Featured Eseminar Auditor Download GuardianEdge Federal GuardianEdge

    “This is the best encryption technology we have used that integrates with Windows Server Active Directory and enables us to easily manage laptops simply by making changes to Group Policy objects that are sent to users immediately.”

    —Oliver Rebollido, Network Engineer, Fenwick & West LLP, Mountain View, California.
    Chronology of Data Security Breaches



    A Chronology of Data Security Breaches

    Resulting From Laptop Theft

    Following the model set by the California SB 1386 data security breach disclosure law, approximately 40 U.S. states require organizations to notify affected individuals if the privacy of their personal information is compromised by an information security breach. As evidenced by high-profile data security breaches at ChoicePoint and the Department of Veterans Affairs, these public notifications can have a severe financial impact on an organization.

    Research indicates that laptop theft is one of the three leading causes of data security breaches that require notification under SB 1386 and other state notification laws. This chronology of data security breaches lists incidents disclosed in accordance with SB 1386 that resulted from the theft or loss of laptop computers, and illustrates the risks associated with storing confidential information on unprotected laptops.

     

    August 13, 2008 Laptops with Personal Info of Thousands Stolen
    Twelve laptops containing Social Security numbers, names and birth dates of 9,000 current and former Charter Communications Inc. workers were stolen from an office in South Carolina.
    August 5, 2008 Data Breach Leaves 33,000 Airline Passengers Compromised
    We've all heard of the horrible data security breaches that occur when a company fails to update their firewalls or an employee leaves a laptop with massive amounts of data out in the open.
    August 4, 2008 150,000 hit by brewer data theft
    About 150,000 people in the US have been affected by the theft of laptops with personal information about current and former employees of brewing giant Anheuser-Busch.
    July 16, 2008 Facebook Bug Leaks Members' Birthday Data
    A glitch in a test version of Facebook's Web site inadvertently exposed the birthdays of Facebook's 80 million members this week.
    July 2, 2008 Freedom Credit Union Warns Customers of Data Breach
    Freedom Credit Union is warning customers of a security breach whereby debit card data was electronically captured by individuals who may have used it in a counterfeit scheme.
    July 2, 2008 Citibank ATM Data Breach Reveals PIN Security Problems
    The ATMs are inside 7-Eleven stores throughout the country.
    July 2, 2008 Breach Exposes Info on Pre-'06 Google Hires
    A data breach at a California company that administers benefit plans to businesses across the country involved personal information on all Google employees hired prior to Dec. 31, 2005, the search engine giant said.
    June 30, 2008 Survey: More than 10,000 laptops lost each week at airports
    Keep laptops close at airports, because they have a startling tendency to disappear in the blink of an eye, according to a new survey.
    June 23, 2008 CNET Employees Notified After Data Breach
    More than 6,500 CNET Networks employees and relatives are being notified of a possible data breach after burglars stole computer systems from the offices of the company that administers the Internet publisher's benefit plans.
    June 23, 2008 Disk Holds Scottish Ambulance Service Call Data
    The Scottish Health Secretary has acknowledged that a Scottish Ambulance Service disk containing details of hundreds of thousands of emergency calls was lost earlier this month.
    June 8, 2008 Stanford employees' data on stolen laptop
    Stanford University has notified tens of thousands of past and current Stanford University employees that their personal information - including their dates of birth, Social Security numbers and home addresses - was on the hard drive of a stolen university laptop.
    May 21, 2008 OKC buyer finds sensitive information on server
    The Oklahoma Corporation Commission is removing hard drives from all surplus computer equipment after a server containing the names and Social Security numbers of thousands of residents was sold at an auction recently.
    May 20, 2008 LendingTree LLC Sued Over Customer Information Data Breach
    LendingTree LLC, the online mortgage unit of IAC/InteractiveCorp. (IACI), has been sued over a security breach in which some employees allegedly allowed mortgage lenders to gain access to confidential customer information.
    April 28, 2008 U of Miami loses data on 2.1 million patients
    While they contend that the data is unreadable--and therefore poses no risks--officials with the University of Miami School of Medicine have gone public with the news that someone stole back-up tapes holding health and financial information on about 2.1 million patients.
    April 28, 2008 30,000 bank customers affected by data theft
    The number of Bank of Ireland customers affected by the theft of laptops last year has risen to over 30,000.
    April 18, 2008 Universities Rocked by Data Thefts
    The Universities of Miami and Virginia acknowledge lost data on stolen tapes and laptops
    April 15, 2008 Pfizer Data Security Breach
    Pfizer has experienced another data security breach. A laptop stolen from a contractor's home contains personally identifiable information of approximately 800 current and former Pfizer employees and contractors.
    April 9, 2008 WellPoint probing data breach for 130,000 members
    NEW YORK (Reuters) - Health insurer WellPoint Inc is investigating the cause of a breach involving protected health information for about 130,000 members, the company said on Wednesday.
    April 3, 2008 Lawmaker's Health Data on Stolen Laptop
    If there's one person whose medical records you wouldn't want to lose track of, it's the co-chairman of the congressional caucus that focuses on protecting consumers' privacy.
    April 3, 2008 Rep. Barton Seeks Probe In Theft of Computer
    Rep. Joe Barton (R-Tex.), the ranking minority member on the House Energy and Commerce Committee, revealed yesterday that he is among the approximately 3,000 heart patients whose medical information was potentially exposed to public scrutiny when an unencrypted government laptop was stolen in February from the car of a National Institutes of Health researcher.
    March 28, 2008 Report: DEA needs to secure laptops
    More than 90 weapons and 230 laptop computers belonging to the Drug Enforcement Administration have turned up missing.
    March 25, 2008 Yet another laptop theft: Agilent warns 51,000 workers of potential data compromise
    In what is becoming an increasingly familiar story these days, the theft of a laptop PC containing unencrypted confidential data has prompted yet another organization to issue a warning notice to tens of thousands of people.
    March 17, 2008 Supermarket data breach exposes more than 4 million accounts
    A Maine-based supermarket chain on Monday reported a data intrusion into its computer network that has put some 4.2 million customer credit and debit card accounts at risk, according to the company and press accounts.
    March 13, 2008 Possibly Thousands Of Patient’s Information Compromised With Lap Top Theft
    Possibly 4,800 patient’s information could be compromised, when a laptop with names, social security numbers and personal health information was stolen from University Healthcare over two weeks ago.
    March 10, 2008
         		MTV Breach Affects 5,000 Employees
    Employees at MTV Networks are watching their credit reports more closely after the company acknowledged that the personal information of 5,000 employees was stolen late last week.
    February 14, 2008 Two Laptop Computers Containing 320,000 Blood Donors’ Records Missing From Lifeblood’s Main Office
    Bloodbank Donor Information on Missing Computers (February 13 & 14, 2008) Approximately 320,000 people who donated blood through Lifeblood in Memphis are at risk of identity fraud after two laptop computers were reported missing from the company.
    February 10, 2008 Identity Theft on the Hilltop
    Recently, Georgetown University informed thousands of students, alumni, faculty and staff that a computer hard drive containing their personal information -- names, birth dates and Social Security numbers -- had been stolen from an administrator's office [Metro, Jan. 30].
    January 30, 2008 Davidson Companies Reports Data Breach Affecting 226,000 Clients
    The company reportedly hired a testing company last September to assess its IT security and the firm's hackers did not find any holes.
    January 30, 2008 ChoicePoint Settles Lawsuit over 2005 Breach
    ChoicePoint will pay $10 million to settle a class-action lawsuit filed after the data aggregator and credentialing service admitted to a major data breach in 2005.
    January 26, 2008 Federal Officials Probe HMO Data Breach
    FCHP, State of Massachusetts’ fourth-largest HMO, reported Thursday that a laptop containing claims data for 30,000 Medicare Advantage and Summit ElderCare members, including names, dates of birth and Medicare identification numbers, was on a laptop computer stolen earlier this month from the locked offices of a FCHP vendor.
    January 25, 2008 Marks & Spencer Staff Details Left on Laptop
    Marks & Spencer has been found in breach of data protection rules after the theft of a laptop containing the personal details of 26,000 employees. The Information Commissioner's Office (ICO) said the data on the laptop, which was stolen from the home of an M&S contractor, was unencrypted. The ICO has ordered M&S to make sure all laptop hard drives are fully encrypted by April 2008.
    January 18, 2008 Credit Card Data on 650,000 Customers Lost
    The missing tape affects 230 retailers, whose customers may be vulnerable to data fraud.
    January 11, 2008 Personal Info Lost in Oldham
    SENSITIVE personal information on almost 150 NHS patients in the Oldham area has been `lost', health bosses admitted today. The Oldham NHS Primary Care Trust says two data sticks containing highly personal assessment notes of 148 clients who have been in contact with the trust's continuing care service have been reported missing.
    January 7, 2008 Sears Data Breach Draws Lawsuit
    A New Jersey resident has filed a $5 million class action lawsuit against the retailer charging breach of contract and a violation of the Consumer Fraud Act.
    January 3, 2008 Stolen Laptops Hold Nashville Voter Data - article 1
    Stolen Laptops Hold Nashville Voter Data - article 2
    Two laptop computers containing 337,000 Nashville voters’ Social Security numbers were stolen as the building’s security guard listened to Christmas music, ordered food and visited the break room, failing to make his hourly rounds.