This incident has 0 proposed changes. Know of details that have changed? Submit them Showing Incident 1944 To_xml

SUMMARY

32,000 notified about possibly compromised names, birth dates and Social Security numbers
Records 32,000
Record Types SSN NAA DOB
Breach Type Fraud Se
Data Family Unknown
Source Outside
Organization LexisNexis
Other Organizations Investigative Professional
Lawsuit? NO/UNKNOWN
Data Recovered? NO/UNKNOWN
Arrest? NO/UNKNOWN
Submitted By: Lyger

TIMELINE

DateEvent
None. Add Data Incident Occurred
None. Add Data Incident Discovered By Organization
2009-05-01 Organization Reports Incident
None. Add Data Organization Mails Notifications
None. Add Data Records Recovered
None. Add Data Lawsuit Filed
None. Add Data Arrest Made

SIMILAR INCIDENTS

recordsdateorganizations
44,309 2006-11-11 Hertz Global Holdings Inc.

MAP OF INCIDENT LOCATION

Address: United States
Have a better address for this incident? Suggest it!

suggest a new reference

REFERENCES

suggest a new attachment

ATTACHMENTS

COSTS SUMMARY

Known Actual Costs

No known costs for this incident.

Estimated Costs

Ponemon Institute Direct Costs Estimate 1 $1,920,000.00
  1. Note that these estimates are based on the Ponemon Institute's 2009 direct costs figures from their 2009 Annual Study: Cost of a Data Breach. We multiply $60.00 by the number of records to obtain this figure. Keep in mind that depending on the breach, the direct costs are not always suffered by the breached organizations. In the case of credit card number breaches, the direct costs can often be suffered by banks and card issuers. Also note that this is only an estimate.

COMMENTS

by Alina_Johnson [Apprentice Investigator] on 2009-05-03 (10 months ago)

This is not the first time this company has compromised its customer data; it happened again last in 2005 (March 9, 2005). This time, however, the USPS has launched a criminal investigation into what they believe is a large credit card fraud scheme. ~Alina

by Alina_Johnson [Apprentice Investigator] on 2009-05-03 (10 months ago)

Also, this admission was admitted almost two years after the occurrences: breach is suspected to have taken place between June 14 - Oct. 10, 2007. There has been no data recovered, and no arrests have been made; only (letter) notifications have taken place to suspected customers.

New Comment

simple_captcha.jpg
(type the code from the image)

Sponsored By: Credant_200x51 Tenable Pgp_logo Zecurion
Permission is granted to use this database in non-profit works and research. Use of the DataLossDB, and its exports, RSS feeds, reports, or other materials produced on this site by the Open Security Foundation for commercial interests requires authorization and licensing arrangements. For more information, please e-mail curators@datalossdb.org with a brief summary of how you would like to use this information; product, service, research, etc.
© 2005 - 2010, Open Security Foundation, All Rights Reserved.