employee of State Farm fraudulently used customer information to open credit-card accounts. Customers' Social Security numbers, driver's license numbers, addresses and possibly financial account numbers could have been accessed.
9/15/2008	Forever21	98930	If you shopped at the stores between November 26, 2003 and October 24, 2005, criminals may have jacked your credit and debit card numbers from its computers. Approximately 20,500 of these numbers were obtained from the Fresno store transaction data. The data included credit and debit card numbers and in some instances expiration dates and other card data, but did not include customer name and address.
9/19/2008	Texas A&M University	31	A class roster was among some documents located on a computer server that was hacked. The class roster was for Economics-2301 held during the first summer session of 2004. Social Security numbers were part of the information on those documents.
9/22/2008	Sonoma State University	600	Social Security numbers have been exposed to the public through an internal department website.
9/23/2008	Texas Lottery Commission	27075	A former Texas Lottery Commission computer analyst has been arrested for copying the personal data of Texas lottery winners. He downloaded his own work files off his computer and took them to his next job. The names and Social Security numbers of 27,075 mid-level lottery winners -- people who have won prizes from $600 up to around $1 million -- were on the employee's hard drive.
9/26/2008	Fort Wayne Community Schools	3348	A man arrested on forgery and counterfeiting charges may have used some employees' personal information in his possession. A 94-page document containing personal information belonging to 3,348 FWCS employees was found by police. The information included names, Social Security numbers, dates of birth and salary.
9/30/2008	University of Indianapolis	11000	A hacker attacked the University of Indianapolis' computer system and gained access to personal information and Social Security numbers for 11,000 students, faculty and staff,
9/30/2008	Blue Cross & Blue Shield	1700	A document containing the personal data was accidentally attached to a general e-mail being sent out to brokers notifying them of a software upgrade. Information such as Social Security numbers, phone numbers and addresses were exposed.
9/30/2008	Dormitory Authority's	3600	On the trip from the Albany headquarters of this New York based construction organization, to their data center in New York City 5 tapes had fallen out of their yellow mailing envelope. The tapes contained personal private or sensitive information of over 600 employees and approximately 3,000 vendors. Social security numbers and tax ID numbers were compromised.
10/1/2008	The Foothills Parks and Recreation District	0	The district noticed unusual activity last week which they believe was caused by a virus introduced to cover up the actions of the intruder. Some customer information, including credit card information, may have been compromised.
10/7/2008	UND Alumni Association	84000	A laptop computer containing sensitive personal and financial information on alumni, donors and others was stolen from a vehicle belonging to a software vendor retained by the UND. The information, included individuals’ credit card and Social Security numbers,
10/7/2008	Department of Administration	535	A laptop was taken from an auditor's vehicle. It contains payroll and benefits information for 425 employees of the state Insurance Commission and 110 employees of the Department of Health and Human Resources' Bureau of Medical Services and Child Support Enforcement Division. The information includes full names or first names and Social Security numbers.
10/13/2008	Southwest Mississippi Community College	1000	Former Southwest Mississippi Community College students had some of their personal information made available temporarily on the Internet. The breach involved names, addresses, and in some cases, Social Security numbers.
10/15/2008	City of Indianapolis	3300	A spreadsheet containing the names, Social Security numbers and dates of birth for people charged with minor offenses in 2006 and 2007 was accidentally posted on the city of Indianapolis' new Web site.
10/17/2008	The Planet	25000	A security breach that may have affected the customer portal account and server passwords, was discovered. The Planet identified the methods by which the systems were compromised and have closed those holes. Only two user accounts were definitely affected, and no credit card information is believed to have been compromised.
10/18/2008	City of Goodyear	570	A list of their Social Security numbers was stolen from the car of a staffer who had taken the data home. Burglars took the list while the employee's car was parked at her home.
10/19/2008	Mary Washington Hospital	803	A security breach in an online computer system exposed the private medical information of some of its maternity patients. Social Security numbers, phone numbers, address, insurance carrier, birth dates and doctor's names were exposed.

life insurance . Best Phentermine no prescription on-line portal. . utah home insurance quote