This incident has 0 proposed changes. Know of details that have changed? Submit them Showing Incident 2392

SUMMARY

Personal information for almost 16,000 on stolen data storage device
Records	15,977
Record Types	SSN NAA
Breach Type	Stolen Drive
Data Family	Electronic
Source	Outside
Organization	Roane State Community College
Other Affected/Involved Organizations	None
Lawsuit?	NO/UNKNOWN
Data Recovered?	NO/UNKNOWN
Arrest?	NO/UNKNOWN
Submitted By:	Lyger

TIMELINE

Date	Event
2009-10-12	Incident Occurred
New Timeline Item For Incident Occurred Date Reference URL Spam Check: (type the code from the image)
None. Add Data	Incident Discovered By Organization
New Timeline Item For Incident Discovered By Organization Date Reference URL Spam Check: (type the code from the image)
2009-10-21	Organization Reports Incident
New Timeline Item For Organization Reports Incident Date Reference URL Spam Check: (type the code from the image)
None. Add Data	Organization Mails Notifications
New Timeline Item For Organization Mails Notifications Date Reference URL Spam Check: (type the code from the image)
None. Add Data	Records Recovered
New Timeline Item For Records Recovered Date Reference URL Spam Check: (type the code from the image)
None. Add Data	Lawsuit Filed
New Timeline Item For Lawsuit Filed Date Reference URL Spam Check: (type the code from the image)
None. Add Data	Arrest Made
New Timeline Item For Arrest Made Date Reference URL Spam Check: (type the code from the image)

SIMILAR INCIDENTS

records	date	organizations
38,000	2008-01-29	Georgetown University
40,000	2008-02-12	Systematic Automation Inc, Modesto California City Schools, Clovis Unified, Los Angeles Department of Water and Power, Torrance Unified School District, Nestle Waters North America
8,000	2008-05-16	Spring Independent School District

SPONSOR

Zecurion protects organizations worldwide, with more than 5,000 global deployments, using its award-winning software security solutions. Zecurion’s solutions create a “locked-vault” around data on servers, backup storage media, e-mail, peripheral devices and printers that both monitors and prevents unauthorized access.

MAP OF INCIDENT LOCATION

Address: Knox County, Tennessee, USA
Have a better address for this incident? Suggest it!

suggest a new reference

REFERENCES

suggest a new attachment

ATTACHMENTS

COSTS SUMMARY

Known Actual Costs

No known costs for this incident.

Estimated Costs

Ponemon Institute Direct Costs Estimate ¹

$958,620.00

Note that these estimates are based on the Ponemon Institute's 2009 direct costs figures from their 2009 Annual Study: Cost of a Data Breach. We multiply $60.00 by the number of records to obtain this figure. Keep in mind that depending on the breach, the direct costs are not always suffered by the breached organizations. In the case of credit card number breaches, the direct costs can often be suffered by banks and card issuers. Also note that this is only an estimate.

COMMENTS

by Anonymous on 2009-10-25 (10 months ago)

One item about this data loss is that the College chose to WAIT to notify the public to give the police a chance to apprehend the perpetrator. Only after it didn't look like that was going to happen did the College report the crime (it allegedly happened on October 9 but wasn't reported until 10/12/2009. Even after it was reported it took the College more than a week to report it to the general public).
IMHO this was an example of how NOT to handle a data breach.

Incidents:

Data Types:

Sectors:

Sources:

Breach Types:

Disposal Computer | Disposal Document | Disposal Tape | Disposal Drive
Email | Fraud Se | Hack | Lost Computer
Lost Document | Lost Drive | Lost Laptop | Lost Media
Lost Tape | Missing Laptop | Snail Mail | Stolen Computer
Stolen Document | Stolen Drive | Stolen Laptop | Stolen Media
Stolen Tape | Unknown | Virus | Web