Is anyone else as concerned as I am about the growing number of privacy breaches in the news these days? And if we hear of 10, are there actually 100 (or more) that go unreported? Some recent examples include:
ChoicePoint Inc. (NYSE: CPS) spun off seven years ago from credit bureau Equifax Inc., disclosed in February that thieves, who operated undetected for more than a year, opened up 50accounts and received vast amounts of data on some 145,000consumers nationwide. Authorities said about 750 people were defrauded. (NY Times)
Bank of America Corp. has lost computer data tapes containing personal information on up to 1.2 million federal employees, including some members of the U.S. Senate. (MSNBC)
DSW Shoe Warehouse, based in Columbus, Ohio, was hacked in March by thieves who accessed a company database and obtained 1.4 million credit card numbers and the names on those accounts - 10 times more than investigators estimated last month. (AP)
Polo Ralph Lauren Corp. is forcing banks and credit card issuers to notify thousands of consumers that their credit-card information may have been exposed. (Modesto Bee)
HSBC North America, a division of London-based HSBC Holdings PLC, has begun notifying holders of the HSBC-issued, General Motors-branded MasterCard that criminals may have obtained access to their credit card information and that the cards should be replaced. HSBC spokesman Stephen E. Cohen said that about 180,000 card holders are affected.(Modesto Bee)
LexisNexis Group, a division of Reed Elsevier, has admitted that personal information concerning 310,000 US citizens has been stolen. In March, the company admitted to losing data related to only 32,000 victims. It has since transpired that unauthorized users breached the system 59 times using stolen passwords, and grabbed data belonging to an additional 278,000 people. (The Register)
WebMD was victimized by a robot that was able to re-create and copy its physician directory databases, one of the company’s most valuable assets. WebMD stated it has the most comprehensive directory of physicians in the United States. (Atlanta Business Journal)
Comcast turned over the names and addresses of some of its customers to the RIAA, without being required to do so by a court order and without notifying the customers. The RIAA then took the information for at least one woman and submitted it to a debt collection agency, which then contacted the woman and demanded US$4,500 in compensation for her alleged illegal downloads of music and threatened the woman with a lawsuit if she didn’t comply. (Reuters)
Other security breaches involving client data have also occurred at:
PayMaxx
T-Mobile
Comcast
Sam’s Club
San Jose Medical Group
California State University at Chico
Boston College
The University of California at Berkeley