December 12th, 2011
Telstra Data Breach under Investigation by Privacy Commissioner
What Happened? Account details and phone numbers of telecommunications company Telstra’s customers were potentially compromised in a newly reported data breach. The Privacy Commissioner, Timothy Pilgrim, launched an investigation into Telstra’s data breach which occurred when its customer service website was openly accessible online.
Date of Breach: December 2011
Size of Loss: The grocery chain admits over 100 people who used the self-checkout counters in 23 of their northern California Lucky stores (and one SaveMart).
Affected Individuals: About one million
Geographic Focus: National
Data Contained: Account details including account numbers, phone numbers and credit card details of just fewer than one million Telstra customers were potentially compromised by the breach.
Additional Information: As a precaution, the company reset the passwords of around 60,000 customers and notified the Privacy Commissioner.
Posted in Uncategorized | No Comments »
December 12th, 2011
What Happened? Bay Area Lucky supermarkets have been targeted by identity thieves, who used credit card “skimmers” attached to the terminals to collect the account numbers and PIN codes of everyone who used them to pay for their groceries. The company found out about the scam when routine maintenance at 19 locations turned up suspicious devices attached to the self-service scanners.
Date of Breach: December 2011
Size of Loss: The grocery chain admits over 100 people who used the self-checkout counters in 23 of their northern California Lucky stores (and one SaveMart).
Affected Individuals: Lucky customers
Geographic Focus: California
Data Contained: Credit card data
Additional Information: While Lucky now insists that the machines at all of its over 200 locations are now safe, the company is urging customers who used self-checkout at any of the compromised locations in October or November to immediately close their bank accounts or else risk having their identities stolen.
Posted in Uncategorized | No Comments »
December 5th, 2011
What Happened?: Hacktivist group TeaMp0isoN hacked into the website of the United Nations Development Programme, stealing sensitive data and dumping it into Pastebin.
Date of Breach: November 2011
Size of Loss: Hundreds
Affected Individuals: Individuals working for the UNDP, the Organisation for Economic Co-operation and Development, UNICEF, the World Health Organisation and other groups
Geographic Focus: Global
Data Contained: Hundreds of email addresses, user names, and plain-text passwords
Additional Information: The hack revealed lax password security at the agencies. Some of the accounts appeared to have a blank password and many more have easily guessable login credentials. And storing passwords in plain-text (rather than an encrypted form) is an even bigger mistake. TeaMp0isoN said that it carried out the attack as a protest against what it sees as corruption at the UN.
Posted in identity theft, identity theft credit freeze, identity theft fraud, identity theft prevention, identity theft protection, identity thieves | No Comments »
December 1st, 2011
What Happened?: A Sutter Medical Foundation data breach occurred in mid-October, when a computer that held information on more than 4 million patients was stolen.
Date of Breach: October 2011
Size of Loss: 4 million
Affected Individuals: Patients, dating back to 1995
Geographic Focus: United States
Data Contained: Names, addresses, email addresses, dates of birth, telephone numbers and names of patients’ health insurance plans dating from 1995 were contained in the computer’s database, as well as dates of services and description of medical diagnoses or procedures used for business operations.
Additional Information: Patients concerned about their information can go to Sutter Health’s website, www.sutterhealth.org, to find a list of affected health providers or call toll-free at (855) 770-0003 between 8 a.m. and 5 p.m.
More Information: Sacramento Bee
Posted in Uncategorized | No Comments »
November 21st, 2011
What Happened?: Sensitive data for more than 176,000 current and former students and employees at Virginia Commonwealth University may have been stolen when an attacker hacked a university server in October, 2011.
Date of Report: October 2011
Size of Loss:176,00
Affected Individuals: Current and former students and employees
Geographic Focus: Virginia
Data Contained: This server contained personally identifiable information, including Social Security numbers, names, school and personal email addresses and in some cases dates of birth, job titles and contact information.
Additional Information: The university has emailed all potential victims, sent letters to the same group, and developed a website about the incident to inform the community.
Posted in Uncategorized | No Comments »