The Chicago Tribune reported that a hacker broke into the University of Indianapolis' computer system and accessed the personal information of 11,000 students, faculty and staff. Social Security numbers were included in the data that was accessed. The breach was discovered on September 18 and is under investigation by the university's information staff and outside computer security experts. The university has also notified the FBI of the attack. A university spokesman said that right now there is no evidence that the information has been misused, just that it was accessed.
Blue Cross & Blue Shield of Louisiana exposed the Social Security numbers, phone numbers and addresses of approximately 1,700 brokers with an e-mail mishap. Business Insurance reported that the data breach happened on September 25 when a document containing all the data was inadvertently attached and sent out with a general e-mail notifying brokers of a software upgrade. No customer data was involved in the breach and the personal information contained in the attachment was that of the group of people who received it. Blue Cross notified the brokers of the mistake, apologized for the gaffe and requested that the recipients delete the attached file and confirm that they had done so. The company will provide free credit monitoring to the affected brokers for one year. This free service will hopefully also keep those benefiting mindful of preventing bankruptcy. It has also taken steps with its technology systems to assure that incidents of this nature do not happen in the future.
A slip-up that exposed the Social Security numbers of about 600 former Sonoma State University students to the public was discovered on September 2. The unintentional data breach occurred on an internal department Web site. The Press Democrat reported that university officials made an announcement about the data breach on September 18, saying that the school is not aware of any criminal activity as a result of the breach. The affected students were notified of the error by letter.
The News Sentinel reported that officials of Fort Wayne Community Schools in Indiana are worried that a man who was arrested on forgery and counterfeiting charges may have used some employees' personal information that he had in his possession. A spokeswoman for the school district said that less than five employees had reported that their personal data may have been stolen. An e-mail was sent to all employees of the school district to inform them of the breach. The district is also attempting to contact former employees who also may be at risk for identity theft as a result of the information being in the hands of the accused man. The man who was arrested worked with a Fort Wayne insurance brokerage firm and had information from 2004 that included the names, Social Security numbers, birth dates and salary information for employees of the school district.
An unidentified man who formerly worked for the Texas Lottery Commission has been arrested for allegedly copying the personal data of approximately 27,000 people who had won the Texas lottery. The Dallas Morning News reported that arrest warrants show that the 39-year-old man stated that he downloaded his own work files from his computer at the Texas Lottery Commission and took them with him to his next job. His hard drive held the names and Social Security numbers of 27,075 people who had won between $600 and $1 million. He also had the names, Social Security numbers and some bank routing numbers of 639 current and former commission employees and 534 Texas lottery retailers. Commission officials sent a letter to the affected people on September 11, advising them to put a fraud alert on their credit reports and keep a close eye on their bank records. So far there have been no reports of the data being used for identity theft purposes.