Some interesting data breaches and simple lessons we have not learned!!

 

Data breach – the word may ring alarm bells in the minds of some people – thanks to the series of penalties imposed by the regulatory bodies and heightened awareness created by the media. However, on a deep analysis, many of these breaches are result of some careless and casual decisions of a low level employee. One simple but effective solution – education and awareness. Unfortunately, information security awareness training is not able to achieve desired results and data breaches continue.

Let us have a look into some of the data breaches of first week of February 2013, in courtesy of the Privacy Rights Clearinghouse.

February 7, 2013 A simple data encryption could have saved your day.
Hackers were able to access customer credit card information stored on computer servers. The cyber attack affected customers who made purchases on www.thorlo.com between November 14, 2012 and January 22, 2013. Credit card numbers, credit card expiration dates, credit card security codes, names, and contact information were exposed.

February 7, 2013 If you’re sending mass e-mails, hide the recipient list. Please..

Schneider-Electric A vendor’s mailing error resulted in the exposure of employee Social Security numbers. Call for Candidacy letters were mailed sometime around January 16 that had Social Security numbers, names, and addresses visible through the address window of the letter.

February 7, 2013 Data encryption, encryption, encryption !!!

Wayne Memorial Hospital An unencrypted disc that contained patient information was lost in transit. The disc had names, Medicare account numbers, and outstanding account balances from patients who visited the Honesdale hospital between 2007 and 2012. A legal envelope that contained the disc was mailed on November 28 and arrived at Novitas Solutions in Pittsburgh in a cardboard box without the disc.

February 3, 2013 Not just storage and custody, ensure safe disposal.
River Falls Medical Clinic River Falls Medical Clinic officials reported a burglary during the summer of 2012. The equipment and paper documents that were stolen were recovered by police on November 28. An employee of a cleaning service that subcontracted with the Clinic is the main suspect. The items were found in the employee’s home and he was charged with felonies associated with theft and drug possession. It is believed that the documents were intended to be shredded. They contained patient names, dates of birth, patient account and billing account information, diagnosis codes, insurance information, account numbers, medical chart numbers, and scheduling information. An unspecified number of patients also had their Social Security numbers, home addresses, and phone numbers exposed.

February 1, 2013 Watch out what you are sending in your email.

Antioch Unified School District A document with sensitive Worker’s Compensation claim information was accidentally sent out with an email to a limited number of Antioch Unified School District employees. Social Security numbers and other information related to current and former employees that reported injuries were exposed. The incident occurred on January 18 and people who received the email were instructed to remove and destroy any saved information contain in the email. Those who received the email were also instructed to provide written verification that they had removed and destroyed the information.

February 1, 2013 Take care of your trash bins too!!

Tallahassee Memorial HealthCare A former Tallahassee Memorial HealthCare food service employee was indicted on 31 counts of filing false tax returns, wire fraud, false claims, and aggravated identity theft. He and two others are believed to have participated in a conspiracy that led to $818,000 in fraudulent claims. The employee worked for Tallahassee Memorial HealthCare for three years. He gathered patient names and dates of birth from food tray receipts when he delivered food to the rooms of patients in August of 2011 and stole emergency room data sheets from the trash. The information was then passed to the two others who participated in the conspiracy.

February 1, 2013 How many copies of your data is available and WHERE?

Central Laborers’ Pension Fund, Central Laborers’ Welfare Fund, Central Laborers’ Annuity Fund, Illinois A home burglary resulted in the theft of a CD that contained the information of over 30,000 beneficiaries. The CD contained names, Social Security numbers, and dates of birth and was taken from the home of an accountant at an unnamed counting firm. The three funds sued the accounting firm for $200,000 to cover the cost of credit monitoring and insurance.

Advertisements

19 thoughts on “Some interesting data breaches and simple lessons we have not learned!!

  1. It is actually a cool and valuable piece of information. I’m glad which you just shared this valuable details with us. Please stay us informed like this. Thank you for sharing.

  2. hey there i stumbled upon your website searching around the web. I wanted to say I enjoy the look of issues around here. Keep it up will save for certain.

  3. You produced some decent points there. I looked on-line to the issue and discovered most individuals will go along with along with your internet site.

  4. Hey mate, .This was an exceptional post for such a hard topic to speak about. I appear forward to seeing a lot of far more exceptional posts like this. Thanks

  5. What’s up, constantly i used to check web site posts here early in the morning, for the reason that i like to learn more and more.

  6. Wow, awesome blog format! How long have you been blogging for?

    you make running a blog

    look easy. The entire glance of your site is great, let alone the content material!

  7. Have you ever thought about publishing an ebook or guest authoring on other

    sites? I have a blog centered on the same ideas you

    discuss and would really like to have you share some stories/information.

    I know my subscribers would value your work.
    If you’re even remotely interested, feel free to

    send me an e mail.

  8. Good – I should certainly pronounce, impressed with your website.
    I had no trouble

    navigating through all tabs as well as related information ended up being truly simple to do

    to access. I recently found what I hoped for before you know it in
    the least. Reasonably unusual. Is

    likely to appreciate it for those who add forums or anything, website
    theme . a tones way for

    your customer to communicate. Nice task..

  9. I’m extremely impressed together with your writing skills as smartly as with the layout in your weblog. Is that this a paid topic or did you modify it your self? Either way keep up the excellent high quality writing, it’s uncommon to see a great weblog like this one today.

    .

  10. Whats up very cool web site!! Man .. Beautiful .. Wonderful .

    . I’ll bookmark your website and take the feeds also? I’m glad to seek out a lot of
    useful information right here in the submit, we’d like develop extra techniques in this regard, thank you for sharing. . . . . .

  11. 179832 296451Wow, awesome weblog structure! How long have you been running a weblog for? you produced blogging appear effortless. The total appear of your internet site is amazing, let alone the content material material! 997274

Comments are closed.