April Brings in More Than Showers...Newly Discovered Data Breaches...

| No Comments | No TrackBacks

Personal Pfizer Data on Stolen Laptop

Pfizer Inc. has revealed that the theft of a laptop computer in February potentially exposed about 800 current and former employees and contractors to identity theft.

"At this time, Pfizer is not aware that any person has inappropriately used any exposed information, but the company is continuing to monitor the situation," Pfizer attorney Bernard Nash said in a letter to attorneys general in several states, including Connecticut.

Nash's letter, dated March 19, said a laptop was stolen Feb. 7 by a burglar from the home of a contractor who helps arrange planning travel and meetings for Pfizer. The laptop was password protected, Nash added.
Information on the laptop included names, credit card numbers and, in some instances, credit card expiration dates, various addresses and phone numbers, hotel loyalty program numbers and other information. It did not appear that any Social Security numbers or PIN codes were exposed, the company said.

Last year, a series of four data breaches at Pfizer exposed the names and personal information of more than 52,000 people.

ID theft hits 93 students at UC Irvine

Up to 7,000 could be at risk from phony tax return filings.

UC Irvine police say 7,000 current or former graduate students could be at risk of identity thieves who already used stolen data to file fake tax returns for 93 students.

Police said Friday they don't know how the information was stolen or who is using it.

Only grad students reported being targeted in the UCI case - the latest in a series of campus security breaches nationwide that led to a state law banning use of Social Security numbers as student identification.

In 2006, UCLA notified 800,000 people that their data might have been hijacked.

Most of the 93 UCI students discovered the thefts when they tried to file electronic tax returns and were told by the IRS that their returns had already been filed, officials said.

"For the last two weeks, we have been scouring all of our databases and computer systems, but we have not found any leak here" on campus, UCI Police Chief Paul Henisey said. MORE

Web hacker gains credit card data at Okemo

Okemo Mountain Resort is the latest target of an Internet thief who gained access to customer credit card information.

The Ludlow ski area announced Monday that its computer network was breached in February by an intruder who gained "potential access to credit card data including cardholder names, account numbers and expiration dates," Okemo said in a statement.

Okemo spokeswoman Bonnie MacPherson said Monday the company has not heard of any customers subjected to fraud as a result of the breach.

"We are not aware of any and that's part of why this announcement is being made, to make people aware so they'll take precautions since we just completed this forensic investigation and review," MacPherson said. "We now feel we are fully informed so we could go public with this."

The data breach occurred during a 16-day period between Feb. 7 and Feb. 22, involving 28,168 card transactions. Okemo noted that the actual number of credit card holders is likely smaller because of multiple transactions.

MacPherson said the company learned of the data breach at the end of February. She declined to say how the resort became aware that its computer system had been compromised.

She said the data breach could also potentially affect debit card holders if they used their card as a credit card. The incident affects customers in any number of states and foreign countries who used their credit cards at Okemo during the above time periods, MacPherson said.

Okemo officials said they hired a data security and forensics expert who also determined that credit cards used between January and March 2006 were compromised as well. The latter involved as many as 18,401 individual credit cards. MacPherson said many of those cards had expired.

She also said the data break-in was isolated to Okemo and did not involve customer credit cards used at its two other resorts, Mount Sunapee in New Hampshire or Crested Butte in Colorado.

MacPherson said the resort notified the Vermont Attorney General's Office, VISA, MasterCard and American Express of the data breach. She said federal law enforcement and regulatory agencies are also involved.

"As a result of this, we've increased the firewall capability and added some software and taken some additional precautions," she said.

It's the second high-profile data breach in New England involving credit or debit card numbers. Maine-based Hannaford supermarkets announced last month that 4.2 million credit and debit card numbers were compromised. There have been at least 1,800 reported cases of fraud associated with that data theft. MORE

No TrackBacks

TrackBack URL: http://www.givemebackmycredit.com/cgi-bin/mt/mt-tb.cgi/139

Leave a comment

A memoir exposing the steep price consumers pay when facing mortgage servicing errors, inaccurate credit reporting, illegal debt collection practices, identity theft and weak consumer protection laws. THE BOOK » DENISE'S STORY »