On May 18, Plymouth State University noticed that an external hard drive that they used for backup purposes was missing. One of the files on the drive was a spreadsheet that contained the names and Social Security numbers of 1,059 students enrolled in the teacher education and certification program between 2005 and 2010. As the…
Category: U.S.
(follow-up) JetBlue notification letter indicates no evidence that any employee data accessed
As reported previously on this blog, JetBlue had a security breach involving the insertion of malware on their system. Last week, the airline notified the New Hampshire Attorney General’s Office about the incident. Their letter was somewhat imprecise about when they were informed of the problem by a federal law enforcement agency, saying only that “Earlier…
FedEx subsidiary notifies employees that the ADP/Workscape breach exposed their Social Security Numbers and direct deposit account information
FedEx Smartpost (FXG), a subsidiary of FedEx Ground Package System, was affected by the ADP/Workscape breach reported a few weeks. At the time, ADP had indicated that the intrusion affecting Workscape only affected one client as far as they knew. FXG appears to be that client. According to a letter sent by FXG’s lawyers to…
A rotten Apple employee arrested; accessed customer data
Well, here’s something I don’t usually see – a breach notification from Apple. On June 16, Apple informed the New Hampshire Attorney General’s Office that a former employee had accessed customer data of customers while employed at one of Apple’s retail stores. The store’s location was not provided. The total number of customers whose data…
Morgan Stanley investors notified that lost CDs contained their personal and financial data
Christopher Maag reports: Personal information belonging to 34,000 investment clients of Morgan Stanley Smith Barney has been lost, and possibly stolen, in a data breach. According to two letters sent to clients, and obtained by Credit.com, the information includes clients’ names, addresses, account and tax identification numbers, the income earned on the investments in 2010,…
(Update) UPMC Shadyside Hospital employee pleads guilty to HIPAA violation
As a follow-up to a breach previously reported involving an employee of the University of Pittsburgh Medical Center Shadyside Hospital, multiple media sources are reporting that the employee pleaded guilty last week to to taking the names, social security numbers and birth dates of 19 patients there. Read more in the Pittsburgh Post-Gazette. The U.S. Attorney’s…