I heard on the local news last night that the North Carolina Department of Revenue has lost a laptop that had ~30,000 state taxpayers information on it. Social Security numbers/etc… The report I saw that the state has setup a hotline to “teach citizens about identity theft” and have sent letters to those affected. Thanks… lose a laptop with 30,000 and then teach US about identity theft. How about teaching employees with sensitive information about encryption? ……. so I looked into it a bit further this morning.
Category: Data Leaks
-
Chase throws data on 2.6 million customers in landfill
Chase Card services mistakenly threw out backup tapes that contained the card information of around 2.6 million customers (according to the article Circuit City card holders (former and current.)) 5 data tapes were mistakenly trashed in July. Fortunately, they think the tapes were destroyed at the landfill, and are 1)notifying the affect, 2)working with authorities. So, it may be that no data in this case was actually leaked… it does underscore one thing….
-
The ways data is stolen..
Brian Krebs highlights a study on data theft/breaches. There are some interesting results (just 1/3 of data breaches were from criminal hacking, 29% from stolen laptops or storage media, 23% from improper disclosure of information (oops I published all our customers information on the website.) and 7% from inside sources – employees taking/selling data, just 2% from lost backup tapes (wouldn’t that fall under storage media?)
The leaders in data loss seem to be Colleges and Universities, followed by the Government and then businesses.
-
AT&T has info on 19,000 stolen
AT&T has had a breach of data that revealed information on as many as 19,000 individuals that had used their online store. It appears that credit card data is what was stolen, it happened over the weekend and AT&T says they detected the breach “within hours”.
-
New Data Leaks section
I’ve added yet another category for “data leaks”. This is where I’ll put news along the lines of X company leaked data on yyyyy customers. It’s unfortunate that this is something that likely happens daily. There is no way that I can keep up with EVERYTHING, but I’ll try to post the bigger events in this category. I have many customers that say they’re concerned about people getting their credit card or bank numbers and for that reason they don’t do ANY transactions online or have any of that data on their computers. Well, I hate to break it to you, but the genie is already out of the bottle, because the companies that we do business with (ON OR OFFLINE) have all your data on computers and prohibiting yourself from online transactions is NO guarantee that you won’t have your data stolen or be a victim of Identity theft.
-
Verizon emails a customer spreadsheet by mistake….
Verizon Wireless accidentally attached the wrong file to an email and wound up broadcasting an Excel spreadsheet with the details of some 5210 customers to about 1800 people. Apparently, they were sending out a promotional email to some of their customers and instead of the electronic order form they intended to send. The promotional email was for a bluetooth headset.