Chronology of Data Breaches
Security Breaches 2005 - Present

Posted Date: April 20, 2005
Updated Date: December 31, 2013

Is this your first visit to our Chronology of Data Breaches?

  • Read our FAQ about what we define as a breached record, how we calculate the "total" records breached, our data sources, state breach notice laws, studies and other resources

  • Learn how to use our Chronology and take advantage of its sophisticated search and sort features

  • Get our RSS Feed to see when we add new breaches to the list

What would you like to do?

Chronology of Data Breaches

Custom Sort
Select your desired results. Then click "Go!"

Click or unclick the boxes then select go.


Select features, then click GO.



Help Guide

Can't find the sort feature you're looking for? Click here to download a CSV file of the data breach list as it exisits today.
Breach Total
930,526,448 RECORDS BREACHED
(Please see explanation about this total.)
from 4,427 DATA BREACHES made public since 2005

Save or Print PDF of Entire Breach List including introduction.Save or Print a PDF of Entire Breach List (including introductory FAQ)

Filter breach list before saving or printing PDF. Conduct a search of the Chronology using its sorting features, and Save or Print a PDF of your search results (Select filters)

If you do not have access to PDF, you can print the Chronology in landscape view.

Date Made Public Name Entity Type
September 28, 2007 Wal-Mart Stores Inc.
Bentonville, Arkansas
BSR INSD

48,686

A Wal-Mart associate took confidential information relating to a group of associates. The former associate was not authorized to retain the information after ending his employment with Wal-Mart. Associate names, Social Security numbers, Wal-Mart job codes and compensation information were exposed. The incident occurred on August 15.

 
Information Source:
Dataloss DB
records from this breach used in our total: 48,686

May 12, 2006 Mercantile Potomac Bank
Gaithersburg, Maryland
BSF PORT

48,000

A laptop containing confidential information about customers, including Social Security numbers and account numbers was stolen when a bank employee removed it from the premises, in violation of the bank's policies. The computer did not contain customer passwords, personal identification numbers (PIN numbers) or account expiration dates. The bank contacted affected customers and offered them one year of free credit monitoring services.

 
Information Source:
Dataloss DB
records from this breach used in our total: 48,000

February 9, 2009 Federal Aviation Administration
Washington, District Of Columbia
GOV HACK

43,000 Total increased to 48,000

Hackers broke into the Federal Aviation Administration's computer system, accessing the names and Social Security numbers of employees and retirees.

 
Information Source:
Dataloss DB
records from this breach used in our total: 48,000

May 1, 2007 JP Morgan
Chicago, Illinois
BSF PORT

47,000

A computer tape containing personal information of wealthy bank clients and some employees was delivered to a secure off-site facility for storage but was later reported missing.

 
Information Source:
Dataloss DB
records from this breach used in our total: 47,000

July 16, 2008 Greensboro Gynecology Associates
Greensboro, North Carolina
MED PORT

47,000

A backup tape of patient information was stolen from an employee who was taking the tape to an off-site storage facility for safekeeping. The stolen information included patients' names, addresses, Social Security numbers, employers, insurance companies, policy numbers and family members.

 
Information Source:
Dataloss DB
records from this breach used in our total: 47,000

June 24, 2013 Florida State University, Florida Department of Education
Tallahassee, Florida
EDU DISC

47,000

The information of 47,000 Florida teachers was publicly accessible for 14 days after a data transfer at Florida State University.  The information was from teachers participating in state prep programs.  The Department of Education used Florida State University as the contractor for the transfer of teacher data.

UPDATE (06/26/2013): People who participated in Florida teacher preparation programs during the 2009 -2010 and 2011-2012 academic years were affected.

 
Information Source:
Media
records from this breach used in our total: 47,000

April 4, 2007 University of California, San Francisco (UCSF)
San Francisco, California
EDU HACK

46,000

(415) 353-8100, isecurity@ucsf.edu

An unauthorized party may have accessed the personal information including names, Social Security numbers, and bank account numbers of students, faculty, and staff associated with UCSF or UCSF Medical Center over the past two years by compromising the security of a campus server.

 
Information Source:
Dataloss DB
records from this breach used in our total: 46,000

February 8, 2012 West Virginia Chiefs of Police Association, Alabama Department of Public Safety, Texas Department of Public Safety, City of Mobile Police Department, Texas Police Chiefs Association, Texas Police Association
, West Virginia
BSR HACK

46,943 (46,000 SSNs reported)

No city is listed.  Board members, members, and organization officers live throughout West Virginia. People in Mobile, Alabama and Texas were also affected.

A hacker obtained and revealed 156 home addresses, phone numbers, cell phone numbers, email addresses, and usernames of police officers associated with the West Virginia Chiefs of Police Association. Retired police chiefs, and every current police chief in West Virginia had their information exposed. The hacker was associated with Anonymous.

UPDATE (08/24/2012): A hacker associated with the attack on West Virginia Chiefs of Police Association and several other law enforcement associations was caught and sentenced to 27 months in federal prison.  He was also ordered to pay $14,062.17 in restitution.  Alabama Department of Public Safety spreadsheets with information on sex crimes and a database listing descriptions of offenders' cars were posted online. Over 46,000 citizens in the state of Alabama may have had their names, Social Security numbers, license plate numbers, dates of birth, phone numbers, addresses, and criminal records accessed by hackers who attacked the City of Mobile Police Department. A total of 787 police officer names, usernames, plain text passwords, addresses, and other agency information from The Texas Police Association was posted online.  The Wisconsin Chiefs of Police Association, the Texas Department of Public Safety, the Dallas Police Department, and the Texas Police Chiefs Association also experienced hack attacks.

 
Information Source:
Databreaches.net
records from this breach used in our total: 46,000

August 13, 2010 Holyoke Medical Center, Caritas Carney Hospital, Milton Hospital, Milford Hospital
Georgetown, Massachusetts
MED PHYS

45,600

At least 32,750 files were found at the Georgetown Transfer Station in Georgetown, MA. Holyoke Medical Center is located in Holyoke, MA. Carney Hospital is located in Dorchester, MA. Milton Hospital is located in Milton, MA. Milford Hospital is located in Milford, MA.

 

A large pile of medical records was found at Georgetown Transfer Station public dump. The reports contained names, addresses, diagnosis, Social Security numbers, and insurance information. A medical billing company known as Goldthwait Associates is believed to be responsible. The medical records are mostly from pathology patients served at the hospitals between 2007 and March of 2010.

UPDATE (9/2/10): Holyoke reported that 24,750 patients were affected.  The exact number of patients affected from other medical centers is still unknown. Between 8,000 and 12,000 patients of Milton Hospital were affected.

UPDATE (10/11/10): Milton Pathology Associates, P.C. reported that a prior owner of Goldthwait Associates improperly disposed of patient information. Eleven thousand patients were affected.  Milford Regional Medical Center reports that the incident affected 19,750 patients.

UPDATE (01/07/2013): People associated with Goldthwait Associates, Chestnust Pathology Services, Milford Pathology Associates, Milton Pathology Associates, and Pioneer Valley Pathology Associates agreed to collectively pay $140,000 to settle allegations related to the breach.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 45,600

May 29, 2008 State Street Corp, Investors Financial Services
Boston, Massachusetts
BSF STAT

45,500

Computer equipment containing personal information on customers and employees of a State Street unit was stolen. The computer equipment was stolen from a vendor hired by Investors Financial Services to provide legal support services. The personal information included names, addresses and Social Security numbers.

 
Information Source:
Dataloss DB
records from this breach used in our total: 45,500

June 23, 2009 Cornell University
Ithaca, New York
EDU PORT

45,277

A stolen Cornell University computer has compromised the personal information of thousands of members of the University community. The computer contains the names and Social Security numbers of current and former students as well as current and former faculty and staff members.

 
Information Source:
Dataloss DB
records from this breach used in our total: 45,277

February 12, 2005 Science Applications International Corp. (SAIC)
San Diego, California
BSO STAT

45,000 employees

On January 25 thieves broke into a SAIC facility and stole computers containing personal information of past and current employees. Stolen information included names, Social Security numbers, addresses, phone numbers and records of financial transactions.

 
Information Source:
Dataloss DB
records from this breach used in our total: 45,000

May 22, 2007 University of Colorado, Boulder
Boulder, Colorado
EDU HACK

45,000

 Hotline: (303) 492-1655

A hacker launched a worm that attacked a University computer server used by the College of Arts and Sciences. Information for 45,000 students enrolled at UC-B from 2002 to the present was exposed, including SSNs. The breach was discovered May 12. Apparently anti-virus software had not been properly configured.

 
Information Source:
Dataloss DB
records from this breach used in our total: 45,000

March 5, 2012 Digital Playground
Van Nuys, California
BSR HACK

72,794 (44,663 credit card numbers obtained)

A group of hackers accessed customer details, credit card numbers, and administrator information.  At least a) 28 administrator names, usernames, email addresses, and encrypted passwords, b) 85 affiliate usernames, plain-text passwords, c) 100 user email addresses, usernames, and plain-text passwords, and d) 82 .gov and .mil email addresses and plain-text passwords were posted. The hackers criticized the ease of obtaining the credit card numbers, expiration dates, cvvs, and customer billing addresses which were all in plain text.  The hackers chose not to post customer credit card numbers.

 
Information Source:
Databreaches.net
records from this breach used in our total: 44,663

May 27, 2005 Cleveland State University
Cleveland, Ohio
EDU PORT

44,420

A laptop containing personal information from applicants, current students, and former students was stolen from the University's admissions office.  The information included Social Security numbers and addresses from as far back as 2001.  Letters were sent to those affected.  

UPDATE (12/24/05):CSU found the stolen laptop

 
Information Source:
Dataloss DB
records from this breach used in our total: 44,420

November 30, 2007 Prudential Financial
Fort Washington, Pennsylvania
BSF INSD

44,023

An employee who had authorized access to personal information was arrested and charged with stealing personal information and identity theft. The employee took client names, Social Security numbers, dates of birth, addresses and bank account information.

 
Information Source:
Dataloss DB
records from this breach used in our total: 44,023

May 21, 2013 Lifeline (Federal Communications Commission), TerraCom Inc., YourTel America Inc.
Washington, District Of Columbia
GOV DISC

127,000 (44,000 Social Security numbers exposed)

TerraCom customers who have questions may call 1-855-297-0243.

Around 44,000 application forms and 127,000 supporting documents for Lifeline were posted online.  Lifeline is a federal program that provides discount internet and phone service for low-income Americans.  Information such as name, Social Security number, scans of food-stamp cards, driver's licenses, tax records, pay stubs, and parole letters was available online. the information had been available since at least March and was removed April 26.

UPDATE (05/23/2013): The story was originally released by Scripps Howard News Service when a reporter found completed Lifeline applications by searching Google for TerraCom-related information.  Terracom and Yourtel are threatening to hold Scripps accountable for costs associated with the breach.  These alleged costs include potentially complying with more than 20 state data breach notification laws.

 
Information Source:
Media
records from this breach used in our total: 44,000

October 14, 2006 T-Mobile USA Inc.
Bellvue, Washington
BSO PORT

43,000 current and former employees

A laptop computer holding personally identifiable information of approximately 43,000 current and former T-Mobile employees disappeared from a T-Mobile employee's checked luggage. T-Mobile has reportedly sent letters to all those affected. The data are believed to include names, addresses, SSNs, dates of birth and compensation information.

 
Information Source:
Dataloss DB
records from this breach used in our total: 43,000

November 16, 2010 Messiah College
Grantham, Pennsylvania
EDU PORT

43,000

An external hard drive was lost or stolen. Current, former and prospective students and their parents may have had their names, Social Security numbers, dates of birth and transcripts exposed. The information was from the financial aid department and spans from 1994 to 2010. Social Security numbers were not collected for all individuals involved, but exact number of individuals who had their Social Security or financial information exposed was not given.

UPDATE (11/21/10): The drive was found by the employee responsible for it.  The likelihood that someone was able to access the information on the drive for a malicious purpose is very low or nonexistent. 

 
Information Source:
Databreaches.net
records from this breach used in our total: 43,000

August 17, 2011 Yale University
New Haven, Connecticut
EDU DISC

43,000

A computer file containing the names and Social Security numbers of former faculty, staff and students was accidentally made accessible online.  The file contained information from 1999 and could be located through a Google search for 10 months.  A change in Google's search engine made the file accessible from September 2010 to July 1, 2011.  A person who performed a Google search on his name discovered the breach on June 30.

 
Information Source:
Databreaches.net
records from this breach used in our total: 43,000

December 17, 2007 West Penn Allegheny Health System
Pittsburgh, Pennsylvania
MED PORT

42,000

    (866) 559-6309 Monday through Friday from 10 a.m. to 6 p.m. or e-mail the hospital at askquestions@wpahs.org.

The names, Social Security numbers, phone numbers, addresses and patient care information of 42,000 patients were all on a laptop computer stolen from a nurse's home. Only home care and hospice patients could be impacted, not patients at the hospitals.

 
Information Source:
Dataloss DB
records from this breach used in our total: 42,000

July 17, 2008 Bristol-Myers Squibb
Jacksonville, Florida
BSO PORT

42,000

A backup computer-data tape containing employees' personal information, including Social Security numbers, was stolen recently. The backup data tape was stolen while being transported from a storage facility. The information on the tapes included names, addresses, dates of birth, Social Security numbers and marital status, and in some cases bank-account information. Data for some employees' family members also were on the tape.

 
Information Source:
Dataloss DB
records from this breach used in our total: 42,000

December 15, 2009 U.S. Army
Fort Belvoir, Virginia
GOV PORT

42,000

http://www.army.mil/-news/2009/12/16/31955-laptop-containing-personal-information-about-mwr-customers-stolen/

A laptop computer belonging to a Family and Morale, Welfare and Recreation Command (FMWRC) employee was stolen.  Types of information compromised included name, Social Security number, home address, date of birth, encrypted credit card information, personal e-mail address, personal telephone number and family member information.

 
Information Source:
Dataloss DB
records from this breach used in our total: 42,000

March 5, 2006 Georgetown University
Washington, District Of Columbia
EDU HACK

41,000

A server was attacked that housed personal information including names, birthdates and Social Security numbers of District seniors served by the Office on Aging.  Georgetown managed the server as part of a grant to manage information services provided by the D. C. Office of Aging. 

 
Information Source:
Dataloss DB
records from this breach used in our total: 41,000

June 30, 2006 National Institutes of Health Federal Credit Union
Rockville, Maryland
BSF UNKN

Very few of 41,000 members affected [not included in total]

NIHFCU and law enforcement are investigating the identity theft of some of its 41,000 members. No details were given on the type of information stolen, or how it was stolen.

 
Information Source:
Media
records from this breach used in our total: 41,000

June 3, 2010 Penn State
University Park, Pennsylvania
EDU DISC

15,806, 25,000 more later discovered

The Pennsylvania State University sent data breach notification letters to 15 806 individuals who at one time had their personal information, including Social Security numbers, stored in a university database. Penn State issued a press release statement on Wednesday informing the university community that a computer in its Outreach Market Research and Data office was found to be actively communicating with a botnet CNC. According to the statement, the database used by the office had previously contained Social Security numbers on individuals. The university, which discontinued use of SSNs for identification purposes in 2005, nevertheless found that an archived copy of the information went undetected in the computer’s cache.

UPDATE (6/8/10): An additional 25,000 individuals may have been affected.

 
Information Source:
Dataloss DB
records from this breach used in our total: 40,806

October 29, 2010 University of Hawai'i West O'ahu (UHWO)
Pearl City, Hawaii
EDU DISC

40,101

Students from the University of Mānoa were also affected.

Unencrypted files that were placed on the faculty web server exposed student information. Student names, Social Security numbers, birth dates, addresses and academic information were placed on the server in December of 2009.  Students who attended UHWO in Fall of 1994 or graduated between 1988 and 1993 were affected. A much larger number of students who attended the University of Hawai'i Mānoa between 1990 and 1998 were also affected. The files were removed on October 18 after a privacy group notified the University. The server was quickly removed from the network.  The faculty member who accidentally placed the file on the server retired before the breach was discovered. 

UPDATE (11/19/10): A former student is filing a class-action lawsuit on behalf of students affected by the University of Hawaii's multiple breaches.  The man attended the Mānoa campus between 1990 and 1998 and claims that he was affected by the this breach and one that occurred in June of 2009.  The names of four other people are attached to his Social Security number and his credit has been used in Georgia. Around 259,000 private records have been exposed by the University of Hawai'i since 2005.

UPDATE (1/27/2012): The University of Hawaii will provide two years of credit protection services and credit restoration services to settle a class-action lawsuit involving data breaches that affected nearly 100,000 students, faculty, alumni, and staff between 2009 and 2011.  The settlement is still subject to court approval.

 
Information Source:
Databreaches.net
records from this breach used in our total: 40,101

April 26, 2005 Michigan State University's Wharton Center
East Lansing, Michigan
EDU HACK

40,000

A hacker may have stolen the credit card information of visitors attending a performing arts venue.  Warnings were sent to Wharton visitors who used their credit cards anytime between September of 2003 and the incident.

 
Information Source:
Dataloss DB
records from this breach used in our total: 40,000

May 19, 2005 Valdosta State University
Valdosta, Georgia
EDU HACK

40,000

A computer server containing campus ID card information and Social Security numbers was hacked. The cards were designed to be used as debit cards by students and employees.

 
Information Source:
Dataloss DB
records from this breach used in our total: 40,000

April 14, 2006 NewTech Imaging
Honolulu, Hawaii
BSO INSD

40,000

Records containing the names, Social Security numbers and birth dates of more than 40,000 members of Voluntary Employees Benefit Association of Hawaii were illegally reproduced at a copying business before they were to be put onto a compact disc for the State. Police later found the data on a computer that had been confiscated as part of a drug investigation.  Those who were on the list and Hawaii Government Employees Association and United Public Workers members who were enrolled in union-sponsored health and group life insurance plans between July and December 1999 were warned.  Investigators were only able to speculate that the theft may have occurred in February of 2005.

 
Information Source:
Dataloss DB
records from this breach used in our total: 40,000

April 6, 2007 Chicago Public Schools
Chicago, Illinois
EDU PORT

40,000

(773) 553-1142

Two laptop computers contain the names and Social Security numbers of current and former employees was stolen from Chicago Public Schools headquarters.

 
Information Source:
Dataloss DB
records from this breach used in our total: 40,000

February 15, 2008 Systematic Automation Inc
Fullerton, California
BSO STAT

40,000

Police filed possession of stolen property charges against a prison parolee who was arrested for having a computer with more than 40,000 names, addresses and Social Security numbers of California residents. The computer was stolen from Systematic Automation Inc., which processes individualized annual statements customized for employees with a summary of their health and other employee benefits. The hard drive contained employee information from 19 agencies. Some of the agencies include the Modesto City Schools, Clovis Unified School District, Los Angeles Department of Water and Power, Nestle Waters North America and the Torrance Unified School District.

 
Information Source:
Dataloss DB
records from this breach used in our total: 40,000

March 10, 2008 Blue-Cross Blue-Shield of Western New York
Buffalo, New York
MED PORT

40,000

A laptop hard-drive containing vital information about members has gone missing. Blue-Cross Blue-Shield of Western New York says it is notifying its members about identity theft concerns after one of it's company laptops went missing.

 
Information Source:
Dataloss DB
records from this breach used in our total: 40,000

November 7, 2008 Arizona's Department of Economic Security
Phoenix, Arizona
GOV PORT

40,000

(DES) is notifying the families of about 40,000 children that their personal data may have been compromised following the theft of several hard drives from a commercial storage facility. The information stored on the stolen disks included the names, addresses and phone numbers of families whose children were referred to the DES for early intervention services over the past several years. In the cases of families that had applied for and received services from the agency, their records also included Social Security numbers.

 
Information Source:
Dataloss DB
records from this breach used in our total: 40,000

May 1, 2009 LexisNexis, Investigative Professionals
Miamisburg, Ohio
BSO CARD

40,000

Companies Lexis Nexis and Investigative Professionals have notified up to 40,000 individuals whose sensitive and personally identifiable information may have been viewed by individuals who did not have legitimate access. The data breach is linked to a Nigerian scam artist who used the information to incur fraudulent charges on victims' credit cards. Of the 40,000 individuals whose information was accessed, up to 300 were compromised and used to obtain fraudulent credit cards. The private information viewed included names, dates of birth and possibly Social Security numbers.

 
Information Source:
Dataloss DB
records from this breach used in our total: 40,000

May 17, 2010 Silicon Valley Eyecare Optometry and Contact Lenses
Santa Clara, California
MED STAT

40,000

A computer and a plasma TV were stolen from the office on Friday April 2nd, 2010. The computer server contained patient names, addresses, phone numbers, email addresses, birth dates, family member names, medical insurance information, medical records, and in some cases, Social Security numbers.  The data were password protected.

 
Information Source:
Databreaches.net
records from this breach used in our total: 40,000

September 12, 2011 Vacationland Vendors, Inc.
WIsconsin Dells, Wisconsin
BSR HACK

40,000

Vacationland Vendors, Inc. arcade equipment used in Sevierville, Tennessee was also affected.

A hacker gained unauthorized access to Vacationland Vendors' card processing systems at Wilderness Waterpark Resort in the Dells and Wilderness at the Smokies in Sevierville.  The breach occurred on march 22.  Customers who used a credit or debit card at one of the resorts between December 12, 2008 and May 25, 2011 were affected.  

 
Information Source:
Databreaches.net
records from this breach used in our total: 40,000

July 30, 2013 US Airways, Advanced Data Processing
Tempe, Arizona
BSO DISC

40,000

A programming error at Advanced Data Processing (ADP) caused employee names, Social Security numbers, and total taxable W-2 wages for the tax years 2010, 2011, and 2012 to be exposed.  A group of other US Airway employees were able to download the payroll information of their colleagues.  ADP corrected the issue in early May and notified US Airways in early June.

 
Information Source:
Media
records from this breach used in our total: 40,000

August 10, 2005 University of North Texas
Denton, Texas
EDU HACK

39,000

A server containing housing records, financial aid inquiries, and in some cases credit card numbers was hacked.  UNT sent letters to current, former, and prospective students whose information may have been accessed.

 
Information Source:
Dataloss DB
records from this breach used in our total: 39,000

November 27, 2006 Johnston County, NC
Johnston County, North Carolina
GOV DISC

About 39,000 North Carolina residents

Personal data, including SSNs, of thousands of taxpayers, were inadvertently posted on the county web site. The information was removed from the site within an hour after officials became aware of the situation.

 
Information Source:
Dataloss DB
records from this breach used in our total: 39,000

July 31, 2010 Montefiore Medical Center
Bronx, New York
MED STAT

39,000

Two computers were stolen during the weekend of May 22nd. Names, medical record numbers, Social Security numbers, dates of birth, insurers, and hospital admission dates for an unknown number of patients were on the computers.

UPDATE (8/3/10): One computer was from the Finance Department and had the information of 16,000 patients; the second computer theft affected the records of 23,000 students from the School Health Program and their families.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 39,000

August 16, 2013 Ferris State University
Big Rapids, Michigan
EDU HACK

62,000 (39,000 Social Security numbers)

An unauthorized person gained access to the school's computer network.  Campus ID numbers, names, and possibly other information of staff and students were exposed.  In addition to the 39,000 people who had their files with Social Security numbers exposed, 19,000 more indidviduals were notified of the breach.

UPDATE (10/22/2013): It is estimated that 62,000 people were affected and $380,000 was spent investigating the breach.  This number includes providing services to those who were affected.

 
Information Source:
Media
records from this breach used in our total: 39,000

August 28, 2013 Missouri Credit Union
Columbia, Missouri
BSF DISC

39,000

A file with customer information was accidentally published on Missouri Credit Union's website on August 5.  The names, Social Security numbers, account numbers, teller and call in passwords, and addresses of Missouri Credit Union members were accessed.  The file was accessed 10 times before the issue was discovered and it was taken off of the website.

 
Information Source:
Media
records from this breach used in our total: 39,000

April 21, 2006 University of Alaska, Fairbanks
Fairbanks, Alaska
EDU HACK

38,941

A hacker had access to names, Social Security numbers, and partial e-mail addresses of current and former students, faculty, and staff.  The University reported that it would not contact those affected after a first and second notification.  Anyone claiming to be from the University after these notifications should be viewed with suspicion.

 
Information Source:
Dataloss DB
records from this breach used in our total: 38,941

April 20, 2007 U.S. Agriculture Department
Washington, District Of Columbia
GOV DISC

38,700

http://www.usda.gov/wps/portal/!ut/p/_s.7_0_A/7_0_1OB?contentidonly=true&contentid=2007/04/0110.xml

The Social Security numbers of people who received loans or other financial assistance from two Agriculture Department programs were disclosed since 1996 in a publicly available database posted on the Internet. Originally, the US Department of Agriculture estimated that the personal information of as many as 150,000 people may be affected, then reduced the number 38,700.

 
Information Source:
Dataloss DB
records from this breach used in our total: 38,700

September 1, 2006 City of Chicago via contractor Nationwide Retirement Solutions, Inc.
Chicago, Illinois
GOV PORT

38,443

(800) 638-1485, http://www.chicagofop.org/Updates/links/nrs.pdf

A laptop was stolen from the home of one of the contractor's employees in April 2005. It was reported to the city July 2006. Data included names, addresses, phone numbers, birth dates and SSNs for those in the city's deferred compensation plan.

 
Information Source:
Dataloss DB
records from this breach used in our total: 38,443

April 26, 2006 Aetna, Omni Hotels and the Department of Defense NAF
Hartford, Connecticut
MED PORT

38,253

A laptop containing personal information including names, addresses and Social Security numbers of Department of Defense (35,253) and Omni Hotel employees (3,000) was stolen from an Aetna employee's car.  Members were notified and Aetna offered to pay for the credit monitoring services of those who were affected.

 
Information Source:
Dataloss DB
records from this breach used in our total: 38,253

February 13, 2006 Ernst & Young
New York, New York
BSO PORT

38,000

Additional locations: Throughout the US and UK

38,000 BP employee in U.S. In addition to Sun, Cisco and IBM employees.

A laptop containing the names, dates of birth, genders, family sizes, Social Security numbers and tax identifiers for current and previous IBM, Sun Microsystems, Cisco, Nokia and BP employees was stolen from a locked car. While Ernst and Young waited until pressured to inform a majority of those affected about the breach, at least one CEO from the affected companies was contacted immediately.

 
Information Source:
Security Breach Letter
records from this breach used in our total: 38,000

January 29, 2008 Georgetown University
Washington, District Of Columbia
EDU PORT

38,000

A hard drive containing the Social Security numbers of Georgetown students, alumni, faculty and staff was reported stolen from the office of Student Affairs.

 
Information Source:
Dataloss DB
records from this breach used in our total: 38,000

March 26, 2008 Broward School District
Coconut Creek, Florida
EDU HACK

38,000

An Atlantic Technical High School senior hacked into a district computer and collected Social Security numbers and addresses of district employees.

 
Information Source:
Dataloss DB
records from this breach used in our total: 38,000

Breach Total
930,526,448 RECORDS BREACHED
(Please see explanation about this total.)
from 4,427 DATA BREACHES made public since 2005
Showing 351-400 of 4427 results


X

Sign In!

Loading