Security Breaches: September 2007 Archives

In an apparent administrative error, the personal information of more than 600 Queens University students was emailed to other students. Queens University is located in Charlotte, North Carolina.

The information contained names, addresses, student IDs and social security numbers of the affected students.

University administrators have notified affected students by email, U.S. mail, and phone. Additionally, the university has contracted with a fraud and credit monitoring service for the next 12 months. Students will receive email alerts on changes to credit reports and insurance against identity theft.

In a letter to the New Hampshire Attorney General, Voxant revealed that one of it's ecommerce servers was compromised by what appeared to be a phishing scheme. The hackers had the ability to access encrypted credit card information along with the encryption key. As a result Voxant is sending 4,500 customers letters notifying them of the breach and informing them to change their credit card numbers.

 
The point of contact regarding this incident is:

Roylene Julesza
Director, Syndication
1851 Alexander Bell Drive
Reston, VA 20191

Source: Letter to the New Hampshire attorney general, Aug. 31.

Approximately 3,100 current and past Tennessee Tech University students were notified that some of their personal information may have been compromised.

On September 11, a problem in the way student bills are process resulted in some student's social security numbers and personal identification numbers appearing on the billing statements of other students.

The university has emails letters to affected students notifying them of the problem and outlining steps to help prevent possible fraud. Information about contacting credit reporting agencies and credit fraud alert services was mailed to them.

Details: http://www.tntech.edu/publicaffairs/security/

Source: "Technical Glitch Could Make Personal Data for Some TTU Students Vulnerable," Sept. 14, The Herald_Citizen.

Thieves stole two computers from the Pennsylvania Public Welfare Agency that contained the personal records of people who receive medial assistance benefits for the treatment of mental health and substance abuse problems. The information stored on the computers included the names and Social Security numbers of people receiving benefits.

The department of Public Welfare has begun the process of notifying close to 375,000 people who receive benefits and who could potentially be affected by the thefts. The department is notifying patients of the steps they can take to avoid and identify identity theft.

Source: "Computers stolen from Pa. public-welfare agency had consumer info," Sept. 11, Associated Press.

The personal information of 5,700 current and former John Hopkins Hospital patients is at risk because of the theft of a single desktop computer. The computer included the names of patients, their social security numbers, birth dates, and their medical information.

The theft occurred more than a month ago. Hospital officials waited two weeks after the theft before reporting the incident to police. Affected patients were not notified that their personal information was at risk until August 24th, almost one month after the theft.