Monday, August 25, 2008

Fraud Flash for the week of August 25, 2008

Aug. 18, 2008
Dominion Enterprises
http://www.redorbit.com/news/technology/1532385/local_firm_cites_data_breach/
A computer server within InterActive Financial Marketing Group (IFMG), a division of Dominion Enterprises located in Richmond, Virginia, was hacked into and illegally accessed by an unknown and unauthorized third party between November 2007 and February 2008. The data intrusion resulted in the potential exposure of personal information, including the names, addresses, birth dates, and social security numbers of 92,095 applicants who submitted credit applications to IFMG's family of special finance Web sites.

The Ministry of Justice (MoJ) Department for Work and Pensions (DWP)
http://www.publicservice.co.uk/news_story.asp?id=6798
Resource accounts for two departments revealed around 62,000 people were affected by breaches. In its biggest data breach, the MoJ reported that discs containing 27,000 supplier records, including supplier name, address and some cases bank details were stolen. Data losses reported by the MoJ included a laptop that contained data on 14,000 fine defaulters. The data included names, dates of birth, address, offence and in a fifth of cases national insurance numbers. The laptop was stolen within secured government premises and described as inadequately protected. MoJ also reported a loss of paper documents that involved data on 3,648 people including their alleged offences. The DWP's resource accounts said its biggest breach was the retention of two discs by a contractor. The discs contained the data of 9,000 people and forced the department to notify law enforcement. The department also suffered two other incidents. One in July 2007 that potentially affected 7,800 and one in January when papers with data on 45 people were lost.

Keller High School
http://www.kellercitizen.com/101/story/10750.html
Keller family's received a mailing from Keller High School last week. Upon opening it, they found two enrollment forms. One was an emergency-care authorization form. But the other was a student information form containing another classmate’s social security number, student ID number, home address, phone number and contact information for his parents at home and at work. They quickly realized that their child’s private information, which they used to set up their college fund and other accounts, was mailed to someone else.

The Princeton Review
http://www.nytimes.com/2008/08/19/technology/19review.html?ref=technology
The test-preparatory firm, accidentally published the personal data and standardized test scores of tens of thousands of Florida students on its Web site. One file on the site contained information on about 34,000 students in the public schools in Sarasota, Fla. Another folder contained dozens of files with names and birth dates for 74,000 students in the school system of Fairfax County, Va.

Aug. 19, 2008
Kingston Tax Service
http://breachblog.com/2008/08/21/tax.aspx
Office computers were stolen from the business. On each of the computers is information which can be used by identity thieves including credit card information and Social Security numbers.

No comments: