Chronology of Data Breaches
Security Breaches 2005 - Present

Posted Date: April 20, 2005
Updated Date: December 31, 2013

Is this your first visit to our Chronology of Data Breaches?

  • Read our FAQ about what we define as a breached record, how we calculate the "total" records breached, our data sources, state breach notice laws, studies and other resources

  • Learn how to use our Chronology and take advantage of its sophisticated search and sort features

  • Get our RSS Feed to see when we add new breaches to the list

What would you like to do?


Click or unclick the boxes then select go.


Select features, then click GO.



Help Guide

Can't find the sort feature you're looking for? Click here to download a CSV file of the data breach list as it exisits today.
Breach Total
931,357,921 RECORDS BREACHED
(Please see explanation about this total.)
from 4,447 DATA BREACHES made public since 2005

Save or Print PDF of Entire Breach List including introduction.Save or Print a PDF of Entire Breach List (including introductory FAQ)

Filter breach list before saving or printing PDF. Conduct a search of the Chronology using its sorting features, and Save or Print a PDF of your search results (Select filters)

If you do not have access to PDF, you can print the Chronology in landscape view.

Date Made Public Name Entity Type
December 25, 2011 Stratfor.com, Strategic Forecasting Inc.
Austin, Texas
BSO HACK

68,063

Anonymous/#AntiSec has claimed responsibility for the hack of a global intelligence company named Stratfor.  Hackers were able to obtain tens of thousands of credit card numbers and other personal information from Stratfor.com.  In addition to credit card numbers with security codes, addresses, and names, the hackers obtained 200GB of emails.  The hackers also claim to have used the credit card information to make over $1 million in donations to charities. Hackers later revealed that the information was even easier to use since it had not been encrypted. Stratfor took the website down within an hour after it was hacked and defaced, but sensitive information had already been leaked.

UPDATE (1/04/2012): A total of 68,063 unique credit card numbers, 859,311 unique email addresses, 860,160 hashed passwords, 50,569 phone numbers and 50,618 U.S. resident addresses were posted.  Of the 68,063 credit card numbers, about 36,000 were not expired.  

UPDATE (2/15/2012): Hackers posing as officials from Stratfor have started emailing infected links to government subscribers whose email addresses were stolen during the breach.

UPDATE (2/27/2012): Wikileaks published more than five million emails that were obtained by hackers during the breach. Some of these emails could contain sensitive information that would unmask sources, reveal security information that the intelligence-gathering company had collected, and reveal information about many Fortune 500 companies that subscribe to Stratfor.

UPDATE (5/03/2012): Four Irish and British men were charged for their involvement with Anonymous's faction Antisec and the Stratfor breach. These men were also charged with involvement in hacks of Fox, Sony Pictures, and the Arizona Department of Public Safety.

UPDATE (7/02/2012): Stratfor agreed to settle a class action lawsuit filed on behalf of customers.  Stratfor will offer members of the class action lawsuit one month of free access to its service, worth $29.08, and an electronic book published by Stratfo called "The Blue Book," priced at $12.99.  These two offers may cost Stratfor $1.75 million.  Additionally, Stratfor agreed to pay for a credit monitoring service for any members of the class action lawsuit who request the service.  Stratfor will also pay a $400,000 lump sum for plaintiff attorneys and various fees.

UPDATE (08/11/2012): Emails with data about the implementation of the domestic surveillance program TrapWire were also exposed. TrapWire gathers surveillance data from major cities in the US, encrypts it, and sends it to a secretive central database center.

UPDATE (05/28/2013): A member of Anonymous pleaded guilty to playing a part in hacking Stratfor Global Intelligence Service, Arizona Department of Public Safety, the Boston Police Patrolmen's Association, the FBI's Virtual Academy, and the sheriff's office of Jefferson County, Alabama.  His charges are related to stealing emails and credit card data as well as hacking Stratfor and several other websites.  He faces up to 10 years in prison and is scheduled to be sentenced on September 6.

UPDATE (11/15/2013): The member of Anonymous was sentenced to 10 years in prison and three years of probation.

 
Information Source:
Databreaches.net
records from this breach used in our total: 68,063

September 9, 2007 McKesson Specialty, AstraZeneca
Scottsdale, Arizona
MED STAT

68,779

 (866) 554-6366

McKesson Health-care services company, is alerting thousands of its patients that their personal information is at risk after two of its computers were stolen from an office.

 
Information Source:
Dataloss DB
records from this breach used in our total: 68,779

December 12, 2008 DJO, Empi Recovery Services
St. Paul, Minnesota
MED PORT

68,857

A laptop was stolen from an employee's car in Minneapolis.  The laptop contained the names, addresses, account balances, insurance company, and Social Security numbers of patients.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 68,857

December 22, 2005 Ford Motor Co.
Dearborn, Michigan
BSO STAT

70,000

A computer containing names and Social Security numbers of current and former employees was stolen.  Ford alerted those who were affected and offered to pay for their credit monitoring services.

 
Information Source:
Dataloss DB
records from this breach used in our total: 70,000

May 11, 2006 Ohio University Hudson Health Center
Athens, Ohio
MED HACK

70,000

http://www.ohio.edu/datasecurity

Names, birth dates, Social Security numbers and medical information were accessed in records of students dating back to 2001, plus faculty, workers and regional campus students.

 
Information Source:
Dataloss DB
records from this breach used in our total: 70,000

January 11, 2007 University of Idaho
Moscow, Idaho
EDU STAT

70,000

(866) 351-1860

Over Thanksgiving weekend, 3 desktop computers were stolen from the Advancement Services office containing personal information of alumni, donors, employees, and students. 331,000 individuals may have been exposed, with as many as 70,000 records containing SSNs, names and addresses.

 
Information Source:
Dataloss DB
records from this breach used in our total: 70,000

July 28, 2007 Yuba County Health and Human Services
Yuba County, California
MED PORT

70,000

A laptop stolen from a building contained personally identifiable information of individuals whose cases were opened before May 2001. The laptop was being used as a backup system for the county's computer system. The data include Social Security numbers, birth dates, driver's license numbers and other private information.

 
Information Source:
Dataloss DB
records from this breach used in our total: 70,000

March 28, 2008 Antioch University
Yellow Springs, Ohio
EDU HACK

70,000

A computer system that contained personal information on about 70,000 people was breached by an unauthorized intruder three times. The system contained the names, Social Security numbers, academic records and payroll documents for current and former students, applicants and employees.

 
Information Source:
Dataloss DB
records from this breach used in our total: 70,000

May 14, 2008 Oklahoma State University
Stillwater, Oklahoma
EDU HACK

70,000

A breach in an Oklahoma State University computer server exposed names, addresses and Social Security numbers of students, staff and faculty who bought parking and transit services permits in the past six years.

 
Information Source:
Dataloss DB
records from this breach used in our total: 70,000

January 29, 2007 Vermont Agency of Human Services
Waterbury, Vermont
GOV HACK

70,000

Customers of New England Federal Credit Union, Central Vermont Public Service Employees Credit Union, First Brandon National Bank, Federal Family Credit Union, Granite Hills Credit Union, Merchants Bank, Northfield Savings Bank, Opportunities Credit Union and the Vermont State Employees Credit Union were affected.

A state computer that contained the names, Social Security numbers and bank account information was hacked into. Some of the information came from noncustodial parents who owed back child support while most of the people affected were customers of New England Federal Credit Union with no history of owing child support. The information is from 2004 and 2005 credit union members.

 
Information Source:
Dataloss DB
records from this breach used in our total: 70,000

April 8, 2011 Family Planning Council
Philadelphia, Pennsylvania
MED INSD

70,000

The list of affected people includes patients who visited any of these various locations: The Children's Hospital of Philadelphia between May 1, 2010 and September 30, 2010, any of the Public Health Management Corporation facilities which include PHMC Care Clinic, PHMC Health Connection, Rising Sun Health Center, Mary Howard Health Center, Community Court, Project Salud and several emergency housing location in Philadelphia between July 16, 2009 and October 29, 2010, Spectrum Health Services, Inc. which operates Haddington Health Center and the Broad Street Health Center between October 31, 2009 and November 30, 2010, Planned Parenthood Southeastern Pennsylvania between July 1, 2009 and October 30, 2010, and Planned Parenthood Association of Bucks County between July 1, 2009 and October 31. Those who may have been affected should call 1-888-414-8020 and enter reference number 3720040811 between 8:00 am-5:00 pm Eastern Time.

A flashdrive was discovered missing from an office on December 28, 2010. It and other items that did not contain patient personal information are presumed to have been stolen by a former employee who left at the end of December. The former employee has an extensive criminal background and was arrested on February 9. Authorities involved in the criminal investigation requested that notification of the breach be delayed due to the investigation. The flash drive contained the personal and medical records of about 70,000 patients. Patient names, Social Security numbers, addresses, phone numbers, dates of birth and other information, including insurance information and medical information was exposed. As a result of the breach, The Family Planning Council will no longer allow unencrypted information to be stored on removable hardware.

 
Information Source:
Databreaches.net
records from this breach used in our total: 70,000

August 9, 2013 Northrop Grunman
Suwanee, Georgia
BSO HACK

70,000

People who were linguists or applied to be linguists within Northrop Grunman Technical Services, inc. Balkans Linguist Support Program may have had their personal information exposed. A database that contained names, Social Security numbers, dates of birth, blood types, contact information, and additionaly types of government-issued identification numbers was accessed by unauthorized parties.  The breach occured sometime between November 2012 and May 2013 and was discovered on July 26.

UPDATE (08/15/2013): Over 70,000 people, including thousands of linguists, were affected.

 
Information Source:
Media
records from this breach used in our total: 70,000

April 8, 2008 WellCare Health Plans Inc.
Atlanta, Georgia
MED DISC

71,000

Private records of members of health insurance programs for the poor or working poor were accidentally made available on the Internet for several days. Those whose data was made available on the Internet included members of Medicaid, the federal health program for the poor, and PeachCare for Kids, a federal-state insurance plan for children of the working poor. About 10,500 members' Social Security numbers may have been viewed by unauthorized people on the Internet, all members of Medicaid or PeachCare. There is a possibility that an initial 59,000 members may have had some personal information made accessible.

 
Information Source:
Dataloss DB
records from this breach used in our total: 71,000

June 25, 2005 University of Connecticut (UCONN)
Storrs, Connecticut
EDU HACK

72,000

University officials became aware of an October 26, 2003 hacking incident.  The personal information included Social Security numbers and addresses for students, faculty, and staff.  The University began contacting those affected in June of 2005.

 
Information Source:
Dataloss DB
records from this breach used in our total: 72,000

June 3, 2006 Buckeye Community Health Plan
Columbus, Ohio
MED PORT

72,000

Four laptop computers containing customer names, Social Security numbers, and addresses were stolen from the Medicaid insurance provider.

 
Information Source:
Dataloss DB
records from this breach used in our total: 72,000

June 6, 2008 Stanford University
Stanford, California
EDU PORT

72,000

Stanford University determined that a university laptop, which was recently stolen, contained confidential personnel data. The university is not disclosing details about the theft as an investigation is under way.

 
Information Source:
Dataloss DB
records from this breach used in our total: 72,000

September 1, 2011 El Paso Independent School DIstrict (EPISD)
El Paso, Texas
EDU HACK

72,000 (26 confirmed cases)

Hackers accessed the EPISD server and were able to collect the personal information of students, teachers and other employees.  There were names, Social Security numbers, and addresses from approximately 63,000 students and 9,000 teachers on the district's internal network (myepisd.org). EPISD was not aware of the breach until a computer security company noticed hackers bragging about breaking into EPISD's system.  Names, ethnicity codes, and student ID numbers for 26 students were posted by hackers named Sy5t3mF41lur3 & t3hblackhatter of H05t_Bu5t0rz.

UPDATE (09/07/2012): A hacker accused of carrying out the attack is scheduled to plead guilty to two counts of computer fraud and one count of fraud linked to identification documents.

 
Information Source:
Databreaches.net
records from this breach used in our total: 72,000

July 17, 2014 Total Bank
Miami, Florida
BSF HACK

72,500

Total Bank,  a subsidiary of Banco Popular that has 21 locations in South Florida, is notifying 72,500 customers that their account information was potentially exposed after an unauthorized third party gained access to the bank's computer network.

Information obtained by this unauthorized third party included names, addresses, account numbers, account balances, Social Security numbers and driver's license numbers.

The bank is offering 12 months free of credit monitoring services for those that were affected.

 
Information Source:
Media
records from this breach used in our total: 72,500

October 22, 2013 AHMC Healthcare, Inc.
Alhambra, California
MED PORT

729,000 (about 73,000 Social Security numbers exposed)

A notice from AHMC Healthcare can be found herehttp://www.garfieldmedicalcenter.com/documents/AHMCPressRelease_10-21-revised1.pdf

The October 12 office theft of two laptops resulted in the exposure of patient information from a number of facilities.  Authorities believe a well-known transient was responsible for the thefts.  San Gabriel Valley Medical Center, Garfield Medical Center, Moneterey Park Hospital, Whittier Hospital Medical Center, Greater El Monte Community Hospital, and Anaheim Regional Medical Center patients were affected. Names, Social Security numbers, diagnosis and procedure codes, insurance identification numbers, and insurance payments were exposed.

 
Information Source:
Media
records from this breach used in our total: 73,000

July 30, 2013 University of Delaware
Newark, Delaware
EDU HACK

74,000

Additional information can be found on the University of Delaware's website here: http://www.udel.edu/it/response/

Students and staff members may have had their information exposed during a hacking incident. The hacker or hackers were able to exploit a vulnerability in software acquired by a vendor.  Names, addresses, Social Security numbers, and university ID numbers were exposed.

UPDATE (08/19/2013): An additional 2,000 people were affected.  They were not employees but had received payment from the University of Delaware.

 
Information Source:
Media
records from this breach used in our total: 74,000

October 3, 2013 Comcast Phone
Bay Area, California
BSO UNKN

74,000

The story can be found herehttp://delaps1.cpuc.ca.gov/CPUCProceedingLookup/f?p=401:56:92869554792401::NO:RP,57,RIR:P5_PROCEEDING_SELECT:I1310003

The California Public Utilities Commission launched an investigation into the unauthorized disclosure and publication of Comcast subscribers' unlisted names, telephone numbers and addresses to determine whether Comcast violated the laws, rules, and regulations of California.

UPDATE (8/25/2014): An evidentiary hearing has been scheduled in this case for September 2014 to investigate whether or not Comcast broke the law.

 

 
Information Source:
Government Agency
records from this breach used in our total: 74,000

March 19, 2008 The Dental Network
Baltimore, Maryland
MED DISC

74,256

(866) 879-7402

A security breach of The Dental Network website left access to member personal data, including names, Social Security numbers, addresses and dates of birth unprotected for approximately two weeks. The Dental Network is an independent licensee of the Blue Cross and Blue Shield Association.

 
Information Source:
Dataloss DB
records from this breach used in our total: 74,256

March 14, 2007 WellPoint's Empire Blue Cross and Blue Shield unit in NY
Indianapolis, Indiana
MED PORT

75,000

800-293-3443

An unencrypted disc containing patient's names, Social Security numbers, health plan identification numbers and description of medical services back to 2003 was lost en route to a subcontractor.

UPDATE (3/14/07): The subcontrator reported that the CD that was reported missing on Feb. 9 has been found.

 
Information Source:
Dataloss DB
records from this breach used in our total: 75,000

April 12, 2007 Georgia Secretary of State
Atlanta, Georgia
GOV PHYS

75,000

http://sos.georgia.gov/pressrel/20070411a.htm

30 boxes of Fulton County voter registration cards that contain names, addresses and Social Security numbers were found in a trash bin.

 
Information Source:
Dataloss DB
records from this breach used in our total: 75,000

October 30, 2007 Pathology Group
Memphis, Tennessee
MED STAT

75,000

Someone broke into a locked office building, several computers with flat screen monitors were stolen. One of those computers had patient information on about 75,000 people. This information included names, addresses, Social Security number, even medical information

 
Information Source:
Dataloss DB
records from this breach used in our total: 75,000

January 21, 2010 University of Missouri System
Columbia, Missouri
EDU DISC 75,000
About 100 people responded to an e-mail notifying students that their Social Security numbers may have been visible in the envelope window of a tax form sent by the University of Missouri System. More than 75,000 Form 1098-Ts were mailed. The four-campus system has no way of assessing how many envelopes displayed the numbers. Form 1098-T is an Internal Revenue Service form that reports tuition billed and paid. Campus Mail Services committed the folding errors.  
Information Source:
Dataloss DB
records from this breach used in our total: 75,000

July 6, 2010 DentaQuest
Chicago, Illinois
MED DISC

76,000

In a statement datelined out of Nashville, DentaQuest reported the laptop theft occurred March 20 in Chicago and was informed of the incident April. DentaQuest reported the laptop contained a database which held the personal information of approximately 76,000 clients. The contractor advised most of the data is not considered sensitive, but the device did contain the first names, last names and Social Security Numbers of about 21,000 individuals. Some 10,500 are Tennessee residents.

 
Information Source:
Dataloss DB
records from this breach used in our total: 76,000

February 10, 2007 State of Indiana Official Website www.IN.gov
Indianapolis, Indiana
GOV HACK

76,600

  (888) 438-8397, Email: securityconcerns @www.IN.gov

A hacker gained access to the State Web site and obtained credit card numbers of individuals who had used the site's online services and gained access to Social Security numbers for 71,000 healthcare workers and 5,600 individuals and businesses.

UPDATE (3/22/07): Investigators have identified a teen they believe hacked into the IN.gov as a prank.

 
Information Source:
Dataloss DB
records from this breach used in our total: 76,600

January 28, 2010 PricewaterhouseCoopers
New York, New York
BSO UNKN

77,000

The names, birth dates and Social Security numbers of 77,000 people were lost in their Chicago office. The people at risk for identify theft are those who were in the PERS and TRS system in 2003-04 as active or inactive employees or retirees. Price Waterhouse Coopers has agreed in a settlement to pay for credit monitoring and other security measures and cover any losses to individuals caused by its mishandling of the information. A number of people associated with the State of Alaska had their information exposed.

 
Information Source:
Dataloss DB
records from this breach used in our total: 77,000

January 12, 2007 MoneyGram International
Minneapolis, Minnesota
BSF HACK

79,000

MoneyGram, a payment service provider, reported that a company server was unlawfully accessed over the Internet last month. It contained information on about 79,000 bill payment customers, including names, addresses, phone numbers, and in some cases, bank account numbers.

 
Information Source:
Media
records from this breach used in our total: 79,000

July 2, 2010 AMR Corporation
Fort Worth, Texas
BSO STAT

79,000

Retirees, current, and former employees who participated in AMR's pension plan may have had their names, Social Security numbers, addresses, dates of birth, and other personal information stolen by the theft of a hard drive containing microfilm files. Employees and beneficiaries of employees who were enrolled between 1960 and 1995 are at risk.

 
Information Source:
Databreaches.net
records from this breach used in our total: 79,000

July 4, 2010 AMR Corporation
Fort Worth, Texas
BSO PORT

79,000

American Airlines parent company said Friday the personal information of about 79,000 retirees, former and current employees has been compromised after a hard drive was stolen from its Fort Worth headquarters. No customer data was affected. The data was held by the company's pension department.  The drive contained images of microfilm files, which included names, addresses, dates of birth, Social Security numbers and a "limited amount" of bank account information. Some health insurance information may have also been included -- mostly enrollment forms, but also details about coverage, treatment, and other administrative information. The data spans a period from 1960 to 1995. AMR also believes some of the employee files also contained information on beneficiaries, dependents and other employees from 1960 to 1995.

 
Information Source:
Dataloss DB
records from this breach used in our total: 79,000

August 10, 2011 University of Wisconsin - Milwaukee
Milwaukee, Wisconsin
EDU HACK

79,000

On May 25, University technology staff learned that unauthorized individuals had installed computer viruses on a University server.  It housed a software system for managing confidential information.  The names and Social Security numbers or people associated with the University could have been exposed.  There was no evidence that unauthorized parties had attempted to download the confidential information.

 
Information Source:
Databreaches.net
records from this breach used in our total: 79,000

May 7, 2005 Department of Justice
Washington, District Of Columbia
GOV PORT

80,000

The laptop was stolen from Omega World Travel of Fairfax, VA.

A laptop containing password protected names and travel account credit card information was stolen sometime between May 7 and May 9.

 
Information Source:
Dataloss DB
records from this breach used in our total: 80,000

July 17, 2007 Louisiana Board of Regents
Baton Rouge, Louisiana
GOV DISC

80,000

Records of students and staff including Social Security numbers,names, and addresses exposed on web.  In all, more than 80,000 names and Social Security numbers were accessible for perhaps as long as two years on an internal Internet site.

 
Information Source:
Dataloss DB
records from this breach used in our total: 80,000

March 4, 2009 New York Police Department
New York, New York
GOV INSD

80,000

A civilian employee of the department's pension fund is accused of stealing eight tapes containing the Social Security numbers and direct-deposit information for 80,000 current and retired cops. The employee, who served as the pension fund's director of communications, has been charged with computer trespass, burglary and grand larceny. He is accused of removing the tapes from a backup data warehouse on Staten Island after disabling security cameras. Police found the missing tapes at his home before arresting him.

 
Information Source:
Dataloss DB
records from this breach used in our total: 80,000

November 18, 2009 Universal American Action Network
St. Petersburg, Pennsylvania
MED DISC

80,000

Thousands of Pennsylvanians are at risk for identity theft because postcards were sent to their homes with their Social Security numbers printed in plain view. The postcards were from the Universal American Action Network, a subsidiary of Universal American Insurance. 80,000 postcards with SSNs on them were sent to Universal clients throughout the country. More than 10,000 were mailed to Medicare participants in Pennsylvania.

 
Information Source:
Dataloss DB
records from this breach used in our total: 80,000

January 31, 2010 Iowa State Racing and Gaming Commission
Des Moines, Iowa
GOV HACK

80,000

The Iowa Racing and Gaming Commission says someone gained access to a computer server that holds more than 80,000 records containing casino employee information. The person who hacked into the system was traced back to China and had used a computer with an external account. The server contains records including names, birth dates and Social Security numbers.

 
Information Source:
Dataloss DB
records from this breach used in our total: 80,000

May 12, 2008 Dave & Buster's
Islandia, New York
BSO HACK

80,000

Three men have been charged with hacking into 11 Dave & Buster's networks and then remotely installing "packet sniffer" software on point-of-sale servers at locations throughout the U.S. A packet sniffer logs information being sent over a network. In this case, the criminals used it to log credit and payment card data as it was sent from the branch locations to corporate headquarters. The hacking took place from April to September 2007. At Dave & Buster's Islandia, New York, location, the hackers accessed details of about 5,000 payment cards. The information was sold to other criminals who then used the card numbers to scam online merchants. The criminals were able to post at least $600,000 in fraudulent transactions from 675 cards taken from this one store.

UPDATE (04/05/2010): In reaching a settlement with Dave & Buster’s, the FTC quietly and without fanfare introduced a new security standard, requiring the company to monitor and filter outbound Internet traffic to block the unauthorized export of sensitive information. The consent decree puts companies on notice that they may face FTC scrutiny and penalties if they fail to use data loss prevention software.

UPDATE (07/19/2012): A member of the hacking ring was sentenced to seven years in prison.  Around 80,000 payment card numbers were taken from the 11 Dave & Buster's locations.  It appears that the hacker was part of a larger conspiracy that last between 2005 and 2008 and affected Hannaford Bros. grocery chain, Heartland Payment Systems, TJX retail chain, BJ's Wholesale Club, OfficeMax, Boston Market, 7-Eleven, JCPenney, Barnes & Noble, Sports Authority, and Forever 21. Two other members of the hacking ring were sentenced to 20 years in prison and 30 years in prison.

 
Information Source:
Dataloss DB
records from this breach used in our total: 80,000

December 8, 2011 Subway
Milford, Connecticut
BSR HACK

80,000

Over 150 Subway franchises and at least 50 other small retailers had customer data hacked from their point-of-sale (POS) systems.  Four Romanian hackers were indicted for hacking and misusing the credit card information between 2008 and May of 2011.  Over $3 million in fraudulent charges on customer cards was obtained by scanning the internet for vulnerable POS systems and then easily breaking the passwords to these systems. Keyloggers and a backdoor were also installed to allow further access to the system.  Retailers who were hit had used a certain type or types of basic POS software and many had failed to change the default password for the software.

UPDATE (01/08/2013): A Romanian national was arrested and sentenced for his role in the POS system hack of Subway.  Three other Romanians face charges related to the breach.

UPDATE (03/19/2013): The scheme may have affected 150 restaurants and may have led to $10 million in fraudulent charges.  Two additional hackers were sentenced on conspiracy to commit computer fraud and conspiracy to commit access device fraud charges.

 
Information Source:
Databreaches.net
records from this breach used in our total: 80,000

January 4, 2008 Mariner Health Care, Windham Brannon, SavaSeniorCare Administrative Services, LLC
Atlanta, Georgia
BSF PORT

80,124

Cash and several laptops were stolen from Windham's Atlanta office on the evening of December 31, 2007.  Windham provides audit services for Mariner's and SaveSeniorCare's 401(k) benefit plans.  Current and former employees may have had their names, Social Security numbers, addresses, dates of birth, salary information and 401(l) account information.

 
Information Source:
Dataloss DB
records from this breach used in our total: 80,124

August 29, 2013 Republic Services
Phoenix, Arizona
BSO PORT

82,160

An unspecified number of current and former employees were affected by the theft of a laptop.  The laptop was stolen from an employee's home on August 10.  The laptop contained names and Social Security numbers.

UPDATE (09/03/2013): As many as 82,160 current and former employees may have been affected.

 
Information Source:
Media
records from this breach used in our total: 82,160

June 17, 2009 Blackbaud Inc.
Charleston, South Carolina
BSO PORT

84,000

A computer that was stolen from a car in Charleston, SC, last year contained personal financial information on 84,000 University of North Dakota donors. The missing laptop belonged to Daniel Island-based software giant Blackbaud Inc., which stressed that all of the information was password-protected and encrypted.

 
Information Source:
Media
records from this breach used in our total: 84,000

March 15, 2006 Ernst & Young, IBM
New York, New York
BSF PORT

84,000

A laptop with sensitive information was stolen from an employee's car in January. IBM employees who may have been stationed overseas during their careers were affected. Names, Social Security numbers, dates of birth, genders, family sizes and tax identifiers for employees were exposed. Those affected were notified in March.

 
Information Source:
Dataloss DB
records from this breach used in our total: 84,000

February 12, 2011 Saint Francis Broken Arrow (Broken Arrow Medical Center)
Broken Arrow, Oklahoma
MED STAT

84,000

A computer that had not been used since May of 2004 was stolen from a secured information systems room. Patient billing information and some employee records were exposed. The information would have included names, Social Security numbers, dates of birth, addresses and patient insurance and diagnostic information.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 84,000

October 7, 2008 University of North Dakota Alumni Association
Grand Forks, North Dakota
EDU PORT

84,554

A laptop computer containing sensitive personal and financial information on alumni, donors and others was stolen from a vehicle belonging to a software vendor retained by the UND. The information, included individuals' credit card and Social Security numbers,

 
Information Source:
Dataloss DB
records from this breach used in our total: 84,554

June 12, 2012 Bethpage Federal Credit Union
Bethpage, New York
BSF DISC

86,000

An employee accidentally posted data onto a file transfer protocol site that was not secure on May 3.  The data contained customer VISA debit card names, addresses, dates of birth, card expiration dates and checking and savings account numbers.  The error was discovered on June 3. The data was accessed, but there was no evidence of identity theft or fraud as of June 12.  New cards were issued to 25% of the affected members and the remaining members will have their affected cards deactivated on June 30.

 
Information Source:
Databreaches.net
records from this breach used in our total: 86,000

April 12, 2012 Housatonic Community College
Bridgeport, Connecticut
EDU HACK

87,667 

Two campus computers were determined to have been infected by malware.  The breach occurred when a faculty or staff member opened an email that contained a virus.  The virus was immediately detected.  Faculty, staff, and students affiliated with the school between the early 1990's and the day of the breach may have had their names, Social Security numbers, dates of birth, and addresses exposed.  Housatonic's president acknowledged that the cost of handling the breach could be as much as $500,000.

 
Information Source:
Dataloss DB
records from this breach used in our total: 87,667

May 4, 2008 Staten Island University Hospital
Staten Island, New York
MED STAT

88,000

Computer equipment stolen from an administrator contained personal information from patients. Social Security numbers and health insurance numbers were contained in computer files on a desktop computer and the backup hard drive.

 
Information Source:
Dataloss DB
records from this breach used in our total: 88,000

September 23, 2008 Texas Lottery Commission
Austin, Texas
GOV INSD

89,000

A former Texas Lottery Commission computer analyst has been arrested for copying the personal data of Texas lottery winners. He downloaded his own work files off his computer and took them to his next job. The names and Social Security numbers of 27,075 mid-level lottery winners -- people who have won prizes from $600 up to around $1 million -- were on the employee's hard drive.

UPDATE 10/31/08: 89,000 lottery winners are being notified their personal information, including Social Security numbers, may have been breached.

 
Information Source:
Dataloss DB
records from this breach used in our total: 89,000

Breach Total
931,357,921 RECORDS BREACHED
(Please see explanation about this total.)
from 4,447 DATA BREACHES made public since 2005
Showing 4151-4200 of 4447 results


X

Sign In!

Loading