DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

OH: Personal info found at trash bin in Warren

Posted on July 5, 2011 by Dissent

Matthew Steffy reports:

Legal documents from a defunct law firm bearing personal information including Social Security numbers and dates of birth on thousands of documents surfaced in an open trash bin in downtown Warren this week.

The documents include names, addresses, spousal and child information, Social Security numbers, dates of birth and income earnings. The information was left unguarded in the bin for more than 24 hours, but the Ohio Supreme Court and local Bar Association secured the trash receptacle after receiving phone calls about the matter from the Tribune Chronicle.

The move, brought to the attention of the Tribune Chronicle by an anonymous caller, left some of those named in the documents angry and dumbfounded.

Attorney Randy Rudloff, legal counsel for the local Bar Association, said disposing of those files without destroying them was “certainly not something that you want to see happen.” He said describing the action as negligent “would be an understatement.”

According to letterhead on some of the documents observed by the Tribune Chronicle, the papers were once the property of Spain & Spain Company, a law firm formerly located on East Market Street in Warren. Fully Spain and John R. Spain, the attorneys of Spain & Spain, both are deceased. John Spain died in 1992, and Fully Spain passed in 2006 at the age of 90.

The trash receptacle containing in the files is located at the Park Place building, 155 S. Park Ave., that is owned by Irene Makridis.

Makridis, also a lawyer, said she gave the previous tenants, which included two local law firms, ample time to remove all files and possessions. Now, she said, the files are being discarded.

“I don’t know who is liable for them and I don’t know why they were not destroyed,” Makridis said. ”I told those tenants that I would be disposing of them, and I am disposing of them now.”

Rudloff said Makridis’ action was, at the least, careless.

“This certainly goes to issues of compliance of disciplinary rules,” Rudloff said. “That would be applicable in this case because the owner of the building is a lawyer and should know better than to do this.”

The Ohio State Bar Association, state Supreme Court and Ohio Attorney General stopped short of calling the action illegal, but they said the situation was dangerous because clients’ identification could be stolen. Messages left Thursday seeking comment from the Board of Commissioners for Grievances and Discipline at the Ohio Supreme Court were not immediately returned.

[…]

Read more on Tribune Chronicle.

This is an especially infuriating breach because the person discarding the documents without shredding really should have known better if she is a lawyer.  If I were to find myself with a stash of documents or files from a mental health professional, I wouldn’t just discard them without having them shredded.  In fact, I have actually been in that situation twice now in recent years, and each time, arranged to have sensitive files shredded.

Did no one care about the privacy and security of the clients of the now-deceased attorneys? And who was really responsible for those files?  Had the law firm’s remaining partner made arrangements as to who would take custody of the files before his death? Were the recent tenants actually custodians of the files and responsible for them?

I hope there’s a full investigation of this so that all responsible parties are asked to account for their actions – or inaction.

No related posts.

Category: Breach IncidentsBusiness SectorExposurePaper

Post navigation

← Prized Patient information open to Web-Highest Number of Security Breaches in Healthcare – Medical Providers ??
CA: 1200 Sutter Gould Medical Foundation patients’ records tossed into dump →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Integrated Oncology Network victim of phishing attack; multiple locations affected (2)
  • HHS’ Office for Civil Rights Settles HIPAA Privacy and Security Rule Investigation with Deer Oaks Behavioral Health for $225k and a Corrective Action Plan
  • HB1127 Explained: North Dakota’s New InfoSec Requirements for Financial Corporations
  • Credit reports among personal data of 190,000 breached, put for sale on Dark Web; IT vendor fined
  • Five youths arrested on suspicion of phishing
  • Russia Jailed Hacker Who Worked for Ukrainian Intelligence to Launch Cyberattacks on Critical Infrastructure
  • Kentfield Hospital victim of cyberattack by World Leaks, patient data involved
  • India’s Max Financial says hacker accessed customer data from its insurance unit
  • Brazil’s central bank service provider hacked, $140M stolen
  • Iranian and Pro-Regime Cyberattacks Against Americans (2011-Present)

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • On July 7, Gemini AI will access your WhatsApp and more. Learn how to disable it on Android.
  • German court awards Facebook user €5,000 for data protection violations
  • Record-Breaking $1.55M CCPA Settlement Against Health Information Website Publisher
  • Ninth Circuit Reviews Website Tracking Class Actions and the Reach of California’s Privacy Law
  • US healthcare offshoring: Navigating patient data privacy laws and regulations
  • Data breach reveals Catwatchful ‘stalkerware’ is spying on thousands of phones
  • Google Trackers: What You Can Actually Escape And What You Can’t

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.