We're Moving!

Beginning Thursday January 29th, Privacy Rights Clearinghouse will be moving offices and our phone systems will be down on Thursday the 29th and Friday the 30th. Our phone system will be up starting Monday February 2nd.

If you have a privacy complaint please use our online complaint center https://www.privacyrights.org/new-complaint. If you need to reach a staff member on those days, please send an email and the appropriate staff member will respond as soon as possible or go to our Contact Us page. 


 

Chronology of Data Breaches
Security Breaches 2005 - Present

Posted Date: April 20, 2005
Updated Date: December 31, 2013

Is this your first visit to our Chronology of Data Breaches?

  • Read our FAQ about what we define as a breached record, how we calculate the "total" records breached, our data sources, state breach notice laws, studies and other resources

  • Learn how to use our Chronology and take advantage of its sophisticated search and sort features

  • Get our RSS Feed to see when we add new breaches to the list

What would you like to do?


Click or unclick the boxes then select go.


Select features, then click GO.



Help Guide

Can't find the sort feature you're looking for? Click here to download a CSV file of the data breach list as it exisits today.
Breach Total
932,729,111 RECORDS BREACHED
(Please see explanation about this total.)
from 4,478 DATA BREACHES made public since 2005

Save or Print PDF of Entire Breach List including introduction.Save or Print a PDF of Entire Breach List (including introductory FAQ)

Filter breach list before saving or printing PDF. Conduct a search of the Chronology using its sorting features, and Save or Print a PDF of your search results (Select filters)

If you do not have access to PDF, you can print the Chronology in landscape view.

Date Made Public Name Entity Type
March 19, 2010 National Realty and Investment Advisors, LLC
Hoboken, New Jersey
BSF HACK

Unknown

Certain consumer information was accessed without proper authorization on March 9, 2010. Names and addresses were accessed, as well as additional information that may have included Social Security numbers, dates of birth and/or account numbers.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

February 19, 2007 Stop & Shop Supermarkets
Quincy, Massachusetts
BSR CARD

Unknown

Additional locations: Southern Massachusetts and Rhode Island.  (877) 366-2668

Credit and debit card account information including PIN numbers was stolen by high-tech thieves who apparently broke into checkout-line card readers and PIN pads and tampered with them.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

February 20, 2007 Back and Joint Institute of Texas
San Antonio, Texas
MED PHYS

Unknown

Twenty boxes containing Social Security numbers, photocopies of driver's license numbers, addresses, phone numbers and private medical history of chiropractic patients were found in a dumpster.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

April 4, 2011 Applied Micro Circuits Corporation
Sunnyvale, California
BSR PORT Unknown
The February 23, 2011 theft of a laptop may have exposed the names and Social Security numbers of current and former employees. The laptop was stolen from an employee’s car. Those who were affected were sent notification on March 23.  
Information Source:
Databreaches.net
records from this breach used in our total: 0

September 19, 2012 United States Navy, Smart Web Move
Washington, District Of Columbia
GOV HACK

200,000 (No SSNs or financial information reported)

A hacker or hackers accessed sensitive information and posted it online.  Former and current Navy personnel who used Smart Web Move to arrange household moves could have been affected.  The compromised database stored 11 years of private information, but only 20 people had their information publicly posted.  Usernames, email addresses, security questions and corresponding answers were exposed.

 
Information Source:
Databreaches.net
records from this breach used in our total: 0

March 12, 2007 Dai Nippon
,
BSO INSD

Unknown

The incident occurred outside of the U.S. and the companies affected were not disclosed.

A former contract worker of a Japanese commercial printing company stole nearly 9 million pieces of private data on customers from 43 clients, including U.S. companies. The stolen data includes confidential information such as names, addresses and credit card numbers intended for use in direct mailing and other printing services. Customers of U.S.-based American Home Assurance Co. and Toyota Motor were affected.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

March 13, 2007 U.S. Department of Agriculture (USDA)
Washington, District Of Columbia
GOV UNKN

Unknown

http://www.usda.gov/oig/webdocs/50501-8-FM.pdf

A total of 95 USDA computers were lost or stolen between Oct. 1, 2005, and May 31, 2006. Some may have contained personal information such as names, addresses, Social Security numbers and payment information. Two-thirds of the computers contained unencrypted data.

 
Information Source:
Media
records from this breach used in our total: 0

November 6, 2012 Women & Infants Hospital
Providence, Rhode Island
MED PORT

14,004 (Unknown number of SSNs)

WomenandInfants.org posted a notice: http://www.womenandinfants.org/news/Confidentiality-Notice-for-Patients.cfm

Those with questions may call 1-877-810-7928.

Unencrypted backup tapes containing ultrasound images from ambulatory sites were discovered missing on September 13.  The information was from Providence, Rhode Island between 1993 and 1997 and New Bedford, Massachusetts between 2002 and 2007.  Patient names, dates of birth, dates of exams, physicians' names, and patient ultrasound images were exposed.  A limited number of current and former patients also had their Social Security numbers exposed. Notifications began on November 5.

UPDATE (11/10/2012): A total of 14,004 patients were affected.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

March 19, 2007 Science Applications International Corp. (SAIC)
Boise, Idaho
BSO PHYS

Unknown

Barrels filled with thousands of sensitive documents including printed copies of e-mail and performance evaluations along with documents marked “internal use only – not for public release” and “for official use only” were found on the curb outside of SAIC's local office.

 
Information Source:
Media
records from this breach used in our total: 0

March 23, 2007 Swedish Urology Group
Seattle, Washington
MED PORT

Unknown

Three computer hard drives with personal files on hundreds of patients, doctors, and staff were stolen.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

March 29, 2007 RadioShack
Portland, Texas
BSR PHYS

Unknown

20 boxes of discarded records including sales receipts with names, addresses, Social Security numbers, credit card information. and personal information of store employees spanning from 2001 to 2005 were found in a dumpster.

UPDATE (04/03/07): The Texas Attorney General's Office filed an action against the Radio Shack store for violating the state's violating the 2005 Identity Theft Enforcement and Protection Act.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

March 30, 2007 Naval Station San Diego's Navy College Office
San Diego, California
GOV PORT

Unknown

(866) U-ASK-NPC, CSCMailbox@navy.mil

Three laptops were reported missing that may contain Sailors' names, rates and ratings, Social Security numbers, and college course information. The compromise could impact Sailors and former Sailors homeported on San Diego ships from January 2003 to October 2005 and who were enrolled in the Navy College Program for Afloat College Education.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

April 5, 2007 Security Title Agency
Phoenix, Arizona
BSF HACK

Unknown

Hackers "defaced" the company's Web site and may have accessed customer information which is stored on the same server as the site.

 
Information Source:
Media
records from this breach used in our total: 0

April 9, 2007 TurboTax
San Diego, California
BSO DISC

Unknown

The location listed is the headquarters of TurboTax's developer Intuit Consumer Tax Group.

Using TurboTax online to access previous returns, a Nebraska woman was able to access tax returns for other Turbo Tax customers in different parts of the country. The returns contained personal information needed to e-file including bank account numbers with routing digits and Social Security numbers.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

April 12, 2007 Bank of America
Charlotte, North Carolina
BSF PORT

Unknown

A laptop containing personal information of current, former and retired employees including names, addresses, dates of birth and Social Security numbers was stolen when an employee was a victim of a recent break-in. A limited number of people were affected.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

April 27, 2007 Google Ads
Mountain View, California
BSO HACK

Unknown

Top sponsored Google ads linked to 20 popular search terms were found to install a malware program on users' computers to capture personal information and access online accounts for 100 different banks.

 
Information Source:
Media
records from this breach used in our total: 0

April 27, 2007 Caterpillar, Inc., SBA Inc.
Peoria, Illinois
BSO PORT

Unknown

A laptop computer containing personal data of employees including Social Security numbers, banking information and addresses was stolen from a benefits consultant that works with the company.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

April 29, 2007 University of New Mexico
Alburquerque, New Mexico
EDU PORT

3,000 not included in total below because SSNs were apparently not compromised)

Employees' personal information including names, e-mail and home addresses, UNM ID numbers and net pay for a pay period for staff, faculty and a few graduate students may have been stored on a laptop computer stolen from the San Francisco office of an outside consultant working on UNM's human resource and payroll systems.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

May 1, 2007 Healing Hands Chiropractic
Sterling, Colorado
MED PHYS

Unknown

Hundreds of medical records containing the personal information of chiropractic patients including Social Security numbers, birth dates, addresses and, in some cases, credit card information were thrown into a dumpster “due to lack of office space.”

 
Information Source:
Media
records from this breach used in our total: 0

May 1, 2007 JP Morgan
New York, New York
BSF PHYS

Unknown

Documents containing personal financial data of customers including names, addresses and Social Security numbers were found in garbage bags outside five branch offices in New York.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

May 1, 2007 Maine State Lottery Commission
Hallowell, Maine
GOV PHYS

Unknown

Documents containing personal information such as names, Social Security numbers, references to workers compensation claim records, psychiatric and other medical records, and police background checks were found in a dumpster.

 
Information Source:
Media
records from this breach used in our total: 0

May 3, 2007 Montgomery College
Conroe, Texas
EDU DISC

Unknown

A new employee posted the personal information of all graduating seniors including names, addresses and Social Security numbers on a computer drive that is publicly accessible on all campus computers.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

May 7, 2007 Indiana Department of Administration
Indianapolis, Indiana
GOV DISC

Unknown

An employee uploaded a list of certified women and minority business enterprises to the department's Web site and inadvertently included their tax identification numbers, which for some businesses and sole proprietor-ships is the owner's Social Security number. Reports indicate that the number of people affected was no more than a couple hundred.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

April 23, 2010 DRC Physical Therapy Plus
Monticello, New York
MED PHYS

Unknown

Officials have seized hundreds, perhaps thousands, of files containing Social Security numbers and other private patient information found dumped outside the shuttered office of DRC Physical Therapy Plus. The manila folders, dating back to at least 1998, include information sheets showing the names, addresses and birth dates of patients and, in some cases, Social Security numbers. Deputies impounded a dump truck loaded with patient files and about a dozen or so boxes stacked inside the bucket of a front-loader.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

April 23, 2010 Hutcheson Medical Center
Chattanooga, Tennessee
MED PHYS

Unknown

Anyone who peered inside the mixed paper bin at the Dupont Recycling Center in May of 2009 got an eyeful. Files, in plain sight, which contained sensitive medical and identity information. Authorities don't know how those thousands of files got there. Some of the records came from Hutcheson and a plastic surgery office in the area. The information inside those files included graphic photos, and Social Security numbers.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

April 13, 2010 St. Peter's Hospital
Albany, New York
MED INSD

Unknown

An East Greenbush man who worked as a medical records clerk at St. Peter's Hospital is accused of stealing personal information from patient's files to open credit card accounts. The man allegedly stole Social Security numbers and other personal information from patient's records, then used the data to open credit card accounts for making personal purchases online. The man was charged April 12 with five counts of felony second-degree forgery, three counts of felony second-degree identity theft and three counts of misdemeanor second-degree criminal impersonation.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

March 9, 2010 LPL Financial
Boston, Massachusetts
BSF PORT

Unknown

An unencrypted portable hard drive was stolen from a car of an LPL representative. As a result of the theft, private client information, including names, addresses, dates of birth and Social Security numbers may have been breached.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

May 18, 2007 Alcatel-Lucent
Murray Hill, New Jersey
BSO PORT

Unknown

The telecom and networking equipment maker notified employees that a computer disk containing personal information was lost in transit to Aon Corp., another vendor. It contained names, addresses, SSNs, birth dates, and salary information of current and former employees.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

May 18, 2007 Indianapolis Public Schools
Indianapolis, Indiana
EDU DISC

7,500 (No SSNs or financial information reported)

A local newspaper reporter discovered that sensitive personal information was accessible online, including employee performance reviews, student grade books, student special education needs, and essays.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

May 20, 2007 Northwestern University
Chicago, Illinois
EDU PORT

Unknown

A laptop belonging to the financial aid office was stolen. It contained SSNs and other information of some alumni.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

April 18, 2010 Rapid Return Tax
San Antonio, Texas
BSF PHYS

Unknown

Dozens of legible tax documents were found among ashes in a dumpster outside of a tax return business.  Social Security numbers may have been on the documents.  This appears to be the result of a failure to burn all of the documents.

 
Information Source:
Databreaches.net
records from this breach used in our total: 0

May 21, 2007 Columbia Bank
Fair Lawn, New Jersey
BSF HACK

Unknown

Columbia Bank notified its online banking customers of a hacking incident. Names and SSNs were accessed, but account numbers and passwords were not.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

May 23, 2007 Check into Cash
Champaign, Illinois
BSF PHYS

Unknown

Consumer loan documents and related reports were found in a trash bin behind the shopping center where Check into Cash is located. Documents contained Social Security numbers, addresses, copies of driver's licenses and other personal information of the company's customers.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

May 25, 2007 Booker T. Washington Community Center
Auburn, New York
NGO PORT

Unknown

A laptop computer with personal information of individuals who applied for Family Health Plus or Child Health Plus state health insurance program benefits was recovered when a woman tried to sell it at a pawn shop.

 
Information Source:
Media
records from this breach used in our total: 0

May 31, 2007 Priority One Credit Union
South Pasadena, California
BSF DISC

Unknown

Priority One Credit Union sent out election ballots to members with Social Security numbers and account numbers printed on the outside of the envelopes

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

April 9, 2010 Woodbury Financial Services
Woodbury, Minnesota
BSF PORT

Unknown

A USB containing client names, Social Security numbers, addresses, and dates of birth went missing. The data was unencrypted.  Woodbury is a broker with The Hartford.

 
Information Source:
Databreaches.net
records from this breach used in our total: 0

April 14, 2010 Strategic Workforce Solutions, Tatum SFN division
New York, New York
BSO PORT

Unknown

The Tatum division of SFN (Strategic Workforce Solutions) notified employees that a portable electronic device was stolen from the trunk of a car.  The device contained unencrypted files with names, addresses and Social Security numbers.

 
Information Source:
Databreaches.net
records from this breach used in our total: 0

April 14, 2010 Lam Research Corp.
Fremont, California
BSO PORT

Unknown

A laptop containing the information of people regularly employed at Lam Research Corp. on or after January 1, 2009 was stolen from an employee's car.  Temporary employees and contractors from August 1, 2007 and beyond may have also been affected.  The information included names and Social Security number; however, it was protected by passwords and fingerprints checks.

 
Information Source:
Databreaches.net
records from this breach used in our total: 0

June 6, 2007 Cedarburg High School
Cedarburg, Wisconsin
EDU DISC

Unknown

Students obtained names, addresses and Social Security numbers and might have accessed personal bank account information of current and former district employees.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

June 6, 2007 Dearfield Medical Building
Greenwich, Connecticut
MED PHYS

Unknown

A box was discovered at inside a trash bin in May and contains information about lab tests and insurance approvals as well as other medical issues, documents are not medical charts, but do contain patient names and contact information.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

April 13, 2010 Room Store
Annapolis, Maryland
BSR PHYS

Unknown

A Maryland man found his own credit application lying on the ground near a dumpster.  The dumpster contained thousands of old credit applications and some newer ones.  The information included Social Security numbers, driver's licence numbers, names, addresses, and phone numbers.  Room Store employees were doing a massive cleanup and unknowingly dumped the bag of documents without shredding them.

 
Information Source:
Databreaches.net
records from this breach used in our total: 0

April 14, 2010 Bay Pines VA Medical Center
Bay Pines, Florida
GOV PHYS

Nearly 800 (unknown number of SSNs)

Up to 800 police files were left in an area where the general public could easily access them.  Some of the files contained Social Security numbers, patient addresses, and treatment information.

 
Information Source:
Databreaches.net
records from this breach used in our total: 0

April 7, 2010 Bank of America
Charlotte, North Carolina
BSF INSD

Unknown

An IT staff member of Bank of America pled guilty to installing illegal software on Bank of America ATMs. The software caused the ATMs to erroneously dispense money; some of it may have affected customer accounts.

 
Information Source:
Databreaches.net
records from this breach used in our total: 0

April 8, 2010 HBDirect.com
Waterbury Center, Vermont
BSO HACK

Unknown

A security breach resulted in the possibility that hackers accessed customer names, addresses, credit card information, email addresses and phone numbers. Customers who used the site between December 1, 2009 and February 10th, 2010 may have been affected.

 
Information Source:
Databreaches.net
records from this breach used in our total: 0

January 12, 2010 Valley Kaiser, Kaiser Permanente
Sacramento, California
MED PORT

15,500 (No SSNs or financial information reported)

Additional location: Fresno, CA

An electronic storage device stolen from an employee's car in Sacramento last month contained health information from 15,500 patients, including about 800 in the Fresno area. Information included patient names, medical-record numbers and, for some individuals, ages, dates of birth, gender, phone numbers and other information related to their care and treatment.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

June 14, 2007 Georgia Tech University
Atlanta, Georgia
EDU DISC

23,000 Not included in Total because it's not clear SSNs or account numbers were exposed.

An electronic file containing the personal information of current and former Georgia Tech students was exposed briefly.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

June 14, 2007 Lynchburg City
Lynchburg, Virginia
GOV DISC

1,200 Not included in total because it's not clear SSNs or account numbers were exposed.

Personal information of Lynchburg city employees and retirees was accidentally posted on the city's website among that information employee's prescription medications.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

March 2, 2010 Family Health Center
Reston, Virginia
MED DISC

Unknown

Boxes containing patient information ended up in a dump.  The easily accessible information included health history, surgeries performed, test results, pictures, insurance cards, bank account information and addresses.  The boxes were traced back to Family Health Center on Town Center Parkway.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

March 29, 2010 Proxima Alfa Investments LLC
New York, New York
BSF PORT

Unknown

In November the firm discovered that several backup tapes were missing from its office. The tapes contained customer information such as names, e-mail addresses, addresses, phone numbers, Social Security numbers, bank account information, passport numbers and sometimes scans of passports. The firm ceased operations in mid-2009.

 
Information Source:
Databreaches.net
records from this breach used in our total: 0

June 18, 2007 Shamokin Area School District
Coal Township, Pennsylvania
EDU DISC

Unknown

A local newspaper employee gained unauthorized access to the Shamokin Area School District's computer database. It is the same system that stores students' personal information, including Social Security numbers. That newspaper employee brought the security flaw to the attention of school officials.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

Breach Total
932,729,111 RECORDS BREACHED
(Please see explanation about this total.)
from 4,478 DATA BREACHES made public since 2005
Showing 151-200 of 4478 results


X

Sign In!

Loading