Blog / Data Breach

Huge Security Breaches Discovered

Feb 18, 2010 by Tom Fragala

Computerword is reporting: Security researchers at a company called NetWitness Corp. have unearthed a massive botnet affecting at least 75,000 computers at 2,500 companies and government agencies worldwide. The Kneber botnet, named for the username linking the affected machines worldwide,...

Jan 20, 2009 by Tom Fragala

Heartland Payment Systems announced today, on the morning of Obama's inauguration, what appears to be a colossal data breach of credit card numbers. A coincidence they announced it today? The number of compromised credit card accounts in unknown and was...

Jan 7, 2009 by Tom Fragala

According to the ITRC, reported data breaches increased by nearly half in 2008 compared to 2007. There were 656 reported in 2008 versus 446 in 2007. Mal-attacks, hacking and insider theft, account for 29.6% of those breaches that reported the...

Sep 11, 2008 by Tom Fragala

CSO magazine has an article and very cool video about a company that literally shreds hard drives, like you would shred paper (although the shredder is just a bit more beefy). The heart of Corporate Destruction Solutions is a blue beast of...

Jun 24, 2008 by Tom Fragala

According to PC World, a human resources outsourcing firm called Colt Express Outsourcing, suffered a data breach when thieves stole a number of computers from their offices. Incredibly, Colt did not have an alarm security system (they installed one four...

Mar 27, 2008 by Tom Fragala

So the settlement is that TJX has to submit to a total of 10 security audits over the course of 20 years. Which is something they would do anyway most likely. Now, the FTC has limited powers under the FTC...

Mar 20, 2008 by Tom Fragala

My favorite ID theft/security/privacy blog, Fraudwar by Ed Dickson, has a post about a security company that has Hannaford as a customer. Hannaford being the folks that just suffered a data breach of 4.2 million credit/debit accounts. In typical blog...

Mar 17, 2008 by Tom Fragala

The Hannaford Bros. supermarket chain said a breach of its computer system led to the theft of about 4.2 million credit and debit card numbers from its Hannaford and Sweetbay stores and other locations. Hannaford, based in Maine, said...

Feb 7, 2008 by Tom Fragala

The Identity Theft Resource Center (ITRC) has released its 2007 Breach Report. They also maintain an ongoing 2008 Breach Report. In 2007, ITRC documented 448 paper and electronic breaches, potentially affecting more than 127 million records. This is a significant...

Jan 18, 2008 by Tom Fragala

As a former IT professional, something particularly disturbing about this is that the data breach occurred because of an apparent lost backup tape at the well-known data storage company, Iron Mountain. This just should not happen--this company specializes in data...

Nov 20, 2007 by Tom Fragala

This may sound hard to believe but a UK government agency lost data on every family in the UK with children under age 16. You read that right. 25 million people, 7 million familes. Two computer discs holding the personal...

Oct 24, 2007 by Tom Fragala

Court documents disclose that 96 million Visa and Mastercard accounts (credit and debit) were “impacted” by the TJX data breach. Jaw-dropping numbers, almost hard to believe. I wonder what they mean by “impacted.” Despite TJX having reported some 46 million...

Sep 25, 2007 by Tom Fragala

In case you had not heard yet, TJ Maxx has made an offer to settle class action lawsuits over the enormous security breach they suffered recently (45 million customer accounts compromised). They offer credit monitoring to just 10% of the...

Sep 6, 2007 by Tom Fragala

This is the first case I am aware of where someone was arrested for committing ID theft through peer-to-peer (P2P) networks, which are popular software and services for getting media including pirated movies, games and music. The story from PC...

Aug 23, 2007 by Tom Fragala

I rarely post about data breaches anymore, because there are so many. But did you noticed that it seems more often than not, it’s retiree data that is stolen or lost? Here we have yet another laptop stolen, this time...

Aug 4, 2007 by Tom Fragala

Massachusetts finally got an ID theft prevention bill passed and signed into law. It includes credit freezes (for victims and non-victims), data breach notification requirements, and destruction of documents with sensitive data. Unforunately, none of the stories I saw state...

Jun 10, 2007 by Michelle Pastor

An article criticized the Presidential Identity Theft Task Force for some of the issues we’ve been blogging about for a while. The article sums up the report of the task force’s findings as this: The report focuses on four main...

Jun 4, 2007 by Tom Fragala

We issued a press release this morning (read it here). Here is an explanation of what it is about. Last week, there was a shocking article about LifeLock by Ray Stern in the Phoenix New Times. Truston understands that their customers (and...

May 31, 2007 by Michelle Pastor

The University of Pittsburgh Medical Center (UPMC) sent donation solicitation letters to thousands of its former patients. Unfortunately, the patients’ social security number appeared through the window of the envelope. Yikes! Oddly enough, UPMC didn’t learn its lesson from a previous mishap. ...

May 20, 2007 by Michelle Pastor

The newly merged Alcatel-Lucent just announced a similar mishap to IBM’s – which I recently blogged about. Employees of Alcatel-Lucent and retirees of Lucent have been notified that an unencrypted CD has been reported missing. The disc was prepared by Hewitt Associates,...

May 18, 2007 by Michelle Pastor

IBM is one of the leaders in encryption software and other data management technologies so it’s very surprising that their retirees’ data has been compromised. It happened when the human resources department’s back-up tapes were transported by a contractor from...

May 6, 2007 by Michelle Pastor

The Transportation Security Administration (TSA) has lost a computer hard drive with information on 100,000 of its past and present employees. The files of TSA employees from January of 2002 to August of 2005 were on the hard drive with records of...

Apr 24, 2007 by Tom Fragala

This is what happens when a web developer doesn’t know what they are doing… More than 250,000 people's names and addresses are now naked on the web after the maker of a popular sexual lubricant called Astroglide accidentally exposed lists...

Apr 19, 2007 by Michelle Pastor

An article appeared on the NetWork World website about a CVS Pharmacy in Texas facing fines for throwing valuable customer information into a dumpster behind the store. It’s not the first time it’s happened and it certainly won’t be the...

Apr 2, 2007 by Michelle Pastor

You can only do so much to prevent identity theft. Take this article from US News and World Report, for example. A mundane trip manifest of reporters who traveled to Latin America with President Bush has turned colossally controversial because...

Mar 29, 2007 by Michelle Pastor

Identity thieves will swoop in on the dead because for them, the best identity theft victim is one that no longer needs his credit and won't ever realize it's been stolen! Here's how one thief in Louisiana managed to grab...

Mar 25, 2007 by Michelle Pastor

Here's a chilling reminder that you can never be too careful - but sometimes you don't have a choice. This utility worker had access to all kinds of information for each customer and she chose to help herself to at...

Mar 24, 2007 by Tom Fragala

Electronic payment processors, including Visa and Mastercard, say that restaurants are the biggest source of credit card data breaches and security leaks. In a way, no surprise since there are millions of restaurants, many of which are small operations, that...

Mar 24, 2007 by Tom Fragala

Symantec released its Internet Security Threat Report and it includes information about how hackers are selling personal data including complete “identities” for under $20. Infoworld has the story. The data is sold on so-called "underground economy servers," used by criminal organizations...

Mar 23, 2007 by Tom Fragala

California, which prides itself on being the most privacy-friendly state, gave its residents an unpleasant surprise today. It was discovered that a California state web site had been exposing people’s Social Security numbers for years. The SSNs were including on...

Mar 9, 2007 by Michelle Pastor

When you hand over your paperwork to your tax-preparer, you may get more than you bargained for. Let's face it, you've just given all the information an identity thief needs to hijack your identity. How do you know that your documents...

Mar 8, 2007 by Tom Fragala

The Wall Street Journal has a story on skimming devices on point-of-sale systems like the fraud scheme which happened at the Stop & Shop stores recently. The article highlights the weaknesses at the POS at retail locations. Another reminder to...

Feb 21, 2007 by Tom Fragala

In response to the massive data breach at TJX, parent company of TJ Maxx, lawmakers in Massachusetts are mulling over a new law. It would force retailers to take responsibility for security breaches. WSJ has the story.> If it passes, and...

Feb 21, 2007 by Tom Fragala

CNet.com reports, The breach of credit and debit card data was initially thought to have lasted from May 2006 to January. However, TJX said Wednesday that it now believes those computer systems were first compromised in July 2005. TJX also...

Feb 20, 2007 by Tom Fragala

In a bold scam similar to what happens to ATM cash machines (see this video), data thieves setup skimming devices on the keypads in the checkout lanes at some Shop & Stop supermarket stores in New England. That really takes...

Feb 17, 2007 by Michelle Pastor

One of my biggest concerns of identity theft is a drained bank or investment account. Years ago when I researched identity theft, I had a lot of questions for my bank. I asked what my liability would be if someone...

Feb 16, 2007 by Tom Fragala

The Canadian Privacy Law Blog (great blog, not just about Canada) pointed me to this eye opening story in a CIO Magazine blog. It is important because a bank seems to have tied the TJ Maxx security breach directly back...

Feb 14, 2007 by Tom Fragala

Courier-Journal reports: Computer tapes containing personal information on about 196,000 members of health insurer WellPoint — including many Anthem Blue Cross and Blue Shield customers in Kentucky and Indiana — have been stolen from the office of a WellPoint vendor....

Feb 12, 2007 by Tom Fragala

Originally, it was thought the VA external hard drive lost in Alambama recently had data on "only" 48,000 people or so. Today the VA issued a press release saying it was really data on 535,000 people. And that's not all....

Feb 9, 2007 by Tom Fragala

Data breaches make great copy for the media. Journalists write stories to create scapegoats and sell ads, while consultants (or even non-profits) love the stories because they sell data breach "remediation" services. And politicians eat it up because they can...

Feb 6, 2007 by Tom Fragala

I have written a lot about the VA in the past (see here). Everyone knows they had a laptop (and, don't forget, external hard drive) stolen last year with data on 26.5 million vets and active military. Well, they are...

Jan 20, 2007 by Tom Fragala

This could be the big kahuna, the largest most serious data breach of all time. TJX is the parent company of Marshalls and T.J. Maxx. This security breach happened eight months ago. The full extent of it is unknown or...

Jan 16, 2007 by Tom Fragala

What a security horrow show. Bank account numbers, SSN’s and driver’s licenses for 79,000 people were breached. It doesn’t get much worse than that. Reuters reports: MoneyGram International Inc. the second-largest U.S. money transfer company, on Friday said someone illegally...

Jan 14, 2007 by Tom Fragala

70,000 people are at risk after a data theft at the University of Idaho. The breach was announced nearly two months after it happened. Spokesman Review reports The names, addresses and Social Security numbers of about 70,000 students, faculty members...

Jan 14, 2007 by Tom Fragala

WOODTV.com reports A former federal official (in Grand Rapids, MI) is charged with using her access to password-protected accounts to steal hundreds of thousands of dollars and various identities....

Jan 13, 2007 by Tom Fragala

Consumer Affairs has a good article about the first two updated data security bills bubbling up from the new Democrat-controlled Congress. They are the Social Security Number Misuse Prevention Act and the Notification of Risk to Personal Data Act. I have...

Jan 12, 2007 by Tom Fragala

According to Eric Bourassa of MassPIRG in this Somerville Journal story, Massachusettes is the only state in New England that has neither a credit freeze law or data breach law. 26 states have laws allowing individuals to freeze access to credit...

Jan 8, 2007 by Tom Fragala

A message from Truston. Do you want relief from the concerns about identity theft because of the laptop theft? But are you also worried when services like credit monitoring or so-called "fraud alerts" require your confidential personal information? Well, try...

Jan 6, 2007 by Tom Fragala

The Wisconsin Department of Revenue really screwed up. They transferred taxpayer SSN’s to a printer (idiotic, illegal move #1) and the printer dutifully put the SSN’s on 170,000 tax booklets (idiotic, illegal move #2). And no one along the way stopped to...

Dec 22, 2006 by Tom Fragala

What do you think happens when a huge law firm goes belly up? Would you guess that all its records would be handed over to the government, lock, stock and barrel? It’s happening. Brobeck was a 900 lawyer firm, one of the...

Dec 16, 2006 by Tom Fragala

Infoworld has an article on this. Note that the victim numbers aren’t precise and the Privacy Rights Clearninghouse doesn’t claim that they are meant to be. They are really all about tracking the scope of reported victims. That disclosure pushed the total...

Dec 16, 2006 by Tom Fragala

Boeing suffers yet another data breach via laptop theft. Files on the laptop contained employees' names, Social Security numbers, home addresses, phone numbers and birth dates, with some listing salary information. This time an employee left the laptop unattended (they...

Dec 12, 2006 by Tom Fragala

UCLA is notifying victims after suffering the largest known data breach ever at a university. This effects around 800,000 current students, former students, applicants, faculty and staff. The database was “fraudulently accessed” starting way back in October 2005! From the...

Dec 8, 2006 by Tom Fragala

Victims who believe they may have suffered losses as a result of identity theft caused by the data breach at ChoicePoint Inc. finally have a chance to recover some monetary pay back. Background from FTC.gov: In 2005, ChoicePoint, a company...

Sep 30, 2006 by Tom Fragala

Updated below... Shame on the FDIC. I was tooling around their web site when I stumbled across a page that helps you determine the amount of your FDIC insurance (it may be more than the typical $100,000). I was stunned...

Sep 28, 2006 by Tom Fragala

Brian Krebs put together a super article on his Security Fix WaPo blog. It goes deeper and in more nuanced directions than most fluff identity theft pieces. These are a few points that jumped out at me. 1. Having your...

Sep 26, 2006 by Tom Fragala

New York Gov. Pataki signed three measures into law today. These bills establish the Consumer Communication Records Privacy Act, place limits on the use and disclosure of Social Security account numbers, and further clarify and define what is considered a...

Sep 26, 2006 by Tom Fragala

Research into the source of data breaches has found that "…lost or stolen laptops were the main source of data breaches, rather than good old-fashioned hacking." Another data point that’s perhaps surprising: Datafrom New York state suggests that financial institutions have...

Sep 26, 2006 by Tom Fragala

Apparently the laptop of a General Electric employee was stolen from a hotel room. The laptop has names and SSN on thousands of employees. WTEN-Albany has the (brief) story. ...

Sep 25, 2006 by Tom Fragala

Tom Zeller, Jr., writes in the NY Times today Less than two years into the great cultural awakening to the vulnerability of personal data, companies and institutions of every shape and size — like the data broker ChoicePoint, the credit card...

Sep 24, 2006 by Tom Fragala

Have you heard? The Department of Commerce says that 1,137 of their laptops have been lost or stolen since 2001, with 249 of them containing some degree of personal data. 672 of them belonged to the U.S. Census Bureau (part...

Sep 22, 2006 by Tom Fragala

Nearly eight months after regulators trumpeted a settlement with ChoicePoint Inc. over a data breach, the government has not paid any money to victims from a $5 million fund that was to be set up as part of the agreement....

Sep 21, 2006 by Tom Fragala

A Wired blog called 27B Stroke 6 points to this. A security expert got his hands on the user’s manual for an ATM machine and was able to punch in some codes, turn on “operator” mode, entered some default passwords...

Sep 19, 2006 by Tom Fragala

Life sucks right now for Life is Good. Stolen credit cards can do that to you. Boston Globe has more....

Sep 14, 2006 by Tom Fragala

Nikon puts customer credit cards on web site. I “shutter” to think of the consquences (sorry, couldn’t resist). AP Wire reported this story. Personal information on more than 3,200 subscribers of a magazine published by Nikon Inc. was available on...

Sep 13, 2006 by Tom Fragala

There was a break-in that resulted in stolen computers including a laptop. Apparently effects over 2,000 customers. Social security numbers and driver’s license numbers were involved. Read more at wfrv.com. American Family Insurance is warning customers to be wary of...

Sep 11, 2006 by Tom Fragala

Here we have a case of reverse dumpster diving. The employees, smartly, jumped in the dumpter to pull out their sensitive HR files which had their SSNs. This is a perfect example of what I tell people every chance I...

Sep 10, 2006 by Tom Fragala

Not sure I am surprised, but we should know how vulnerable we are—because so much of our sensitive data is spread around. ConsumerAffairs has got this story. A report issued by the Government Accountability Office (GAO) reveals that privacy breaches...

Sep 9, 2006 by Tom Fragala

A story in the St. Paul Pioneer Press. A pair of computers containing the personal information — in some cases Social Security numbers — of thousands of University of Minnesota students was stolen from a campus office. Now officials are...

Sep 9, 2006 by Tom Fragala

Second Life is an online 3-D virtual world entirely built and owned by its residents via the Internet. Linden Labs issued this Second Life Security Bulletin: Linden Lab reported today that it is notifying its community of a database breach, which...

Sep 8, 2006 by Tom Fragala

This laptop was stolen from from the branch itself. Let me guess, it wasn’t locked down. So a $20 lock would have prevented this. Someone in security or IT should be fired. ottawasun.com has more: Hundreds of banking customers have been told...

Sep 8, 2006 by Tom Fragala

A Florida National Guard laptop was stolen from a car. Florida Today reports: The Florida National Guard was conducting a security review Thursday after a laptop computer assigned to one of its soldiers was stolen in a car burglary.No classified...

Sep 7, 2006 by Tom Fragala

The FTC accounced this today: Social networking Web site operators Xanga.com, Inc. and its principals, Marc Ginsburg and John Hiler, will pay a $1 million civil penalty for allegedly violating the Children’s Online Privacy Protection Act (COPPA) and its implementing...

Sep 7, 2006 by Tom Fragala

Associated Press via MSN: Chase Card Services says it's notifying more than two and a-half (m) million Circuit City credit card holders that computer tapes containing their personal information were mistakenly thrown in the trash.The company says it thinks the...

Sep 6, 2006 by Tom Fragala

The Transportation Security Administration suffers a data breach. No point in noting the irony. USAToday has the story. The Transportation Security Administration is warning 1,195 of its former employees that a contractor may have mailed their Social Security numbers and birth dates to...

Sep 5, 2006 by Tom Fragala

The AARP released a staudy called Into the Breach: Security Breaches and Identity Theft. I don’t have time to analyze it in depth right now. However, I did note that 29% of breaches (1/1/05 – 5/26/06) were the result of...

Sep 2, 2006 by Tom Fragala

The Observer reports on a scandal that looks like it might really explode. Leading British and American companies face being dragged into an emerging fraud scandal at a call centre company in India.V-Angels, a Delhi-based outsourcing company that handles customer...

Sep 1, 2006 by Tom Fragala

A laptop was stolen from a City of Chicago contractor with sensitive personnel information. There is a simple way, using the Internet, to lock down the data on and track these laptops after they are stolen. This needs to be...

Sep 1, 2006 by Tom Fragala

Your tax dollars are primed and ready. The credit reporting agencies now are drooling, waiting for the next huge data breach anywhere within the government. When it happens—ka-ching. FCW has more. Three firms received blanket purchase agreements Aug. 14 to...

Aug 31, 2006 by Tom Fragala

A Wells Fargo contractor had a disk stolen from their car, containing sensitive personal data on employees, including social security numbers and prescription drugs. No news on the number of people effected. numbrX Security Beat blog has this story—and a photo...

Aug 30, 2006 by Tom Fragala

SunHerald reports that a college employee was mugged and the thief took his notebook computer. A laptop computer that contained the Social Security numbers of roughly 300 Belhaven College employees was stolen during a robbery on campus, officials say.Belhaven College...

Aug 30, 2006 by Tom Fragala

Hackers broke into an AT&T online store web site and accessed personal data including credit card information from “few than 19,000 customers”. AT&T said it alerted the major credit card companies and would provide credit monitoring. AT&T has been getting a...

Aug 29, 2006 by Tom Fragala

A new survey of technology professionals reports that 63 percent of respondents don't believe they can prevent such breaches. The survey can be found here. More from PC World: "This group came out much, much more negative than I ever expected," said...

Aug 28, 2006 by Tom Fragala

Have you ever seen an employment verification from Choicepoint? This is something that a prospective employer might use to confirm that your employment background is as you told them. I have one in my hands right now. It has the...

Aug 26, 2006 by Tom Fragala

AP via Boston Globe has this one. Sovereign Bank is warning thousands of customers that their personal data may have been stolen along with three managers' laptops taken earlier this month in Massachusetts."There's no information any of the accounts have...

Aug 26, 2006 by Tom Fragala

USC reports that they just discovered a hacker data breach—that happened in September 2005. One year later?! This off the AP Wire via TheState.com: The University of South Carolina is warning 6,000 current and former students that some of their personal...

Aug 26, 2006 by Tom Fragala

Here is a sampling of some recent data breach incidents caused by laptop theft or loss. The dates shown are the announcement date of the breaches usually. These are just the incidents that we know of thus far in August 2006. August...

Aug 26, 2006 by Tom Fragala

Homeland Stupidity has the story of a U.S. Department of Education web site that leaked the data of 21,000 students. As many as 21,000 students who applied for federal student financial aid may have had their personal data compromised after...

Aug 26, 2006 by Tom Fragala

TimesDispatch.com has this small story. A spokesman for Dominion Resources has confirmed that two laptop computers containing employee information have been stolen. Company security and local law enforcement are investigating the theft, which apparently occurred earlier this month. Law officers...

Aug 26, 2006 by Tom Fragala

Portland Press Herald says “Credit card information for about 2,000 people who ordered tickets online through PortTix, Merrill Auditorium's ticketing agency, was stolen this week when someone hacked into the PortTix Web site.”...

Aug 20, 2006 by Tom Fragala

CNET News.com has more. Banking giant HSBC has been accused of leaving its online accounts exposed for more than two years due to a security flaw, according to reports. According to a story in The Guardian on Thursday, the bank...

Aug 20, 2006 by Tom Fragala

This via Computerworld: Loss of confidential data -- including intellectual property, business documents, customer data and employee records -- is a pervasive problem among U.S. companies, according to a survey released yesterday by Ponemon Institute LLC and Vontu Inc., a...

Aug 20, 2006 by Tom Fragala

Computerworld reports on this. HCA Inc., a Nashville-based firm that owns and operates approximately 182 hospitals and 94 surgery centers in 22 states, England and Switzerland, said 10 computers were stolen during a break-in at an undisclosed HCA regional office....

Aug 20, 2006 by Tom Fragala

More on the Florida DOT laptop theft I reported a couple weeks ago. Through a blog posts by Brian at About.com, it appears that the laptop data was not encrypted after they originally said it was, and, two laptops have been stolen...

Aug 10, 2006 by Tom Fragala

A laptop with sensitive data on 133,000 Florida residents was stolen. More from MiamiHerald.com. A laptop computer containing personal information of more than 133,000 Floridians was stolen in late July from a government SUV parked in front of a popular...

Aug 8, 2006 by Tom Fragala

That is what Albert Gidari wants you to believe. He is a partner in the privacy and security group at big law firm Perkins Coie. Here’s his quote from a recent article in the National Law Journal. …Albert Gidari, a...

Aug 7, 2006 by Tom Fragala

Update: Official VA press release on the incident. Another computer lost, another 38,000 identities in the wild. This after a lost laptop and hard drive potentially exposed 26.5 million. WSJ.com has the story. As many as 38,000 veterans may be at risk...

Aug 7, 2006 by Tom Fragala

More stolen laptops. The data, however, is said to be encrypted. Denver Business Journal has the story. Matrix Bancorp Inc. disclosed late Friday that it was investigating the theft of two personal computers from the bank's downtown branch on Friday, July...

Aug 7, 2006 by Tom Fragala

Update: AOL apologizes (via CNet). You won’t believe this blunder. AOL purposely released data on 20 million web searches done by 650,000 users over a 3 month period. That’s right they meant to do it. They did replace user names...

Aug 6, 2006 by Tom Fragala

Ohio University recently suffered multiple data breaches. Now, after the CIO resigned, two IT managers are being fired. And, of course, they are saying none of it is their fault. ComputerWorld has the story. Our earlier reports here....

Aug 6, 2006 by Tom Fragala

A couple of teenagers were arrested as the thieves that turned the country upside down. Apparently, they didn’t realize they had stolen a laptop with sensitive data on 26.5 million people. The Veterans Administration is breathing another sigh of relief....

Aug 3, 2006 by Tom Fragala

Update: 10 days after I first reported it, Bob SUllivan of MSNBC is reporting this ATM-Debit data breach and fraud on his blog Red Tape. Bob does understand how seroius this fraud is. Finally, someone in the mainstream media gets...

Aug 3, 2006 by Tom Fragala

The numbers are uncertain. It’s either 100,000 or 1500 people at risk. WOAI has the story: A security breach at the Toyota plant in San Antonio was being investigated Thursday after a laptop computer containing personal information for more than a thousand...

Aug 3, 2006 by Tom Fragala

A disaster planning exercise went awry and a laptop was stolen. Now a quarter million people are at risk of identity theft. GuardMyCreditFile reports this story. A disaster planning exercise turned into a real disaster for one New York Hospital....

Aug 3, 2006 by Tom Fragala

Do you get paid via direct deposit through Paychex? If so, take a look at your paystub/statement. I looked at one recently and noticed that it shows the full checking account number! That puts the account holder at significant risk....

Jul 28, 2006 by Tom Fragala

GuardMyCreditFile has the story. Media giant Time Warner (TW) has had to announce that data tapes storing names, addresses and Social Security Numbers have been lost in transit. The tape contained data on current and former Time Warner employees, their...

Jul 27, 2006 by Tom Fragala

I first reported on a data breach in Hampton, VA here. Now police and local officials are saying they believe that the only people who actually saw any sensitive data were the people who reported it. It takes real nerve...

Jul 27, 2006 by Tom Fragala

GuardMyCreditFile reports: HR 3997, the controversial bill that would stop the states from regulating data breaches, has been placed on hole in the House of Representatives. The bill, written primarily by the financial services industry, was scheduled to be voted...

Jul 24, 2006 by Tom Fragala

It’s tiring trying to keep up with the moving targets that are the new data breach and ID theft bills moving through Congress. But Beth Givens of the Privacy Rights Clearinghouse and Ed Mierzwinski at U.S. PIRG warn consumers that...

Jul 24, 2006 by Tom Fragala

Another lost computer, another massive data breach. wnbc.com has this story which effects over half a million New York residents that have received workers compensation benefits. The names, addresses and Social Security numbers of as many as 540,000 injured workers...

Jul 20, 2006 by Tom Fragala

Army Times reports: The House Veterans’ Affairs Committee passed a cyber-security bill called the Veterans Identity and Credit Security Act of 2006 (H.R. 5835). The bill establishes federal standards for notifying people when records containing names, Social Security number, birth...

Jul 19, 2006 by Tom Fragala

Nelnet, a student loan company, announced that it has lost a backup tape with data on 188,000 customers. GuardMyCreditFile has this one. Nelnet, based in Lincoln, NE, is one of the country’s largest student loan companies. The company currently services...

Jul 18, 2006 by Tom Fragala

Here’s the official word from the VA update page: Will VA offer free credit monitoring? Given the FBI's high degree of confidence that the information recently recovered was not accessed or compromised, VA believes that individual credit monitoring will no...

Jul 18, 2006 by Tom Fragala

GovExec.com says that “the House Veterans Affairs Committee plans to debate legislation Thursday in hopes of preventing a similar security problem.”...

Jul 18, 2006 by Tom Fragala

Larry Greenemeier writes in an InformationWeek article that “The Next Data Breach Could Mean Your IT Job.” He’s right of course. IT pros will say it’s always been that way. Except with so many states now having security breach notification laws and...

Jul 18, 2006 by Tom Fragala

On June 21 the Veterans Administration promised to provide everyone effected by the data breach with free credit monitoring. Now it appears they are abandoning that offer because the FBI believes the data was not compromised. See the AP story on FOXnews.com....

Jul 14, 2006 by Tom Fragala

Bill Brenner over at SearchSecurity.com points to the 11th annual report by the Computer Security Institute (CSI) and the San Francisco Federal Bureau of Investigation's (FBI) Computer Intrusion Squad. The report shows that average losses to security breaches were lower...

Jul 14, 2006 by Tom Fragala

Eyewitness News Memphis reports The information for about 36,000 people were on the database. It included names, addresses and Social Security numbers. Those on the database were employed by UT on or before August 2005. By the way, an editor...

Jul 13, 2006 by Tom Fragala

Just remember you read it here first July 11th. Sensitive data was revealed on a computer at Hampton Circuit Court (and so close to the VA data breach). This wasn’t a data theft, this was a computer that sat there allowing...

Jul 13, 2006 by Tom Fragala

The Columbus Dispatch has this news (hat tip to Brian Koerner) which we reported on here. Ohio University suffered five data breaches this year alone. Ohio University, criticized by a consultant for failing to ensure steady leadership over computer systems...

Jul 13, 2006 by Tom Fragala

Jul 11, 2006 by Tom Fragala

Beth Given at the Privacy Rights Clearinghouse sent out an alert today in their newsletter on the controversal set of data breach and identity theft bills in Congress (I’ve written about this several times including here). The primary pieces of proposed legislation...

Jul 11, 2006 by Tom Fragala

GovExec.com has an article based on a just released report by the VA Inspector General. The Veterans Affairs IG found that the analyst whose laptop was stolen had the OK to access the data, but apparently not to take the...

Jul 10, 2006 by Tom Fragala

The AFSA, which respresent a big swath of the financial services industry, has weighed in with their thoughts on the data breach bills working their way through the U.S. House. Their goals with any legislation are, not surprisingly, vastly different...

Jul 10, 2006 by Tom Fragala

(Scroll for updates…) I don’t mean disrobed. I mean that the residents of Hampton, VA are all naked and wide open to identity thieves and secret data brokers. Why? Apparently, your sensitive data is being made available to anyone by...

Jul 10, 2006 by Tom Fragala

The answer is YES. This article in FindLaw tells a gruesome tale of how state and local government is legally allowed to and has been posting your sensitive personal information online. This data could lead to identity theft and is...

Jul 8, 2006 by Tom Fragala

Recently, we announced free credit monitoring as part of our myTruston service. We did so because after the massive data breach at the VA, the government looked set to spend billions of dollars to provide credit monitoring and other credit services....

Jul 8, 2006 by Tom Fragala

This has got to be infuriating for them—the risk of ID theft is very real here. Washington Post is reporting that a Navy web site had posted the full names and social security numbers of 100,000 Navy and Marine aviators...

Jul 7, 2006 by Tom Fragala

SANS NewsBites has this about the Veterans Administration and adds some opinion. This is happening after the huge data breach. A directive from Veterans Affairs (VA) secretary James Nicholson gives the VA CIO the authority to enforce security policies and...

Jul 6, 2006 by Tom Fragala

ABC News reports that ADP suffered a breach of hundreds of thousands of investors personal data. Automatic Data Processing, one of the world's largest payroll service companies, confirmed to ABC News that it was swindled by a data thief looking for...

Jul 6, 2006 by Tom Fragala

It took a data breach of historic proportion (26 million people by the VA) to make folks realize it isn’t just business that needs to be included. Story in the Charlotte Observer. Governments should have been included in the original...

Jul 3, 2006 by Tom Fragala

SANS Institute points to a couple of stories on this breach we reported recently. Ohio University acknowledged that two alumni filed a lawsuit against the school alleging privacy violations and asking for compensation for any financial losses incurred through identity...

Jul 3, 2006 by Tom Fragala

Computerworld has the story. One of the key issues around any attempt at a federal data security/breach law is whether it preempts and waters down any existing state laws. A bill introduced yesterday by Sen. Bob Bennett (R-Utah) and Sen....

Jul 3, 2006 by Tom Fragala

The MercuryNews has an article about Best Buy’s proactive moves to improve security. Best Buy describes a sweeping computer security project that touches nearly every aspect of data-handling by hundreds of computer systems. And it described 50 ``control points`` where...

Jul 1, 2006 by Tom Fragala

From Dallas Morning News: Three laptops, one of them containing personal information on thousands of blood donors – including Social Security numbers and medical histories – were stolen from a locked closet in the Farmers Branch office of the American...

Jun 30, 2006 by Tom Fragala

GuardMyCreditFile has this story. Federal authorities announced today that they have arrested five people in connection with the data breach at Lexis Nexis, a data wharehousing company, last year. The breach which exposed more than 300,000 people was the largest...

Jun 30, 2006 by Tom Fragala

GovExec.com tells us that the CISO for the VA says he wasn’t able to do his job and implement security. The chief information security officer for the Veterans Affairs Department, who resigned Thursday and was subsequently placed on paid administrative...

Jun 30, 2006 by Tom Fragala

Fort Wayne Journal Gazette is reporting that this time a computer tape was lost at an Indiana Veterans Affairs office—back in May. And it was revealed that back in 2005 the VA suffered a loss of veterans information, as well....

Jun 30, 2006 by Tom Fragala

In a case that keeps growing, the Veterans Affairs worker whose laptop was stolen had written, documented approval to have the sensitive data on 26.5 million veterans. (Hope Yen at AP via WaPo)...

Jun 30, 2006 by Tom Fragala

The Office of Management and Budget has requested $160.5 million for free credit monitoring for veterans. One of the first things I wondered was “where does the money come from?” Well, now I know. The Office of Management and Budget...

Jun 29, 2006 by Tom Fragala

Associated Press is reporting (via Forbes.com) The government has recovered the stolen laptop computer and hard drive containing sensitive data for up to 26.5 million veterans and military personnel, Veterans Affairs Secretary Jim Nicholson said Thursday.Nicholson said law enforcement officials...

Jun 28, 2006 by Tom Fragala

SF Chronicle has a story. San Francisco State University officials have put students and staff on alert because a thief broke into a faculty member's car earlier this month and stole a laptop with nearly 3,000 Social Security numbers and...

Jun 27, 2006 by Tom Fragala

Jim at GuardMyCreditFile has this report. …the USDA was forced to announce last week that as many as 26,000 employees and contractors may have had their data accessed and stolen by hackers. The announcement is just another in a string...

Jun 27, 2006 by Tom Fragala

Hope Yen of the AP continues her tireless reporting of this issue. The Department of Veterans Affairs is asking the President for emergency funds to cover the costs for dealing with this data breach, including credit monitoring. The VA asked...

Jun 27, 2006 by Tom Fragala

I blogged about the “new” Navy-specific data breach here. It is getting lost in all the noise about the VA situation. But here’s some updated news. Navy News has the story. Personal information on more than 30,000 Navy Sailors and...

Jun 27, 2006 by Tom Fragala

A press release is going to hit the wire services shortly. We are announcing our free credit monitoring service and premium ID theft recovery services. They’ll be available in the 3rd quarter 2006. We’ve been working on this for well...

Jun 26, 2006 by Tom Fragala

Update 6/26 6:20pm PT: In respone to criticism from veterans groups, the VA just announced that “An individual who chooses to sign up for the credit monitoring service, including the insurance, will not be asked or required to relinquish any...

Jun 26, 2006 by Tom Fragala

InformationWeek has an article about how the data breach notification laws often result in extended times for disclosure. The AIG breach was made public over three months after the theft of the equipment. Companies can use considerable discretion in how fast,...

Jun 24, 2006 by Tom Fragala

Lost in the fuss over the VA and Navy data breaches was the disclosure last week that AIG had a computer server stolen that contained sensitive data on 970,000 customers. It’s stunning that a breach of 1 million identities is small...

Jun 24, 2006 by Tom Fragala

AP Story in the Buffalo News. This data included SSN’s so it is serious stuff. The Navy News Service also has an article. The Navy has begun a criminal investigation after Social Security numbers and other personal data for 28,000...

Jun 23, 2006 by Tom Fragala

Updated 6/27/06 Are you a veteran or member of the U.S. military, including the reserve and National Guard? Wondering what to do after the computer theft/data breach at the Department of Veterans Affairs (aka VA or Veterans Administration)? Or are...

Jun 23, 2006 by Tom Fragala

By now we’ve all heard about the data breach at the VA. And the VA announced on Wednesday they would provide free credit monitoring (and possibly credit reports) for at least a year for anyone effected. So, can someone explain...

Jun 23, 2006 by Tom Fragala

Dow Jones reports via CNN.com After losing personal information for 930,000 people in the theft of a computer server, American International Group Inc. (AIG) Thursday said it plans to offer identity-restoration services to any who are "fearful" that their identity...

Jun 22, 2006 by Tom Fragala

I was tooling around the USA today web site, and I thought I’d compile some of the stories they’ve posted on the VA data theft story. Since they are the largest US newspaper (2.5 million subs). Stories can be found...

Jun 22, 2006 by Tom Fragala

Hope Yen of the AP has this story in the Seattle PI. The government agency charged with fighting identity theft said Thursday it had lost two government laptops containing sensitive personal data, the latest in a series of breaches encompassing...

Jun 22, 2006 by Tom Fragala

Martin McKeay's Computerworld Blog says so. According to GovExec.com, the reason the Veterans Administration didn't have a centralized IT security authority was because the VA's general council argued that the CIO's responsibility was to 'ensure' FISMA compliance not 'enforce'. Martin...

Jun 22, 2006 by Tom Fragala

Grant Gross of ComputerWorld has this story. The U.S. Department of Veterans Affairs' (VA's) offer of free credit monitoring to the 26.5 million military veterans affected by a recent data theft is not enough to fix the problem, the chairman...

Jun 22, 2006 by Tom Fragala

Army Times reports Rep. John Salazar, D-Colo., a member of Buyer’s committee, introduced a bill Tuesday that would require the VA to provide free credit monitoring and credit reporting for any veterans whose personal information was on the stolen computer....

Jun 21, 2006 by Tom Fragala

The Veterans Administration announced today that the agency will provide one year of free credit monitoring to individuals whose Social Security Number may have been stolen in the data breach incident. However, they have not selected a vendor yet and...

Jun 20, 2006 by Tom Fragala

AP has this report. A credit bureau suffers a data breach of its own employees data. Equifax Inc., one of the nation's three major credit bureaus, said Tuesday a company laptop containing employee names and Social Security numbers was stolen from...

Jun 17, 2006 by Tom Fragala

WSJ.com has this news brief. Verizon Communications Inc. has notified employees that the theft of two company laptop computers may leave them vulnerable to identity fraud.In a letter dated March 1, Verizon alerted workers that computers stolen from a company...

Jun 11, 2006 by Tom Fragala

Brian Koerner has another interesting story brewing at About.com. Reportedly Ohio University has suffered yet another security breach, making it its fourth breach reported in less than two months. As of June 9, 2006 Ohio University posted on their website that...

Jun 11, 2006 by Tom Fragala

Brian Koerner from About.com has this important follow up story. In the case of the University of Michigan Credit Union, where the breach occurred last summer, such compromise of personal information has been confirmed to have led to cases of...

Jun 9, 2006 by Tom Fragala

The Providence Journal tells us how yet another laptop is involved in a data breach. The statement by the YMCA referenced in the article almost seems to downplay the significance of checking account and routing numbers by saying that only...

Jun 9, 2006 by Tom Fragala

Good lord. CNET News.com has this story. Add the U.S. Department of Energy to the list of federal agencies beset by theft of their employees' personal data in recent months.Officials appearing before Congress on Friday went public for the first...

Jun 7, 2006 by Tom Fragala

The WaPo has a new story on the VA data breach reported on this blog here and here. This breach included sensitive personal data on active duty personnel. That’s especially devastating I feel because if those folks are overseas and...

Jun 7, 2006 by Tom Fragala

The data security breaches continue at a breathtaking pace. This time Washington Post has a story about the huge grocer Royal Ahold (Stop & Shop, etc.): Grocery retailer Royal Ahold NV has lost personal information for an unknown number of...

Jun 7, 2006 by Tom Fragala

TNCNet via the Dallas Morning News reports on another data breach. (Dallas Morning News, The (KRT) Via Thomson Dialog NewsEdge). Don't breathe easy just because your student loans are long paid off: Names and Social Security numbers from accounts closed...

Jun 6, 2006 by Tom Fragala

TechWeb has this report… Protecting customer records is a magnitude less expensive than paying for cleanup after a data breach or massive records loss, a research company said Tuesday.Gartner analyst Avivah Litan said in a research note that data protection...

Jun 2, 2006 by Tom Fragala

Computerworld has an article under the heading of “continued coverage: data security breaches. Tim O'Pry, his wife and his son are all veterans, and they're among the 26.5 million vets whose personal data was stolen this month from the home...

Jun 2, 2006 by Tom Fragala

CNET has this story… A seemingly random theft has led to another potential breach of personal data--this time name, address and credit card data from Hotels.com customers. A laptop belonging to an Ernst & Young employee was stolen in a...

May 26, 2006 by Tom Fragala

CNET News.com has a story that says 135,000 people may have had their personal information stolen. The school posted a notice on their web site. The Fairfield, Conn.-based university said in the posting that it discovered the intrusion on May 8...

May 26, 2006 by Tom Fragala

GuardMyCreditFile reports on movement in three states, Oklahoma, New York and Illinois, to increase consumer protection. Legislators in three states are attempting to strengthen consumer privacy laws and enhance consumer rights in order to prevent identity theft. The moves come...

May 24, 2006 by Tom Fragala

Robert Brennan of the SoCalCreditDamage.com Blog has a press release on his blog about a class action case he is representing. Consumers shopping at DRIVE TIME (formerly known as UGLY DUCKING) for used cars usually have filled out credit applications...

May 23, 2006 by Tom Fragala

The U.S. PIRG Consumer Blog gets “medieval” on the Veterans Administration for the horrifying data breach that was reported here May 22 (26 million veterans had their sensitive data exposed). Here’s some highlights. …VA goes on to pass the buck...

May 22, 2006 by Tom Fragala

GuardMyCreditFile has this story… About 1 million people contained in a Red Cross blood donor database have been exposed to identity theft by a dishonest employee of the organization. The suspect in the case, Lonetta S. Medcalf worked as a...

May 22, 2006 by Tom Fragala

Firstgov.gov has got a web page for more information about the huge security breach at the Dept. of Veterans Affairs. The Department of Veterans Affairs (VA) has recently learned that an employee, a data analyst, took home electronic data from...

May 22, 2006 by Tom Fragala

Yahoo! News reports: Personal electronic data on 26.5 million US military veterans and some spouses was stolen from the home of a government employee, the USDepartment of Veterans Affairs announced.Veterans affairs officials said there was no evidence the information had...

May 18, 2006 by Tom Fragala

A press release entitled Reconciling Beneficial Uses with Threats to Privacy from the FTC newsroom. The Federal Trade Commission today told the Subcommittee on Commerce, Trade, and Consumer Protection of the House Committee on Energy and Commerce that in the...

May 18, 2006 by Tom Fragala

C|NET reports: Proposed new security rules for credit card-accepting businesses will put more scrutiny on software, but let them off the hook on encryption. The update to the Payment Card Industry (PCI) Data Security Standard, due this summer, responds to...

May 14, 2006 by Tom Fragala

GuardMyCreditFile reports that attendees at a 2001 Defense Department fraud conference may have been exposed to identity theft—not in 2001, but this year. In August of 2001, the DOD held a conference on healthcare fraud in San Diego, CA. More...

May 11, 2006 by Tom Fragala

CNET News.com is reporting on yet another bill introduced in the US house regarding data breaches and cybersecurity. A new proposal in Congress, called the Cybersecurity Enhancement and Consumer Data Protection Act, would force anyone who possesses electronic personal data to...

May 5, 2006 by Tom Fragala

This Computerworld article thinks that there won’t be any action on a US data breach law this year. Lawmakers have introduced more than 10 bills dealing with data breach notification since early 2005. The bills differ in several ways, including...

May 5, 2006 by Tom Fragala

Computerworld reports that not only did 137,000 social security numbers get leaked, but the computer that was hacked, had been compromised for over a year. On April 24, IT officials at Ohio University noticed that someone had hacked into an...

May 2, 2006 by Tom Fragala

Computerworld has this interview with Harriet P. Pearson, vice president of corporate affairs and chief privacy officer at IBM. It covers breach notification laws and the growing challenges of managing risk and security. If you needed any proof that the...

Apr 29, 2006 by Tom Fragala

The blog Make Money Fast Hall of Humiliation points to a story in the Consumerist that reports insurance company Aetna has an employee’s laptop stolen....

Apr 29, 2006 by Tom Fragala

About.com had a valuable writeup on security breaches called Understanding Data Breach Disclosure. In it, Brian Koerner, has some super links with detailed and up to date state laws on data breaches, which are worthwhile linking to directly. Definitely check...

Apr 28, 2006 by Tom Fragala

SANS NewsBites - Vol: 8, Issue: 34 talks about this interesting insight from a company responsible for a major data breach last year. Speaking at the Infosec Europe 2006 conference in London, LexisNexis senior director for information security Leo Cronin...

Apr 28, 2006 by Tom Fragala

CNET News.com says “Fraudsters stole the credit card details of 2,000 MasterCard holders in a major security breach last week.” This appears to effect card holders in the U.K. only....

Apr 28, 2006 by Tom Fragala

Computerworld has the story on a new data breach at the University of Texas. In another reminder of the vulnerability of university networks, the University of Texas at Austin over the weekend announced that someone had broken into a computer...

Apr 26, 2006 by Tom Fragala

GuardMyCreditFile reports Arizona’s state legislature has passed a data breach notification law that is currently awaiting the signature of Governor Janet Napolitano. While the law may have been well intentioned, it has some critical flaws and we are urging the...

Apr 24, 2006 by Tom Fragala

MSNBC.com reports University of South Carolina officials are advising students to watch their credit reports after the Social Security numbers of as many as 1,400 students were mistakenly e-mailed to classmates. A department chairwoman distributing information about summer classes accidentally...

Apr 21, 2006 by Tom Fragala

Bruce Schneier has an article in Wired News about the new identity theft bills floating around Congress. Probably the biggest flaw with these potential federal laws are they are written to wipe out stronger state laws that already exist. I wrote about it previously...

Apr 19, 2006 by Tom Fragala

Arizona has probably the worse ID theft problem in the country. And many people I talk to attribute the problem, at least partly, to weak laws and lax enforcement. A January 2006 report by the FTC, entitled “Consumer Fraud and...

Apr 17, 2006 by Tom Fragala

CNET News.com has the story: A U.S. security expert who devised an application that can fill an iPod with business-critical data in a matter of minutes is urging companies to address the very real threat of data theft. Abe Usher,...

Apr 17, 2006 by Tom Fragala

Computerworld reports An FBI investigation has concluded that no consumer credit or debit card information was stolen from a New Hampshire state computer server in February because a suspect Cain & Abel password recovery program found on the hardware had...

Apr 14, 2006 by Tom Fragala

Computerworld reports Ross-Simons, which sells specialty merchandise through retail stores and more than 60 million catalogs each year, late yesterday said a security breach could allow unauthorized access to its customers' confidential financial information.The company -- whose products include jewelry,...

Apr 9, 2006 by Tom Fragala

This article from Computerworld digs into the security threat from insiders, using the example of a recent data breach. A recent case in which an employee at Progressive Casualty Insurance Co. wrongfully accessed information on foreclosure properties she was interested...

Apr 4, 2006 by Tom Fragala

ComputerWorld reports Personal information of state employees in Florida may have been compromised after work on the state's People First payroll and human resources system was improperly subcontracted to one or more firms in India.About 108,000 current and former employees...

Apr 2, 2006 by Tom Fragala

GuardmyCreditFile reports The Los Angeles County Office of the Department of Public Social Services announced today that it has sent letters to 94,000 county residents that they may have been exposed to identity theft. In January, documents containing their names,...

Mar 29, 2006 by Tom Fragala

Stars and Stripes is reporting that over 200,000 Marines may be at risk for identity theft after loss of portable drive. A portable drive with personal information on more than 207,750 Marines was lost earlier this month, possibly jeopardizing those troops'...

Mar 29, 2006 by Tom Fragala

Computerworld is reporting: A U.S. House of Representatives committee has unanimously approved a bill that would create regulations for so-called data brokers, including a requirement that U.S. companies that traffic in personal data notify victims of breaches. The House Energy...

Mar 28, 2006 by Tom Fragala

Computerworld provides further proof that signing up for free offers via the web is a bad idea. New York State Attorney General Eliot Spitzer is suing Web site operator Gratis Internet Inc. for allegedly violating consumer confidentiality agreements by selling...

Mar 24, 2006 by Tom Fragala

The New York Times is reporting that a laptop computer owned by Fidelity Investments was stolen. It contained sensitive data on around 196,000 retirement account customers. The company, the nation's largest mutual fund manager, confirmed reports Thursday that the computer held information on...

Mar 22, 2006 by Tom Fragala

The Privacy Rights Clearinghouse wrote a super article summarizing all the data breaches since the first occurance of Choicepoint’s fraud-tinged data breach which started with their announcement February 15 2005. The total number of people who have had their personal information compromised...

Mar 22, 2006 by Tom Fragala

Jim from GuardMyCreditFile has written several posts lately about the bill winding its way through Congress. In this one he makes an argument that the California breach notification law (which would be wiped out by HR3997 as its now written), actually...

Mar 20, 2006 by Tom Fragala

There’s been a lot of noise about HR 3997, also called the Financial Data Protection Act. I'm a few days behind on this. CALPIRG blog (ED MIERZWINSKI) writes about this bill here first and then about a later draft here the same day, calling it...

Mar 17, 2006 by Tom Fragala

I recently posted about a data breach that had to do with a company called iBill. Here’s an update from SANS NewsBites: iBill says that large quantities of stolen customer data linked to the on-line payment company are in fact...

Sign up for myTruston®

Blog / Data Breach

Feb 18, 2010 by Tom Fragala

Jan 20, 2009 by Tom Fragala

Jan 7, 2009 by Tom Fragala

Sep 11, 2008 by Tom Fragala

Jun 24, 2008 by Tom Fragala

Mar 27, 2008 by Tom Fragala

Mar 20, 2008 by Tom Fragala

Mar 17, 2008 by Tom Fragala

Feb 7, 2008 by Tom Fragala

Jan 18, 2008 by Tom Fragala

Nov 20, 2007 by Tom Fragala

Oct 24, 2007 by Tom Fragala

Sep 25, 2007 by Tom Fragala

Sep 6, 2007 by Tom Fragala

Aug 23, 2007 by Tom Fragala

Aug 4, 2007 by Tom Fragala

Jun 10, 2007 by Michelle Pastor

Jun 4, 2007 by Tom Fragala

May 31, 2007 by Michelle Pastor

May 20, 2007 by Michelle Pastor

May 18, 2007 by Michelle Pastor

May 6, 2007 by Michelle Pastor

Apr 24, 2007 by Tom Fragala

Apr 19, 2007 by Michelle Pastor

Apr 2, 2007 by Michelle Pastor

Mar 29, 2007 by Michelle Pastor

Mar 25, 2007 by Michelle Pastor

Mar 24, 2007 by Tom Fragala

Mar 24, 2007 by Tom Fragala

Mar 23, 2007 by Tom Fragala

Mar 9, 2007 by Michelle Pastor

Mar 8, 2007 by Tom Fragala

Feb 21, 2007 by Tom Fragala

Feb 21, 2007 by Tom Fragala

Feb 20, 2007 by Tom Fragala

Feb 17, 2007 by Michelle Pastor

Feb 16, 2007 by Tom Fragala

Feb 14, 2007 by Tom Fragala

Feb 12, 2007 by Tom Fragala

Feb 9, 2007 by Tom Fragala

Feb 6, 2007 by Tom Fragala

Jan 20, 2007 by Tom Fragala

Jan 16, 2007 by Tom Fragala

Jan 14, 2007 by Tom Fragala

Jan 14, 2007 by Tom Fragala

Jan 13, 2007 by Tom Fragala

Jan 12, 2007 by Tom Fragala

Jan 8, 2007 by Tom Fragala

Jan 6, 2007 by Tom Fragala

Dec 22, 2006 by Tom Fragala

Dec 16, 2006 by Tom Fragala

Dec 16, 2006 by Tom Fragala

Dec 12, 2006 by Tom Fragala

Dec 8, 2006 by Tom Fragala

Sep 30, 2006 by Tom Fragala

Sep 28, 2006 by Tom Fragala

Sep 26, 2006 by Tom Fragala

Sep 26, 2006 by Tom Fragala

Sep 26, 2006 by Tom Fragala

Sep 25, 2006 by Tom Fragala

Sep 24, 2006 by Tom Fragala

Sep 22, 2006 by Tom Fragala

Sep 21, 2006 by Tom Fragala

Sep 19, 2006 by Tom Fragala

Sep 14, 2006 by Tom Fragala

Sep 13, 2006 by Tom Fragala

Sep 11, 2006 by Tom Fragala

Sep 10, 2006 by Tom Fragala

Sep 9, 2006 by Tom Fragala

Sep 9, 2006 by Tom Fragala

Sep 8, 2006 by Tom Fragala

Sep 8, 2006 by Tom Fragala