Owner of Life Insurance Company Caught Dumping Sensitive Files in Dumpster

April 18, 2013

A life insurance company in Fishers, Indiana, GNP Consultants, is currently under investigation due to the illegal dumping of personally sensitive client information in an office dumpster.

WTHR, a news station in the area, was investigating a report of files trashed in an outdoor dumpster, along with a desktop computer tower. These files were from clients of GNP Consultants, and included financial information, birth dates, home addresses, and social security numbers. As the news crew was documenting the incident with their video cameras, the owner, George Pappas, was bringing out more documentation to the dumpster to throw away. He eventually admitted to throwing away the documents on camera with the news station, and investigators are in the process of obtaining the files and determining the violations, both federal and state, that he may be punished for.

Clients who have used GNP Consultants in the past should consider identity theft protection services to monitor accounts and ensure that their information is safe.

Iowa College Systems Hacked, Thousands at Risk for Identity Theft

April 16, 2013

In March of 2013, the Cedar Rapids, Iowa college, Kirkwood Community College, found that hackers had accessed documentation through the school’s website and accessed files that contained over 125,000 records of students since 2005. This information included social security numbers, which can be used to commit identity theft.

Students have been notified via letter of the incident, and are encouraged to diligently watch their financial accounts and credit reports for unusual activity. These students may also benefit from a third-party credit monitoring services to ensure protection of accounts.

Salem State University Notifies Past and Present Workers of Security Breach

April 13, 2013

In February, it was detected that there was a virus affecting the computer servers of Salem State University, leaving the personal information of 25,000 past and present employees of the college at risk for identity theft. The school employed forensic experts to determine the source of the breach, and the school also sent out letters notifying the employees of the problem. They also offered a year of credit report monitoring services to those affected to reduce the risk of identity theft.

Mississippi Medical Center Laptop Missing, Thousands of Patients at Risk for Identity Theft

April 9, 2013

Social Security numbers, names, birthdates, addresses, and other personally identifiable information is at risk after a hospital laptop has gone missing. On January 22nd, a University of Mississippi Medical Center laptop with a database of patients was lost or stolen in a non-public area. The database was password-protected, but is still a risk for identity theft to occur. The information included on the laptop included that of patients between 2008 and 2013. While the hospital would prefer to contact patients individually regarding this data breach, it is not possible due to the lack of contact information. Instead, patients who have been seen at the medical center between 2008 and 2013 are encouraged to call the hotline at 1-855-241-2575 (selecting option 6 from the menu). Patients should also consider identity theft protection services to protect their accounts and monitor financial and medical records.

Over 1,100 Allen County Employees had Personal Information Exposed

April 7, 2013

In Allen, Ohio, the IT department discovered a security breach on their server that exposed over 1,100 county employees’ information, including Social Security numbers and other personally identifiable data that can result in identity theft.

As soon as the breach was discovered, the Information Technology department was able to address it within minutes. While there is no believe that the data was accessed by a third party, they are still taking the proper steps to notify individuals who may have been affecting. The Allen County Administrator stated that the county is offering Lifelock identity theft protection services to those at risk and encourages county employees to personally monitor financial accounts for unusual activity.

Missouri Home Care Company Notifies Patients of Stolen Laptop

April 6, 2013

Home Care of Mid-Missouri recently sent out letters to over 4,000 patients in regards to a recent laptop theft on or around December 14, 2012. The laptop was stolen during transportation and was reported as such to the police. Although it was password protected, it contains patient information including names, addresses, birth dates, Social Security numbers, and description of services provided by the company.

While the incident is being investigated by local authorities, patients of Home Care of Mid-Missouri are encouraged to carefully monitor their medical and financial accounts for unusual activity, and should consider the use of identity theft protection services.

Two Moving Companies Leave Patient Information Unshredded in Public Dumpster

April 4, 2013

Two Paulding County, Georgia companies are under investigation after an individual spotted boxes of personal information left behind in a public dumpster outside of the popular office complex. The Hiram Police Department was contacted to address the situation and determine the sources of the paperwork.

The paperwork, which included medical information and personal financial records of both an orthopedist’s practice and Family Intervention Services, were left unshredded in the dumpster. These two companies recently relocated, and it is still unknown why the paperwork was not shredded per federal HIPAA policies.

Anyone who was a patient of the Family Intervention Services or orthopedic practice are encouraged to closely monitor their credit reports for unusual activity, and to consider identity theft protection services to ensure their protection.

Group of Websites Hacked and Credit Card Information Used Fraudulently

April 2, 2013

Customers who recently shopped any of the online stores of Frontier Natural Products Co-Op are being notified of a recent incident that involves unauthorized use of customer credit card information.

Individuals who shopped online at sites such as,,, and may have had their information intercepted. This includes names, contact information, credit card numbers and CID numbers. Several customers who have shopped on the websites between September 2012 and January 2013 have reported incidences of their personal data being used for fraudulent purchases. This is an indication that the information was obtained by the hacker for the sole purchase of identity theft.

Customers whose information may have been obtained during this time have been notified by mail of the incident and are receiving one year of identity theft protection services from First Watch Technologies.

Employee Accesses Patient Records

April 1, 2013

On January 7th, the University of Connecticut Health Center became aware that a former employee accessed patient records outside of their job requirements and responsibilities.

It is believed that the names, contact information, birth dates, and Social Security numbers of approximately 1,400 patients was retrieved. The usage of the information for fraud has not yet been determined, and an investigation is underway. The University of Connecticut Health Center is committed to ensuring the protection of patient information, and continually trains its employees on proper use of private data. However, the actions of this particular employee were not condoned, and the hospital is providing patients with two years of free credit monitoring services.

If you are a patient of the University of Connecticut Health Center, you are encouraged to contact their hotline at 1-877-313-1398 to receive information in regards to signing up for credit report monitoring services due to this privacy breach.

Virus Affects Massachusetts School Server

March 27, 2013

A computer virus that infected the servers at Salem State University in Massachusetts is the recent concern for over 25,000 former and current employees of the school. Anyone who had received a paycheck from the university—either as a full-time staff member to student employees—are now being notified of the incident and offered identity protection services to protect their personal information. While there has been no indication that the information was accessed and used, there is a concern on the vulnerability of employee information, including financials. A letter has been sent to employees of the college in regards to signing up for free credit monitoring, and a call center has been established for anyone with questions in regards to this incident.

« Previous PageNext Page »