The Green Sheet Online Edition
April 13, 2009 • Issue 09:04:01
Breaches across America
Here are several large data breaches that have occurred in the United States since we last published a map of domestic breaches in The Green Sheet, May, 12, 2008, issue 08:05:01.
#h4 1. West
Calabasas, Aug. 2, 2008 - The FBI discovered a former Countrywide Financial Corp. employee and an accomplice had hacked into the records of 2 million Countrywide account holders over a two-year period.
Los Angeles, Sept. 15, 2008 - Transaction data - including credit and debit card numbers, expiration dates and other card data - of 98,930 Forever21 customers may have been stolen, the company reported.
Lakewood, July 9, 2008 - According to an audit, Colorado's Division of Motor Vehicles sent large batches of unencrypted personal information over the Internet and failed to properly limit access to its database. The total compromise represented 3.4 million records.
Salt Lake City, June 10, 2008 - Billing records of 2.2 million University of Utah Hospitals and Clinics patients stored on "backup tapes" were stolen from a courier's vehicle.
#h4 2. Southwest:
Tucson, June 18, 2008 - Investigators found old Domino's Pizza receipts with untruncated credit card numbers literally blowing in the wind; the former franchise owner had been discarding boxes of old records.
Phoenix, Nov. 7, 2008 - Arizona's Department of Economic Security notified 40,000 families that personal data pertaining to their children may have been compromised following the theft of several hard drives from a commercial storage facility.
Los Alamos, Feb. 11, 2009 - The Los Angeles National Laboratory lost 69 computers, including at least 12 stolen in 2008, which may have contained personal information such as names and addresses. But the computers reportedly did not contain classified information.
San Antonio, May 2, 2008 - A former U.S. military contractor pled guilty to accessing a Marine Corps Reserve Center computer and selling the names and Social Security numbers of 17,000 military employees.
Austin, Sept. 23, 2008 - A former Texas Lottery Commission computer analyst was arrested for copying the personal data of 27,075 Texas lottery winners.
#h4 3. Midwest:
Cedar Rapids, June 27, 2008 - A Montgomery Ward online database was hacked, exposing 51,000 accounts containing credit card information.
Grand Forks, Oct. 7, 2008 - A laptop computer containing sensitive personal and financial information on 84,000 alumni, donors and others was stolen from a vehicle belonging to a software vendor retained by the University of North Dakota.
Cincinnati, Sept. 10, 2008 - An unauthorized person gained access to a database containing personal information - including names, addresses, phone numbers, account numbers and account balances - of 25,000 Franklin Savings and Loan customers.
#h4 4. South:
Little Rock, Feb. 20, 2009 - A computer storage tape with data from 807,000 criminal background checks dating back to the mid-1990s went missing from the Arkansas Department of Information Systems/Information Vaulting Services.
Gainesville, Nov. 12, 2008 - A fraudster stole 330,000 records of current and former dental patients at the University of Florida going back to 1990.
Atlanta, Dec. 29, 2008 - RBS WorldPay Inc. admitted hackers broke into its U.S. systems. Up to 1.1 million Social Security records were exposed.
Atlanta, Jan. 6, 2009 - CheckFree Corp. said phishers took control of several of the company's Internet domains and redirected customer traffic to a malicious Web site hosted in the Ukraine. The company warned that 5 million financial records may have been compromised.
#h4 5. Northeast:
Boston, July 8, 2008 - The unencrypted names, addresses and Social Security numbers of 10,219 LPL Financial clients were breached. The Securities and Exchange Commission subsequently fined the firm $275,000.
Princeton, Jan. 20, 2009 - Heartland Payment Systems Inc. revealed that an unknown number of cardholder records had been compromised. The breach came to light when Visa Inc. and MasterCard Worldwide alerted the processor that malicious software had been found on its network.
Binghamton, Mar. 11, 2009 - Papers containing Binghamton University student information - including Social Security and credit card numbers - were found stuffed in boxes, unlocked filing cabinets and shelving units at the university. Since the records went back at least 10 years, potentially more than 100,000 current and former students could be affected.
Downingtown, May 16, 2008 - A teenager hacked into a Chester County School District computer system. Private information, including names, addresses and Social Security numbers of over 50,000 people was accessed.
(Source: Privacy Rights Clearinghouse)
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.