Lost or Missing – Page 39 – DataBreaches.Net

UK: North East Lincolnshire Council hit with £80,000 penalty after breach involving special needs children’s information

Posted on October 29, 2013 by Dissent

A monetary penalty notice has been served by the Information Commissioner’s Office on North East Lincolnshire Council after the loss of an unencrypted USB drive containing personal and sensitive personal data relating to 286 special needs children. From the notice announcing the penalty: On 1 July 2011 an unencrypted USB memory stick containing personal and…

Hong Kong Privacy Commissioner for Personal Data publishes reports on two investigation into data security at the Hong Kong Police Department

Posted on October 24, 2013 by Dissent

The Office of the Privacy Commissioner for Personal Data in Hong Kong has released two reports on investigations involving possible violations of the Data Protection Ordinance. Both reports involve the Hong Kong Police Department. The first investigation involved the leakage of an HKPD document containing personally identifiable information via Foxy (a file-sharing program). Two instances…

ICO reminds organizations of need for BYOD policies to protect data

Posted on October 15, 2013 by Dissent

The Information Commissioner’s Office (ICO) is reminding organizations that they must make sure that their data protection policies reflect how the modern workforce are using personal devices for work. With a YouGov survey earlier this year showing that 47% of all UK employees now use their smartphone, tablet PC or other portable device for work purposes there…

Your PII were lost in the mail – Clinical Reference Laboratory (update1)

Posted on October 4, 2013 by Dissent

Clinical Reference Laboratory provides lab tests for Massachusetts Mutual Life Insurance policy applicants. On September 17, they learned that a billing sent to MassMutual on September 6 with applicants’ names, dates of birth, type of lab test performed, and/or partial or full Social Security numbers had been damaged in transit with USPS and some pages…

Breach notifications: what really happened vs. what they tell us

Posted on September 24, 2013 by Dissent

I’ve often pointed out how breach notification letters to those affected may omit details that consumers might want to know but breached entities probably prefer we not know. I came across another example today. Let’s start with what happened, as described by attorneys for Vector Security to the Maryland Attorney General’s Office. Vector Security provides…

NHC Oak Ridge discloses breach involving unencrypted backup tape

Posted on September 19, 2013 by Dissent

The following email was published by The Oak Ridger after it was sent to them by NHC Oak Ridge administration: Officials at NHC Oak Ridge, 300 Laboratory Road, have reported a possible breach of patient information due to a missing backup tape that wasn’t encrypted. The information on this tape included patient names, Social Security numbers, birth…