DataBreaches.net

DataBreaches.net

The Office of Inadequate Security

Menu
  • Breach Laws
  • About
  • Donate
  • Contact
  • Privacy
  • Transparency Reports
Menu

Under the media radar: recently reported breaches

Posted on July 15, 2010 by Dissent

In a recent press release, the Identity Theft Resource Center (ITRC) pointed out that in some cases, we only find out about breaches because a state lists the reports it receives online. Some recent submissions to the New Hampshire Attorney General’s Office are a case in point. Although most of the breaches reported below would probably be considered “minor,” they do suggest that focusing mainly on stolen laptop cases may yield an incorrect impression about the nature of most breaches.

  1. Attorneys for Nix Check Cashing recently notified the New Hampshire Attorney General’s Office that during a burglary, a computer was stolen from one of the firm’s branches. The computer contained personal information on customers, including their names, addresses, phone numbers, and Social Security Numbers or driver’s license numbers. The burglary was reported to law enforcement on May 17, and letters were sent out the week of June 30 to those affected. The firm offered those affected free credit monitoring services. Over one hundred New Hampshire residents were being notified, but the total number of affected individuals was not reported.
  2. NBTY, a manufacturer of vitamins and supplements, notified the New Hampshire Attorney General’s Office on July 7 that an e-mail containing some current and former employees’ and plan participants’ personal information had been sent to the wrong recipient on June 15. Information included names, dates of birth, and Social Security Numbers. Those affected were notified by letter on July 2 and offered free credit monitoring services.
  3. Alcoa recently notified the New Hampshire Attorney General’s Office that an electronic folder containing personal information on current and former expatriates as well as others who received assistance from Alcoa’s Global Mobility Group had been inadvertently shared as a public folder within its network. Information on individuals included names, dates of birth, family members’ names and dates of birth, salary compensation, Social Security Numbers, and in some cases, medical information.  Alcoa discovered its error in permissions on the file on May 7 and has notified everyone affected although they say there is no indication that anyone accessed or viewed the file inappropriately and the file was not shared outside of its own internal network.
  4. Equifax reported that someone had compromised the access and request information for Takapu International Exports. Takapu is a customer of Equifax Mortgage Services and the account was misused to make obtain merged credit reports, i.e., reports from Equifax, TransUnion, and Experian. It is not clear from Equifax’s notification how many people, total, may have had their information accessed by misuse of the account. Equifax reports that it suspended Takapu’s login information at the time and was working with Takapu to determine what had happened and to prevent future recurrences.

Related Posts:

  • Data Breaches: A Black Hole - ITRC
  • Burglary at SanDiegoFit.com office: computer with…
  • ITRC 2010 Breach Report
  • Five recent Merrill Lynch security breaches you…
  • Wyndham continues to identify and notify hotel…

Post navigation

← Top 50 Sites to Learn About Information Privacy
Visa To Acquirers: Stop Forcing PAN Retention →

Sponsored or Paid Posts

This site doesn’t accept sponsored posts and doesn’t respond to requests about them.

Have a News Tip?

Email:

Breaches[at]Protonmail.ch
Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Telegram: @DissentDoe

Browse by News Section

Latest Posts

  • Update: Cardiovascular Consultants Ltd. ransomware attack reportedly affected 500,000 patients, guarantors, and staff
  • Data breach by Addenbrooke’s Hospital reveals patient information
  • Millions of patient scans and health records spilling online thanks to decades-old protocol bug
  • Cybersecurity: Federal Agencies Made Progress, but Need to Fully Implement Incident Response Requirements (GAO Report)
  • Hackers Exploited ColdFusion Vulnerability to Breach Federal Agency Servers
  • CBIZ KA Notice of Data Privacy Incident (Prime Healthcare)
  • Seeking clarification on Maine’s data breach notification statute
  • East River Medical Imaging notifies 605,809 patients of breach

Please Donate

If you can, please donate XMR to our Monero wallet because the entities whose breaches we expose are definitely not supporting our work and are generally trying to chill our speech!

Donate- Scan QR Code   Donate!

Social Media

Find me on Infosec.Exchange.

I am also on Telegram @DissentDoe.

RSS

Grab the RSS Feed

Copyright

© 2009 – 2023, DataBreaches.net and DataBreaches LLC. All rights reserved.

HIGH PRAISE, INDEED!

“You translate “Nerd” into understandable “English” — Victor Gevers of GDI Foundation, talking about DataBreaches.net

©2023 DataBreaches.net