KPMG

Print article Data loss barometer – In the news

In the news

Recent data loss headlines

May 2011 - Sony Suffers Second Data Breach With Theft Of 25m More User Details

Hacker attack on security of Sony Online Entertainment network preceded PlayStation Network breach

http://www.guardian.co.uk/technology/blog/2011/may/03/sony-data-breach-online-entertainment

April 2011 - ICO To Investigate UK Effects Of Sony Data Breach

The Information Commissioner's Office is investigating Sony's data breach to see if there is a case to be answered.

http://www.eweekeurope.co.uk/news/ico-to-investigate-uk-effects-of-sony-data-breach-27748

March 2011 - Over 500,00 Individuals Affected by Stolen Medical Institute Computer

514,330 patient names, ages, dates of birth, last four digits of the Social Security numbers and Medical Record Numbers on stolen computer .

http://datalossdb.org/incidents/3512

February 2011 - California Reports Massive Data Breach

The FBI is investigating the penetration of a university research system that housed sensitive personal data on a staggering 1.4 million Californians who participated in a state social program

http://www.securityfocus.com/news/9758

January 2011- Data Loss: Is Your Business Protected?

There is no such thing as a loss-proof strategy. This is largely because no matter how secure the system, human action or omission is often to blame for loss.

http://www.mondaq.com/article.asp?articleid=120714

December 2010 - Of Wikileaks and Data Theft

A US army intelligence analyst, is believed to have delivered more than 150,000 State Department documents and possibly more than a quarter of a million diplomatic cables, to Julian Assange's Wikileaks.

http://www.theregister.co.uk/2010/12/23/wikileaks_and_data_theft/

November 2010 - First Data Protection Act fine for UK firm

The Information Commissioner's Office (ICO) has fined two organisations for serious breaches of the Data Protection Act - the first to be issued under new tougher guidelines in the UK.

http://nakedsecurity.sophos.com/2010/11/24/lost-laptop-data-protection-act-fine-uk/

October 2010 - Healthcare

October has seen two more data loss incidents by NHS professionals, with both found to be in breach of the data protection act by the Information Commissioner's Office (ICO).

http://www.scmagazineuk.com/two-nhs-data-loss-incidents-show-that-basic-levels-of-security-are-still-lacking-in-the-healthcare-sector/article/181391/

September 2010 - ACS:Law

The list, produced by ACS:Law, contained the names and addresses of more 5,300 people alleged to be illegally sharing adult films online.

http://www.bbc.co.uk/news/technology-11418970

August 2010 - Match Services, FIFA

Customers' information including full name, date of birth and passport numbers have been sold onto the black market.

http://www.worldfootballinsider.com/Story.aspx?id=33634

July 2010 - American Airlines

Names, addresses, dates of birth, and Social Security numbers of about 79,000 customers, were lost as a hard drive was stolen from American Airlines offices.

http://cbs11tv.com/local/American.Airlines.AA.2.1785491.html

June 2010 - Anthem Blue Cross

470,000 Anthem Blue Cross Patients pending insurance applications had their Social Security numbers exposed on the web.

http://www.ocregister.com/articles/information-254735-security-anthem.html

May 2010 - AT&T

Files containing AT&T wireless contracts, customer names, addresses, and credit card details was found in a recycling bin.

http://www.news4jax.com/news/23673377/detail.html

April 2010 - Providence Hospital

A hardrive containing back up data on patient medical records has gone missing.

http://www.clickondetroit.com/health/23070110/detail.html

March 2010 - Educational Credit Management Corportation

Personal data of 3.3million names, addresses, dates of birth and Social Security numbers have been exposed on stolen portable media device.

http://www.prnewswire.com/news-releases/ecmc-notifying-borrowers-of-data-loss-89299342.html

February 2010 - AvMed Healthplan

The theft of two company laptops exposed the personal data of almost 1.2 million people.

http://www.miamiherald.com/2010/06/03/1661821/florida-avmed-customers-personal.html

January 2010 - Ladbrokes

The confidential records of millions of British gamblers who bet with UK bookmaker Ladbrokes were offered for sale to a British Newspaper.

http://www.dailymail.co.uk/news/article-1245622/For-sale-Personal-details-millions-Ladbrokes-gamblers.html#ixzz0pvKi1iRZ

December 2009 - US Army

A laptop containing personal information of over 42,000 of US Army soldiers and family members was stolen.

http://edition.cnn.com/2009/US/12/17/theft.security.breach/

6th November 2009 - Chaminade University:

Chaminade University in Hawaii inadvertently posted confidential information, including Social Security numbers, of thousands of students on its Web site.

http://www.starbulletin.com/news/breaking/69438757.html

10th October 2009 - Rural Payments Agency:

Thousands of farmers' bank account details were lost by the Rural Payments Agency (RPA) in the UK after the Government body lost two back-up tapes of confidential data.

http://www.computerweekly.com/Articles/2009/10/29/238341/farmers-bank-account-details-lost-by-rural-payments.htm

18th September 2009 - Akron's Children's Hospital:

Spyware exposed patients names and confidential medical and financial information in a US Children's hospital.

http://www.cio.com.au/article/319073/misdirected_spyware_infects_ohio_hospital

8th September 2009 - Dutch Ministry of Justice:

The Dutch Ministry of Internal Affairs accidentally published the credit card information (numbers and expiration dates) for both the Minister of Health and the Minister of Justice.

http://securityandthe.net/2009/09/12/dutch-ministry-accidentally-publishes-credit-card-info/

7th August 2009 - Heartland Payment Systems:

Three men charged with hacking into the IT networks of Heartland Payment Systems in the U.S., compromising more than 100 million credit and debit card details. This major credit card payment firm processes millions of transactions a month for 175,000 retail merchants, making it probably the largest data breach in U.S. history.

http://www.nytimes.com/2009/01/21/technology/21breach.html

4th August 2009 - Swedish Police Force:

Supposedly secret police lists containing details about Sweden's most dangerous criminals are up for sale across the country among members of the Swedish underworld.

http://www.thelocal.se/21088/20090804/

29th July 2009 - Canada Post office Post Office:

Employee has admitted to stealing nearly $500,000 over a period of seven years.

http://www.metronews.ca/edmonton/local/article/215082--former-canada-post-employee-jailed-after-stealing-cheques

28th July 2009 - UK's National Health Service:

An email sent by the NHS advice service mistakenly disclosed personal information about patients, although it did not leave the health service. The organisation's annual report for 2008-09 reveals that the information, including the names, addresses, NHS numbers, dates of birth and clinical data of about 100 patients, was disclosed without authorisation in October last year.

http://www.theregister.co.uk/2009/07/28/nhs_direct_email_data/

8th July 2009 - AT&T:

A temporary employee for AT&T was arrested on charges she stole personal information on 2,100 co-workers and then pocketed more than $70,000 by taking out short-term payday loans in the names of 130 of them.

http://www.chicagobreakingnews.com/2009/07/att-temp-charged-with-stealing-co-worker-info.html?obref=obinsite

© 2012 KPMG International Cooperative ("KPMG International”), a Swiss entity. Member firms of the KPMG network of independent firms are affiliated with KPMG International. KPMG International provides no client services. No member firm has any authority to obligate or bind KPMG International or any other member firm vis-à-vis third parties, nor does KPMG International have any such authority to obligate or bind any member firm. All rights reserved.