GS Logo
The Green Sheet, Inc

Please Log in

A Thing
View Archives

View PDF of this issue

Care to Share?


Table of Contents

Lead Story

Legislative outlook:
Some clouds but no rain

Patti Murphy
The Takoma Group

News

Industry Update

New fees, more money for Visa, MasterCard

RBS, Heartland PCI compliance revoked: What's next?

A token of payments to come

Raising the ACH bar

Virtucard for virtual goods

Features

AgenTalkSM:
Bill Pirtle

ISOMetrics:
Breaches across America
installment two

Selling Prepaid

Prepaid in brief

Boom time for prepaid game card market

Global payroll done with SaaS

The state of escheatment

Views

Be the toast of hosts

Scott Henry
VeriFone

Sluggish economy spurs faster payments

Nasreen Quibria
Association for Financial Professionals

Mobile payments? Not yet

Biff Matthews
CardWare International

Education

Street SmartsSM:
Who are you?

Jon Perry and Vanessa Lang
888QuikRate.com

Pull back the expense curtain

Jeff Fortney
Clearent LLC

Downshifting to rev up sales

Christian Murray
Global eTelecom Inc.

PCI versus tricky technology

Michael Wright
Panoptic Security Inc.

Five magical questions in making sales

Daniel Wadleigh
Marketing Consultant

Company Profile

UseMyBank Services Inc.

Data Delivery Services Inc.

New Products

Instant mobile processing

MerchantWare Mobile
Company: Merchant Warehouse

A most literate check reader

CheckUltra
Company: Parascript LLC

Inspiration

See it, believe it

Departments

Forum

Resource Guide

Datebook

A Bigger Thing

The Green Sheet Online Edition

April 13, 2009  •  Issue 09:04:01

previous next

ISOMetrics

Breaches across America
installment two

U.S. Map

Here are several large data breaches that have occurred in the United States since we last published a map of domestic breaches in The Green Sheet, May, 12, 2008, issue 08:05:01.

#h4 1. West

California
Calabasas, Aug. 2, 2008 - The FBI discovered a former Countrywide Financial Corp. employee and an accomplice had hacked into the records of 2 million Countrywide account holders over a two-year period.

Los Angeles, Sept. 15, 2008 - Transaction data - including credit and debit card numbers, expiration dates and other card data - of 98,930 Forever21 customers may have been stolen, the company reported.

Colorado
Lakewood, July 9, 2008 - According to an audit, Colorado's Division of Motor Vehicles sent large batches of unencrypted personal information over the Internet and failed to properly limit access to its database. The total compromise represented 3.4 million records.

Utah
Salt Lake City, June 10, 2008 - Billing records of 2.2 million University of Utah Hospitals and Clinics patients stored on "backup tapes" were stolen from a courier's vehicle.

#h4 2. Southwest:

Arizona
Tucson, June 18, 2008 - Investigators found old Domino's Pizza receipts with untruncated credit card numbers literally blowing in the wind; the former franchise owner had been discarding boxes of old records.

Phoenix, Nov. 7, 2008 - Arizona's Department of Economic Security notified 40,000 families that personal data pertaining to their children may have been compromised following the theft of several hard drives from a commercial storage facility.

New Mexico
Los Alamos, Feb. 11, 2009 - The Los Angeles National Laboratory lost 69 computers, including at least 12 stolen in 2008, which may have contained personal information such as names and addresses. But the computers reportedly did not contain classified information.

Texas
San Antonio, May 2, 2008 - A former U.S. military contractor pled guilty to accessing a Marine Corps Reserve Center computer and selling the names and Social Security numbers of 17,000 military employees.

Austin, Sept. 23, 2008 - A former Texas Lottery Commission computer analyst was arrested for copying the personal data of 27,075 Texas lottery winners.

#h4 3. Midwest:

Iowa
Cedar Rapids, June 27, 2008 - A Montgomery Ward online database was hacked, exposing 51,000 accounts containing credit card information.

North Dakota
Grand Forks, Oct. 7, 2008 - A laptop computer containing sensitive personal and financial information on 84,000 alumni, donors and others was stolen from a vehicle belonging to a software vendor retained by the University of North Dakota.

Ohio
Cincinnati, Sept. 10, 2008 - An unauthorized person gained access to a database containing personal information - including names, addresses, phone numbers, account numbers and account balances - of 25,000 Franklin Savings and Loan customers.

#h4 4. South:

Arkansas
Little Rock, Feb. 20, 2009 - A computer storage tape with data from 807,000 criminal background checks dating back to the mid-1990s went missing from the Arkansas Department of Information Systems/Information Vaulting Services.

Florida
Gainesville, Nov. 12, 2008 - A fraudster stole 330,000 records of current and former dental patients at the University of Florida going back to 1990.

Georgia
Atlanta, Dec. 29, 2008 - RBS WorldPay Inc. admitted hackers broke into its U.S. systems. Up to 1.1 million Social Security records were exposed.

Atlanta, Jan. 6, 2009 - CheckFree Corp. said phishers took control of several of the company's Internet domains and redirected customer traffic to a malicious Web site hosted in the Ukraine. The company warned that 5 million financial records may have been compromised.

#h4 5. Northeast:

Massachusetts
Boston, July 8, 2008 - The unencrypted names, addresses and Social Security numbers of 10,219 LPL Financial clients were breached. The Securities and Exchange Commission subsequently fined the firm $275,000.

New Jersey
Princeton, Jan. 20, 2009 - Heartland Payment Systems Inc. revealed that an unknown number of cardholder records had been compromised. The breach came to light when Visa Inc. and MasterCard Worldwide alerted the processor that malicious software had been found on its network.

New York
Binghamton, Mar. 11, 2009 - Papers containing Binghamton University student information - including Social Security and credit card numbers - were found stuffed in boxes, unlocked filing cabinets and shelving units at the university. Since the records went back at least 10 years, potentially more than 100,000 current and former students could be affected.

Pennsylvania
Downingtown, May 16, 2008 - A teenager hacked into a Chester County School District computer system. Private information, including names, addresses and Social Security numbers of over 50,000 people was accessed.

(Source: Privacy Rights Clearinghouse)

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.

previous next

Spotlight Innovators:

USAePay | Impact Paysystems | Electronic Merchant Systems | Inovio