July 2006

You are currently browsing the articles from numbrX Security Beat written in the month of July 2006.

Sentry Insurance Customer Data Sold by Thief

If you're new here and like what you read, you may want to subscribe to my email alerts or RSS feed. Thanks for visiting!

Over 112,000 Sentry Insurance customers’ personal data have been stolen by a programmer hired by the company. The firm, based in Stevens Point, WI, says the US Secret Service recently arrested the thief. There were 72 individuals whose personal data, including names and Social Security numbers were sold on the Internet. Sentry Insurance is not commenting on when or how the theft was discovered.

The firm said data on an additional 112,198 claimants was also stolen, but there is no evidence their information was sold.

Sentry said it has notified all affected claimants and is providing credit monitoring services to help prevent fraudulent activity.

Source: Duluth News Tribune

Written by MCruz on July 30th, 2006 with no comments.
Read more articles on Customers and Identity Theft and Insurance.

Lancaster General Hospital Doctors’ Personal Information Exposed

A personal computer was stolen from a Lancaster General Hospital (LGH) office on June 10th. Only doctor’s information was stored on the computer. It is believed the equipment was the primary target of the burglary and not the data. Nevertheless, hospital administrators have sent out notification letters to the doctors. The letter instructs physicians to watch their financial accounts and credit card activities for any signs of identity theft.

The letter noted that a “free-standing PC” was stolen from the office, which contained files listing doctors’ practice addresses, phone numbers and Social Security numbers, used “to verify accreditations and educational backgrounds as part of the credentialing process.”

A copy of the notification letter can be seen here.
LGH Notification Letter 1 of 2LGH Notification Letter 2 of 2

Source: Lancaster Online

Written by MCruz on July 28th, 2006 with 2 comments.
Read more articles on Employees and Hospitals and Identity Theft.

Two US Navy Laptops with Personal Data Missing

Navy Recruiting Station offices in New Jersey have reported two laptops with personal information on recruiters and prospective recruits have been stolen. A spokesman from Navy assures that “[t]here have been no reports of illegal usage of personal data identified by these incidents.”

“However, the Navy is reviewing the data contained in the computers, including personal information on approximately 31,000 individuals.” About 4,000 Social Security numbers were included in the data on the laptops. The Navy is in the process of notifying potentially affected individuals by mail.

The laptop in Trenton was reported stolen from the recruiting station in early June, while the one in Jersey City was reported missing earlier this month.

Source: Computerworld

Written by MCruz on July 28th, 2006 with no comments.
Read more articles on Government and Identity Theft.

Armstrong Employee Data Exposed to Identity Theft

About 12,000 current and former employees of Armstrong World Industries have to worry about identity theft. A laptop containing confidential personnel information was recently stolen from a Deloitte & Touche LLP employee. The firm was hired to perform regular internal audits for Armstrong.

F. Nicholas Grasberger III, Armstrong senior vice president and chief financial officer, said the personal information on the stolen laptop contained names, home addresses, phone numbers, Social Security numbers, employee identification numbers, annual salary/hourly wage data and the bank account numbers of employees who have their checks directly deposited.

Source: Lancaster Online

Written by MCruz on July 25th, 2006 with no comments.
Read more articles on Businesses and Employees and Identity Theft.

Georgetown U. Hospital Patient Information Leaked

Georgetown University Hospital (GUH) patient information was exposed on a third party computer system maintained by InstantDX (a Maryland-based firm). A computer consultant stumbled upon the unsecured data while performing a software installation at a physician’s office.

The leaked information included patients’ names, a ddresses, Social Security numbers and dates of birth, but not medical data or the drugs the patients were prescribed, says Marianne Worley, a spokeswoman for the Washington, D.C.-based hospital known for providing emergency care to the nation’s most powerful political figures.

“The initial investigation has found that no patient demographic data was inappropriately used,” says Worley, who says between 5,600 and 23,000 patients were affected.

There is no indication in the article if those affected will be notified of the incident. In fact, the Indiana-based consultant may be blamed instead of commended for discovering the unsecured data.

Source: Wired

Written by MCruz on July 25th, 2006 with no comments.
Read more articles on Hospitals and Identity Theft and Patients.

Half Million NY Residents’ Personal Data Exposed

New Yorkers who have made claims to the special workers’ compensation fund are affected by the breach. A Chicago-based company, CS Stars (subsidiary of Marsh, Inc.) had lost track of a computer which contained the private data. The claims-management firm was hired to install software for the Special Funds Conservation Committee.

The company is offering free credit monitoring up to a year and $25,000 identity-theft insurance to those whose data were lost.

The Special Funds Conservation Committee handles workers’ compensation coverage in New York for about 56,500 disabled workers who suffer a second injury, and about 36,000 old claims that are reopened. In existence since 1938, it maintains records on about 540,000 old and current claimants, said chief executive Steven Licht.

All the names in the database, Licht said, had address, date of birth and Social Security number attached, and some also would have employer and accident information, but none had confidential medical records included. Licht also said there were copies of all the data, and claims payments had not been interrupted.

Source: Newsday.com

Update (7/25/06): Those affected by the breach should go to the NYS Workers’ Compensation Board website to obtain more information.

Update (7/26/06): The laptop was just found in a secure location.  “The computer has been located and is secure,” said Karen Allen, a spokeswoman for the Special Funds Conservation Committee.”  The FBI says they are “reasonably certain” the data was not misused.  Mercury News has the report.

Written by MCruz on July 22nd, 2006 with 2 comments.
Read more articles on Employees and Government and Identity Theft and Insurance.

« Older articles

No newer articles