There were over a half million instances of data loss during October, with much of the data leaking from traditional pillars of reliability such as governments, transit authorities, and banks. Here is a summary of the most interesting cases:

US State Department database used for identity theft


The US State Department tops the list this month, with a case that far more interesting than the usual loss of unencrypted data on hardware. In this example of malicious insider action, a State Department employee entered a database to get more detailed information on individuals who had already had their credit card details stolen by an accomplice. The two could face up to 15 years in prison.

The rules for protecting data apply to everyone

An internal system scan uncovered the theft of private and financial data from the 750 employees of the Hillsborough Area Regional Transit Authority (US). The insider leak was traced to an information systems employee who was subsequently fired. No word yet on criminal charges.

Driving under a false name

A temporary employee at the Port Mann bridge in Canada did some long-term damage. Hired under a false name, the pseudo-employee stole financial data on 270 people who had bought a pass to drive over the Port Mann bridge near Vancouver.

After the loss, time to inform the victims

The American/Canadian TD Bank is in hot water for informing clients that it lost an unencrypted tape with their personal and financial information just six long months after the loss was discovered. Over 260,000 customers could have been damaged by the leak.

Author
Safetica team

Next articles

Data Loss Prevention in Fintech

Let's delve into the challenges fintech faces in keeping data secure and what steps companies can take to safeguard customer information.

Australian Privacy Principles: The Scope, Purpose, and How to Comply

The 13 Australian Privacy Principles (APPs) are the cornerstone of the country’s privacy protection framework under the Privacy Act 1988 and regulate the collection, usage, and disclosure of personal data, applying to both government and private sector organizations within Australia.

Data Loss Prevention in Insurance Institutions

Read about what insurance companies should be doing to prevent data loss and data regulations and compliance in the insurance industry.