Back in December 2010, a computer belonging to Cord Blood Registry (CBR) and a backup tape with customers’ information was stolen from an employee’s unattended vehicle. The breach was disclosed in February 2011, and I covered it on this blog, here. Today, the FTC announced that it had settled charges against CBR over the breach….
Category: Theft
More details emerge on DoDDS-EU breach
A previously reported breach that affected students at the Ramstein Intermediate School also affected students and sponsors at three other schools under the U.S. Department of Defense Education Activity– Europe (DoDDS-Europe). Until now, I didn’t know which other schools were involved, until a small item on Military.com provided their names. On January 7, DoDDS-Europe issued the…
Stolen Florida Dept. of Juvenile Justice device contained records of more than 100,000 youth and employees
The Florida Department of Juvenile Justice says it “strives to increase public safety by reducing juvenile delinquency, strengthening families and turning around the lives of troubled youth.” Creating more trouble for youth and their families is obviously not part of their mission, yet that’s what may have happened. From a press release they issued yesterday:…
No one’s to blame? I beg to disagree.
Another data theft in the education sector. And yet again, no one did anything wrong because there was never any policy. Yesterday I added a breach to DataLossDB involving the Morgan Road Middle School in Georgia. A flash drive with unencrypted student information, including SSNs, was stolen from an teacher’s unattended car. A gradebook was…
When is “an excess of caution” not excessive?
Over on DataLossDB.org, I was entering a security breach notification sent by Atlanta-based Oldcastle APG, Inc. They had informed the New Hampshire Attorney General’s Office that a laptop containing over 5,000 employees’ names, Social Security numbers, and bank account information had been stolen from an employee’s car. As required by the state. they had attached a…
And yet another contractor breach
Workers United attorneys have notified the New Hampshire Attorney General’s Office that an unnamed contractor had notified WU on October 25th that a hard drive containing some retirees’ names and Social Security numbers had been stolen from their office on October 13th or 14th. Notification letters were mailed to those affected on or after November…