DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Criminal steals treasure trove of info on applicants to Nevada State Bar

Posted on March 27, 2014 by Dissent

Criminals who broke into a State Bar of Nevada storage facility stole confidential information on an undisclosed number of applicants for the state bar examination, putting an untold number at risk of identity theft.

Those affected were notified by letter dated March 17 and offered free credit monitoring for a year:State Bar LetterThe notification was submitted to DataBreaches.net by “Who Complies,” a regular reader of this site. He  prefaced the notification letter with additional background and details:

On January 24, 2014 my friend received a phone call from Las Vegas Police.

The detective asked him if he had ever taken the Nevada State Bar Exam.

My buddy replied; yes, a few times, why?

The detective informed him they arrested a man in possession of his personal information in Las Vegas.

In fact, he had my friend’s personal information from the February and July 2011 Bar Exams, and other exam takers’ personal information.

Personal information for taking the bar exam is everything imaginable: Full Name, Birthday, SSN, Address, Previous Home & Work Addresses for past 10 years, Home phone, cell phone, drivers license number, his children’s full names and birthdates, his spouse’s information, and his Military Service Record Form DD-214. Not to mention the names and contact information for personal references, and the list goes on.

Yes, it also included Credit Card Account information with Exp. and CCV code on back to pay for the Bar Exam.

The thief had so much information that he had identification made up with my friend’s information and the thief’s picture on it.

After being notified by the police about the data breach,  the phone call he received 1.5 months prior made sense. He had been called by his bank about fraudulent charges on a credit card he almost never uses – except for educational needs and State Bar Exams.

Phone calls and emails regarding the breach to the Nevada State Bar went unreturned.

Finally today, almost 2 months later, my friend received the attached letter.

I can’t understand how the State Bar could so negligently store such highly sensitive information in a common storage locker?

I also wonder if the State Bar didn’t know about the locker break in, until contacted by the LVPD after they had this guy in custody???

So many unanswered questions.

Indeed. The Nevada State Bar did not respond to an email inquiry earlier today asking when the theft occurred, how they discovered it, and how many people had their data stolen.

What are the state bar’s data retention and storage policies? How far back do the paper records in storage go and how many cartons of records were stolen? According to Who Complies’ friend, the thief was caught with personal information from other Bar Exam takers. Were any of them from other states from individuals seeking licensing in Nevada?

And will the state bar now start securely shredding older records or do they intend to continue to store them but just boost physical security for the storage center?  

Some more transparency on their part in reporting on this incident would be helpful.

Category: MiscellaneousOf NotePaperTheftU.S.

Post navigation

← KR: Stolen data on 25 million used in attack on Naver
Possible data breach affects roughly 15K U. Wisconsin -Parkside students →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • CoinMarketCap Hacked, Scrambles to Remove Malicious Wallet Verification Popup
  • Montana Attorney General launches investigation into Lee Enterprises data breach
  • AT&T gets preliminary approval for $177 million data breach settlement
  • Aflac notifies SEC of breach suspected to be work of Scattered Spider
  • Former JBLM soldier pleads guilty to attempting to share military secrets with China
  • No, the 16 billion credentials leak is not a new data breach — a wake-up call about fake news (Updated)
  • Tonga’s health system hit by cyberattack (1)
  • Russia Expert Falls Prey to Elite Hackers Disguised as US Officials
  • Proposed class action settlement in In re Netgain Technology litigation
  • Qilin Offers “Call a lawyer” Button For Affiliates Attempting To Extort Ransoms From Victims Who Won’t Pay

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Markup caught 4 more states sharing personal health data with Big Tech
  • Privacy in the Big Sky State: Montana’s Consumer Privacy Law Gets Amended
  • UK Passes Data Use and Access Regulation Bill
  • Officials defend Liberal bill that would force hospitals, banks, hotels to hand over data
  • US Judge Invalidates Biden Rule Protecting Privacy for Abortions
  • DOJ’s Data Security Program: Key Compliance Considerations for Impacted Entities
  • 23andMe fined £2.31 million for failing to protect UK users’ genetic data

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.