Chronology of Data Breaches
Security Breaches 2005 - Present

Posted Date: April 20, 2005
Updated Date: December 31, 2013

Is this your first visit to our Chronology of Data Breaches?

  • Read our FAQ about what we define as a breached record, how we calculate the "total" records breached, our data sources, state breach notice laws, studies and other resources

  • Learn how to use our Chronology and take advantage of its sophisticated search and sort features

  • Get our RSS Feed to see when we add new breaches to the list

What would you like to do?

Chronology of Data Breaches

Custom Sort
Select your desired results. Then click "Go!"

Click or unclick the boxes then select go.


Select features, then click GO.



Help Guide

Can't find the sort feature you're looking for? Click here to download a CSV file of the data breach list as it exisits today.
Breach Total
931,529,111 RECORDS BREACHED
(Please see explanation about this total.)
from 4,467 DATA BREACHES made public since 2005

Save or Print PDF of Entire Breach List including introduction.Save or Print a PDF of Entire Breach List (including introductory FAQ)

Filter breach list before saving or printing PDF. Conduct a search of the Chronology using its sorting features, and Save or Print a PDF of your search results (Select filters)

If you do not have access to PDF, you can print the Chronology in landscape view.

Date Made Public Name Entity Type
July 1, 2014 Vermont Health Exchange
Williston, Vermont
MED HACK

Unknown

A Romanian hacker accessed the Vermont Health Exchange's development server last December gaining access at least 15 times and going undetected for a month.

"CGI Group, the tech firm hired to build Vermont Health Connect, described the risk as “high” in a report about the attack. It also found possible evidence of sophisticated “counter-forensics activity performed by the attacker to cover his/her tracks.”"

"The report says that no private consumer information was stored on the hacked server, and that CGI Group had “verified that no additional servers [that may store private data] communicated with any of the identified attacker IP addresses.”"

This individual was able to gain access to the server because the defaut password on that server was never changed (in violation of guidelines laid out in the state’s official policy) along with the fact that the access to the server was never restricted to those users who were known and authorized to be on the server.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

July 2, 2014 Goldman Sachs
New York, New York
BSF DISC

Unknown

 

Goldman Sachs Group Inc warned customers of a data breach that occured when an outside contractor emailed confidential client data to a stranger's Gmail account by mistake. The bank has asked a U.S. judge to order Google Inc to delete the email to avert a "needless and massive" breach of privacy.

 

"The breach occurred on June 23 and included "highly confidential brokerage account information," Goldman said in a complaint filed last Friday in a New York state court in Manhattan".

Goldman Sachs did not say how many people were affected and are asking Google to assist in tracking down who has access to the data.

The contractor meant to email a report to a gs.com account but inadvertently sent it to a similar email address with a gmail.com account. Goldman Sachs has not been able to retrieve the report and has not received a response back by the individual who owns the gmail account.

 
Information Source:
Media
records from this breach used in our total: 0

July 3, 2014 Watermark Retirement Communities
Tuscon, Arizona
BSO PORT

Unknown

Watermark Retirement Communities Inc. informed current and former employees of the facility of a data breach when a laptop was stolen on June 13, 2014. The information on these laptops included names, addresses, telephone numbers, email addresses, dates of birth and Social Security numbers. The laptop was password protected.

For those affected they can call 1-800-597-66181-800-597-6618.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

July 7, 2014 Legal Sea Foods
Boston, Massachusetts
BSO HACK

Unknown

Legal Sea Foods informed customers of a data breach that occured on June 5, 2014 that a segment of their mail order web sales and e-commerce environment, that an unauthorized person gained access to a server that contained information from mail order web customer transactions.

After an investigation, transactions made between Jaunary 1, 2014 and May 21, 2014 were potentially affected, which included transactions used with credit cards. Names, credit card numbers, card expiratin dates, and card verification values may have been breached.

The company has informed their payment processing company of the breach and the processor has been working with the credit card companies to provide them the card numbers of those affected.

 
Information Source:
Vermont Attorney General
records from this breach used in our total: 0

July 8, 2014 Heartland Automotive/Jiffy Lube
Irving, Texas
BSO PORT

Uknown

Heartland Automotive (Jiffy Lube) has notified customers of a data breach that has occured when one of their company owned laptop was stolen with personal information on it.

The information included names, addresses, dates of birth, Social Security numbers.

The company is offering 12 months free of AllClearID. For those affected call 1-877-437-4004.

 

 
Information Source:
California Attorney General
records from this breach used in our total: 0

July 9, 2014 Office of Personnel Management
Washington, District Of Columbia
GOV HACK

Unknown

In March 2014, it has been reported that Chinese hackers broke into the computer networks of the United States government, specifically The Office of Personnel Management, which houses personal information of all federal employees. The hackers appeared to be targeting the files on "tens of thousands of employees who have applied for top-secret security clearance."

"The hackers gained access to some of the databases of the Office of Personnel Management before the federal authorities detected the threat and blocked them from the network, according to the officials. It is not yet clear how far the hackers penetrated the agency’s systems, in which applicants for security clearances list their foreign contacts, previous jobs and personal information like past drug use."

This particular hacking is unusual as the US computer systems are constantly being hacked by international hackers, but up until this point, have been stopped before any information was compromised.

Currently, officials are investigating to pinpoint exactly where these attacks came from.

 
Information Source:
Media
records from this breach used in our total: 0

July 8, 2014 The Houstonian Hotel, Club and Spa
Houston, Texas
BSO HACK

Unknown

Secret Service notified The Houstonian Hotel, Club and Spa regarding a breach to their system that houses customer credit card information.

Once the notification happened, the company launched a forensics investigation and discovered that their POS system had been accessed by an unauthorized third party from December 2013 through June 2014, and that the credit card information stored on these systems were compromised.

The company has since stopped the intrusions, but has not communicated how many individuals were affected by the breach. The company is offering 12 months free of credit monitoring services for those affected.

 
Information Source:
Media
records from this breach used in our total: 0

July 11, 2014 Boeing
Seattle, Washington
BSO HACK

Unknown

"Federal prosecutors have charged the owner of a Chinese aviation firm with trying to steal data about U.S. military aircraft by hacking into the computer networks of Boeing and other U.S. companies, according to a federal complaint unsealed in Los Angeles this week.

According to authorities, the individuals allegedly stole information on  Boeing’s C-17 transport plane. Evidence shows that the Chinese hackers obtained large amounts of data on dozens of  military projects.

 
Information Source:
Media
records from this breach used in our total: 0

July 11, 2014 Lockheed Martin
Fortworth, Texas
BSO HACK

Unknown

"Federal prosecutors have charged the owner of a Chinese aviation firm with trying to steal data about U.S. military aircraft by hacking into the computer networks of Lockheed Martin and other U.S. companies, according to a federal complaint unsealed in Los Angeles this week".

Allegedly, the Chinese hackers stole information about Lockheed’s F-22 and F-35 fighter jets.  Large amount of data were stolen on a dozen U.S military projects.

 
Information Source:
Media
records from this breach used in our total: 0

June 23, 2014 Silk Road/U.S Marshall Service
Washington, District Of Columbia
BSF HACK

40

"U.S. Marshals Service accidentally CC’d 40 potential Silk Road Bitcoin bidders instead of BCC’ing them. Thanks to a phishing scheme that took advantage of this slipup, though, an Australian bidder lost 100 Bitcoin—worth an estimated $62,000—according to.

A total of 40 individuals received a phishing email on June 21st from someone who claimed to be from "BitFirm Productions". The email asked they these individuals participate in a survey for a client of the fake media firm and to click on a link that was supposed to be a GoogleDoc, instead the link contained malware.

Unfortunately one individual did click on the link that infected his computer and the hackers were able to transfer 100 Bitcoin out of his account.

 

 
Information Source:
Media
records from this breach used in our total: 0

July 8, 2014 Aecom
Los Angles, California
BSO HACK

Unknown

Aecom has notified current and prior employees of a data breach that exposed employee personnel files. Hackers were able to penetrate their corporate network, which included the employee payroll system for the US specifically.

The information exposed inlcuded names, addresses, Social Security numbers, personal bank account numbers and routing numbers.

The company has set up 12 months of All ClearID at no cost. For those affected they can call which can be reached at 1-877-615-3770.

 

 
Information Source:
California Attorney General
records from this breach used in our total: 0

July 15, 2014 Atlantic Automotive Corporation/dba One Mile Automotive
Towson, Maryland
BSO HACK

Unknown

One Mile Automotive is notifying customers of a data breach of one of their third party vendors, Trade Motion who operates automobile websites and has notified One Mile Automotive that this breach could have included personal information of some of its customers.

The information included names, addresses, email addreasses, telephone numbers, credit card information.

Those who are affected should call 1-855-505-2774.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

July 15, 2014 City of Encinitas/San Dieguito Water District
Encinitas, California
GOV DISC

Unknown

"City of Encinitas and San Dieguito Water District recently were made aware that a Cal-PERS payment document containing Social Security numbers with corresponding employee and former employee names had inadvertently been made accessible to the public on the City’s website on or about May 13, 2014 to July 3, 2014. Based on our research, we found the exposure has been limited to (16) people that accessed the document during that period."

The document contained information of employees and former employees who were enrolled in Cal-PERS during the following timeframes:

City of Encinitas–July 1993-October 2011

City of Encinitas Fire Safety/Fire Protection District–July 1986–October 2011

San Dieguito Water District-July 1989–October 2011

The city of Encinitas is offering 1 year free membership of Protect MyID Alert from Consumer Info.com by Experian.

For those affected with questions contact Courtney Barrett at 760-633-2631 or Jace Schwarm at 760-633-2636.

 

 
Information Source:
California Attorney General
records from this breach used in our total: 0

July 15, 2014 Bank of The West
San Francisco, California
BSF HACK

Unknown

Bank of The West notified customers of an email scam that involved two employees' remote bank email login credentials being compromised. As a result of this unauthorized access, customer information could be at risk.

The information includes names, account numbers, loan numbers, Social Security numbers.

The bank is offering one year free of First Watch ID for those affected. For those with questions regarding the service they can call 1-866-310-7373 or 1-800-488-2265.

 

 
Information Source:
California Attorney General
records from this breach used in our total: 0

July 16, 2014 Bay Area Pain Medical Associates
Sausalito, California
MED STAT

2,780

Bay Area Pain Medical Associates have notified patients of a data breach when several of their desktop computers were stolen.

There were approximately 2,780 patients first and last names, number of years the patients had been seen at their practice. The are reporting that the computer data was encrypted and inaccessible, there was an Excel spreadsheet that containing this information that could have possibly been accessed. No Social Security numbers, dates of birth, financial information, contact information or medical information was exposed.

The facility is offering 12 months free of AllClearID. Those affected can call 1-877-579-2269.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

July 18, 2014 Penn Medicine Rittenhouse
Philadelphia, Pennsylvania
MED PHYS

661

Penn Medicine had to announce a data breach involving receipts that were stolen last month from a locked office in Pennsylvania Hospital.

The information on the receipts included combinations of patient names, dates of birth and the last four digits of credit card numbers.

 
Information Source:
Media
records from this breach used in our total: 0

July 11, 2014 University of Illinois, Chicago
Chicago, Illinois
EDU HACK

Unknown

The University Illinois Chicago (UIC) notified former students of a data breach to their system that included the exposure of personal data.

"A website security breach made two College of Business Administration documents from the 2002 spring semester accessible — a roster from a Special Topics in Accounting course and an advising list for all junior and senior accounting majors, according to a statement from the university".

Personal information was exposed, including Social Security numbers. The university has not stated how many students were affected, and the breach is currently under investigation.

 
Information Source:
Media
records from this breach used in our total: 0

July 16, 2014 Douglas County School District
Castle Rock, Colorado
EDU PORT

Unknown

Douglas County School District notified employees of a data breach of their personal information when a laptop containing their personal information was stolen.

In a letter sent to district employees, the district stated that the stolen computer contained some workers' Social Security numbers and bank account information.

The district is currently investigating the breach.

 
Information Source:
Media
records from this breach used in our total: 0

July 22, 2014 Vice.com
Brooklyn, New York
BSO HACK

Unknown

Reportedly a "Russian hacker group known as W0rm tweeted, along with screenshots, that it had hacked popular news, arts and culture site Vice.com and The Wall Street Journal website, and would sell each stolen database for Bitcoin."

The company has communicated that a hacker was able to access a list of Vice.com CMS users. This list included email addresses and hashed passwords. The company communicated that they since have patched the vulnerablity.

 
Information Source:
Media
records from this breach used in our total: 0

July 23, 2014 Wall Street Journal
New York, New York
BSO HACK

Uknown

The Wall Street Journal was compromised by a Russian hacker who posted images of a list of user accounts claiming they were from the Wall Street Journal. The Wall Street Journal claimed they had an intrusion but that no data was affected.

The information has yet to be confirmed that it was from the Wall Street Journal, however the same type of intrusion was recently confirmed when this same hacker claimed an intrusion to CNET.

 
Information Source:
Media
records from this breach used in our total: 0

July 14, 2014 CNET
New York, New York
BSO HACK

Unknown

Russian hackers infiltrated servers of CNET by the name of W0rm and the Twitter handle @rev-priv8, who "posted an image of remote access to a CNET.com server, with a screenshot of a shell proving a compromise of the site".

CNET would not comment on the nature of the attack or what information was compromised, they have just communicated that they have fixed the problem.

"The image posted on Twitter would indicate the hacker could access and upload files to the website. It's pretty difficult to say how they did it, though. One source suggested it was likely a content management system breach - something like a WordPress or Joomla exploit".

 
Information Source:
Media
records from this breach used in our total: 0

July 17, 2014 Bank of America
Baltimore, Maryland
BSF DISC

Unknown

Aon Hewitt, a human resources benefits service provider for Bank of America, was made aware that a vendor's former employee (Hexaware) sent a copy of certain files and inadvertently uploaded them to an FTP site.

The file contained names and Social Security numbers.

 

 
Information Source:
Maryland Attorney General
records from this breach used in our total: 0

July 28, 2014 Backcountry Gear
Eugene, Oregon
BSR HACK

Unknown

Backcountry Gear notified customers of a data breach with a server that handles credit card information. The company discovered malware that was put onto their server that was able to gain customer names, addresses, purchase information, and credit card/debit card information.

The company has stated they do not collect pin numbers or bank account numbers in a transaction so those would not have been compromised in the breach.

For those who were affected and have questions can call 1-800-953-5499 ext. 5 or email at data@backcountrygear.com.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

July 29, 2014 Northern Trust Company
Chicago, Illinois
BSO DISC

Unknown

The Northern Trust Company communicated a data breach to customers that involved their personal information. Northern Trust Company "provides or previously provided payment services for an employee benefits plan or program in which you participate or participated through. In that capacity, Northern Trust is responsible for maintaining certain personal information about you as a participant of that plan. Regrettably, we are writing to inform you about an inadvertent disclosure by Northern Trust of some of that information".

"As part of normal procedures, Northern Trust sends participant information to record-keeping companies that assist in administering those benefit plans and programs. In late May, a Northern Trust employee transmitted a file containing your information to one of our record-keeping companies that was not responsible for the plan in which you participate (d). The information included your name, address, Social Security number, and benefits plan or program account number, as well as other information about your benefits plan or program account, such as your payment /deduction amounts and, in some situations, bank routing and account numbers used for direct deposits".

 
Information Source:
California Attorney General
records from this breach used in our total: 0

July 30, 2014 CVS/Caremark
Atlanta, Georgia
BSR DISC

350

As reported by a local news station in Atlanta Georgia reported a breach by CVS/Caremark when a mailing went out to CVS Caremark customers offering a switch to a 90-day prescription supply.

Unfortunately the mailings went out to the wrong addresses. "CVS Caremark is in the process of notifying the affected members that due to a programming error, letters intended for fewer than 350 plan members were sent to incorrect addresses".
 
The company said they sent the mailings July 15 and fixed the error after getting complaints. The information exposed were individual names, addresses and what prescriptions the individuals were on.

 
Information Source:
Media
records from this breach used in our total: 0

July 30, 2014 Rite Aid Pharmacy
Milton, Washington
BSR PHYS
521

Rite Aid Pharmacy in Milton Washington notified customer of a data breach, when someone stole a" stack of expired prescription records from a Rite Aid pharmacy in Milton, the company announced Wednesday".

"The records did not contain Social Security numbers or credit card numbers, and there has been no sign of resulting identity theft", spokeswoman Ashley Flower said.

The theft occurred on June 30 when a burglar entered a back room where the records were stored.

"Flower said 521 customers were notified of the theft via mail. She did not know how many records were stolen. The affected customers were offered a free identity theft consultation".

Those who were affected can contact Kroll Inc. at 855-269-6547 or Rite Aid at 800-RITE-AID.


Read more here: http://www.thenewstribune.com/2014/07/30/3309632/expired-prescription-records-stolen.html#storylink=cpy

 
Information Source:
Media
records from this breach used in our total: 0

June 30, 2014 San Antonio Metropolitan Health District
San Antonio, Texas
MED PORT

300

San Antonio Metropolitan Health District announced a data breach involving vaccination records of 300 children when a laptop containing these records was stolen.

The records included first and the last name of the patient, the patient's date of birth, an identifier for the patient's doctor, and the name of the immunizations. The laptop has since been recovered.

 
Information Source:
Media
records from this breach used in our total: 0

June 26, 2014 Salina Family Healthcare Center
Salina, Kansas
MED DISC

500

"Salina Family Healthcare Center (SFHC) notified more than 500 patients of an unintentional transmission of unsecured personal patient protected health information after discovering the following event:

"On April 8, 2014, a staff member submitted a database to the National Commission for Quality Assurance (NCQA) for our involvement in a care coordination research study. The staff member responsible for our participation in the project inadvertently left a table in that database that included patients’ names, dates of birth, chart numbers and CPT codes associated with their care. Upon opening the email, the NCQA staff member who received the database immediately recognized the breach, deleted the database, and notified our staff member"".

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

March 1, 2014 Managed Med, A Psychological Organization
Los Angeles, California
MED UNKN

Unknown

Managed Med, A Pschological Corporation has notified the California Attorney Generals office of a data breach with their system. Currently they have not communicated what information was involved in the breach, the dates or how many people were affected.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

July 30, 2014 Lasko Group, Inc.
West Chester, Pennsylvania
BSR HACK

Unknown

Lasko Group Inc. announced a data breach of customers who purchased on-line parts from them and Air King America Inc. Both companies were the victims of "phishing" emails from an unknown third party. These fraudulent emails led to unauthorized access to their computer network. 

Information breached included names, email addresses, phone numbers, credit card numbers, and credit card expiration dates.

The company is offering AllClearID protect your identity for one year at no cost to those affected. For those who are affected they can sign-up by calling 1-866-979-2595 or at enroll.allclearid.com. The company has also established a confidential assistance line for questions or concerns at 1-877-218-0052 from 9:00 a.m. to 7:00 p.m. EST.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

June 20, 2014 Mount Olympus Mortgage Company
Irvine, California
BSF INSD

Unknown

Mount Olympus Mortgage Company has notified customers of a data breach when a previous employees downloaded mortgage applications from their system to their private Internet accounts and then sent it to a competitor. The information included names, addresses, Social Security numbers, and other information in connection mortgages.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

July 31, 2014 Recreational Equipment Inc. (REI)
Kent, Washington
BSR HACK

Unknown

On July 23, REI discovered that a third-party may have accessed REI customer accounts without authorization obtaining email addresses and passwords.

For those affected who have further questions about this incident, please contact them at privacy@rei.com or 1-800-426-48401-800-426-4840 Monday through Sunday 4 a.m. to 11 p.m. Pacific Time.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

July 8, 2014 Park Hill School District
Kansas City, Missouri
EDU INSD

Unknown

The Park Hill School District has informed current and former Park Hill students and employees of a data breach to their system. A former employee downloaded files onto a hard drive without authorization. When the employee connected it to a home network, the files went onto the Internet.

The information leaked included personnel files and Social Security numbers.

 
Information Source:
Media
records from this breach used in our total: 0

July 17, 2014 Freshology
Burbank, California
BSR HACK

Unknown

Only July 1, 2014 Freshology was performing a routine review of its Internet website and discovered unauthorized code. This code may have compromised billing names, addresses and credit/debit card information of customers.

 

 
Information Source:
New Hampshire Attorney General
records from this breach used in our total: 0

August 5, 2014 Vibram
Concord, Massachusetts
BSR HACK

Uknown

Vibrum USA Inc had notified customers of a data breach in their online ordering system. The compay contracts with a third party web hosting provider vibramfivefinger.com whose systems were compromised when an unauthorized party accessed their system that manages online transactions and inserted malicious code.

The information that may have been compromised included credit card numbers.

The company has set up credit monitoring services through Experian. Those affected can call 1-877-371-7902

 
Information Source:
California Attorney General
records from this breach used in our total: 0

August 7, 2014 University California Santa Barbara
Santa Barbara, California
EDU HACK

Unknown

The University California Santa Barbara has notified unauthorized access to some archival payroll data that included names, social security numbers and direct deposit banking information.

The University has contracted with ID Experts to provide free credit monitoring service, and insurance for identity theft restoration.

If you need assistance enrolling or have additional questions, the University is requesting individuals call the UCSB / ID Experts team at 1-877-919-9184, between the hours of 6:00 am and 6:00 pm Pacific Time.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

August 5, 2014 Russian hacking discovered by Hold Security
Unknown, Wisconsin
BSO HACK

1 billion

"A gang of Russian hackers has amassed over 1 billion username and password combinations and more than 500 million email addresses, a security firm reported late Tuesday, calling it the largest-ever haul of stolen Internet credentials.

The massive trove — stolen from hundreds of thousands of websites — was discovered by the Milwaukee firm Hold Security, according to a post on its website".

According to reports by Hold Security,  it took over seven months to identify the gang, "whom the firm dubbed CyberVor, or cyber-thief in Russian".

 

It appears that no payment card information or Social Security numbers were threatened.

PRC will provide updates as the story unfolds.

 

 

*note: state location provided is that of Hold Security LLC.

 
Information Source:
Media
records from this breach used in our total: 0

August 7, 2014 Anderson & Murison
Los Angeles, California
BSF DISC

Unknown

Anderson & Murison, a wholesale insurance broker, notified individuals of a data breach when individual retail insurance agents applied for personal umbrella insurance policies for their customers via Anderson & Murison's online umbrella rating system.

When the retail agents requested an estimate through this online system, specific information regarding their customers was necessary to obtain the quote/estimate. Information such as first and last names, addresses, policy dates, policy numbers, premium costs, policy amounts, types of policies, dates of birth, all real estate owned and addresses, types of automobiles, other motorized equipment such as watercraft, occupations of both individuals and spouses, employer names and addresses, general information such as traffic violations, etc.

The company is offering identity theft protection through Kroll for one year at no cost.  Those affected can call 1-844-263-8605.

 

 
Information Source:
California Attorney General
records from this breach used in our total: 0

August 7, 2014 San Mateo Medical Center
San Mateo, California
MED INSD

Unknown

San Mateo Medical Center (SMMC) notified individuals of a potential data breach when the facility discovered that an employee who was hired in the payroll unit of the facility failed to disclose a prior conviction for identity theft.

The employee was terminated immediately, but the individual had access to SMMC employee information including names, contact information, Social Security numbers and dates of birth.

The facility reported that they found "no evidence indicating that the employee misused confidential information from SMMC employee records".

SMMC has engaged Kroll to provide identity theft protection for one year at no cost. For those affected they can contact the county at 1-844-530-4127 from 6:00 a.m. to 3:00 p.m. PDT.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

August 12, 2014 Freedom Management Group, LLC dba The Natural
Hauppauge, New York
BSR HACK

Unknown

The Natural, an online store, notified customers of a data breach to their system when an unauthorized party accessed customer payment card data. The unauthorized access occurred from 4/22/2014 to 7/17/2014.

The information accessed included customer credit and debit card numbers, expiratin dates, names, addresses, and phone numbers, account numbers, and passwords.

The company has recommended that those affected change their online passwords to their online account. The company is offering AllClear ID at no cost for 12 months. For those affected they may contact the AllClear ID team at 1-877-615-3771.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

August 15, 2014 Albertsons/AB Acquisitions LLC
Boise, Idaho
BSO HACK

Unknown

The Albertsons grocery chain in Southern California announced a data breach when hackers attempted to obtain customer credit and debit card information from its approximately 180 Southern California stores, as well as stores in several other states.

AB Acquisition LLC which operates Albertson stores, ACME Markets, Jewel-Osco, Shaw’s and Star Markets all under New Albertson’s, Inc. confirmed that the data breach started as early as June 22, 2014 and ended July 17, 2014.

"Albertson stores in Idaho, Montana, North Dakota, Nevada, Oregon, Washington, Wyoming and southern Utah were also affected. In addition, ACME Markets in Pennsylvania, Maryland, Delaware and New Jersey; Jewel-Osco stores in Iowa, Illinois and Indiana; and Shaw’s and Star Markets stores in Maine, Massachusetts, Vermont, New Hampshire and Rhode Island were all impacted by this incident".

The company is offering customers who may have been affected by the breach a year of complimentary identity-protection services. For more information, customers can call (877) 932-7948 or visit Albertsons' website.

More Information: http://www.latimes.com/business/la-fi-breach-alberstons-20140815-story.html
 
Information Source:
Media
records from this breach used in our total: 0

August 18, 2014 MeetMe, Inc.
New Hope, Pennsylvania
BSO HACK

Unknown

MeetMe, Inc. has announced a data breach of their system when hackers gained access to their customer information. The information included names, emails addresses, and passwords.

The company reported that they have contacted their customers to change their usernames and passwords.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

August 20, 2014 The UPS Store
Atlanta, Georgia
BSR HACK

Unknown

The UPS Store, Inc has notified customers of a data breach when they discovered malware in their systems targeting UPS retailers. UPS retained a security firm to review their systems and found malware at 51 locations in 24 states. UPS has a total of 4,470 franchised center locations within the US.

The company announced that both credit and debit card purchases were impacted at the franchised locations from January 20, 2014 through August 11, 2014. The company has since removed the malware from their system.

The company put out the following information: 

For those affected with questions,  please call us at 1-855-731-6016."

 

For more information http://oag.ca.gov/system/files/California%20Distribution_0.pdf?

 
Information Source:
California Attorney General
records from this breach used in our total: 0

August 15, 2014 Supervalue
Eden Prairie, Minnesota
BSO HACK

Unknown

Supervalu, which operates 3,763 outlets, both corporate and franchised stores, has reported a data breach in their point-of-sale system which affected some of its retail food stores, along with several of its stand-alone liquor stores. The information compromised includes account numbers and other information on customer payment cards used at the point-of-sale systems. The data breach occurred from June 22, 2014 through July 17, 2014 according to company spokesperson. The retail grocery chain has notified authorities and the breach is currently under investigation.

 

More Information: http://www.cnbc.com/id/101922584# 

 
Information Source:
Media
records from this breach used in our total: 0

August 22, 2014 ManagedMed Inc (A Psychological Corporation)
Los Angeles, California
MED DISC

Unknown

ManagedMed Inc.(A Psychological Corporation) notified patients and the Attorney General's office of a data breach of their patient scheduling system.

According to the facility patient scheduling information was viewed via an unsecured webpage by at least two non-ManagedMed individuals. This information was visible from March, 2013 through May 15, 2014. The breach allowed unauthorized persons to access the facilities calendaring system and view the information.

This information included patient scheduling information, patient names, telephone numbers, names of providers, notes on the patient which could have included information on the type of visit scheduled or medication/test scheduled for the patient, and dates of appointments.  According to the facility no SSN's, credit card or medical records information were exposed.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

August 12, 2014 Orthopaedic Specialty Institute Medical Group
Orange, California
MED PHYS

49,000

Orthopaedic Specialty Institute Medical Group has reported a data breach when it was discovered that 742 boxes of patient X-rays were stolen from an Iron Mountain Record Management storage facility. After an investigation by the authorities, it was discovered that two Iron Mountain Record Management employees stole the files and melted them down for the silver.

The information in the records, which are 10 to 15 years old,  and could have included patient names, birth dates and medical record numbers.

For those who might have been affected they can call the medical group at 1-714-937-48251-714-937-4825 .

 

More Information: http://www.ocregister.com/articles/medical-631456-rays-group.html

 
Information Source:
Media
records from this breach used in our total: 0

August 26, 2014 Milpitas Knights PAL Youth Football
Milpitas, California
BSO PHYS

80

Parents of 80 youth football players were notified of a data breach, when a bag of registration materials required by the league were stolen from the back seat of a volunteers car.

The information included original birth certificates and physical forms. The league did not comment on what information was entered on the physical form.

 

More Information: http://www.mercurynews.com/sports/ci_26375263/milpitas-youth-football-pl...

 
Information Source:
Media
records from this breach used in our total: 0

August 26, 2014 The Hand Care Center/Shoulder and Elbow Institute
Orange., California
MED PHYS

10,000

The Hand Care Center/Shoulder and Elbow Institute in Orange California notified patients of data breach when they were notified by Iron Mountain Record Management, a facility where the medical practice stores old files, that 25 boxes of X-rays were stolen by two employees of the storage company.  The employees sold the X-rays to a recycler who melted them down to recover the silver. 

The information in the X-ray files included patient names, dates of birth, gender, treating physician, medical record numbers and the image on the X-ray itself.

For those possibly affected, they can call the center at 1-877-615-3762. The center is reporting that any X-rays taken after 2002 were most likely not affected.

 

 

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

August 26, 2014 Long Beach Internal Medical Group
Long Beach, California
MED PHYS

Unknown

The Long Beach Internal Medical Group, Inc. in Long Beach California notified patients of data breach when they were notified by Iron Mountain Record Management, a facility where the medical practice stores old files, that boxes of records were stolen by two employees of the storage company.  Reportedly the employees sold X-rays files to a recycler who melted them down to recover the silver. 

The information in the files stored by the medical practice included names, sex, addresses, dates of birth, telephone numbers, account numbers, office charges, insurance information, diagnosis information, Social Security numbers.

 

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

August 28, 2014 J.P Morgan Chase
New York, New York
BSF HACK

76,000,000

The FBI is investigating a sophisticated hacking attack on JP Morgan Chase and potentially seven other financial institutions. Originally it was reported that possibly one to four other institutions may have been affected, but it appears that the breach could be much larger than originally thought.

The hackers, who are reportedly Russian, gained enough personal information to completely wipe out bank accounts. The sophisticated and coordinated attacks go beyond the typical criminal hacker (s) according to authorities. Investigators are looking into the reasons behind the coordinated attack.

It appears that not only did the hackers gain access to the accounts, but also altered and possibly deleted information.

The attack appears to have been coordinated and directed at specific JP Morgan Chase employees to gain access to their computers and databases at the bank.

Experts are communicating that the hackers would have had to of spent a significant amount of time researching and studying the record system of the bank prior to attempting any kind of unauthorized access. "What was even more concerning is these hackers were able to modify records using high-level credentials and do it in a way that was undetected."

More Information: http://www.foxnews.com/politics/2014/08/28/fbi-reportedly-probing-hack-j...

http://www.cnet.com/news/jpmorgan-hackers-altered-deleted-bank-records-s...

UPDATE (9/16/2014): After further investigation by authorities and Chase Bank, the breach they suffered isn't as severe as originally anticipated. The bank has confirmed that the hackers were able to gain access only to names, addresses and phone numbers, no financial or bank account information was accessed.

More Information: http://www.tomsguide.com/us/chase-bank-breach-update,news-19545.html

UPDATE (10/3/2014): The cyber attack JPMorgan Chase & Co. faced this summer compromised personal information in much greater numbers than first reported. Originally the numbers reported were over 1 million affected customers. After an investigation, JP Morgan Chase reports that hackers gained access to data on more than 76 million account holders--names, addresses, phone numbers and emails. Information on an additional 7 million small businesses was obtained as well. "

"JPMorgan Chase said that names, addresses, phone numbers and email addresses were stolen from the company's servers, but only customers who use the websites Chase.com and JPMorganOnline and the apps ChaseMobile and JPMorgan Mobile were affected".

 

 
Information Source:
Media
records from this breach used in our total: 0

Breach Total
931,529,111 RECORDS BREACHED
(Please see explanation about this total.)
from 4,467 DATA BREACHES made public since 2005
Showing 4351-4400 of 4467 results


X

Sign In!

Loading