This is hardly the type of attention that Sir Richard Branson wanted for his company.  Virgin Media, the portion of the larger Virgin Group that controls the entertainment and communication fields, reported a data breach the other day.  In all, over 3,000 customers of the company have been affected.  Details are still pending, although the extent of the breach is not expected to increase beyond the original 3,000 people whose personal information was contained on a CD.

The CD, unfortunately, was not encrypted.  No one for Virgin Media has come forward to explain why this sensitive material was not secured with any extra features.  It seems that burning the data to a CD goes against company policy.  In previously press releases issued by the company, they have emphasized that all private data is transferred only through secure FTP sites.  No one is sure if their policy has changed or if this is an isolated incident.  More information will be provided as it is given to the media.

The 3,000 people affected by the theft were involved with the Carphone Warehouse stores.  The material covered from January 2008 to the present.  Originally, the breach was discovered on May 29, although it was only announced today.  No one is sure why there was such a delay in notifying the public about the incident.  A company spokesman has said that they are working closely with the Information Commissioners’ Office to alert everyone affected.  Those who are concerned about their personal security should keep an eye out for letters or emails detailing future steps.  Virgin Media has promised to take care of any issues that arise from the problem.

With this not being the first data breach in England, more and more people are investing in ID theft services.  These subscription based companies, such as Lifelock, monitor the credit reports of all three companies, TransUnion, Equifax, and Experian.  Whenever a new credit card application or loan is opened in someone’s name, Lifelock is there to ensure the credit activity is legitimate.

According to the spokesman, the CD contained names and personal addresses.  No other information was on the disc, which has some experts optimistic that no damage will be done to people’s personal credit records.  As a result of the breach, Virgin Media has said they will reinvestigate all of their current security measures and make appropriate changes.  They are dedicated to making sure that their customers continue to have safe transactions and confidence in the company.  More and more companies have turned to electronic data transfers to alleviate this type of information breach.  The same can be said for the encryption practices and security measures that are continually updated to meet the current threat levels.

The scholastic and athletic fans at the University of Florida have one less thing to be excited about.  It seems that with all the money spent on a football team that recently won a national championship; someone forgot to create a new manual that reminded system administrators of what they’re not supposed to do.  This small oversight resulted in a data breach that exposed the personal data of over 11,000 students.  While some of the students are still in attendance, the majority of individuals have graduated and move on to areas outside of academia.

For those who are worried about the breach, the affected individuals come from a select number of people.  The majority of the people affected were involved with the Office for Academic Support and Institutional Service.  This office is also known as OASIS.  People who participated in this program between 2003 and 2005 and filled out the online application need to be on alert.  One might suspect that people who fall into this category may be some of the university’s athletic stars.  Although the university has said that the affected students or alumni have received a letter from the school with more details about the case.

There has been no word about how long the material was available to the public.  There has been an equally quiet front about how the breach was discovered and if the university took any delay before having the problem dealt with.  This reporter has checked the public database that the material used to be in and happily reports that the site has been closed and the private data removed.  Investigations will continue in to the matter to insure the safety of everyone’s personal identity.  It is also expected that the university will update its security systems and implement new policies to prevent breaches in the future.  Hopefully they do not take a page out of Columbia University’s (link) playbook, where two breaches have occurred in the last year.

While the university has made every effort to contact affected individuals, Florida officials say that there are over 500 people who cannot be reached.  This is through a failure of the university to maintain contact with some of its alumni and former students who do not keep in touch with their Alma Mater.  If you believe that you fall into the at risk category of online applicants through OASIS in the years listed above, contact the university as soon as possible.

In the meantime, representatives from Florida have not said how they plan to protect their alumni.  Some institutions provide free ID theft services when data breaches occur.  One of the companies that most corporations and schools deal with is Lifelock. While it is available to individuals, many larger institutions also use the service because they find that its policy of maintaining ties with all three credit bureaus is a wise approach.  Lifelock monitors personal credit reports and alerts consumers whenever a new loan or credit card application is taken out with their personal data.

You pay enough at the pump, don’t you?  While most of the public seems to be in agreement on this point, some companies have decided that they think they can still squeeze more money out of our pockets.  Not by raising their prices any higher (yet), but by being irresponsible with the financial records that oil companies keep.  The guiltiest culprit in this investigation is Petroleum Wholesale.  Petroleum Wholesales operates convenience stores in ten states and while you might not have heard of them, if you’ve driven in Texas, you know the name Sunmart Convenience Store and Travel Center.

There are no specific details about the number of people affected by this data breach, although authorities are saying it is rather large.  It appears that the company has been disposing of people’s financial records in a very unprofessional manner – they dump the material, un-shredded, into a public dumpster on the street.  No company spokesman was available to make a comment about how long this has been the company’s operating practice.  Also, because there is no notion of how many people have been affected, experts in the field of identity theft and personal security are advising frequent customers of the Sunmart locations to invest in ID theft services.

One of the largest providers, in the United States, of such services is Lifelock.  For a small monthly fee, the company maintains connections with the three major credit bureaus in America.  Each of these companies receives certain financial information about consumers and then maintains a score and record about the individual.  Lifelock steps in by monitoring these bureaus to find out whenever a new loan is filed or an application for a new credit card is entered into the system.  Lifelock then contacts its customer to make sure that they are the person who is submitting these applications and if it is an example of identity theft, they handle the next steps of tracking down the individuals.

In the case of the Petroleum Wholesale breach, the material found in the dumpsters contains more than enough data to allow someone to steal an identity.  Financial records that include names, home addresses, social security numbers, credit card and debit card numbers, along with their expiration dates, was all readily available.  There were also forms that contained drivers’ license numbers.  Additionally, returned checks, with bank routing numbers, were also found in the debris.  Authorities have not released how they found out about the material and if the person who reported the breach has been questioned.

Charges are already pending against the company.  While details are still sketchy, authorities say that Petroleum Warehouse will face charges about its failure to live up to the regulations of the 2005 Identity Theft Enforcement and Protection Act.  The company also failed to meet the agreements that all businesses reach over Chapter 35 of the Business and Commerce Code.  This chapter forces companies to develop and maintain secure methods for destroying secure information.  The fine associated with Chapter 35 includes a $500 fee for every financial record illegally disposed.  It looks like the Petroleum company might finally take a hit to its bottom line.

It is not a good time to be a student at Columbia University.  This is a report about the second data breach that they’ve suffered in the last 12 months.  And it is the same type of problem.  All in all, the problem revolves around access to social security numbers.  For some reason, the university doesn’t seem to recognize the importance of keeping this data secure.  Perhaps the school’s administration hasn’t heard of the crime known as identity theft.  Maybe they have and just don’t care.

What has set the students into an uproar was the announcement that 5,000 of their social security numbers have been available on an online database that anyone could access.  Not only was the data on the web, but it was also in a searchable format, which leaves the door open for even more specifically malicious activities.  The topper though, if that is possible, is that the breach has been occurring for the last 16 months.  Over that time period, there is no figure for how many people have accessed the data.  There is also a lack of accountability among the network security administrators of the university.

Students were alerted in an email on Tuesday to bring the matter to their attention.  The university found out about the breach when an alumni contacted the school about the website.  Apparently a student in the housing department posted the material without realizing that it was unsecured.  Upon request, Google took down the website and the university believed that the threat had been contained.  Unfortunately, on Wednesday, students alerted university officials that the data for over 200 students was still available.  A petition has begun circulating around campus to show the discontentment of the student body with what appears to be an inept administration.  This is only emphasized when people think back to a similar problem that developed in April 2007 in the housing department.  Demands listed in the petition involve criminal investigations behind the people responsible for posting the private data online, in addition to a detailed description of how the university plans to increase their electronic security.

While university officials have sworn to not rest until this issue gets resolved and the security features of all Columbia systems updated, no one appears to be holding their breath.  The university has agreed to provide subscriptions to ID theft services for two years.  These companies, such as Lifelock, monitor all three credit bureaus for illicit activity.  For a nominal fee, that the university is picking up in this specific case, customers are alerted whenever a new loan is opened or a credit card application is filed.  These ID theft services are available on a personal basis too and not just for people involved in large sized data breaches.

Texans beware.  Like most people in the United States, the fine citizens of this state submit insurance claims to their companies all the time.  Whenever any of us do this, we assume that what we’re handing over will be treated with care, quickness, and most importantly, confidence.  None of us want our private information to be floating around in the world without our knowledge.  Yet, this is the exact situation that people in Richardson, Texas are waking up to.

Late last week, authorities were called to investigate the scene at a dumpster outside of the Texas Insurance Claims Services building.  Within the container were hundreds of files that contained private information.  These are the types of data breaches that people fear more and more on a daily basis.  The worst part is that the files in the trash bin contained personal addresses, phone numbers, maiden names, social security numbers, and insurance claim numbers.  All of this material would easily allow someone to steal the identity of anyone who filed a policy with the company.  Early reports said that the files related to claims that had been resolved, but this has not been verified.  Regardless of the status of the files, the personal information is still valid and dangerous to leave exposed.

The man responsible for finding the files and reporting them to the police was Mike McCarty.  Rather than finding them on his own, he noticed a man taking pictures of the trash.  Once he pulled his car over, McCarty saw that it was a cache of private data, just waiting for some data thief to exploit the breach.  The man who was taking pictures of the files claimed he was searching for moving boxes.  That does not explain why he decided to photograph the event.  Police have not questioned him and do not assume him to be a suspect of any wrongful deeds at this point.

In an effort to track down more information about this data breach, reporters contacted Texas Insurance Claims Services.  Although a spokesman would not provide his name, he did let the media know that legally, the company is only required to hold on to claim files for five years.  All the information that ended up in the dumpster fell within this time period.  While the company is responsible for the private data of its customers, the representative said that this is common practice and that shredding services are used only on occasion.  However, he did admit that this negative publicity would make his company reconsider their practices.

With such breaches becoming more common, many individuals are investing in ID theft services.  One of the most popular choices is Lifelock.  The company is widely known and provides protection from identity theft.  It monitors all three credit bureaus and lets people know when a loan or new credit card is opened under their name.  This allows people to stay informed without having to constantly check with the bureaus and paying costly processing fees.

It seems that no one can catch a break anymore. Instead of students bringing an apple for the teacher everyday, they might want to pool their money and get their instructor some sort of identity theft service. Yet another school district in the United States has fallen prey to the wide-spread crime of data theft. Of course, like most unfortunate turn of events, the data breach impacted hard working educators and staff. This breach occurred on the east coast, in the Harrisonburg City Schools of Virginia.

At this point, the information regarding the data breach is extremely unclear. The investigation has only recently begun and there are no suspects yet named. The breach occurred through the theft of a laptop by a consultant for BB&T Insurance. BB&T provides dental coverage for the school district’s staff and faculty. The laptop was stolen out of the car of the contractor while he was in Ohio working on another client’s case. No word on why the consultant had the personal material on his private laptop. The material stolen contained limited medical records, addresses, names, and social security numbers. Authorities report that this is more than enough material to successfully steal someone’s identity.

In an effort to calm fear about the possibility of the data breach, a spokesman for BB&T assured the media that there are numerous security settings on the laptop to prevent it from being illegally accessed. He would not go in to more detail, saying only that “there are multiple levels of encryption and security which we believe will deter any criminal elements from accessing private files.” The spokesman was also reluctant to announce when the breach was first reported, since the school district was only notified in the middle of May. Once again, the spokesman told the media that he could not share any more details about the ongoing investigation, except that more details would be made clear in a press release.

At this time, there is no estimate about the number of individuals who might be affected by this breach. Mike Loso, assistant superintendent for the school district, said that an email was being sent out to the entire district to let people know about the potential risk to their personal data. A.C. MacGraw, the spokesman for BB&T said that the company plans to contact the affected individuals directly, once a number has been determined. The insurance company will offer its customers a subscription in Equifax’s Credit Watch until the threat has passed.

While a subscription to the Credit Watch is a good first step, it does not cover victims as well as other ID theft services, such as Lifelock. While Equifax monitors the credit reports of a client as seen by their system, there are still two other credit bureaus which are not included in the Credit Watch. Lifelock provides a system that monitors all three bureaus and alerts people if someone attempts to open a new credit card account or take out a loan in that person’s name.

People used to go to the hospital because something ailed them physically. One wonders how long the string of medical related data breaches will continue before people start complaining to their doctors about worry-based ulcers. The most recent hack on a medical institution’s files wasn’t even a hack. It was a simple hit and run job. University Healthcare Hospital in Utah reported that it lost a laptop and jump drive that contained personal data. In this instance there was no corrupt employee or system breach. Someone simply entered one of the offices, pocketed the jump drive and walked out with the laptop underneath their coat.

While investigators are hoping to use an image captured on the security cameras to find the perpetrator, hospital administrators are still assessing the damage. After consulting their files, they alerted the media that 4,800 medical records had been on the laptop that was stolen. These records include personal data, such as addresses, driver’s license numbers, and social security numbers. Authorities report that these are the pieces of information that are most commonly used to commit identity theft and that individuals should be attentive to their records.

A spokeswoman for the hospital assured the media that the information was password protected. In addition to the files being encrypted, there was an additional security system on the laptop itself that should prevent anyone from being able to access the confidential material. Network security officials remain optimistic, although skeptical, that the thief will not be able to access the material. Despite the crude nature of the theft, there are many programs available for free on the internet that are able to break simple encryption and security features on laptops. The hospital also announced that the recent criminal activity on their premise has caused them to reevaluate their security procedures. As a result, they are upgrading all encryption settings and are making it illegal for employees to download personal information on to their own laptops to conduct work at home.

Although the breach took place in February, victims were not alerted until the middle of March. Hospital officials have not explained the delay in notifying affected individuals, although there is hope that they will fill in these details as the investigation continues. In mid-March, letters were sent out to all 4,800 people whose information had been compromised. While the case is still open, the hospital has agreed to provide identity theft services to all victims.

ID theft services, such as Lifelock, work to protect against illegal activity in the personal financial records of individuals. For a minimal monthly fee, which the hospital is paying in this case, members are alerted whenever activity is taken to open a new credit card in their name or efforts are made to get a loan. Lifelock has contact with all three major credit bureaus and monitors each for any activity that might not show up on the others.

One of the oldest institutions of higher education in the United States recently suffered from one of the newest and pervasive forms of crime. Officials reported in mid-February that someone had gained access to private and highly sensitive information off of one of the Harvard University servers. The server also contained personal information about a number of applicants and current students, although this material was believed safe until further investigations showed the data breach was wider than originally believed.

Initially, statements from Harvard noted that the servers contained personal data, but that it has not been compromised. As time went on, however, authorities came forward with the troubling news that numerous students were now at risk for identity theft. In total, over 10,000 personal records were accessed and out of this 10,000, there were over 6,500 social security numbers taken. The university also reported that Harvard Student ID numbers were also taken, although these do not pose the same security risk as do the social security numbers.

The breach occurred on the university’s Graduate School of Arts and Sciences’ server, although no one has been indicated as a suspect in the crime. There has also been no indication of how long the data breach was taking place before system authorities were notified and shut down access to the server. This is just one in a long string of data breaches that have hit the collegiate education system in the United States. However, Harvard has shown itself to be one of the best responding universities.

CIO Daniel Moriarty reported to the media that, although there was some initial hope that the student data was safe, it was his unfortunate duty to report that these hopes were no longer valid. The university has assured students that it will do everything in its power to help combat any instances of identity theft that might result from this breach. One of the most basic steps the university is taking is “notifying the individuals who have been impacted and lining up the [identity theft] services for those individuals.” Similar services have been available at other institutions, although there has been a greater lag time between the data breach and the purchase of the ID theft services.

Although used by students, one of the services available to anyone concerned with protecting their identity is Lifelock. The company provides credit monitoring through all three bureaus and alerts the subscriber before any loan applications or credit cards are opened in their account. For a minimal monthly fee, subscribers have reported having a better piece of mind and more confidence that their identity will remain secure.

*In an alarming piece of news, Harvard University students affected by the data breach in February have more to worry about. In mid-March investigators found that personal data from the university server had been posted on the peer-to-peer file transfer system known as BitTorent. This has effectively spread the social security number and private data to millions of individuals.

This time around, the activities in Peoria, Illinois having nothing to do with Betty Friedan or The Feminine Mystique. While this town was the birthplace of the controversial feminist author, its most current claim to fame is one it wishes would never have happened. An employee at the Illinois Eye Center apparently was using her private access to personal files to screen applicants for identity theft.

Authorities don’t have all the details at this point, although they view the investigation as ongoing. No numbers have been given as to the number of potential victims, although the records at the Illinois Eye Center cover over 100,000 residents in the Land of Lincoln. The employee suspected as the culprit behind the crime worked for the company from June-November of 2007. During this time period, she accessed numerous files in an effort to learn which people had the best credit ratings and were the most susceptible to identity theft. The employees apparent targets were females, aged 18-25.

The Peoria Sheriff’s Department was first notified of a string of identity thefts in January 2008. After some investigative work, they learned that all of the women got treatment at the Illinois Eye Center. Further inquiries led authorities to the terminal used by the terminated employee. She was brought in for questioning and maintains her innocence, although police are hoping to charge her soon. The Illinois Eye Center would not release why the woman was no longer employed there, although they said that it had nothing to do with any violations of personal privacy laws and that they have been fully cooperating with the police.

At least ten attempts of identity theft have been made against women falling in between the 18-25 age range listed above. In the majority of these cases, the attempts have been unsuccessful. Unfortunately, in at least once case the theft was completed and a large loan was taken out by someone in the name of a victim. While none of the victims were available for comment at the time of this article, police said that the women had taken steps to protect their lines of credit and to halt any efforts at identity theft.

Within recent years, companies have developed in response to the prevalence of identity theft. One of these ID theft services is Lifelock. Best known for its promotions that involve the CEO shouting his social security number to groups of people in large cities, it provides services that monitor credit reports. It has contact with all three credit bureaus and alerts members to any actions that involve the bureaus. Such instance include taking out loans or opening new credit card accounts.

Authorities do not have a time table for when they think their investigation will conclude. Members of the Illinois Eye Center who were affected are advised to remain vigilant in their record keeping. The affected individuals should have received a letter from the company alerting them to this security breach. If you are a member and notice any suspicious activity on your financial accounts, alert the Peoria Sheriff’s Department immediately.

Although reports of data breaches seem to be centered in the United States, the rest of the world is far from safe from such occurrences. This was recently proven in a daring day-time robbery at a medical center in England. The worst part about this robbery is that the people most likely to suffer from the effects are small children and their parents. As has been reported far too often in the media, young children who are the victims of identity theft sometimes spend the rest of their lives trying to overcome all the hurdles that have been placed in their way. Many never overcome them. Thankfully though, there have been developments in protection over the last few years.

One of the best improvements has been the creation of subscription ID theft services. Not only do these companies, like Lifelock, provide checks on credit reports and financial accounts, but they also protect the subscribers from any unauthorized activities that take place due to identity theft. Although some companies are bound by national borders, Lifelock is able to provide coverage to citizens in both the United State and the United Kingdom.

Despite the sketchy nature of details involving the most recent data breach, authorities are saying that there is a “large risk of victims suffering from identity theft.” The theft of a laptop took place in Telford, England. The assailant simply walked in to the main office of the health center, disconnected the laptop, and walked out the front door. No efforts were made to stop the man because no one saw him take it. It was only after consulting the security cameras that an accurate description of the suspect was generated.

The laptop contained the medical history, addresses, and birth dates for 238 children. There have been no reports yet about the background of the children, although there has been some speculation that they were part of a program to provide assistance to underprivileged families. Despite the severity of this breach, authorities report that it could have been much worse. The laptop originally had access to England’s National Health Service system. Once the theft was reported, the first step taken to combat any possibility of identity theft was to deactivate the laptop’s subscription to that service. Authorities believe their proactive measures have ensured the safety of 1000’s of individuals.

While the investigation is on going, authorities have been fielding a number of questions from concerned parents. They have assured family members that they are working as quickly as they can and that notifications have been sent to the individuals affected by the breach. At this point, a spokesman for the health center has said that there have been no reported cases of identity theft, but that “top men will continue to monitor the situation in the foreseeable future.”