Chronology of Data Breaches
Security Breaches 2005 - Present

Posted Date: April 20, 2005
Updated Date: December 31, 2013

Is this your first visit to our Chronology of Data Breaches?

  • Read our FAQ about what we define as a breached record, how we calculate the "total" records breached, our data sources, state breach notice laws, studies and other resources

  • Learn how to use our Chronology and take advantage of its sophisticated search and sort features

  • Get our RSS Feed to see when we add new breaches to the list

What would you like to do?

Chronology of Data Breaches

Custom Sort
Select your desired results. Then click "Go!"

Click or unclick the boxes then select go.


Select features, then click GO.



Help Guide

Can't find the sort feature you're looking for? Click here to download a CSV file of the data breach list as it exisits today.
Breach Total
929,676,448 RECORDS BREACHED
(Please see explanation about this total.)
from 4,421 DATA BREACHES made public since 2005

Save or Print PDF of Entire Breach List including introduction.Save or Print a PDF of Entire Breach List (including introductory FAQ)

Filter breach list before saving or printing PDF. Conduct a search of the Chronology using its sorting features, and Save or Print a PDF of your search results (Select filters)

If you do not have access to PDF, you can print the Chronology in landscape view.

Date Made Public Name Entity Type
January 29, 2007 Mendoza College of Business, Notre Dame University
Notre Dame, Indiana
EDU DISC

Unknown

Additional location: South Bend, Indiana

A file of individuals who took the GMAT test (Graduate Management Admissions Test) was mistakenly left on a computer that was decommissioned. The computer was later reactivated and plugged into the Internet. Its files were available through a file-sharing program. Data included names, scores, SSNs and demographic information from 2001.

 
Information Source:
Media
records from this breach used in our total: 0

February 2, 2007 Indian Consulate via Haight Ashbury Neighborhood Council recycling center
San Francisco, California
GOV PHYS

Unknown

Visa applications and other sensitive documents were accessible for more than a month in an open yard of a recycling center. Information included applicants' names, addresses, phone numbers, birthdates, professions, employers, passport numbers, and photos. A sampling of documents indicated that the paperwork included everyone who applied in the Western states from 2002-2005. Applicants were current and former executives of major Bay Area companies that have operations in India.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

February 2, 2007 New York Department of State
Albany, New York
GOV DISC

Unknown

The agency's Web site posted commercial loan documents that mistakenly contained SSNs. The forms are posted to let lenders know the current financial status of loan recipients.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

February 6, 2007 Metro Credit Services
Hurst, Texas
BSF PHYS

Unknown

Thousands of files from the defunct bill collection company containing medical records, phone bills and Social Security numbers were found in a trash bin.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

February 19, 2007 Stop & Shop Supermarkets
Quincy, Massachusetts
BSR CARD

Unknown

Additional locations: Southern Massachusetts and Rhode Island.  (877) 366-2668

Credit and debit card account information including PIN numbers was stolen by high-tech thieves who apparently broke into checkout-line card readers and PIN pads and tampered with them.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

February 20, 2007 Back and Joint Institute of Texas
San Antonio, Texas
MED PHYS

Unknown

Twenty boxes containing Social Security numbers, photocopies of driver's license numbers, addresses, phone numbers and private medical history of chiropractic patients were found in a dumpster.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

March 12, 2007 Dai Nippon
,
BSO INSD

Unknown

The incident occurred outside of the U.S. and the companies affected were not disclosed.

A former contract worker of a Japanese commercial printing company stole nearly 9 million pieces of private data on customers from 43 clients, including U.S. companies. The stolen data includes confidential information such as names, addresses and credit card numbers intended for use in direct mailing and other printing services. Customers of U.S.-based American Home Assurance Co. and Toyota Motor were affected.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

March 13, 2007 U.S. Department of Agriculture (USDA)
Washington, District Of Columbia
GOV UNKN

Unknown

http://www.usda.gov/oig/webdocs/50501-8-FM.pdf

A total of 95 USDA computers were lost or stolen between Oct. 1, 2005, and May 31, 2006. Some may have contained personal information such as names, addresses, Social Security numbers and payment information. Two-thirds of the computers contained unencrypted data.

 
Information Source:
Media
records from this breach used in our total: 0

March 19, 2007 Science Applications International Corp. (SAIC)
Boise, Idaho
BSO PHYS

Unknown

Barrels filled with thousands of sensitive documents including printed copies of e-mail and performance evaluations along with documents marked “internal use only – not for public release” and “for official use only” were found on the curb outside of SAIC's local office.

 
Information Source:
Media
records from this breach used in our total: 0

March 23, 2007 Swedish Urology Group
Seattle, Washington
MED PORT

Unknown

Three computer hard drives with personal files on hundreds of patients, doctors, and staff were stolen.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

March 29, 2007 RadioShack
Portland, Texas
BSR PHYS

Unknown

20 boxes of discarded records including sales receipts with names, addresses, Social Security numbers, credit card information. and personal information of store employees spanning from 2001 to 2005 were found in a dumpster.

UPDATE (04/03/07): The Texas Attorney General's Office filed an action against the Radio Shack store for violating the state's violating the 2005 Identity Theft Enforcement and Protection Act.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

March 30, 2007 Naval Station San Diego's Navy College Office
San Diego, California
GOV PORT

Unknown

(866) U-ASK-NPC, CSCMailbox@navy.mil

Three laptops were reported missing that may contain Sailors' names, rates and ratings, Social Security numbers, and college course information. The compromise could impact Sailors and former Sailors homeported on San Diego ships from January 2003 to October 2005 and who were enrolled in the Navy College Program for Afloat College Education.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

April 5, 2007 Security Title Agency
Phoenix, Arizona
BSF HACK

Unknown

Hackers "defaced" the company's Web site and may have accessed customer information which is stored on the same server as the site.

 
Information Source:
Media
records from this breach used in our total: 0

April 9, 2007 TurboTax
San Diego, California
BSO DISC

Unknown

The location listed is the headquarters of TurboTax's developer Intuit Consumer Tax Group.

Using TurboTax online to access previous returns, a Nebraska woman was able to access tax returns for other Turbo Tax customers in different parts of the country. The returns contained personal information needed to e-file including bank account numbers with routing digits and Social Security numbers.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

April 12, 2007 Bank of America
Charlotte, North Carolina
BSF PORT

Unknown

A laptop containing personal information of current, former and retired employees including names, addresses, dates of birth and Social Security numbers was stolen when an employee was a victim of a recent break-in. A limited number of people were affected.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

April 27, 2007 Google Ads
Mountain View, California
BSO HACK

Unknown

Top sponsored Google ads linked to 20 popular search terms were found to install a malware program on users' computers to capture personal information and access online accounts for 100 different banks.

 
Information Source:
Media
records from this breach used in our total: 0

April 27, 2007 Caterpillar, Inc., SBA Inc.
Peoria, Illinois
BSO PORT

Unknown

A laptop computer containing personal data of employees including Social Security numbers, banking information and addresses was stolen from a benefits consultant that works with the company.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

April 29, 2007 University of New Mexico
Alburquerque, New Mexico
EDU PORT

3,000 not included in total below because SSNs were apparently not compromised)

Employees' personal information including names, e-mail and home addresses, UNM ID numbers and net pay for a pay period for staff, faculty and a few graduate students may have been stored on a laptop computer stolen from the San Francisco office of an outside consultant working on UNM's human resource and payroll systems.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

May 1, 2007 Healing Hands Chiropractic
Sterling, Colorado
MED PHYS

Unknown

Hundreds of medical records containing the personal information of chiropractic patients including Social Security numbers, birth dates, addresses and, in some cases, credit card information were thrown into a dumpster “due to lack of office space.”

 
Information Source:
Media
records from this breach used in our total: 0

May 1, 2007 JP Morgan
New York, New York
BSF PHYS

Unknown

Documents containing personal financial data of customers including names, addresses and Social Security numbers were found in garbage bags outside five branch offices in New York.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

May 1, 2007 Maine State Lottery Commission
Hallowell, Maine
GOV PHYS

Unknown

Documents containing personal information such as names, Social Security numbers, references to workers compensation claim records, psychiatric and other medical records, and police background checks were found in a dumpster.

 
Information Source:
Media
records from this breach used in our total: 0

May 3, 2007 Montgomery College
Conroe, Texas
EDU DISC

Unknown

A new employee posted the personal information of all graduating seniors including names, addresses and Social Security numbers on a computer drive that is publicly accessible on all campus computers.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

May 7, 2007 Indiana Department of Administration
Indianapolis, Indiana
GOV DISC

Unknown

An employee uploaded a list of certified women and minority business enterprises to the department's Web site and inadvertently included their tax identification numbers, which for some businesses and sole proprietor-ships is the owner's Social Security number. Reports indicate that the number of people affected was no more than a couple hundred.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

May 18, 2007 Alcatel-Lucent
Murray Hill, New Jersey
BSO PORT

Unknown

The telecom and networking equipment maker notified employees that a computer disk containing personal information was lost in transit to Aon Corp., another vendor. It contained names, addresses, SSNs, birth dates, and salary information of current and former employees.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

May 18, 2007 Indianapolis Public Schools
Indianapolis, Indiana
EDU DISC

7,500 (No SSNs or financial information reported)

A local newspaper reporter discovered that sensitive personal information was accessible online, including employee performance reviews, student grade books, student special education needs, and essays.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

May 20, 2007 Northwestern University
Chicago, Illinois
EDU PORT

Unknown

A laptop belonging to the financial aid office was stolen. It contained SSNs and other information of some alumni.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

May 21, 2007 Columbia Bank
Fair Lawn, New Jersey
BSF HACK

Unknown

Columbia Bank notified its online banking customers of a hacking incident. Names and SSNs were accessed, but account numbers and passwords were not.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

May 23, 2007 Check into Cash
Champaign, Illinois
BSF PHYS

Unknown

Consumer loan documents and related reports were found in a trash bin behind the shopping center where Check into Cash is located. Documents contained Social Security numbers, addresses, copies of driver's licenses and other personal information of the company's customers.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

May 25, 2007 Booker T. Washington Community Center
Auburn, New York
NGO PORT

Unknown

A laptop computer with personal information of individuals who applied for Family Health Plus or Child Health Plus state health insurance program benefits was recovered when a woman tried to sell it at a pawn shop.

 
Information Source:
Media
records from this breach used in our total: 0

May 31, 2007 Priority One Credit Union
South Pasadena, California
BSF DISC

Unknown

Priority One Credit Union sent out election ballots to members with Social Security numbers and account numbers printed on the outside of the envelopes

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

June 6, 2007 Cedarburg High School
Cedarburg, Wisconsin
EDU DISC

Unknown

Students obtained names, addresses and Social Security numbers and might have accessed personal bank account information of current and former district employees.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

June 6, 2007 Dearfield Medical Building
Greenwich, Connecticut
MED PHYS

Unknown

A box was discovered at inside a trash bin in May and contains information about lab tests and insurance approvals as well as other medical issues, documents are not medical charts, but do contain patient names and contact information.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

June 14, 2007 Georgia Tech University
Atlanta, Georgia
EDU DISC

23,000 Not included in Total because it's not clear SSNs or account numbers were exposed.

An electronic file containing the personal information of current and former Georgia Tech students was exposed briefly.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

June 14, 2007 Lynchburg City
Lynchburg, Virginia
GOV DISC

1,200 Not included in total because it's not clear SSNs or account numbers were exposed.

Personal information of Lynchburg city employees and retirees was accidentally posted on the city's website among that information employee's prescription medications.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

June 18, 2007 Shamokin Area School District
Coal Township, Pennsylvania
EDU DISC

Unknown

A local newspaper employee gained unauthorized access to the Shamokin Area School District's computer database. It is the same system that stores students' personal information, including Social Security numbers. That newspaper employee brought the security flaw to the attention of school officials.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

June 20, 2007 University Community Hospital
Tampa, Florida
MED DISC

Unknown

A parent says his son should never have received bills in the mail for a pre-employment drug screening visit.  Additionally, he received information about 17 others who were also tested, including Social Security numbers.

 
Information Source:
Media
records from this breach used in our total: 0

June 23, 2007 Winn-Dixie
Pascagoula, Mississippi
MED PHYS

Unknown

Pharmacy documents were found behind a closed Winn-Dixie grocery store, containing telephone numbers, Social Security numbers and addresses of thousands of individuals. Apparently when the grocery store/pharmacy closed, employees put bundles of documents outside to be picked up. However, they were never retrieved.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

June 29, 2007 Harrison County Schools
Charleston, West Virginia
EDU STAT

Unknown

Several computers that contained the personal information, including Social Security numbers, of several Harrison County school employees were stolen. Workers Comp claims between January of 2001 and February of 2007 are at risk.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

July 9, 2007 Girl Scouts Mile Hi
Denver, Colorado
NGO PORT

Unknown

Tapes stolen from a car held personal information from a membership database, including names, addresses, phone numbers. A very limited number of credit card numbers and Social Security numbers were included in the stolen data from the camp and event registration database.

 
Information Source:
Media
records from this breach used in our total: 0

July 11, 2007 Disney Movie Club, Alta Resources, McNeil-PPC Inc
Neenah, Wisconsin
BSO INSD

Unknown

A contract employee stole an unknown number of credit card numbers. Credit-card information was sold by an employee of a Disney contractor to a federal agent as part of an undercover sting operation.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

July 23, 2007 Fox News
Los Angeles, California
BSO DISC

1.5 million Not added to total. It does not appear that SSNs or financial account numbers were exposed.

Sensitive information was exposed on the Fox News web server. The security hole allowed hackers to access login information, names, phone numbers, and email addresses.

 
Information Source:
Media
records from this breach used in our total: 0

August 1, 2007 Lifetime Fitness
Dallas, Texas
GOV PHYS

Unknown

Staff had discarded customer records in easily accessible trash cans behind Dallas businesses. Information that was discarded contained names, addresses, Social Security numbers, driver's license numbers and credit card information, as well as the date of birth of several children. Lifetime Fitness is based in Minnesota.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

August 2, 2007 E.On - U.S.(energy services)
Louisville, Kentucky
BSO PORT

Unknown

A laptop with names, Social Security numbers and birth dates of most E.On U.S. employees and some retirees was stolen last month.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

August 2, 2007 University of Toledo
Toledo, Ohio
EDU STAT

Unknown

(419) 530-4836, (419) 530-3661, (419) 530-1472

Two computers were stolen with hard drives containing student and staff Social Security numbers, names, and grade change information.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

August 3, 2007 WorkCare Orem
Pleasant Grove, Utah
MED PHYS

Unknown

A truck driver found medical documents containing personal information in his truck and on the ground while he picked up a load at a garbage transfer station. The documents contained names, addresses, telephone numbers, Social Security numbers and birth dates.

 
Information Source:
Media
records from this breach used in our total: 0

August 3, 2007 Wabash Valley Correctional Facility
Indianapolis, Indiana
GOV DISC

Unknown

A database containing Social Security numbers, dates of birth and names of people employed at the facility between 1997 and 2002 was unintentionally moved from a secure private drive that was accessible only by the human resources department to a shared directory that could be accessed by other employees here.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

August 4, 2007 Kellogg Community Federal Credit Union
Battle Creek, Michigan
BSF STAT

Unknown

A computer containing personal information on an undisclosed number members was stolen. A file containing some members' names, addresses, telephone numbers, birth dates, Social Security numbers and account numbers was on the computer's hard drive.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

August 6, 2007 Verisign
Mountain View, California
BSO PORT

Unknown

A laptop containing extensive personal information on an undisclosed number of VeriSign employees was stolen from an employee's car. The information included names, addresses, Social Security numbers, dates of birth, telephone numbers, and salary records.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

August 15, 2007 Greater Detroit Hospital
Detroit, Michigan
MED PHYS

Unknown

It's a repeat of a problem that emerged late last year at the Greater Detroit Hospital where metal thieves stripped everything from copper piping to windows, exposing rows of abandoned patient files. Neighbors said there are hundreds of boxes of patient files and payroll records inside, full of credit card and Social Security numbers.

 
Information Source:
Media
records from this breach used in our total: 0

August 16, 2007 Utica Title and Escrow
Bixby, Oklahoma
BSF PHYS

Unknown

Boxes belonging to Utica Title and Escrow had been stored at a storage unit in Bixby. When Utica quit paying rent the storage company went through the legal process to be able to sell everything left behind. No one wanted to buy the boxes of paper so the boxes were thrown out. The boxes contained private information, including Social Security numbers, bank accounts and pay stubs.

 
Information Source:
Media
records from this breach used in our total: 0

Breach Total
929,676,448 RECORDS BREACHED
(Please see explanation about this total.)
from 4,421 DATA BREACHES made public since 2005
Showing 101-150 of 4421 results


X

Sign In!

Loading