Chronology of Data Breaches
Security Breaches 2005 - Present

Posted Date: April 20, 2005
Updated Date: December 31, 2013

Is this your first visit to our Chronology of Data Breaches?

  • Read our FAQ about what we define as a breached record, how we calculate the "total" records breached, our data sources, state breach notice laws, studies and other resources

  • Learn how to use our Chronology and take advantage of its sophisticated search and sort features

  • Get our RSS Feed to see when we add new breaches to the list

What would you like to do?


Click or unclick the boxes then select go.


Select features, then click GO.



Help Guide

Can't find the sort feature you're looking for? Click here to download a CSV file of the data breach list as it exisits today.
Breach Total
931,529,111 RECORDS BREACHED
(Please see explanation about this total.)
from 4,467 DATA BREACHES made public since 2005
Date Made Publicsort icon Name Entity Type
December 12, 2014 Acosta Sales and Marketing
Jacksonville, Florida
BSO PORT

Unknown

Acosta, Inc. and its subsidiaries (Mosaic Sales Solutions US Operating Co. LLC) informed customers of a data breach when an employee of their Human Resources department had a laptop containing personal information stolen from their car on November 11, 2014.

For those affected, the company has set up a toll free number to assist with questions at 1-877-237-49711-877-237-4971  Monday through Friday 9:00 a.m to 7:00 p.m Eastern Standard Time. The reference number to the incident is #5316120814.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47713

 

 
Information Source:
California Attorney General
records from this breach used in our total: 0

December 12, 2014 University of California Berkeley
Berkeley, California
EDU HACK

Unknown

The University of California Berkeley has notified individuals of a data breach in their Real Estate Division that resulted in unauthorized access to servers used to support a number of Real Estate programs and work stations. 

These workstations contained files that included some personal information. The investigation of the hacking showed that these servers were breached in mid-to late September.

The personal information included names, Social Security Numbers, credit card numbers and driver's license numbers.

The university is offering identity theft protection and fraud resolution through ID Experts for free for one year. For those affected call 1-877-846-63401-877-846-6340  Monday through Friday from 6 a.m to 6 p.m Pacific Time or go to www.myidcare.com/ucbinfo.

 

 

 

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47717

 
Information Source:
California Attorney General
records from this breach used in our total: 0

December 11, 2014 Emcor Services Mesa Energy Systems
El Cajon, California
BSO PORT

Unknown

Emcor Services Mesa Energy Systems notified individual of a data breach when a company laptop was stolen that contained customers personal information.

The information contained on thelaptop included names, Social Security numbers, dates of birth, dates of hire, addresses, salaries, gender and ethnicity. The theft occurred on or around November 25, 2014.

The company is offering the services of Kroll for one year at no cost. For those who were affected they can call 1-866-775-42091-866-775-4209  from 8:00 a.m to 5 p.m Central Time, Monday through Friday.

For those with questions for the company can call Mike Cook at 1-949-460-46051-949-460-4605.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47705

 

 
Information Source:
California Attorney General
records from this breach used in our total: 0

December 11, 2014 ABM Parking Services
St. Louis, Missouri
BSO HACK

Unknown

ABM Parking Services notified customers of a data breach when the point of sale software system implemented by Datapark USA Inc, a third party vendor for several Chicago, Illinois parking facilities was hacked. The information was compromised from October 6, 2014 through October 31, 2014.

The hackers were able to compromise certain customer credit and debit card information, including payment card numbers.

A toll-free information line has been made available for those affected. Customers can call 1-877-238-37901-877-238-3790. The company is offering one year free of Experian's ProtectMyID Elite for those affected.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47710

 
Information Source:
California Attorney General
records from this breach used in our total: 0

December 9, 2014 Charge Anywhere LLC
South Plainfield, New Jersey
BSF HACK

Unknown

The electronic payment provider Charge Anywhere has notified individuals of a data breach of their networks when an unauthorized person(s) installed "sophisticated malware" that allowed the hackers to "capture segments of outbound network traffic" as the company has explained in a statement released December 9, 2014.

The information captured included customer names, card numbers, expiration dates and verification codes of debit/credit cards.

The company stated that transactions completed from August 17, 2014 through September 24, 2014 were compromised. However, information as far back as November 5, 2009 could have been captured as well.

"The incident is the latest reminder of what happens to businesses that handle credit card data and other sensitive information and yet fail to full encrypt the data as it traverses their network. The company has provided a searchable list of merchants who may have been affected by the breach."

More Information: http://krebsonsecurity.com/2014/12/unencrypted-data-lets-thieves-charge-...

 
Information Source:
Krebs On Security
records from this breach used in our total: 0

December 6, 2014 WellCare Health Plans
Monroe County, New York
MED DISC

47

500 Monroe County residents were notified by WellCare Health of disclosure of some of their personal information when their Medicare records were "mishandled" by a sub-contractor for the insurer.

The insurers vendor had an error in their computer coding causing denial letters to be sent to the wrong members. The information on the letters included names, addresses, member ID numbers and general descriptions of the procedure. According to the insurer, no Social Security numbers or financial information was disclosed in the letter.

Subscribers with questions can call WellCare at (888) 240-4946(888) 240-4946.

More Information: http://www.democratandchronicle.com/story/news/2014/12/06/wellcare-medic...

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

December 5, 2014 Bebe Retail
Brisbane, California
BSR HACK

Unknown

Bebe Stores have notified customers of a data breach to their point of sale systems that took place last month for several weeks. The goal of the hackers was to obtain payment card information. The hacking took place between November 8, 2014 and November 26, 2014

The retailer is not stating how many cards were affected and the breach is currently being investigated by forensic IT specialists.

Bebe has more than 200 stores that could have been affected.

 

More Information: http://fortune.com/2014/12/05/bebe-data-breach/

 
Information Source:
Media
records from this breach used in our total: 0

December 2, 2014 Dallas Fire-Rescue
Dallas, Texas
MED PORT

Unknown

Dallas Fire-Rescue had several laptops containing patient information come up missing from several of their ambulances.

"According to the city, those computers disappeared between January 1, 2011, and August 29, 2014. The city’s release did not say how many laptops were unaccounted for — or how they disappeared. Messages have been left for Sana Syed, the city’s spokesperson."

No specific information was provided as to what information was in the files. For those patients who have questions can call the Dallas Fire-Rescue EMS staff at (844) 532-5527.

More Information: http://cityhallblog.dallasnews.com/2014/10/dallas-warns-that-small-numbe...

 
Information Source:
Media
records from this breach used in our total: 0

December 1, 2014 American Residuals and Talent Inc.
Los Angeles, California
BSO HACK

Unknown

American Residuals and Talen Inc, dba ART Payroll, a specialized payroll company for the entertainment, advertising and events production industry, notified customers of a breach to their system when hackers infiltrated their servers and obtained personal information.

The information included names, addresses, dates of birth, Social Security number, email addresses, phone numbers, ART account numbers, bank account information, ART account user ID and password.

The company is providing ProtectMyID for 1 year at no cost to those who were affected. For questions call 1-877-297-7780.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47623

 
Information Source:
California Attorney General
records from this breach used in our total: 0

December 1, 2014 Highlands-Cashier Hospital
Highlands, North Carolina
MED DISC

25,000

Highlands-Cashier hospital in North Carolina informed patients of a data breach to their servers that contained patient data. The disclosure of the data was due to an error by one of their third party vendors, TruBridge a subsidiary of Computer Programs and Systems, Inc. when they were contracted to complete some specialized computer services.

A data security screening caught the disclosure on September 29, 2014 that exposed patient information between May 2012 through September 2014.

The information exposed included patient names, addresses, dates of birth, treatment information, diagnosis, helath insurance information and Social Security numbers. All of this information could be accessed via the Internet.

For those who might have been affected you can call 1-888-227-14161-888-227-1416  Monday through Friday between 9:00 a.m and 9:00 p.m Eastern Time.

More Information: http://www.phiprivacy.net/highlands-cashiers-hospital-discovers-patient-...

 

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 25,000

November 28, 2014 University Hospitals
Cleveland, Ohio
MED INSD

692

University Hospital has informed 692 patients of that their personal information has been compromised. An employee of the hospital had been accessing the personal information of patients for over 3 years. The employee has been dismissed.

The information this person accessed included names, addresses, phone numbers, email addresses, medical and health-insurance account numbers, financial information including debt/credit card information and Social Security numbers.

Those with additional questions or concerns can call (866) 329-5860

More Information: http://www.cleveland.com/metro/index.ssf/2014/11/uh_employee_gained_impr...

 
Information Source:
Media
records from this breach used in our total: 692

November 26, 2014 Shutterfly/Tiny Prints/Treats/Wedding Divas
Redwood City, California
BSO HACK

Unknown

Tiny Prints, Treat and Wedding Paper Divas, owned by Shutterfly Inc. notified customers of a data breach to their online system by hackers. The hacking may have exposed customer usernames and passwords. The company is urging customers to change all usernames and passwords to each site.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47602

 

 

 
Information Source:
California Attorney General
records from this breach used in our total: 0

November 25, 2014 Texas Health and Human Services
Houston, Texas
GOV DISC

2 million

The Texas Health and Human Services department discovered a data breach it appears by "chance" after terminating their relationship with Xerox Corporation.

"In August, after the transition to a new Medicaid vendor, the Texas commission filed a lawsuit against Xerox, alleging that the contractor had failed to turn over computer equipment, as well as paper records, containing Medicaid and health information for 2 million individuals, "putting the state out of compliance with federal regulations and at risk of massive federal fines," says a statement issued by Texas HHSC in August."

The Texas Health and Human Services department has notified individuals of the data breach communicating that their information may have been compromised. The information includes "Medicaid clients' names, birthdates, Medicaid numbers, and medical and billing records related to care provided through Medicaid, such as reports, diagnosis codes and photographs."

More Information: http://www.govinfosecurity.com/breach-reported-after-vendor-dispute-a-7605

 

 
Information Source:
Media
records from this breach used in our total: 0

November 25, 2014 State Compensation Insurance Fund
Pleasanton, California
GOV HACK

Unknown

The State Compensation Insurance Fund, a state agency that provides workers compensation insurance to businesses informed customers of a data breach when one of their brokers suffered a data breach to their system.

Lucy Gomez Blankley Interpreting Inc., a provider of Stat Fund was the victim of a computer hack that resulted in theft of emails in which contained information regarding patient workers compensation claims.

The specific information included names, addresses, phone, Social Security Number, dates of birth and workers compensation claim number.

The agency is providing one year free of Experian ProtectMyID services to those who were affected. Those with questions can call 1-877-220-1388,

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47592

 
Information Source:
California Attorney General
records from this breach used in our total: 0

November 25, 2014 Godiva Chocolatier Inc.
New York, New York
BSR PORT

Unknown

Godiva notified employees of the company of a data breach when a Human Resources employee, who was traveling to retail sites, had a briefcase stolen from a car. The briefcase contained a lap top that had employee information on it. The lap top was not encrypted.

The information included names, addresses, Social Security numbers and drivers license numbers.

The company is providing Experian ProtectMyID Alert for 12 months for free. For questions call 1-866-328-1993 Monday through Friday 6:00 a.m to 6:00 p.m Pacific time.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47593

 
Information Source:
California Attorney General
records from this breach used in our total: 0

November 24, 2014 Sony Pictures
New York, New York
BSO HACK

47,000

Sony Pictures Entertainment has suffered a data breach when hackers posted threatening messages on company computers.

According to a report the threat "began with a skull appearing on screens, and then a strangely ominous message telling users they’d been hacked by something called #GOP. It gets more bizarre as the message claims this is just the beginning and then threatens to release documents by 11 PM this evening."

The company has completely shut down all email communications and employees are not allowed to use company computers while the entertainment giant works through where and what the threat is and if it is real. The original threat did not give specifics or communicate any kind of "ransom" for the data that had supposedly been hacked.

More Information: https://deadline.com/2014/11/sony-computers-hacked-skull-message-1201295...

 

UPDATE (12/5/2014): A data security analyst has discovered information leaked by the hacker (s) goes beyond what was originally reported.

According to the security company Identity Finder, showed that leaked files included vast amount of personal data on "more than 47,000 celebrities, freelancers, and current and former Sony employees".

"An analysis of 33,000 leaked Sony Pictures documents by data security software firm Identity Finder showed that the leaked files included the personal information, salaries and home addresses for employees and freelancers who worked at the studio. Some of the celebrities include Sylvester Stallone, director Judd Apatow and Australian actress Rebel Wilson, according to the Wall Street Journal, which first reported on the analysis".

Additional information such as contracts, termination dates, termination reason and other data was also leaks. Unfortunately these files were in Excel format without any password protection.

More Information: http://www.cnet.com/news/sony-hack-said-to-leak-47000-social-security-nu...

UPDATE (12/16/2014): "Sony Pictures Entertainment has been sued by two self-described former employees who accuse the movie studio of failing to protect Social Security numbers, healthcare records, salaries and other data from computer hackers who attacked it last month.

 

The proposed class action lawsuit against Sony Corp's studio was filed on Monday in federal court in Los Angeles. It alleges that the company failed to secure its computer network and protect confidential information."

More Information: http://www.reuters.com/article/2014/12/16/sony-cybersecurity-classaction...

 
Information Source:
Media
records from this breach used in our total: 47,000

November 17, 2014 US State Department
Washington, District Of Columbia
GOV HACK

Unknown

The US State Department shut down one of its computer networks when it was believed to have been hacked. Experts believe this is related to the breach to the White House's unclassified computer network.

On Monday Jeff Rathke, a State Department spokesperson said "the department had recently detected "activity of concern" in portions of the system handling non-classified emails, and the weekend maintenance included security improvements responding to the breach."

More Information: http://phys.org/news/2014-11-state-dept-hacked-email.html#inlRlv

on Monday, Rathke said the department had recently detected "activity of concern" in portions of the system handling non-classified emails, and the weekend maintenance included security improvements responding to the breach.

Read more at: http://phys.org/news/2014-11-state-dept-hacked-email.html#jCp
on Monday, Rathke said the department had recently detected "activity of concern" in portions of the system handling non-classified emails, and the weekend maintenance included security improvements responding to the breach.

Read more at: http://phys.org/news/2014-11-state-dept-hacked-email.html#jCp
 
Information Source:
Media
records from this breach used in our total: 0

November 14, 2014 Seattle Public Schools
Seattle, Washington
EDU DISC

8,000

The Seattle Public School District announced in a letter to parents Thursday about a data breach that involved their children's information.

"Late Tuesday night Seattle Public Schools learned that a law firm retained by the district to handle a complaint against the district inadvertently sent personally identifiable student information to an individual involved in the case. The district promptly removed the law firm from the case and is working to ensure that all improperly released records are retrieved or destroyed."

Over 800 special education students were involved in a breach. The information involved in the breach included their names, addresses, student identification numbers, test scores and disabilities.

More Information: http://www.king5.com/story/news/local/seattle/2014/11/14/seattle-public-...

 
Information Source:
Media
records from this breach used in our total: 0

November 14, 2014 Cone Health
Greensboro, North Carolina
MED DISC

2,076

Cone Health notified patients to a data breach when after letters sent from one of its facilities were addressed to the wrong patients.

The information on 2,076 patients included names, Social Security numbers, dates of birth and insurance information.

More Information: http://www.wfmynews2.com/story/news/local/2014/10/09/cone-health-admits-...

 
Information Source:
Media
records from this breach used in our total: 2,076

November 14, 2014 Reeve-Wood Eye Center
Chico, California
MED UNKN

Unknown

The Reeve-Wood Eye Center reported a data breach to the California Attorney General's office. No specific details were provided as to the scope of the breach, type of breach or individuals affected.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

November 13, 2014 U.S. Weather System
Washington, District Of Columbia
GOV HACK

Satellite systems that forecast weather

Officials from the National Oceanic and Atmospheric Administration (NOAA), which includes the National Weather Service, have notified officials of a data breach to the National Weather Service's satellite network.

Reports are stating "hackers from China breached the federal weather network recently, forcing cybersecurity teams to seal off data vital to disaster planning, aviation, shipping and scores of other crucial uses, officials said."

It appears the system was affected in September, but officials did not communicate that there was a problem until late October. an NOAA spokesman Scott Smullen did confirm that there were hacks and communicated that "incident response began immediately".

More Information: http://www.washingtonpost.com/local/chinese-hack-us-weather-systems-sate...

 

 
Information Source:
Media
records from this breach used in our total: 0

November 12, 2014 Onsite Health Diagnostics
Dallas, Texas
MED HACK

60,582

Dallas-based Onsite Health Diagnostics, a third party contractor with state of Tennessee,  who completes medical testing and health screenings for various government insurance plans has suffered a data breach. The company discovered hackers had gained access to a computer system that houses personal information for members of the Tennessee's State Insurance Plan, Local Government Insurance Plan and Local Education Insurance plan.

The information affected in the breach included health benefit member names, dates of birth, addresses, emails, phone numbers and gender.

More Information: http://www.healthcareitnews.com/news/hackers-swipe-data-60k-vendor-hipaa...

 

 
Information Source:
Media
records from this breach used in our total: 0

November 10, 2014 US Postal Service
Washington, District Of Columbia
GOV HACK

800,000

The US Postal Service is releasing information today that they have been the victim of a cyber attack with Chinese hackers being suspected of hacking into their computer networks compromising the information of over 800,000 employees.

Currently the FBI is investigating the breach and it appears that information obtained included names, dates of birth, Social Security numbers, addresses, dates of employment. According to officials, all postal service employees were affected and they are not yet clear why their information was of interest to these hackers. They are not seeing any evidence of customer information being compromised. The investigators are calling the hackers "sophisticated actors".  More information will be posted as additional information comes out with the investigation.

More Information: http://www.washingtonpost.com/blogs/federal-eye/wp/2014/11/10/china-susp...

 
Information Source:
Media
records from this breach used in our total: 800,000

November 10, 2014 Anthem Blue Cross
Southern and Northern California cities, California
BSF DISC

Unknown

Anthem Blue Cross in California sent text emails with personal details about individuals health information and member specific demographic information such as age, language spoken, specific medical test received or not received as part of the text message.

The company is reviewing whether or not they have to report this information as part of the specific notification laws in California, which does include the breach of medical history, mental or physical condition, medical treatment or diagnosis by a health care professional.

A spokesperson for Blue Cross stated that they are investigating the incident.

More Information: http://bits.blogs.nytimes.com/2014/11/10/oops-health-insurer-exposes-mem...

 

 
Information Source:
Media
records from this breach used in our total: 0

November 10, 2014 Central Dermatology Center
Chapel Hill, North Carolina
MED HACK

Unknown

Central Dermatology Center notified patients of a data breach to their system when malware was found on one of their servers.

The information compromised included patient names, addresses, phone numbers, dates of birth, Social Security Numbers, sex, treatment dates, account balances, email addresses, insurer, providers, employers and race.

Currently, the center has hired an forensic IT firm to investigate the breach. They did not provide the number of individuals at risk.

More Information: http://healthitsecurity.com/2014/11/10/potential-health-data-breach-hits...

 

 
Information Source:
Media
records from this breach used in our total: 0

November 7, 2014 Jessie Trice Community Health Center
Miami, Florida
MED HACK

8,000

Jessie Trice Community Health Center announced a data breach when members of an identity theft ring accessed the personal information of 8,000 patients.

The informaton accessed included names, dates of birth and Social Security Numbers. No medical information was compromised according to the facility.

The FBI and the IRS are currently investigating the breach.

More Information: http://www.clinical-innovation.com/topics/privacy-security/identity-thef...

 
Information Source:
Media
records from this breach used in our total: 8,000

November 3, 2014 Fidelity National Financial
Jacksonville, Florida
BSF HACK

Unknown

Fidelity National Financial, Inc (FNF) informed customers of a breach to their system due to a targeted phishing attack to certain employees.

FNF is the parent company of Ticor Title Company of Oregon, Ticor Title of Nevada, Inc., Lawyers Title Company, and Lawyers Title of Oregon, LLC, which provides title insurance and real estate settlement services in Oregon, Nevada, and/or California.

From April 14, 2014 and April 16, 2014 a certain number of employees were targeted in a phishing attack that allowed the hackers to obtain username and password information for employees of the company. The company hosts their email with a third party vendor and after investigating did not find any evidence that the hackers were able to breach FNF's internal network or systems.

However, the investigation did reveal that personal information was obtained including Social Security numbers, bank account numbers, credit/debit card numbers and driver's license numbers.

The company is offering 12 months free of AllClear ID to those affected. Those affected can call 1-877-676-03741-877-676-0374 to reach an AllClear investigator.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47112

 
Information Source:
California Attorney General
records from this breach used in our total: 0

November 3, 2014 Palm Springs Federal Credit Union
Palm Springs, California
BSF PORT

Unknown

The Palm Springs Federal Credit Union was conducting an audit of their systems and realized that one of their external hard drives that contained customer data was missing.

The information contained on the drive included customer names, addresses, Social Security Numbers and account numbers.

The credit union is offering AllClearID and AllClearID Pro for 12 months at no cost to those who were affected by this breach. For those with questions they can call 1-866-979-25951-866-979-2595 or the credit union at dpitigliano@palmspringsfcu.com.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47289

 
Information Source:
California Attorney General
records from this breach used in our total: 0

October 23, 2014 Reeves International Inc/ Breyer Horses
Pequannock, New Jersey
BSR HACK

Unknown

Reeves International Inc. is informing customers of a data breach of one of their online retail sites called Breyer Horses (www.breyerhorses.com). On September 9, 2014 the company discovered an unauthorized party installed malware on the server hosting the Breyer Horse website, the malware compromised customers' personal data. The dates of the attack were from March 31, 2013 through October 6, 2014.

The information compromised includes names, addresses, website usernames and passwords, payment card account numbers, card expiration dates, and payment card security codes.

For anyone affected or those with questions call 1-877-572-06281-877-572-0628 twenty-four hours a day Monday through Sunday (excluding holidays).

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47096

 
Information Source:
California Attorney General
records from this breach used in our total: 0

October 23, 2014 American Soccer Inc./SCORE
Wilmington, California
BSR HACK

Unknown

On October 21, 2014 SCORE discovered an unauthorized access to their server that processes customer payment information.

According to the company on September 4, 2014 unauthorized access to their website compromised personal information of individuals who completed a transaction.

The information includes names, payment card account numbers, expiration dates of cards, SCORE account numbers. Those who were affected conducted a transaction between June 1, 2014 and September 4, 2014. There was no evidence that customer addresses or security codes being compromised after an investigation was conducted.

For those with questions or concerns call 1-800-626-77741-800-626-7774.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-46986

 
Information Source:
California Attorney General
records from this breach used in our total: 0

October 20, 2014 Staples Inc.
Framingham, Massachusetts
BSR HACK

Unknown

Several large banks notified Staples Inc. of unusual activity on credit and debit cards used at several locations in Northeastern United States. According to Brian Krebs, Krebs on Security "According to more than a half-dozen sources at banks operating on the East Coast, it appears likely that fraudsters have succeeded in stealing customer card data from some subset of Staples locations, including seven Staples stores in Pennsylvania, at least three in New York City, and another in New Jersey". Staples Inc. has more than 1800 stores nationwide and is currently investigating the potential breach.

More Information: http://krebsonsecurity.com/2014/10/banks-credit-card-breach-at-staples-s...

UPDATE (11/17/2014): It appears that the breach that happened at Staples was conducted by the same cyber criminals that infiltrated Michaels stores. According to Krebs On Security "Multiple banks interviewed by this author say they’ve received alerts from Visa and MasterCard about cards impacted in the breach at Staples, and that to date those alerts suggest that a subset of Staples stores were compromised between July and September 2014."

More Information: http://krebsonsecurity.com/2014/11/link-found-in-staples-michaels-breach...

 
Information Source:
Krebs On Security
records from this breach used in our total: 0

October 17, 2014 Sourcebooks Inc.
Naperville, Illinois
BSR HACK

Unknown

Sourcebooks Inc. has informed customers of a breach of their shopping cart software that supports several of their websites. The breach dates were from April 16, 2014 and June 19, 2014. An unauthorized party gained access to specific customer purchase information.

The information breached includes first names, last names, email addresses, phone numbers, addresses, account passwords, credit card numbers, expiration dates of credit cards, cardholder names and card verification values.

The company is conducting an investigation including a forensic audit to determine the full extent of the breach.

For those with questions or concerns call 1-844-810-1155 between 8:30 a.m and 5:30 p.m Central Standard Time or go to http://www.sourcebooks.com/cardfaq.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47029

 
Information Source:
California Attorney General
records from this breach used in our total: 0

October 14, 2014 Cyberswim.com
Pen Argyl, Pennsylvania
BSR HACK

Unknown

Cyberswim.com notified customers of a data breach to their online ecommerce store and the discovery of customers' personal information being breached.

On September 24, 2014 the company confirmed that an unauthorized individual(s) or entities installed malware on the server hosting their website. This malware was able to access personal information entered by customers when completing a purchase on the site.

Information breached includes names, addresses, website usernames and passwords, payment card account numbers, card expiration dates, and payment card security codes.

Purchases made between May 12, 2014 and August 28, 2014 are the dates this breach occurred.

For those with questions call 1-844-286-4855 between 9:00 a.m and 5:00 p.m Easter time, Monday through Friday (excluding holidays).

More Information: oag.ca.gov/ecrime/databreach/reports/sb24-46986

 
Information Source:
California Attorney General
records from this breach used in our total: 0

October 14, 2014 Novant Health Gaffney Family Medical Care
Gaffney, South Carolina
MED PORT

Unknown

Novant Health Gaffney Family Medical Care informed patients of a data breach when their offices were broken into and two of the facilities laptops were stolen.

The information on the laptops was not disclosed.

More Information: http://www.wspa.com/story/26681323/laptops-with-patient-data-stolen-from...

 
Information Source:
Media
records from this breach used in our total: 0

October 13, 2014 Snapsaved.com
Unknown,
BSO HACK

200,000

Snapsaved.com, a third party vendor to Snapchat, announced that their servers were hacked, which in turn caused thousands of photos and videos from the third party service to show up on the Internet.

"On Sunday, thousands of photos and videos from the Snapchat service were put online, apparently taken from sites including Snapsaved.com, which had allowed people to log in using their Snapchat username and password to offer desktop-based rather than handset-based access to the site - and also the chance to store photos, which are meant to be deleted within seconds of being viewed."

Snapsaved posted on Facebook the following:

"I would like to inform the public that snapsaved.com was hacked” due to a mistake in the setup of its web server. “As soon as we discovered the breach in our systems, we immediately deleted the entire website and the database associated with it,” the unsigned statement continues. “As far as we can tell, the breach has effected [sic] 500MB of images, and 0 personal information from the database.”

More Information: http://www.theguardian.com/technology/2014/oct/13/third-party-snapchat-s...

 
Information Source:
Media
records from this breach used in our total: 0

October 13, 2014 University of California Davis Medical Center
Sacramento, California
MED HACK

Unknown

The University California Davis Medical Center discovered abnormal activity in the email account of one of their providers. An investigation determined that the provider's email was compromised by an unknown source. As a result, an unauthorized use and access to their system giving them access to communication between the provider and the patients.

For additional questions regarding the incident contact 1-916-734-8808 or email privacyprogram@ucdmc.ucdavis.edu

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-46960

 

 
Information Source:
California Attorney General
records from this breach used in our total: 0

October 13, 2014 Penn Highlands Brookville
Brookville, Pennsylvania
MED HACK

Unknown

The office of Dr. Barry J. Snyder at Penn Highlands Brookville, a healthcare service provider for the Brookville area in Pennsylvania, notified patients of a data breach when a third party accessed the third party vendor's server who maintains records for Dr. Snyder.

The information compromised included patient names, addresses, dates of birth, driver's license numbers, Social Security numbers, phone numbers, insurance information, medical informatino and genders.

The facility is offering free identity monitoring and identity protection services to affected individuals through Kroll Inc. Those affected can call 1-855-401-2640.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

October 13, 2014 Oak Park Medical Center
Oak Partk, Michigan
MED DISC

Unknown

Medical files were found by a former customer of a Dr. Pramod Raval, who was indicted in a Medicare home health care fraud scheme. Boxes of full files were dumped outside with massive amounts of patient data still intact.

The medical files included files that contained names, Social Security numbers, X-rays, blood types and addresses.

The local police were notified and the files were scheduled to be shredded.

More Information: http://www.clickondetroit.com/news/medical-files-found-dumped-in-oak-par...

 
Information Source:
Media
records from this breach used in our total: 0

October 10, 2014 Sears Holding Company/K-Mart
Hoffman Estates, Illinois
BSR HACK

Unknown

Sears Holding Corp announced Friday that a data breach occurred at their K-Mart stores starting last month, with malicious software targeting their Point of Sale systems that  compromised customers' credit card information.

Currently, Sears Holding Corp is not clear as to the number of affected customer cards and the breach is currently under investigation. K-Mart has said that they were able to remove the malware from their systems.

K-Mart is working currently working with federal investigators.

For those with questions, they are asked to call K-Mart's Customer Care Center at 1-888-488-5978.

More Information: http://abcnews.go.com/Business/wireStory/kmart-latest-victim-data-breach...

 
Information Source:
Media
records from this breach used in our total: 0

October 10, 2014 Sausalito Yacht Club
Sausalito, California
BSO HACK

Unknown

The Sausalito Yacht Club notified its members of a data breach to their online member roster. The information on the roster included member names linked to private Sausalito Yacht Club member numbers. These two pieces of information together allows for the charging of beverages, goods, services and meals at the club. Additionally, members personal contact information, financial information, including accounts receivable information could have been obtained.

Currently, the breach is under investigation and depending upon what is found, the club may issue new cards and account numbers.

For those affected with questions they may call General Manager, Dave Martel at 1-415-332-7400 or by e-mail at gm@sausalitoyachtclub.org.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

October 10, 2014 Oregon Employment Department/WorkSource Oregon
Portland, Oregon
GOV HACK

850000

The Oregon Employment Department, specifically WorkSource Oregon, discovered a data breach of a data base that contained personal information of individuals searching for jobs when an anonymous tip came in alerting officials of the breach.

Social Security numbers of more than 850,000 individuals were compromised in the breach. Officials shut down the website and were investigating the breach.

More Information: http://www.oregonlive.com/money/index.ssf/2014/10/security_breach_discov...

 
Information Source:
Media
records from this breach used in our total: 850,000

October 10, 2014 Georgia Department of Behavioral Health and Developmental Disabilities (DBHDD)
Atlanta, Georgia
GOV PORT

3,397

The Georgia Department of Behavioral Health and Developmental Disabilities (DBHDD) notified individuals of a data breach when one of their departments laptops was stolen out of a car of an employee who was attending a conference.

The laptop contained personal information of over 3,000 patients including names, addresses, phone numbers, dates of birth, names of guardians, marital status, Social Security numbers, Medicaid numbers, diagnosis, behavioral data and other personal information.The laptops were not encrypted.

For those who might have been affected, they can call DBHDD at 844-888-5998 until January 9, 2015

More Information: http://www.phiprivacy.net/2014/10/page/12/

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 3,397

October 10, 2014 Department of Human Services' Office of Behavioral Health, Denver
Denver, Colorado
GOV DISC

15,000

The Department of Human Services' Office of Behavioral Health in Denver Colorado notified individuals of a data breach when a postcard mailing went out to individuals as part of a survey. The cards were specifically addressed to individuals receiving behavioral health services through DHS office and mailed in post-card format.

This information is considered to be protected health information. According to the DHS no Social Security numbers or financial information was on the cards.

More Information: http://www.9news.com/story/news/local/2014/10/10/colorado-health-officia...

 
Information Source:
Media
records from this breach used in our total: 0

October 9, 2014 Evolution Nature Corp. dba The Evolution Store
Manhattan, New York
BSR HACK

Uknown

Evolution Nature Corp., dba The Evolution Store contacted customers regarding a data breach to their online stores affecting customer credit card information.

The company received a complaint of credit card fraud from a customer and launched an investigation by a data forensics expert. The investigation revealed that the administrative portion of the Evolution e-commerce site was accessed by an unauthorized third party that was using administrative credentials exposing customer order information.

The information exposed included names, email addresses, phone numbers, billing addresses, shipping addresses, order information, and credit/debit card information, including the CVV numbers on the backs of the cards.

For those affected, the company is offering AllClear Secure for 12 months at no cost. For those with questions, call 1-877-322-82281-877-322-8228.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-46935

 
Information Source:
California Attorney General
records from this breach used in our total: 0

October 9, 2014 South Texas Veterans Health Care System
San Antonio, Texas
MED DISC

4,000

The South Texas Veterans Health Care System informed 4,000 patients of a data breach to their personal information. 

"South Texas Veterans Health Care tried to send veterans notices on September 15 to explain a new federal rule of Hydrocodone combination they need to be aware of. But in the process of printing the letters, they mistakenly came out double-sided and had one unique veteran’s information on one side and another veteran’s on the other."

The information breach included full names, addresses and the type of prescription drugs.

More Information: http://healthitsecurity.com/2014/10/09/south-texas-va-reports-printing-e...

 
Information Source:
Media
records from this breach used in our total: 0

October 9, 2014 U.S. Health Holdings, Ltd.
Detroit, Michigan
MED DISC

Unknown

U.S Health Holdings, Ltd. on behalf of Macomb County Michigan has suffered a breach when an accidental disclosure of of personal informaton was posted on the Michigan Inter-Governmental Trade Network ("MITN") website.

The information exposed included names, dates of birth, Social Security numbers, zip codes, cities, and Plan carrier names.

More Information: http://www.phiprivacy.net/2014/10/page/13/

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

October 9, 2014 Albertina Kerr Centers
Gresham, Oregon
MED PORT

1,300

The Albertina Kerr Centers have notified individuals of a breach when two of their laptop computers and a cell phone were stolen from the Albertina Kerr's campus.

The laptops contained medical information identifying individuals, the diagnoses they received and treatements applied. The theft took place in August of 2014 when an individual or individuals broke into one the facilities offices at the Kerr's crisis psychiatric care facility. According to the facility these laptops did not contain Social Security numbers or financial information.

The center is offering a year of free identity theft security monitoring. For those affected they can call 1-888-276-0529.

More Information: http://www.oregonlive.com/gresham/index.ssf/2014/10/laptops_stolen_from_...

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

October 7, 2014 Municipal Bond Insurance Association (MBIA)
Purchase, New York
BSF DISC

Unknown

Brian Krebs of Krebs On Security notified MBIA of a breach that exposed numerous customer account numbers, balances and various other sensitive data due to a misconfiguration on a company Web server.

"Much of the information had been indexed by search engines, including a page listing administrative credentials that attackers could use to access data that wasn’t already accessible via a simple Web search."

MBIA is one of the largest bond insurers, that offers municipal bond insurance and investment management products and services companies such as Aetna and Fireman's Fund.

The company has since shut this website down and is currently investigating. No information is available to the number of individuals that may have been affected by the breach.

More Information:http://krebsonsecurity.com/2014/10/huge-data-leak-at-largest-u-s-bond-insurer/

 
Information Source:
Krebs On Security
records from this breach used in our total: 0

October 6, 2014 AT&T
Dallas, Texas
BSR INSD

1600

AT&T is at the center of another data breach to their system, this time, by an internal employee.

AT&T has announced that one of its staff members accessed account information of customers, which included Social Security Numbers, drivers license numbers, unique customer numbers, known as Customer Proprietary Network Information (CPNI), which includes information such as times, dates, durations and destination numbers of every call made. No specific numbers have yet been released.

More Information: http://www.zdnet.com/at-and-t-hit-by-insider-data-breach-unspecified-num...

UPDATE (10/7/2014): The Vermont Attorney General posted that 1,600 letters went out to customers regarding the recently announced data breach that happened in August of 2014 by an employee of AT&T. The employee has since been fired and the breach is still under investigation.

More Information:http://www.reuters.com/article/2014/10/07/us-at-t-cybersecurity-idUSKCN0HW02Y20141007

 
Information Source:
Media
records from this breach used in our total: 1,600

October 3, 2014 Mount Sinai Beth Israel
New York, New York
MED PORT

10,790

Mount Sinai Beth Israel announced a data breach when a laptop computer was stolen from a staff room. According to the facility the laptop was password-protected but not encrypted.

The patient information housed on the laptop included patient names, dates of birth, medical record numbers, dates of service, procedure codes and description of procedures along with clinical information about patient care received. The facility has stated that patient Social Security numbers, insurance information, addresses and phone numbers were not stored on this particular laptop.

More Information: http://www.mountsinaihealth.org/about-the-health-system/news-releases/st...

 
Information Source:
Media
records from this breach used in our total: 0

Showing 1-50 of 4467 results


X

Sign In!

Loading