From breach reports to Vermont, here are three more breaches I didn’t know about previously:
- Cathedral Square notified residents that their only payment processing system had been compromised, resulting in access to the residents’ names, bank account numbers, and routing numbers if they paid their rent electronically. Residents do not seem to have been offered any free credit monitoring services. By separate letter, Cathedral Square notified staff of the breach and that the hacker might have accessed staff’s Health Savings Account information, i.e., names and HSA account activity. No payroll or pension data were involved.
- Ameritas Investment Corp. reported that on January 27, its Madison, Wisconsin office was burglarized and an associate’s purse containing the backup tape of the office’s computer system was stolen. Information on the backup tape included names, addresses, dates of birth, Social Security Numbers, and policy numbers. The firm believes that this was an opportunistic theft, as the purse and other items were later found discarded. Although the tape was not recovered at the time of the notification, the firm believes that the strong password and the need for specialized software to read the contents makes misuse unlikely.
- Paraco Gas reported that a computer containing personal information was stolen on March 16. They do not indicate where the computer was stolen from, nor how many individuals had sensitive information on it, but the computer reportedly contained names, addresses, dates of birth, Social Security Numbers, and bank account numbers (if the individual had direct deposit). Although Paraco believes that the risk of identity theft is “extremely low as this computer was password-protected,” they offered affected individuals free services.
Small update: Paraco had also reported this breach to NYS as indicated in a previous listing on this site based on NYS logs, but this is the first time we’ve seen the breach report. In their report to NY, Paraco indicated 241 NYS residents were affected.