Biometrics Direct - Your source for fingerprint biometric security products for home and business.  Biometric door locks, fingerprint USB security and PC biometric login

View Cart | Home | Support | News | Policies | Resellers | Contact Us | Sitemap |  

Contact Us Toll Free in the USA - 1-800-519-8800
Direct and International Support - +1 206-973-2137

Home Products iQBioBlog Where to Buy Support Smart Cards Card Printing ID Cardz ASG Global
Biometrics Direct - Your Source for Fingerprint Biometric Security Products for Home, Travel and Office
iQBio - "Unlock the Power of Your Print"

Site Navigation

Physical Access Control
iGuard IP Appliance

PC & Network Access
BioCert PC Peripherals
ACS Smart Card

Developer Products
ACS Development Kits
- Smart Cards
- Smart Card & Bio

Biometric Solutions

Other Products
ACS Smart Cards
Smart Card Supply
Card Five ID Software
PVC ID Card Products
Pebble ID Printer
Quantum PVC Printer
DNP Reverse Printers

Biometrics Education
Biometrics FAQ
Biometric Terms
Biometrics 101
US Biometrics Laws
Your Data in the Wild
2006 Data Breaches
2007 Data Breaches

Personal Privacy Risk
Biometrics Links


Toll Free & Int'l VOIP
with "Follow Me" Service

  Get Equifax Credit Watch


National "Wall of Shame"
Commentary and Analysis of 2006 Breaches - James Childers

Running Total - 2007 Breaches of Personal Data:

Total for 2007 as of February 5 - minimum of


Individual Records Breached

One in three Americans the potential victim of Identity Theft in 2006.  Now we are continuing to chronicle the breaches as they happen in 2007.  Most all of these breaches involve the transport of portable unencrypted data being compromised through neglect, theft or outright stupidity on the part of the stewards of the data.  Don't be a victim.  Don't have to be the one that explains to your boss, your clients or worse even yet, a judge or jury that you did not take proper and adequate measures to protect valuable data with which you are entrusted.

Notification Date

Name /  Type / Location of Entity

Type & Breach Description & Link to Release Data

Privacy Requirement Governing Law:

# of Individual Records

Jan. 1, 2007

University of NM
State Agency


Unencrypted Private Data - Stolen Computer Breach
At least three computers and four monitors were stolen from the associate provost's office overnight between Jan. 2 and 3, said Lt. Pat Davis, UNM Police spokesman. The computers may have contained faculty members' names and Social Security numbers, said Richard Holder, associate provost.



Jan. 2, 2007

First Interstate Mortgage
Las Vegas, NV

Printing, Archiving & Secure Document Destruction
& Improper Disposition of Private Information

Documents containing people's names, social security numbers and other personal data were overflowing from a dumpster from a local Real Estate and Mortgage Company.

First Interstate Realty and Mortgage were found to have hundreds of documents that should have been destroyed simply placed outside their dumpster.

Nevada SB347
FHA Guidelines
FNMA Rules

Hundreds to Thousands of Records
(Stacks of Boxes)

Jan. 3, 2007

Century Motors
Austin Texas

Printing, Archiving & Secure Document Destruction
& Improper Disposition of Private Information
All types of personal information from bank accounts to Social Security numbers were scattered along a busy Austin intersection. That mess was found Wednesday morning along a stretch of Burnet Road in Central Austin. It all started at the Century Motor Car lot. Documents were strewn all across the road. The papers contained personal information like Social Security numbers, home addresses, phone numbers, references and job information.  The owner of the car lot says they are in the process of moving from one building to another. The box of information was mistakenly put in the trash.

Texas State Statutes


Jan. 3, 2007

Academic Magnet High School
State Agency

N Charleston, SC

Portable Data Breach - Laptop Stolen w/ Unencrypted Data
North Charleston police are trying to find out who stole a laptop computer from Academic Magnet High School. That computer contains personal information about hundreds of students. This theft is actually the third time someone has stolen computers from this school. November 17th-- someone stole a desktop computer from a guidance counselor’s office.



Jan 3, 2007

Banking Corporation
Akron, OH

Portable Data Breach - Laptop Stolen w/ Unencrypted Data
KeyCorp has notified customers in Ohio and other states that private information about them was taken when a laptop computer was stolen from an outside vendor.  Officials say the information on 9,300 customers may include Social Security Numbers. Corporate communications for the Cleveland-based bank say affected customers were notified by mail.



Jan. 3, 2007

Wisconsin State Dept of Revenue
State Agency
Milwaukee, WI

Printing & Distribution Error
MILWAUKEE The State Department of Revenue today is urging taxpayers to contact credit bureaus to guard against identity theft after acknowledging late last week that Social Security numbers for 171-thousand taxpayers inadvertently ended up on mailing labels.

State Privacy


Jan 4, 2007

Emory Healthcare
Geisinger HC
Williamson Med Ctr
Electronic Registry Systems, Inc.
Health Care

Multiple Locations
5 States

Unencrypted Private Data - Stolen Computer Breach
The theft of a computer from the office of an Ohio-based health care contractor on Nov. 23 has exposed sensitive data belonging to tens of thousands of patients in five health care firms across five states. The compromised data includes the names, addresses, medical record numbers, diagnoses, treatment information and Social Security numbers of the patients. Among those affected are patients at Atlanta-based Emory Healthcare, Danville, Pa.-based Geisinger Health System and Franklin, Tenn.-based Williamson Medical Center. The names of two other health care providers affected by the burglary at Cincinnati-based Electronic Registry Systems Inc. (ERS) have not yet been released.

State Statutes


Jan. 5, 2007

Selma NC Fire Dept
State Agency
Selma, NC

Portable Data Breach - Laptop Stolen w/ Unencrypted Data
SELMA, NC -- A stolen laptop in Johnston County has firemen on alert for identity theft. The computer contained the names and social security numbers of volunteer firemen in Selma.

North Carolina Identity Theft Protection Act


Jan. 8, 2007

Notre Dame
South Bend, Indiana

Portable Data Breach - Laptop Stolen w/ Unencrypted Data
Notre Dame employees recently received a letter in the mail that some of their personal information may have gotten into the wrong hands. A University Director's laptop was stolen before Christmas. On January 2nd university employees received the letter notifying them of the crime. They were told they may want to monitor activities on personal accounts because the computer was storing Social Security numbers and salary information.



Jan. 9, 2007

Phillip Morris
Towers Perrin
New York, NY

Portable Data Breach - Laptop Stolen w/ Unencrypted Data
Philip Morris is warning thousands of local workers their personal information may have been accessed. The company began alerting employees this week that laptop computers have been stolen that included names, salaries and social security numbers of employees.  These laptops were taken from the offices of a New York City consulting firm that handles benefit programs for Philip Morris.



Jan. 11, 2007

University of Idaho
Boise, Idaho

Unencrypted Private Data - Stolen Computer Breach
Three desktop computers have disappeared from the University of Idaho’s Advancement Services office – and now school officials say the personal data of alumni, donors, employees and students may be in danger.  UI says someone stole the computers – and an internal investigation shows that as many as 70,000 social security numbers, names and addresses may be stored on the hard drives.



Jan. 12, 2007

Minneapolis, MN

Network Computer Breach
MoneyGram International Inc., a global payment services provider, announced Friday that a company server with consumer information for about 79,000 bill payment customers was unlawfully accessed over the Internet last month.



Jan. 13, 2007

NC Dept of Revenue
State Agency
Raleigh, NC

Portable Data Breach - Laptop Stolen w/ Unencrypted Data
A laptop computer containing files on 30,000 taxpayers was stolen from the car of an N.C. Department of Revenue employee last month, and state officials are cautioning everyone on the list to keep an eye on their finances for potential fraud. The Revenue Department this week dispatched letters to all 30,000 people, apparently the first such episode since the enactment of an N.C. law last fall requiring government agencies to notify consumers when their data are lost or stolen.

North Carolina Identity Theft Protection Act


Jan. 17, 2007

Diablo Municipal Water District
Government Agency
San Marcos, CA

Unencrypted Private Data - Stolen Computer Breach
The credit-card numbers of about 500 customers in the Rincon del Diablo Municipal Water District were stolen yesterday in an early-morning break-in, officials said. Thieves smashed a glass wall at the district's offices on North Iris Lane and stole two computers, one from the customer services department and the other from engineering, said Darlene Lynn, interim general manager. Customers' names and credit-card numbers were contained in software on the customer services computer, but their Social Security numbers and birth dates were not on either computer, Lynn said. She said the number of stolen credit-card numbers could increase because officials are still determining the extent of information that was taken. No instances of credit-card numbers being used illegally have been reported, the district said, and police are investigating the burglary.

California Senate Bill SB1386


Jan. 17, 2007

Fitchburg Savings Bank
Boston, MA

Network Computer Breach
About 1,300 debit-ATM cards issued by Fitchburg Savings Bank were deactivated yesterday after the bank was told by Visa USA that a “large-scale data compromise” may have included its check cards.

None of the cards was used fraudulently and all are being replaced, said Martin F. Connors Jr., bank president and chief executive officer. “If someone has the person’s information, at this point they can’t do anything with it,” he said.

Mr. Connors said he was aware of at least one other financial institution in Worcester County with far more cards affected by the security breach. A broader problem was confirmed by the Massachusetts Bankers Association yesterday.

“It appears that Visa has notified a number of banks in Massachusetts that a large-scale retailer has had a problem with some of its customer data,” said Bruce E. Spitzer, an MBA spokesman. “Quite a few banks are replacing cards or notifying customers to be extra vigilant in monitoring their accounts. If a card needs to be reissued, the bank will do it.”

Another source indicated that the breach may be broader than Visa cards.

Mr. Connors said customers should receive new debit cards within a week. Cardholders may activate their new cards immediately by going to one of seven Fitchburg Savings Bank branches with proper personal identification and changing the PIN number on their new card. Or they can wait to receive a new pre-assigned PIN in the mail and follow the activation instructions, the bank said in a letter dated yesterday to customers.



Jan. 17, 2007 TJX Companies
AJ Wright Stores
Framingham, MA
Network Computer Breach
The TJX Companies, Inc. (NYSE:TJX) today announced that it has suffered an unauthorized intrusion into its computer systems that process and store information related to customer transactions. While TJX has specifically identified some customer information that has been stolen from its systems, the full extent of the theft and affected customers is not yet known. This intrusion involves the portion of TJXs computer network that handles credit card, debit card, check, and merchandise return transactions for customers of its T.J. Maxx, Marshalls, HomeGoods and A.J. Wright stores in the U.S. and Puerto Rico, and its Winners and HomeSense stores in Canada, and may involve customers of its T.K. Maxx stores in the U.K. and Ireland. The intrusion could also extend to TJXs Bobs Stores in the U.S. The Company immediately alerted law enforcement authorities of the crime and is working closely with them to help identify those responsible. TJX is also cooperating with credit and debit card issuers and providing them with information on the intrusion.

UPDATE - January 30th - Lawsuit Filed against TJX - Company Director Resigns amid unlawful data collection, storage, and breach scandal.

UPDATE - January 30th - Mass Attorney General is one of the victims.

UPDATE - January 30th - Second Lawsuit Filed Against TJX

State Laws
Wire Fraud
20 Million Plus
Jan 20, 2007 Greenville, SC School District
Government Agency - Education
Greenville, SC
Unsecured Data
Greenville, SC School District - 1000 Teachers and 100,000 Students Records Breached

Announced January 20th, 2007 Greenville, SC School District 1000 Employees and 100,000 Students

School district leaves personnel records behind during renovations

GREENVILLE, S.C. - Boxes of personnel records - including the Social Security numbers of thousands of teachers - were accidentally left behind by the Greenville County school district when it vacated its office for renovations, officials say.

The 10 boxes held lists of every teacher employed by the district between 1972 and 1990, as well as their Social Security numbers, district spokeswoman Oby Lyles said Friday. Several other boxes contained personnel records as recent as 1998, Lyles said.

State Laws 100,000 Students
1,000 Employees
Jan 23, 2007 Xerox
Willsonville, OR
Portable Data Theft - Laptop
WILSONVILLE -- Some employees at a local Xerox plant are worried about identity theft at a laptop was stolen from a manager’s car.

The UniteHere Local 14Z Union said a computer containing employee’s personal information was stolen from a human resources manager’s car in August.
State Laws
297 Employees
Jan 24, 2007 Salina Regional Health Center
Medical Institution
Santa Fe, NM
Portable Data Theft - Laptop
A laptop computer containing the names, social security numbers and medical history of up to 1,100 patients is missing, putting them at risk for identity theft, and Salina Regional Health Center officials are offering a $2,000 reward for the laptop's return.

The hospital's computer was stolen along with a docking station, printer, overhead projector and other computer equipment, plus a small amount of prescription drugs, from the office of Veridian Behavioral Health, 501 S. Santa Fe., Suite 300, earlier this month.

State Laws
1,100 Patients
Jan 22, 2007 Veterans Health Administration
Bremerton, WA
Unsecured Data Theft
A locked car that had folders of veterans' identifying information was burglarized late Wednesday in downtown Bremerton, according to the Bremerton Police Department and the Seattle office of the federal Department of Veteran's Affairs.
State Laws
Federal Dept Policies
Jan 26, 2007 Vanguard University
Government Education
(Costa Mesa, CA)
(800) 920-7312
Computer Theft - Unencrypted Data Breach
The announcement was made on January 26, 2007 and VUSC began notifying approximately 10,000 people whose names and certain personal information are in a database on a computer that was stolen from the Financial Aid office (see Notification Letter.) VUSC takes seriously its responsibility to safeguard personal information and regrets the inconvenience caused by this illegal and fraudulent activity.
State Laws
Jan 30, 2007 Vermont State Government
Montpelier, VT
Network Data Breach
A Microsoft security patch was downloaded but not installed on a state computer that hackers later broke into, gaining access to names, Social Security numbers and bank account information for nearly 70,000 people, an official confirmed Tuesday.

An internal state report on the hacking incident says Microsoft, a national computer security institute and "even the Department of Homeland Security all gave special priority to the application of this patch in order to fix the vulnerabilities ... that unauthorized attackers could gain control of a system."

(iQBio Commentary - "AN UNSECURED COMPUTER DIRECTLY ON THE INTERNET WITH SENSITIVE DATA?" This is the absolute pinnacle of stupidity. Anyone involved with this breach should be fired, prosecuted and promptly run out of town.)

State Laws 70,000
Jan 30, 2007 Mass Workmans Compensation Board
Boston, MA
Network Data Breach
A former state contractor allegedly accessed a workers' compensation database to steal personal information and fraudulently obtain credit, the Department of Industrial Accidents announced today.

The agency said up to 1,200 people who had submitted workers' compensation claims to the state -- and their Social Security numbers -- may have been compromised, although officials have evidence that only three people had their personal information used improperly.

The worker, who was not immediately identified, was fired, arrested and charged with identity fraud. Law enforcement officials notified the agency of the alleged breach.
State Laws
Feb 2nd, 2007 Veterans Health Administration
Birmingham AL
Portable Data Theft - Portable Hard Drive
WASHINGTON (Feb. 2, 2007) -- The Department of Veterans Affairs (VA) today announced that an employee reported a government-owned, portable hard drive used by the employee at a Department facility in Birmingham, Ala. and potentially containing personal information about some veterans is missing and may have been stolen.
State Laws
Federal Information Security Management Act of 2002, 44 U.S.C. §§ 3541-3549
Feb 2, 2007 Research Board Grant Application System

(Columbia, MO)
Network Data Breach
A hacker broke into a UM computer server mid-January and might have accessed personal information, including SSNs, of 1,220 researchers on 4 campuses. The passwords of 2,579 individuals might also have been exposed.
State Laws 3,799
Feb 3, 2007 CTS Tax Service
(Cassopolis, MI)
Computer Theft - Unencrypted Data Breach
The computer and hard drive of a tax preparation company were stolen. Data included names, bank account numbers, routing numbers, birthdates, SSNs, and addresses.
State Laws
Copyright © 2002-20012 Artemis Solutions Group, Use of this site or purchase subject to these Terms and Conditions of use.
Some images used on this website are Copyright (c) Comstock and used under license.