Chronology of Data Breaches
Security Breaches 2005 - Present

Posted Date: April 20, 2005
Updated Date: December 31, 2013

Is this your first visit to our Chronology of Data Breaches?

  • Read our FAQ about what we define as a breached record, how we calculate the "total" records breached, our data sources, state breach notice laws, studies and other resources

  • Learn how to use our Chronology and take advantage of its sophisticated search and sort features

  • Get our RSS Feed to see when we add new breaches to the list

What would you like to do?


Click or unclick the boxes then select go.


Select features then click GO. To modify your search, check or uncheck the boxes and click GO.


Reset the checkboxes to the default "all selected."

Help Guide

Can't find the sort feature you're looking for? Click here to download a CSV file of the data breach list as it exisits today.

display_id:page_1

display_id:page_1

Breach Total
816,324,756 RECORDS BREACHED
(Please see explanation about this total.)
from 4,517 DATA BREACHES made public since 2005
Date Made Publicsort ascending Name Entity Type
April 14, 2015 Damariscotta County Sherrifs Department
Damariscotta, Maine
GOV HACK

Unknown

A Sheriffs Department in Damariscotta Maine was forced to pay hackers $300 in bitcoins to retrieve confidential records being held hostage by hackers who broke into their system. The FBI traced back the bitcoins to a Swiss account but have no other details as to who perpetrated this hacking.

The malware installed on the system happened when someone at the Sheriffs department clicked a link allowing the malware to be installed on their system, which in turn the hackers then held the information hostage until they were paid a ransom to release the malware.

More Information: www.technewstoday.com/-us-police-department-forced-to-pay-bitcoins-after-hackers-enter-system/

 
Information Source:
Media
records from this breach used in our total: 0
April 13, 2015 Grapevine Police Departments
Grapevine, Texas
GOV HACK

Unknown

A group demanding the dashcam video of a shooting be released to the public, hacked the database of the Grapevine Police Department posting a video demanding this release.

The police department is currently investigating the hacking of their system.

More Information: www.thescoopblog,dallasnews.com/2015/04/anonymous-hacker-group-demands-police-video-of-shooting-of-mexican-immigrant-by-grapevine-cop,html/

 

 
Information Source:
Media
records from this breach used in our total: 0
April 8, 2015 AT&T
Dallas, Texas
BSO INSD

280,000 US citizens affected

The FCC has fined AT&T $25 million dollars after an investigation revealed that three separate international call centers are at the center of a data breach of customer information.

Call centers in Mexico, the Phillipines and Columbia all had similar incidences "when employees accessed sensitive customer data without adequate authorization. Those employees took payment from third parties who were apparently interested in customer names and Social Security numbers so they could unlock stolen cell phones for sale on secondary markets."

As part of the settlement, AT&T has agreed to notify those customers that were affected and offer one year free of credit monitoring services.

More Information: http://www.cnbc.com/id/

 
Information Source:
Media
records from this breach used in our total: 280,000
April 3, 2015 Microsoft/Xbox One
Redmond, Washington
BSO HACK

11,266 login-credentials stolen from unamed company

A 19 year hacker has pleaded guilty to hacking and stealing "11,266 log-in credentials from an unnamed which he then shared amongst the other members." Austin Alcala was part of a larger hacking network that stole software and data from gaming companies such as Microsoft, Valve, Epic. The group stole internal documents from companies, source code and games that had not yet been released to the public.

The items stolen were stated to be worth approximately $100 million dollars. The hacking took place from 2012 to 2014.

More Information: http://www.welivesecurity.com/2015/04/03/us-teen-pleads-guilty-100-milli...

 

 

 
Information Source:
Media
records from this breach used in our total: 0
March 16, 2015 Advantage Dental
Redmond, Washington
MED HACK

151,626

Advantage Dental notified 151,626 patients of data breach when their database of patient information was hacked between February 23rd and February 26th. The hackers had access to patient names, dates of birth, phone numbers, Social Security numbers and home addresses.

Advantage is offering credit monitoring and call center support through Experian. For further information go to Advantage homepage https://secure.advantagedental.com/

More Information: http://portlandtribune.com/pt/9-news/253880-123802-advantage-dental-says...

 

 
Information Source:
Media
records from this breach used in our total: 151,626
March 16, 2015 Apple America Group LLC
Independence, Ohio
BSF PORT

Unknown

Apple America Group, LLC informed employees of a data breach when a portable USB flash drive owned by a third party vendor containing payroll information was lost.

The information on the portable usb drive included names, addresses, Social Security numbers, and wage and tax information.

More Information: http://oag.ca.gov/system/files/Non-Massachusetts%20consumer%20notificati...?

 
Information Source:
Massachusetts Attorney General
records from this breach used in our total: 0
March 16, 2015 Bistro Burger
San Francisco, California
BSO HACK

Unknown

Bistro Burger confirmed that malware was installed on the point-of-sale system at their San Francisco location between October 2, 2014 and December 4, 2014. The information compromised included names, payment card account numbers, card expiration dates and security codes.

 
Information Source:
Media
records from this breach used in our total: 0
March 9, 2015 Inland Empire Health Plan/Children's Eyewear Sight
Rancho Cucamonga, California
MED PORT

Unknown

Inland Empire Health Plan notified customers of a data breach when a desktop computer and other items were stolen from Children's Eyewear Sight. The police were able to aprehend the individual who perpetrated the theft.

The files on the computer included names, dates of birth, genders, addresses, contact phone numbers, email addresses, IEHP Member ID number, dates of appointments, dates of purchases, and the names of doctors who provided services.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47991

 
Information Source:
California Attorney General
records from this breach used in our total: 0
March 4, 2015 Mandarin Oriental Hotel Group
New York, New York
BSO HACK

Unknown

The hotel chain Mandarin Oriental has announced that their point-of-sale systems were hacked and infected with malware that stole customer credit card data. The hacking, according to the hotel chain, is limited to hotels in the U.S and Europe.

The company has not communicated exactly how many of the hotels locations were compromised only stating that "Mandarin Oriental can confirm that the credit card systems in an isolated number of our hotels in the US and Europe have been accessed without authorization and in violation of both civil and criminal law. The Group has identified and removed the malware and is coordinating with credit card agencies, law enforcement authorities and forensic specialists to ensure that all necessary steps are taken to fully protect our guests and our systems across our portfolio.Unfortunately incidents of this nature are increasingly becoming an industry-wide concern. The Group takes the protection of customer information very seriously and is coordinating with credit card agencies and the necessary forensic specialists to ensure our guests are protected.”

According to Krebs on Security, "banking industry sources say the breach almost certainly impacted most if not all Mandarin hotels in the United States, including locations in Boston, Florida, Las Vegas, Miami, New York, and Washington D.C. Sources also say the compromise likely dates back to just before Christmas 2014."

More Information: http://krebsonsecurity.com/2015/03/credit-card-breach-at-mandarian-orien...

 
Information Source:
Krebs On Security
records from this breach used in our total: 0
March 3, 2015 Toys "R" Us
Wayne, New Jersey
BSR HACK

Unknown

Toys "R" Us contacted customers that their passwords to their reward program account would be reset in order to avoid an unauthorized attempts to their rewards program account.

The company communicated that those notified did not necessarily have their accounts accessed, however, the risk was higher due to the discovery by the company of "recycled login details used by some of its customers." 

Between January 28th and January 30th, 2015, the company discovered a number of "illegal login attempts made to its Rewards "R" Us accounts." The current announcement is an additional security measure so that other customer accounts cannot be accessed in a similar way.  "Out of an abundance of caution, we are therefore treating your account password as compromised and taking appropriate steps to address the situation," in a letter sent by the company to its customers.

More Information: http://www.welivesecurity.com/2015/03/03/toys-r-us-resets-account-passwo...

 
Information Source:
Media
records from this breach used in our total: 0
March 3, 2015 Pioneer Bank
New York, New York
BSF PORT

Unknown

New York based Pioneer Bank notified customers of a data breach when an employee laptop was stolen on January 26th, compromising their personal information.

The information compromised the names, addresses, Social Security numbers, and account and debit card numbers.

More Information: http://www.scmagazine.com/laptop-stolen-from-employee-contained-data-on-...

 
Information Source:
Media
records from this breach used in our total: 0
March 2, 2015 Natural Grocers
Lakewood, Colorado
BSR HACK

Unknown

Natural Grocers announced a possible datal breach of its customers payment cards.

The grocery retailer claims they have not received any reports or complaints of fraudulent activity of customers payment cards, however, according to Krebs on Security "Sources in the financial industry tell KrebsOnSecurity they have traced a pattern of fraud on customer credit and debit cards suggesting that hackers have tapped into cash registers at Natural Grocers locations across the country.  The grocery chain says it is investigating "a potential data security incident invloving an unauthroized intrusion targeting limited customer payment card data.""

The grocery retailer has 93 stores in 15 states and has hired a third party vendor that specializes in data forensics to investigate the possible breach. The company claims that "no personally identifiable information, such as names, addresses or Social Security numbers, was involved, as the company does not collect that data as part of its payment processing system."

Again, as stated by KrebsOnSecurity, "According to a source with inside knowledge of the breach, the attackers broke injust before Christmas 2014, by attacking weaknesses in the company's database servers. From there, the attackers moved laterally with Natural Grocers internal network, eventually planting card-snooping malware on point-of-sale systems."

More Information: https://krebsonsecurity.com/2015/03/natural-grocers-investigating-card-b...

 
Information Source:
Krebs On Security
records from this breach used in our total: 0
March 2, 2015 Piedmont Advantage Credit Union
Greensboro, North Carolina
BSF PORT

Unknown

Piedmont Advantage Credit Union notified customers of a data breach when one of their laptops containing personal information of its members could not be located. The information contained names, addresses, dates of birth, member account numbers, and Social Security numbers. According to the credit union the laptop included password protected authentication.

More Information: http://www.scmagazine.com/north-carolina-credit-union-notification-says-...

 

 
Information Source:
Media
records from this breach used in our total: 0
February 27, 2015 Bulk Reef Supply
Golden Valley, Minnesota
BSO HACK

Unknown

Bulk Reef Supply notified customers of a data breach when their online website was compromised. The customer information compromised included names, addresses, phone numbers, email addresses, usernames, passwords, and credit card information.

The company is asking customers to change their passwords. The company is offering one year free of credit monitoring and identity theft services.

More Information: http://www.scmagazine.com/bulk-reef-supply-website-compromised-credit-ca...

 
Information Source:
Media
records from this breach used in our total: 0
February 27, 2015 Uber Technologies Inc.
San Francisco, California
BSO HACK

50,000

Uber notified 50,000 drivers of an unauthorized access to their database which resulted in compromising driver data. The hacking took place in May of 2014. According to the company only names and driver's license numbers were compromised.

The company is offering identity protection services for affected drivers.

More Information: http://www.bloomberg.com/news/articles/2015-02-27/uber-discloses-databas...

 
Information Source:
Media
records from this breach used in our total: 50,000
February 25, 2015 Lime Crime
New York, New York
BSO HACK

Unknown

Lime Crime, an online cosmetics company notified customers of an unauthorized access to their website server which resulted in malware being installed. This malware allowed customer data to be captured, including credit card payment information.

The information compromised included names, addresses, card account numbers, expiration dates, security codes and Lime Crime website usernames and passwords. The malware affected customers who purchased items on the website from October 4, 2014 through February 15, 2015. For those customers that used PayPal to purchase items, their Lime Crime website usernames and passwords may have also been compromised.

More Information: http://www.scmagazine.com/malware-on-lime-crime-website-payment-cards-co...

 
Information Source:
Media
records from this breach used in our total: 0
February 24, 2015 Cathrine Steinborn, Dentist
Santa Clara, California
MED PORT

Unknown

The office of Cathrine Steinborn, DDS was broken into and a server containing patient and other personal information in it. The information compromised included names, addresses, dates of birth, telephone numbers, Social Security numbers, dental and/or medical insurance information, health information, treatment information, and billing information.

More Information: http://www.scmagazine.com/california-dentist-announces-theft-of-server-c...

 
Information Source:
Media
records from this breach used in our total: 0
February 23, 2015 Lone Star Circle of Care
Georgetown, Texas
BSO DISC

8,700

Lone Star Circle of Care notified individuals of a data breach after the discovery of a back-up file containing containing names, addresses, phone numbers, and birth dates was accidentally posted on their website for view.

More Information: http://www.statesman.com/news/news/data-breach-at-lone-star-circle-of-ca...

 
Information Source:
Media
records from this breach used in our total: 0
February 20, 2015 American Apparel, Inc.
Los Angeles, California
MED PORT

Unknown

Lime Crime has warned customers of a data breach when they discovered malware installed on their website server potentially compromising payment cards and personal data of their  customers who used their site.

The compromised data included names, addresses, website usernmanes, passwords, payment card account numbers, card expiration dates and payment card security codes.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-48501

 
Information Source:
California Attorney General
records from this breach used in our total: 0
February 18, 2015 The Office of Jeb Bush
Tallahassee, Florida
BSO DISC

12,000

Jeb Bush's office inadvertently exposed 12,500 individuals' personal information as part of a larger cached file of 332,999 emails sent to him when he was the Governor of Florida.

The email was sent as part of a measure for transparency, however his team neglected to remove personal information if 12,500 of those individuals exposing names, Social Security numbers, and birthdates.

The office has since redacted the information, which were believed to have been individuals on a family services waiting list from 2003.

More Information: http://www.welivesecurity.com/2015/02/18/12000-exposed-possible-id-theft...

 
Information Source:
Media
records from this breach used in our total: 12,500
February 18, 2015 University of Maine
Orono, Maine
EDU PORT

941

The University of Maine notified students of a data breach when a laptop was stolen with student roster information on it including Social Security numbers, phone numbers, email addresses, grade data and course information.

According to the university only 604 Social Security numbers were involved in the total of 941 records exposed.

More Information: http://umaine.edu/news/blog/2015/02/18/umaine-working-with-information-s...

 
Information Source:
Media
records from this breach used in our total: 604
February 17, 2015 Escondido Union School District
Escondido, California
EDU PORT

Unknown

The Escondido Union School District notified some students and employees of the district of a data breach that occurred when a district owned tablet and external hard drive were stolen from a backpack belonging to a district employee.

The personal information saved on the laptop included student contact information, assessment results, and self reported income by parents.

More Information: http://www.utsandiego.com/news/2015/feb/17/tp-school-district-warns-of-p...

 

 
Information Source:
Media
records from this breach used in our total: 0
February 13, 2015 Liberty Tax Services
Highland, California
BSF PORT Unknown
Liberty Tax Services contacted customers to inform them of a data breach due to a burglary. The thieves took some files and electronic records that included personal information of their customers. The information included names, addresses, dates of birth, identification numbers, Social Security numbers, income documents and names of dependents, their dates of births, and their Social Security numbers. The company is offering those who were affected one year free of credit monitoring. For those affected they can call 1-909-864-8122 to set up an appointment. For further questions contact a member of their team at the following: Linda Sowell, Office Manager at 909-864-8122 or Jeanette Burr, District Manager at 909-533-0448. More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-48438  
Information Source:
California Attorney General
records from this breach used in our total: 0
February 12, 2015 Big Fish Games
Seattle, Washington
BSR HACK

Unknown

Big Fish contacted customers of a data breach when they discovered malware installed on their billing and payment pages of their online stores that affected purchases from December 24, 2014 through January 8, 2015.

The information affected included names, addresses, and payment card information, including the card number, expiration date, and CVV2 code.

The company is providing one year free of Experian's ProtectMyID Alert.  For those affected with questions they can call 877-534-7032.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-48441

 
Information Source:
California Attorney General
records from this breach used in our total: 0
February 5, 2015 Anthem
Indianapolis, Indiana
BSF HACK

80 million

Anthem, the second largest health insurance company operating under Anthem Blue Cross, Anthem Blue Cross and Blue Shield Amerigroup and Healthlink has suffered a massive data breach.

The company announced that they have been the victim of a "very sophisticated external cyber attack" on their system. The information compromised includes names, birthdays, medical ID's, Social Security Numbers, street addresses, e-mail addresses, employment and income information.

Over the next several weeks, those who were affected will be receiving some form of identity theft protection.

For those members with questions regarding the breach, the company has set up a toll- free line at 1-877-263-79951-877-263-7995 FREE.

More Information: For the statement by Anthem's CEO Joseph R. Swedish and the dedicated website created for customer information, click here.

Additional Information: http://money.cnn.com/2015/02/04/technology/anthem-insurance-hack-data-se...

UPDATE (2/10/2015): As further investigations are pursued regarding the Anthem breach, research by Brian Krebs and others show that the hacking began as early as April 2014 and is pointing to Chines hacker group known as "Deep Panda". 

At the time, Anthem was called Wellpoint, and upon further investigation Krebs "discovered a series of connected domain names that appear to imitate actual Wellpoint sites, including we11point.com and myhr.we11point.com."

Because these sites were contructed almost 10 months prior, the question has now been raised as to why it took the company such a long time to uncover the hacking.

More Information: http://thehill.com/policy/cybersecurity/232285-analysis-anthem-attack-ma...

 
Information Source:
Media
records from this breach used in our total: 80,000,000
January 30, 2015 CICS Employment Services, Inc
Lincoln City, Oregon
BSO HACK

Unknown

CICS Employment Services notified customers of a data breach when their system was accessed by an unauthorized user (s) gaining access to employment application information on individuals.

The information accessed included names, addresses, dates of birth and Social Security Numbers.

The company is providing 12 months free of AllClearID. Call 1-855-865-4453. For additional questions or concerns a company representative can be reached at 1-888-593-5379.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-48292

 
Information Source:
California Attorney General
records from this breach used in our total: 0
January 30, 2015 Phoenix House Foundation Inc.
New York, New York
BSO HACK

Unknown

On December 22, 2014, the Phoenix House discovered a data breach when their payroll system when a consultant they hired made unauthorized changes to their electronic payroll systems.

The information accessed included names, addresses, Social Security numbers, salary information, and benefit information. The company has terminated the contracted with the consultant and contacted authorities.

The company is offering a 12 month membership in Experian's ProtectMyID Alert for free for those affected.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-48355

 
Information Source:
California Attorney General
records from this breach used in our total: 0
January 29, 2015 Riverside County Regional Medical Center
Moreno Valley, California
MED PORT

Unknown

Riverside Regional Medical Center notified patients of a databreach when one of their employee laptops used in their Opthamology and Dermatology clinics was stolen that contained patient information.

The information on the laptop included names, phone numbers, addresses, dates of birth, Social Security Numbers, and clinical information such as medical record numbers, physicians, diagnosis, treatments received, medical departments and health insurance information.

The facility has set up 12 months free of Experian's ProtectMyID Alert for those affected. For questions call 1-866-313-7993.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-48266

 
Information Source:
California Attorney General
records from this breach used in our total: 0
January 23, 2015 California Pacific Medical Center/Sutter Health
San Francisco, California
MED INSD

844

California Pacific Medical Center notified 844 patients of a data breach to their system when an employee accessed records without authorization.

A total of 844 patients between October 2013 and October 2014, were accessed by this person who has since been terminated. The information obtained included patient demographics, last four digits of Social Security number, clinical information such as diagnosis, clinical notes, and prescription information.

The company states that the employee did not have access to full Social Security numbers, credit card or financial information, driver's license numbers, or California identification numbers.

Those with questions can contact Sutter Health's Chief Privacy Officer toll-free at 1-855-771-42201-855-771-4220 FREE Monday through Friday from 8:00 am to 5 pm Pacific Standard Time.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-48217

 
Information Source:
California Attorney General
records from this breach used in our total: 0
January 21, 2015 Sunglo Home Health Services
Harlingen, Texas
MED PORT

Unknown

Sunglo Home Health Services notified customers/patients of a data breach when their facility was broken into and stole one of their company lap tops. The laptop contained patient information including Social Security Numbers and personal health information.

Currently the company does not know the number of affected patients.

More Information: http://www.krgv.com/news/local-news/Computer-with-Patients-Personal-Info...

 
Information Source:
Media
records from this breach used in our total: 0
January 21, 2015 Mount Pleasant School District
Mount Pleasant, Texas
EDU HACK

915

Mount Pleasant School District has informed approximately 915 present and former staff members that their personal information may have been compromised between January 18th 2015 and January 21st 2015.

 

A spokesperson for Mount Pleasant School District stated “Forest Hills District had a denial of service and discovered they had been hacked,” she said. “The district’s technology director found a Tweet that mentioned us. She looked us up on the Web and called us to let us know on Tuesday.”

When the technology director for Mount Pleasant clicked on the link, it directed him to a file that included names, addresses and Social Security numbers” of MPISD staff.

More Information: http://www.dailytribune.net/news/data-breach-hits-mpisd-employees/articl...

 
Information Source:
Media
records from this breach used in our total: 915
January 16, 2015 Grill Parts.com
Santa Rosa, California
BSR HACK

Unknown

Grillparts.com notified customers of a data breach to their website from January 2014 through October 2014.

The information compromised included first and last names, addresses, personal card account numbers, expiration dates, and credit/debit card security codes. It is currently unknown or has not been reported as to the number of people who were affected.

The company is providing the services of Kroll identity theft protection for one year at no cost to those who might have been affected by the breach.

Visit kroll.idMonitoringService.com and follow the online instructions to take advantage of the Identity Theft Protection Services. You will need to enter the membership ID provided by the company sent in a letter to those whose information has been or could have been compromised.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-48107

 
Information Source:
California Attorney General
records from this breach used in our total: 0
January 15, 2015 Oppenheimer Funds
Denver, Colorado
BSF DISC

Unknown

Oppenheimer Funds was notified by a brokerage firm that works with Oppenheimer Funds that customer information that was mistakenly made available to a representative of the associated brokerage firm.

The information included names, addresses, Oppenheimer Fund account numbers and Social Security numbers.

The company is offering credit protection through Equifax Consumer Services, LLC. For those affected they can reach out to Equifax Consumer Services at 1-888-766-00081-888-766-0008 FREE for information regarding the credit monitoring. Oppenheimer Funds provided a monitoring code to all those affected.  The company can be reached at 1-800-225-56771-800-225-5677 FREE Monday through Friday from 8:00am to 8:00pm Easter time or visit the website at www.oppenheimerfunds.com.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-48071

 
Information Source:
California Attorney General
records from this breach used in our total: 0
January 7, 2015 Lokai
New York, New York
BSO HACK

Unknown

Lokai informed customers of a data breach to their system from July 18, 2014 to October 28, 2014 by hackers who gained access to their server that hosts their website. The hackers installed a program that was designed to record information entered by customers.

The information affected included names, addresses, payment card information, expiration dates, verification codes, and user name and passwords.

For those affected who have questions they can call 1-800-981-75711-800-981-7571 Monday through Friday between the hours of 9:00 a.m and 9:00 p.m. Eastern Time.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47853

 
Information Source:
California Attorney General
records from this breach used in our total: 0
January 6, 2015 NVIDIA Corporation
Santa Clara, California
BSO HACK

Unknown

NVIDIA Corporation suffered a data breach when hackers infiltrated their network and stole employee usernames and passwords.

The company is requesting that those affected change their password and be cautious of "phishing" emails that look like they are coming from a colleague or friend requesting sensitive information.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47824

 
Information Source:
California Attorney General
records from this breach used in our total: 0
January 5, 2015 Morgan Stanley
New York, New York
BSF INSD

350,000

An employee of Morgan Stanley stole customer information on 350,000 clients including account numbers. Additional information on what other information was captured has not yet been released. Files for as many as 900 clients ended up on a website.

The employee has since been fired and the bank is notifying all of the individuals affected and the FBI is currently investigating the incidence.

More Information: http://www.bloomberg.com/news/print/2015-01-05/morgan-stanley-fires-empl...

 
Information Source:
Media
records from this breach used in our total: 0
January 2, 2015 Chic-Fil-A
Atlanta, Georgia
BSO HACK

Unknown

Chic-Fil-A has announced they are investigating a possible data breach to their payment card system. They have not released any details as to the reality of the breach, however, many experts are predicting it could be extensive.

The restaurant chaind operates over 1,850 stores nationwide. Suspicious activity on their payment systems and a report provided to the on December 19, 2014 as to suspicious activity, prompted the company to launch an investigation.

Additional information will be posted as soon as information is available.

More Information: http://www.eweek.com/security/chick-fil-a-may-be-the-latest-retail-data-...

Fast food restaurant chain Chick-fil-A could well be the first retail breach to be publicly confirmed in 2015. Chick-fil-A released a public statement on Jan. 2, confirming that it is investigating a possible data breach at its restaurants. While Chick-fil-A's statement was issued on Jan. 2, the company admitted that it received a report about a potential breach on Dec. 19. After the report was received, Chick-fil-A  indicated that it launched an investigation to determine what had occurred. "The initial report was of potential suspicious activity involving payment cards at a few restaurants," Chick-fil-A stated. "Our investigation is ongoing and we will update as we are able to do so." Chick-fil-A reported 2013 sales of more than $5 billion and has over 1,850 locations, including both stand-alone restaurants and mall locations.  - See more at: http://www.eweek.com/security/chick-fil-a-may-be-the-latest-retail-data-...
Fast food restaurant chain Chick-fil-A could well be the first retail breach to be publicly confirmed in 2015. Chick-fil-A released a public statement on Jan. 2, confirming that it is investigating a possible data breach at its restaurants. While Chick-fil-A's statement was issued on Jan. 2, the company admitted that it received a report about a potential breach on Dec. 19. After the report was received, Chick-fil-A  indicated that it launched an investigation to determine what had occurred. "The initial report was of potential suspicious activity involving payment cards at a few restaurants," Chick-fil-A stated. "Our investigation is ongoing and we will update as we are able to do so." Chick-fil-A reported 2013 sales of more than $5 billion and has over 1,850 locations, including both stand-alone restaurants and mall locations.  - See more at: http://www.eweek.com/security/chick-fil-a-may-be-the-latest-retail-data-...
 
Information Source:
Media
records from this breach used in our total: 0
January 1, 2015 Fast Forward Academy
Altamonte Springs, Florida
EDU HACK

Unknown

The Fast Forward Academy LLC has notified customers of a data breach to their systems that store customer and partner information. The information compromised included names, addresses, Social Security numbers, and email addresses.

The company is providing access to Triple Bureau Credit Monitoring services at no charge for 12 months. Those affected can enroll at https://www.myidmanager.com/promo_code.html and provide the code provided by the company or call 1-866-717-94291-866-717-9429 FREE to set up services or their help line at 1-800-405-61081-800-405-6108 FREE Monday through Friday between the hours of 8 a.m. to 5 p.m. EST.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47924

 
Information Source:
records from this breach used in our total: 0
January 1, 2015 United Airlines
Chicago, Illinois
BSO HACK

Unknown

United Airlines notified customers of an unauthorized access to their MileagePlus account with usernames and passwords obtained from a third-party source.

The unauthorized access began on December 9, 2014, where the hacker (s) attempted to infiltrate the accounts of United Mileage Plus accounts. The hackers obtained MileagePlus numbers and possible account details. The company has stated that if the profile included a credit card number, only the last 4 digits of the card were visible.

United temporarily suspended Mileage Plus accounts. For those with suspended accounts they can call 1-800-421-46551-800-421-4655 FREE to change usernames, passwords, PIN's, and security questions.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47959

 

 

 
Information Source:
California Attorney General
records from this breach used in our total: 0
December 31, 2014 La Jolla Group
Irvine, California
BSO HACK

Unknown

The La Jolla Group has informed customers of a data breach in connection with ecommerce sites that the company manages for various apparel brand licensees.

On December 3, 2014 they noticed unauthorized access to check-out pages on the websites of certain clients. The company then launched an investigation and confirmed that certain information had been breached. The information included names, addresses, phone numbers, email addresses, credit card numbers, CVV2 data and credit card expiration dates of customers who checked out at their clients websites. According to the company no Social Security numbers were compromised.

The company has set up AllClearID for those who were affected for one year for free. Those with questions can contact their hotline at 1-877-403-02811-877-403-0281 FREE between 9:00 a.m and 9 p.m. Eastern Standard Time, Monday through Saturday.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47915

 
Information Source:
California Attorney General
records from this breach used in our total: 0
December 29, 2014 LeapLab
Chandler, Arizona
BSO INSD

Unknown

LeapLab is being sued by the Federal Trade Commission for purchasing "payday loan applications of financially strapped consumers, and then sold that information to marketers whom it knew had no legitimate need for it".

In another FTC case, Ideal Financial Solutions, used this information sold to them to withdraw millions of dollars from individual accounts without permission.

More Information: http://krebsonsecurity.com/2014/12/payday-loan-network-sold-info-to-scam...

 
Information Source:
Krebs On Security
records from this breach used in our total: 0
December 26, 2014 Sony PlayStation
New York, New York
BSO HACK

Unknown

PlayStation and xBox networks over the holiday season. A group calling itself "LizardSquad" hacked both gaming networks on Christmas Day. 

According to the group and KrebsOnSecurity, "various statements posted by self-described LizardSquad members on their open online chat forum - chat.lizardpartrol.com - suggest that these misguided individuals launched the attack for no other reason than because they thought it would be amusing to annoy and dissapoint people who received new Xbox and Playstation consoles as holiday gifts"

More Information: http://krebsonsecurity.com/2014/12/cowards-attack-sony-playstation-micro...

 
Information Source:
Krebs On Security
records from this breach used in our total: 0
December 26, 2014 Microsoft xBox
Redmond , Washington
BSO HACK

Unknown

Microsoft Xbox Live networks were hacked by a group called "LizardSquad", preventing users from playing games over the holiday.

The assault was a DDoS attack (distributed denial-of-service) which "harness the Internet connectivity of many hacked or misconfigured systems so that those systems are forced to simultaneously flood target network with junk Internet traffic. The goal, of course, is to prevent legitimate visitors from being able to load the site or use the service under attack."

More Information: http://krebsonsecurity.com/2014/12/cowards-attack-sony-playstation-micro...

 
Information Source:
Krebs On Security
records from this breach used in our total: 0
December 26, 2014 Physicians Skin and Weight Systems
Roseville, California
MED PORT

Unknown

On November 14, 2014 an employee laptop and hard drive were stolen when their car was broken into. According to the company the laptop was password protected.

The information stored on the laptop included images taken during the course of treatment, names, banking, full routing numbers, credit card numbers, some financing applications that included Social Security Numbers, dates of birth, mailing address, email address, income, rent payments and employer names.

The company is providing 12 months free of AllClearID, call 1-877-437-3998

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47861

 

 
Information Source:
California Attorney General
records from this breach used in our total: 0
December 24, 2014 Boersma Bros.LLC/dba DutchWear
Grants Pass, Oregon
BSR HACK

Unknown

Boersma Brothers, dba DutchWear suffered a databreach when their website was breached exposing the payment information for customers from November 7 and December 6, 2014.

The information compromised included names, addresses, phone numbers, credit card numbers, expiration dates, and credit card security codes.

The company has set up a toll-free help line for customers at 1-844-835-8656 from 8 a.m. and 4 p.m PST, Monday through Friday.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47840

 
Information Source:
California Attorney General
records from this breach used in our total: 0
December 24, 2014 Corday Productions, Inc.
Burbank, California
BSO HACK

Unknown

Corday Productions, Inc. has payroll administered by Sony Pictures Entertainment. As part of the Sony breach, Corday Production Inc.'s employees, independent contractors or employees of contractors providing services to Corday may have had personal information compromised.

The incident is still under investigation as part of the larger Sony investigation. Corday is offering AllClear ID to those who may have been affected. They can be contacted at 1-855-434-80771-855-434-8077  or https://www.allclearid.com/

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47852

 

 
Information Source:
California Attorney General
records from this breach used in our total: 0
December 23, 2014 Rob Kirby, CPA
Santa Rosa, California
BSO PORT

Unknown

Rob Kirby CPA notified customers of a data breach when the car he was driving was broken into and his briefcase, a password protected laptop and flash drive containing confidential client information was stolen.

The information stolen included tax returns for current and previous years, copies of supporting documents associated with the returns, including names, addresses, birth dates, and Social Security numbers for clients, spouses, and dependents.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47844

 

 
Information Source:
California Attorney General
records from this breach used in our total: 0
December 23, 2014 Public Architecture/theonepercent.org
San Francisco, California
BSO HACK

Unknown

On December 8th, 2014 Public Architecture, theonepercent.org, was breached when a hacker broker through the sites security protocols and firewalls to put up a brag page touting his success in hacking. 

The hacker deleted files that affected the operation of the site, and possibly stole usernames, passwords, and contact information.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47847

 
Information Source:
California Attorney General
records from this breach used in our total: 0
December 12, 2014 Acosta Sales and Marketing
Jacksonville, Florida
BSO PORT

Unknown

Acosta, Inc. and its subsidiaries (Mosaic Sales Solutions US Operating Co. LLC) informed customers of a data breach when an employee of their Human Resources department had a laptop containing personal information stolen from their car on November 11, 2014.

For those affected, the company has set up a toll free number to assist with questions at 1-877-237-49711-877-237-4971  Monday through Friday 9:00 a.m to 7:00 p.m Eastern Standard Time. The reference number to the incident is #5316120814.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47713

 

 
Information Source:
California Attorney General
records from this breach used in our total: 0
December 12, 2014 University of California Berkeley
Berkeley, California
EDU HACK

Unknown

The University of California Berkeley has notified individuals of a data breach in their Real Estate Division that resulted in unauthorized access to servers used to support a number of Real Estate programs and work stations. 

These workstations contained files that included some personal information. The investigation of the hacking showed that these servers were breached in mid-to late September.

The personal information included names, Social Security Numbers, credit card numbers and driver's license numbers.

The university is offering identity theft protection and fraud resolution through ID Experts for free for one year. For those affected call 1-877-846-63401-877-846-6340  Monday through Friday from 6 a.m to 6 p.m Pacific Time or go to www.myidcare.com/ucbinfo.

 

 

 

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47717

 
Information Source:
California Attorney General
records from this breach used in our total: 0
Breach Total
816,324,756 RECORDS BREACHED
(Please see explanation about this total.)
from 4,517 DATA BREACHES made public since 2005

Pages

Showing 1-50 of 4517 results