Data of 250 000 people compromised in Wisconsin, citizens' social security numbers got attached to arrest warrants

21.08.2018

Back to news

More than 250 000 people got their data exposed in Wisconsin’s leak. Adams County officials announced a data breach which has been compromising citizens’ data for more than 5 years – from January 2013 to March 2018. In June an investigation revealed that the personal information was accessed by an unauthorized user - Cindy Phillippi, a County Clerk, who is suspected of obtaining the details with the help of a keylogger.

Peter Persaud has to do a 4-year sentence. A former personal banker at JP Morgan Chase Bank got arrested for identity theft. A former employee was caught by an undercover law enforcement officer. From 2011 to 2015 the bank accounts kept being leaked and all of them were accessed by Persaud. The information was sold to third parties.

Spyros Panos was convicted of healthcare fraud and identity theft. A non-licensed physician stole a doctor’s identity and misused patients’ information for creating and submitting reports to peer review companies. Despite being sentenced he kept on benefiting from scheming for many years – first brought to trial in 2013 and then reappearing in court cases till 2017. In 2018 there were new notifications of Panos’ misdeeds making people question how much data was accessed by him during all that time Spyros continued his fraudulent behavior.

In August in Nashville, Tennessee, The Davidson County Criminal Court Clerk announced a personal data leak. Some criminal affidavits the public arrest warrants were provided with contained citizens’ social security numbers. All those concerned should contact the Criminal Court Clerk’s office to avoid being identified as an offender or a victim.

A popular project management website Trello got 50 pages exposed, 25 Trello boards managed by U.K. government and 25 boards – by Canada could be freely accessed via Google search. The boards comprised credentials to government accounts, a piece of a backend code and some information on conference calls. There was even a discussion of personal data exposure prevention – it was also stored unguarded. Canadian boards featured information on remote file access, login to the event planning platform, data on web applications management, security testing following a previous incident, some research documents, audit details. 

The health records of Mark Firth from Flatlands, Canada, were accessed a few times with no authorization in April in 2018. It took the Campbellton Regional Hospital almost three months to inform Firth of the data misuse and to let him know that the access to his information was limited and secured while the employee was penalised.