Personal information of 600 Queens University of Charlotte Students Emailed to Fellow Students

Posted on October 9, 2007 by Alex Drake

In an apparent administrative error, the personal information of more than 600 Queens University students was emailed to other students. Queens University is located in Charlotte, North Carolina.

The information contained names, addresses, student IDs and social security numbers of the affected students.

University administrators have notified affected students by email, U.S. mail, and phone. Additionally, the university has contracted with a fraud and credit monitoring service for the next 12 months. Students will receive email alerts on changes to credit reports and insurance against identity theft.

Posted in Uncategorized | Tagged , , , | Leave a comment

Hacker Obtains Contact Information of 6.3 Million TD Ameritrade Customers

Posted on October 4, 2007 by Alex Drake

TD Ameritrade revealed on Friday that the contact information for 6.3 million of its customers was stolen from one of its databases.

Joe Maglia, TD Ameritrade CEO, said the company “recently discovered and eliminated unauthorized code from the database server. He also stated that the company is confident that it has identified the source of the breach.

The information stolen includes the names, addresses and email addresses, plus a account activity information from the last 6 months. Accounts opened after July 18th were not impacted.

Posted in Financial, Industry | Tagged , | Leave a comment

Billing Department Error Exposes Tennessee Tech Student’s Social Security Numbers

Posted on September 20, 2007 by Alex Drake

Approximately 3,100 current and past Tennessee Tech University students were
notified that some of their personal information may have been compromised.

On September 11, a problem in the way student bills are process resulted in some student’s social security numbers and personal identification numbers appearing on the billing statements of other students.

The university has emails letters to affected students notifying them of the problem and outlining steps to help prevent possible fraud. Information about contacting credit reporting agencies and credit fraud alert services was mailed to them.

Details: http://www.tntech.edu/publicaffairs/security/

Source: “”Technical Glitch Could Make Personal Data for Some TTU Students Vulnerable,”" Sept. 14, The Herald_Citizen.

Posted in Breach | Tagged , , , , | Leave a comment

Pennsylvania Public Welfare Agency Computers Stolen

Posted on September 15, 2007 by Alex Drake

Thieves stole two computers from the Pennsylvania Public Welfare Agency that contained the personal records of people who receive medial assistance benefits for the treatment of mental health and substance abuse problems. The information stored on the computers included the names and Social Security numbers of people receiving benefits.

The department of Public Welfare has begun the process of notifying close to 375,000 people who receive benefits and who could potentially be affected by the thefts. The department is notifying patients of the steps they can take to avoid and identify identity theft.

Source:Computers stolen from Pa. public-welfare agency had consumer info,” Sept. 11, Associated Press.

Posted in Uncategorized | Tagged , , , | Leave a comment

Hackers Compromise Voxant Online Store

Posted on September 15, 2007 by Alex Drake

In a letter to the New Hampshire Attorney General, Voxant revealed that one of it’s ecommerce servers was compromised by what appeared to be a phishing scheme. The hackers had the ability to access encrypted credit card information along with the encryption key. As a result Voxant is sending 4,500 customers letters notifying them of the breach and informing them to change their credit card numbers.

 
The point of contact regarding this incident is:

Roylene Julesza
Director, Syndication
1851 Alexander Bell Drive
Reston, VA 20191

Source: Letter to the New Hampshire attorney general, Aug. 31.

Posted in Identity Theft, Phishing | Tagged , | Leave a comment

Purdue University Loses the Personal Information of 111 Students

Posted on September 11, 2007 by Alex Drake

Purdue University has notified 111 students that their personal information was inadvertently posted on the Internet. The information included the names and Social Security numbers of students in an Animal Sciences class that was held in the fall of 2004. The information was removed when it was discovered by a University Employee who reported the breach to Purdue’s chief information security officer (CISO).

Source: The Indianapolis Star

Posted in Uncategorized | Tagged , , | Leave a comment

CCN Inteview with James Fishman

Posted on September 9, 2007 by Alex Drake

Posted in Uncategorized | Leave a comment

Podcast: Protecting Your Good Name

Posted on September 9, 2007 by Alex Drake

NPR has produced an excellent segment on what you can do to protect your identity from criminals.

At least 7 million Americans are victims of identity theft each year. Criminals are stealing Social Security cards and driver’s licenses, sending fake emails and “”dumpster diving”" to gain access to private information. It can happen to anyone and it can take years to repair your credit history after someone wreaks havoc on your credit. Join us on this edition of Justice Talking as we identify solutions for identity theft and ask whether Congress, state legislators and private businesses are doing enough to protect your good name.

Posted in Identity Theft | Leave a comment

Interview with Frank Abagnale

Posted on September 6, 2007 by Alex Drake

Frank William Abagnale, Jr. is a former con artist, forger and impostor who, for five years in the 1960s, forged checks worth more than $2.5 million. Mr. Abagnale currently runs Abagnale and Associates, a financial fraud consultancy company. His life story provided the inspiration for the film Catch Me if You Can.

Posted in Uncategorized | Leave a comment

John Hopkins Hospital Exposes the Personal Information of 5,700 Patients

Posted on September 4, 2007 by Alex Drake

The personal information of 5,700 current and former John Hopkins Hospital patients is at risk because of the theft of a single desktop computer. The computer included the names of patients, their social security numbers, birth dates, and their medical information.

The theft occurred more than a month ago. Hospital officials waited two weeks after the theft before reporting the incident to police. Affected patients were not notified that their personal information was at risk until August 24th, almost one month after the theft.

According to the hospital the theft was not reported to the police and patients were not notified immediately because there was a concern that any publicity would hamper efforts to recover the stolen computer.

There is no question that John Hopkins Hospital mishandled this incident. Their actions demonstrate that their interests we in retrieving the desktop computer without generating negative publicity for themselves. What hospital officials have glossed over here is that once the computer was stolen all of the patient information was at risk. Recovery of the desktop from the thief (or thieves) would not change this fact. The exposure of patient information had already occurred. John Hopkins Hospital had an ethical obligation to immediately notify patients and they failed to do so.

Source: www.wtopnews.com

Posted in Breach, Healthcare | Tagged | Leave a comment