A great resource for learning about security foibles is The Breach Blog. This fellow finds some really good stuff, things like lost USB drives, poorly secured sites, etc.
Here’s a good one: The US Transportation Security Administration is responsible for securing air travelers in the post 9-11 apocalypse. The TSA has a method of allowing innocent travelers to remove their names from their ‘watch list’, thereby avoiding hassles when boarding aircraft in the US. Unfortunately, the web application was poorly secured, resulting in serious problems.
Of course, in many (most?) states in the US, it is the law to report information breaches. Here in Canada, we have to wait for the news services to hear of a investigation or report before such information sees the light of day…