8 Data Breaches Of 2014 That Cost A Job

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.efytimes.com/e1/fullnews.asp?edid=155598


In 2014, attackers targeted many organisations and servers to hack into the
system to steal the data. User privacy has been exploited in numerous
attacks that happened during the last one year. Many responsible
authorities and chairpersons were fired during the process. Today we have
listed eight such data breaches that costed someone their job!


1. Target

The massive data breach that happened at Target in last year affected over
50 million customers and 46 per cent loss in profit. Two of the executive
level officers, Beth Jacob, CIO of Target and Gregg Steinhafel, CEO of
Target resigned after the incident. Beth Jacob resigned shortly after the
incident while, Gregg Steinhafel resigned later in May of this month.

2. Maricopa County Community College District

Maricopa county community college reported that over 2.5 million current
and former students, employees and vendors were affected by hackers. These
hackers penetrated computer defence infrastructure. They compromised names,
birthdates, driver license numbers, social security numbers, bank details
of people. The director of Maricopa County Community College District
(MCCCD) was fired shortly after by voting process in July 2014.

3. Texas State Comptroller’s Office

Large number of information security executives were fired by Texas State
Comptroller’s office after reported data leak that exposed social security,
driver license numbers, name and addresses of 3.2 million citizen in Texas.
The data was supposed to be in encrypted manner however, the information
executives were careless enough to keep the data in an unencrypted format.

4. Utah State Department of Technology Service

Hackers from Eastern Europe hacked the server at Utah Department of Health
to breach the data of thousands of Medicaid records in April 2012. The
server was reportedly compromised on Friday and the data was stolen on
Sunday night. The head of Department of Technology Services (DTS) Stephen
Fletcher was fired after the incident. The governor of Utah apologized the
citizens.

5. Accretive Health

The data containing social security numbers and other personal data was
stolen from parked rental car of Accretive Health employee. The laptop was
unencrypted. The laptop contained sensitive information of over 23,000
patients. However no personal health records were breached as only names
were available in the data. The employee was fired as he had not encrypted
the data.

6. Goold Health Systems

The Goold Health Systems employee had downloaded the patient reports data
on USB drive against company policy and he later lost the USB stick during
his journey between Salt Lake City, Denver and Washington D.C. The data was
unencrypted hence, it was easily compromised. Goold’s CEO claims that
employee unknowingly violated the policy. She was later fired for her
irresponsible behaviour.

7. Highmark Inc

Highmark reported that the personal medical information of over 3,700
Medicare Advantage members has been disclosed without the proper
authorization. A small error by a mailroom employee resulted in number of
members receiving the result of risk assessment, the breached information
included personal data, names, addresses, birth dates, medical information
and identification numbers. The mail room employee was fired for his
irresponsible behaviour.

8. MDF Transcription

MDF Transcription company associated with Boston Medical Centre in
Massachusetts mistakenly posted the personal health records, names and
addresses of over 15,000 patients to third party vendor’s website with no
password protection. Boston Medical Centre fired this third-party vendor
MDF Transcription for irresponsible behaviour.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!