Chronology of Data Breaches
Security Breaches 2005 - Present

Posted Date: April 20, 2005
Updated Date: December 31, 2013

Is this your first visit to our Chronology of Data Breaches?

  • Read our FAQ about what we define as a breached record, how we calculate the "total" records breached, our data sources, state breach notice laws, studies and other resources

  • Learn how to use our Chronology and take advantage of its sophisticated search and sort features

  • Get our RSS Feed to see when we add new breaches to the list

What would you like to do?


Click or unclick the boxes then select go.


Select features, then click GO.



Help Guide

Can't find the sort feature you're looking for? Click here to download a CSV file of the data breach list as it exisits today.
Breach Total
929,676,448 RECORDS BREACHED
(Please see explanation about this total.)
from 4,421 DATA BREACHES made public since 2005

Save or Print PDF of Entire Breach List including introduction.Save or Print a PDF of Entire Breach List (including introductory FAQ)

Filter breach list before saving or printing PDF. Conduct a search of the Chronology using its sorting features, and Save or Print a PDF of your search results (Select filters)

If you do not have access to PDF, you can print the Chronology in landscape view.

Date Made Public Name Entity Type
January 11, 2011 University of Connecticut, HuskyDirect.com
Storrs, Connecticut
EDU HACK

18,059

Customers who used their credit cards on UConn's Huskydirect.com sports gear website may have had their personal information exposed in a data security breach. A hacker was able to access the Huskydirect.com customer database and may have viewed billing information with names, addresses, telephone numbers, credit card numbers, expiration dates, security codes and email addresses. The Huskydirect.com database is run by an outside vendor. People who made purchases offline are not at risk.

UPDATE (1/31/2011): Some people who were affected by the breach have recently reported fraudulent charges.

UPDATE (2/19/2011): Additional details reveal the exact number of names that were on the customer database, the fact that the perpetrator used an administrative password, and the fact that Fandotech, the company that was hosting and managing the site, was not following correct web security procedures.

 
Information Source:
Databreaches.net
records from this breach used in our total: 18,059

June 29, 2005 Bank of America
Charlotte, North Carolina
BSF PORT

18,000

A laptop containing the names, Social Security numbers, and addresses of customers was stolen from a consultant's car.

 
Information Source:
Dataloss DB
records from this breach used in our total: 18,000

August 7, 2006 U.S. Department of Veterans Affairs via contractor Unisys Corporation
Reston, Virginia
GOV INSD

5,000

Five thousand Philadelphia patients, 11,000 Pittsburgh patients and 2,000 deceased patients were affected.  There is a possibility that 20,000 others were also affected.

A computer at contractor's office was reported missing Aug. 3.  It contained billing records with names, addresses, SSNs, and dates of birth of veterans at two Pennsylvania locations.

UPDATE (9/15/06): Law enforcement recovered the computer and arrested an individual who had worked for a company that provides temporary labor to Unisys.

 
Information Source:
Dataloss DB
records from this breach used in our total: 18,000

December 31, 2008 Ohio State University
Columbus, Ohio
EDU DISC

18,000

http://www.studentlife.osu.edu/dataexposure

Ohio State University has notified 18,000 current and former students that their personel information was mistakenly stored on a computer server exposed to the Internet. The data included student names, Social Security numbers, addresses and coverage dates for those enrolled in the health insurance plan for three quarters in 2005-06.

 
Information Source:
Dataloss DB
records from this breach used in our total: 18,000

April 8, 2009 Metro Nashville School/Public Consulting Group
Nashville, Tennessee
EDU DISC

18,000

(615) 259-INFO (4636)

Metro Nashville students' names, Social Security numbers, addresses and dates of birth and parents' demographic information were available by searching Google. A private contractor unintentionally put student data on a computer Web server that wasn't secure. The data was available online from Dec. 28 to March 31.

 
Information Source:
Dataloss DB
records from this breach used in our total: 18,000

June 11, 2014 Stanford Federal Credit Union
Palo Alto, California
BSF DISC

18,000

Stanford Federal Credit Union informed 18,000 members that their personal information was sent to another member accidentally. According to the letter sent to the members,  credit union employees recognized the error immediately and the data was destroyed without it being read to the recipient. The data sent was a list of members who were pre-approved for loans. The credit union employee who sent the list inadvertently sent it to a member who had the same first name as the staff member it was meant for.

According to the credit union, the member had not yet read the mail and worked with the staff of the credit union to properly destroy it.

 
Information Source:
California Attorney General
records from this breach used in our total: 18,000

July 3, 2014 Blue Shield of California/Department of Managed Healthcare
San Francisco, California
BSF DISC

18,000

The Department of Managed Health Care informed individuals of a breach concerning their personal information. Health plans regulated by the Department of Managed Health Care (DMHC) are required to provide the DMHC periodically with current rosters of the medical providers the health plans contract with.

These plans are not supposed to include confidential or personal information in the rosters because these rosters are generally public documents.

"The DMHC discovered that Blue Shield of California had inadvertently included provider Social Security numbers in the rosters Blue Shield provided to the DMHC in February, March and April, 2013". Blue Shield neglected to inform the DMHC that the information was confidential or alert the DMHC that a mistake had been made on the documentation.

The information included Social Security numbers, providers' names, business addresses, business telephone numbers, medical groups, and practice areas.

For those affected Blue Shield is offering you a free-one-year membership in Experian's ProtectMyID Alert.  For those with questions they can call 1-877-371-7902.

 
Information Source:
California Attorney General
records from this breach used in our total: 18,000

July 17, 2013 Office of the Medicaid Inspector General (OMIG)
Albany, New York
MED INSD

17,743

A link to the official notice can be foudn here:

http://apps.cio.ny.gov/apps/mediaContact/public/preview.cfm?parm=E5EBBF4...

An OMIG employee sent an email that contained sensitive records to their own email account on October 12, 2012.  Medicaid paitient first and last names, Social Security numbers, dates of birth, and Medicaid client information numbers may have been compromised. 

 
Information Source:
Media
records from this breach used in our total: 17,743

March 20, 2005 Northwestern University
Evanston, Illinois
EDU HACK

17,500

Hackers gained access to multiple computers and gathered user ID and password information from the University's network.  The personal information for around 500 faculty members, 2000 staff members, and 14,000 alumni was compromised. 

 
Information Source:
Media
records from this breach used in our total: 17,500

December 15, 2006 University of Colorado, Boulder, Academic Advising Center
Boulder, Colorado
EDU HACK

17,500

http://www.colorado.edu/its/security/awareness/privacy/identitytheft.pdf

A server in the Academic Advising Center was the subject of a hacking attack. Personal information exposed included names and SSNs for individuals who attended orientation sessions from 2002-2004. CU-Boulder has since ceased using SSNs as identifiers for students, faculty, staff, and administrators.

 
Information Source:
Dataloss DB
records from this breach used in our total: 17,500

May 23, 2007 Waco Independent School District
Waco, Texas
EDU HACK

17,400

Two high school seniors recently hacked into the district's computer network potentially compromising the personal information including Social Security numbers of students and employees.

 
Information Source:
Dataloss DB
records from this breach used in our total: 17,400

June 23, 2008 Colt Express Outsourcing Services, CNET Networks
Walnut Creek, California
BSO STAT

17241

Burglars stole computer systems from the offices of the company that administers the Internet publisher's benefit plans. The computers contained names, birth dates, Social Security numbers and employment information of the beneficiaries of CNET's health insurance plans. CNET was only one of several clients affected.

UPDATE (8/26/08): Among the companies whose staffers have been exposed by the Colt break-in in Walnut Creek, California: Google, Bebe Stores, Alston & Bird, and the California Bankers Assn.

 
Information Source:
Dataloss DB
records from this breach used in our total: 17,241

June 5, 2009 Virginia Commonwealth University
Richmond, Virginia
EDU STAT

17,214

A desktop computer was stolen from a secured area within Cabell Library in mid-April. The computer may have contained student names, Social Security numbers and test scores dating from October 2005 to the present. VCU discontinued use of Social Security numbers as ID numbers in January 2007. An additional 22,500 students are being notified that their names and test scores may have also been on the computer. No Social Security numbers were recorded with those names, but computer-generated student ID numbers may have been.

 
Information Source:
Dataloss DB
records from this breach used in our total: 17,214

February 17, 2006 Mount St. Mary's Hospital
Lewiston, New York
MED PORT

17,000

Two laptops containing dates of birth, addresses and Social Security numbers of patients were stolen in an armed robbery in New Jersey.  The laptops and sensitive files were password protected.  The Hospital contacted those whose information may have been compromised.  St. Mary's is just one of ten hospitals that were affected by the theft.

 
Information Source:
Dataloss DB
records from this breach used in our total: 17,000

April 27, 2006 Long Island Railrad via contractor Iron Mountain
Jamaica, New York
GOV PORT

17,000

Data tapes containing personal information including names, addresses, Social Security numbers and salary figures of virtually everyone who worked for or currently works for the agency were lost.  The lost occurred during delivery by contractor Iron Mountain. Data tapes belonging to the U.S. Department of Veteran's Affairs may also have been affected.

 
Information Source:
Dataloss DB
records from this breach used in our total: 17,000

June 3, 2006 Humana
Louisville, Kentucky
MED DISC

17,000 current and former Medicare enrollees

Personal information of Humana customers enrolled in the company's Medicare prescription drug plans could have been compromised when an insurance company employee called up the data through a hotel computer and then failed to delete the file.

 
Information Source:
Dataloss DB
records from this breach used in our total: 17,000

July 14, 2006 Northwestern University
Evanston, Illinois
EDU HACK

17,000

(888) 209-0097. http://www.northwestern.edu/newscenter/stories/2006/07/data.html 

Files containing names and some personal information including SSNs were on 9 desktop computers that had been accessed by unauthorized persons outside the University. The computers were in the Office of Admissions and Financial Aid.

 
Information Source:
Dataloss DB
records from this breach used in our total: 17,000

October 19, 2006 Allina Hospitals and Clinics
Minneapolis, Minnesota
MED PORT

Individuals in 17,000 households

A laptop stolen from a nurse's car on October 8 contains the names and SSNs of individuals in approximately 17,000 households participating in the Allina Hospitals and Clinics obstetric home-care program since June 2005.

 
Information Source:
Dataloss DB
records from this breach used in our total: 17,000

June 11, 2007 Pfizer
New York, New York
BSO DISC

17,000

866-274-3891

Installation of certain file sharing software on a Pfizer laptop, exposed files containing names, Social Security numbers, addresses and bonus information of present and former Pfizer colleagues. Investigation revealed that certain files containing data were accessed and copied.

 
Information Source:
Dataloss DB
records from this breach used in our total: 17,000

May 2, 2008 Marine Corps Reserve Center
San Antonio, Texas
GOV INSD

17,000

A former U.S. military contractor has pleaded guilty to exceeding authorized access to a computer and aggravated identity theft after he was accused of selling names and Social Security numbers of 17,000 military employees.

 
Information Source:
Media
records from this breach used in our total: 17,000

July 9, 2010 Emily Morgan Hotel
San Antonio, Texas
BSO PHYS

17,000

Identity thieves obtained stacks of credit card receipts from one of the hotel's storage rooms in 2006.  Hundreds of thousands of dollars in fraudulent charges were then made in three different states.  Investigators first became aware of a large identity theft issue in the area during the beginning of 2009.

UPDATE (12/4/2010): The ringleader pleaded guilty to ID theft fraud conspiracy, access device fraud and conspiracy to launder money. Seven other co-conspirators have been identified.

UPDATE (4/7/2011): A former hotel worker faces up to 22 years in prison for stealing customer information and using it to go on a shopping spree.  In 2006, the former employee used credit card receipts from the Emily Morgan hotel in downtown San Antonio to make fraudulent charges totaling $300,000.  This appears to be the one of the largest cases in Alamo City’s history.  The accused former employee pleaded guilty to three charges and is scheduled to be sentenced in July.

 
Information Source:
Databreaches.net
records from this breach used in our total: 17,000

June 25, 2007 UnitedHealthCare
Trumbull, Connecticut
MED INSD

17,000

A former employee had the names, Social Security numbers, dates of birth and addresses of about 127 members. The employee is believed to have participated in fraudulent activity and may have accessed approximately 17,000 members' information during the final 2 1/2 years of his or her employment.

 
Information Source:
Dataloss DB
records from this breach used in our total: 17,000

May 14, 2012 York County, South Carolina
York, South Carolina
GOV HACK

17,000

Hackers gained access to York County's web application server.  It contained two databases with the information of 17,000 job applicants and vendors.  The first database contained about 12,500 names from as far back as 15 years ago.  The second database was newer and contained information that had been collected up until August 29, 2011.  The intrusion was discovered by the county on August 29 and no new applicants or vendors were affected by the breach.  Those who may have been affected were not notified until after a thorough investigation by York County's IT department.  No definitive evidence was found for a breach after the nine-month investigation.

 
Information Source:
Dataloss DB
records from this breach used in our total: 17,000

October 10, 2012 Equifax
Atlanta, Georgia
BSF DISC

17,000

Equifax settled charges with the Federal Trade Commission after it was discovered that Equifax Information Services improperly sold lists of consumer data.  People who were late on their mortgage payments had their information sold to firms that should not have received the information and subsequently resold it to other firms.  Equifax agreed to pay nearly $1.6 million to resolve charges that it violated the FTC and Fair Credit Reporting Acts. The settlement prohibits Equifax from providing prescreened lists to unauthorized parties, having poor procedures for releasing prescreened lists, and selling prescreened lists in certain circumstances.

 
Information Source:
Media
records from this breach used in our total: 17,000

December 24, 2008 Federal Emergency Management Agency
New Orleans, Louisiana
GOV DISC

16,857

An unauthorized breach of private information resulted in the information release of 16,857 names, Social Security numbers, phone numbers, and other private details of people who had applied for benefits. The information was flashed on a pair of privately run Web sites, but for how long was unclear.

 
Information Source:
Dataloss DB
records from this breach used in our total: 16,857

April 5, 2005 MCI
Colorado Springs, Colorado
BSO PORT

16,500

A laptop containing names and Social Security numbers of current and former employees was stolen from the car trunk of an MCI financial analyst.  An MCI spokesperson stated that MCI would continue its policy of allowing laptops to be taken home by employees and will evaluate new security technologies.

 
Information Source:
Dataloss DB
records from this breach used in our total: 16,500

June 30, 2006 U.S. Department of Veteran Affairs
Washington, District Of Columbia
GOV PORT

16,500

A data tape disappeared from a VA facility in Indianapolis, IN that contained information on legal cases involving U.S. veterans and included veterans' Social Security numbers, dates of birth and legal documents.

UPDATE (10/11/06): The VA's Office of the General Counsel is offering identity theft protection services to those affected by the missing tape.

 
Information Source:
Dataloss DB
records from this breach used in our total: 16,500

September 14, 2006 Illinois Department of Corrections (IDOC)
Springfield, Illinois
GOV PHYS

16,500

A document containing employees' personal information was found outside the agency's premises where it should not have been. It has since been retrieved. Information included employees' names, SSNs, and salaries.

 
Information Source:
Dataloss DB
records from this breach used in our total: 16,500

April 26, 2005 Christus St. Joseph's Hospital
Houston, Texas
MED STAT

16,000

Two computers used for converting paper medical records into digital files were stolen.  One of the computers contained Social Security numbers and medical records for hundreds of patients.  Letters were sent to about 16,000 patients.

 
Information Source:
Dataloss DB
records from this breach used in our total: 16,000

August 1, 2006 Ron Tonkin Nissan
Portland, Oregon
BSR UNKN

Up to 16,000 affected

Questions? Call: (503) 251-3349

Several months ago the car dealership experienced a security breach affecting the personal information of those who bought cars or applied for credit between 2001 and March 2006.

 
Information Source:
Dataloss DB
records from this breach used in our total: 16,000

September 28, 2006 North Carolina Department of Motor Vehicles
Louisville, North Carolina
GOV STAT

16,000

(888) 495-5568

A computer was stolen from a NC Dept. of Motor Vehicles office, reported Sept. 10. It contains names, addresses, driver's license numbers, SSNs, and in some cases immigration visa information of 16,000 people who have been issued licenses in the past 18 months. Most are residents of Franklin County.

 
Information Source:
Dataloss DB
records from this breach used in our total: 16,000

March 26, 2007 Fort Monroe
Fort Monroe, Virginia
GOV PORT

16,000

A laptop computer containing the names, Social Security numbers and payroll information for as many as 16,000 civilian employees was stolen from an employee's personal vehicle. Bank account and bank routing information were not included.  People who work at the U.S. Army Training and Doctrine Command were affected.

 
Information Source:
Dataloss DB
records from this breach used in our total: 16,000

October 30, 2007 University of Nevada, Reno
Reno, Nevada
EDU PORT

16,000

A University of Nevada, Reno administrative employee has lost a flash drive that contained the names and Social Security numbers of 16,000 current and former students.

 
Information Source:
Dataloss DB
records from this breach used in our total: 16,000

December 25, 2008 Pulte Homes Las Vegas Division
Las Vegas, Nevada
BSO PHYS

16,000

A box containing computer backup tapes was stolen. Computer tapes holding private customer information including names, addresses, driver's license numbers and financial account numbers were stolen from a Pulte Homes office in Las Vegas.

 
Information Source:
Dataloss DB
records from this breach used in our total: 16,000

April 11, 2011 GunnAllen Financial
Tampa, Florida
BSF INSD

16,000

Former employees of GunnAllen Financial have been fined by the U.S. Securities and Exchange Commission (SEC) for failing to adequately protect customer data.  The former president and national sales manager broke privacy by transferring the information of GunnAllen Financial clients over to a new business after or during GunnAllen’s November 2010 liquidation.  The sales manager was authorized by the president to take a thumb drive with the information of about 16,000 clients with him to his new job.  The two former employees were fined $20,000 each and a third former chief compliance officer was fined $15,000 for failing “to ensure that the firm’s policies and procedures were reasonably designed to safeguard confidential customer information.” The fines are based on violations of the SEC’s Safeguard Rule, which requires institutions and financial advisers under SEC jurisdiction to protect customer data and give customers the opportunity to opt out of having their information shared with unaffiliated third parties.

 
Information Source:
Media
records from this breach used in our total: 16,000

June 11, 2012 Eugene School District 4J
Eugene, Oregon
EDU HACK

16,000

An unauthorized person accessed confidential files that contained current and former students' personal information.  Names, Social Security numbers, Dates of birth, student ID numbers, phone numbers, students' free or reduced-price school lunch status, and addresses may have been exposed.  Eugene School District 4J's notification can be read here: http://www.4j.lane.edu/communications/story/2012/06/11/securitybreachinformation

UPDATE (07/12/2012): A minor was arrested for possible involvement in the breach.  It appears that the teenager may have obtained the login credentials of an employee and used them to access the computer system.  Records for approximately 16,000 current students, as well as free and reduced-price lunch records from 2007 were exposed.

UPDATE (08/25/2012): The student was released from custody and expelled by North Eugene High School.  He also posted hundreds of students' confidential information on a computer account to taunt district officials. He is on house arrest and his attorney entered not guilty pleas.

 
Information Source:
Databreaches.net
records from this breach used in our total: 16,000

May 13, 2013 Adobe, Washington Administrative Office of the Courts
Olympia, Washington
BSO HACK

160,000

An official notice can be viewed here: http://www.courts.wa.gov/newsinfo/?fa=newsinfo.displayContent&theFile=dataBreach/commonQuestions

Up to 160,000 people may have had their information exposed by a breach.  Anyone who was booked into a city or county jail int he state of Washington between September of 2011 and December of 2012 may have had their Social Security number exposed.

Additionally, three classes of people may have had their names and driver's license information exposed.  First, people who received a DUI citation between 1989 and 2011 in the state of Washington may have had their names and drivers' license numbers exposed. Anyone who had a traffic case filed or resolved in a district or municipal court between 2011 and 2012 may have been affected. Finally, anyone who had a criminal case in Washington filed against them or resolved between 2011 and 2012 may have had their name and driver's license number exposed.

 

 
Information Source:
Media
records from this breach used in our total: 16,000

August 15, 2013 Harris County
Harris, Texas
GOV HACK

16,000

The information of current and former Harris County employees was found on electronic files in Vietnam.  Names, Social Security numers, and dates of birth were exposed.  The files were from 2005 and 2007 and appear to have been created before Harris County put in place stricter identity theft regulations.

 
Information Source:
Media
records from this breach used in our total: 16,000

January 22, 2005 University of Northern Colorado
Greeley, Colorado
EDU PORT

15,790 (15,790 employees and an unknown number of employee beneficiaries)

A hard drive was lost or stolen. It contained information on current and former University employees and their beneficiaries and dates back to April of 1997.  Names, dates of birth, SSNs, addresses, bank account numbers and routing numbers may have been accessed.

 
Information Source:
Dataloss DB
records from this breach used in our total: 15,790

May 4, 2009 Kapiolani Community College
Honolulu, Hawaii
EDU HACK

15,487

More than 15,000 students at Kapiolani Community College are at risk of identity theft because of an Internet security breach. School officials found that a computer was infected with malware that can steal sensitive data.  The computer contained the personal information of 15,487 students who applied for financial aid between January 2004 and April 15. The computer did not have sensitive information, but it was hooked up to a network that had access to names, addresses, phone numbers dates of birth and Social Security numbers.

 
Information Source:
Dataloss DB
records from this breach used in our total: 15,487

May 11, 2012 First Data Corporation
Atlanta, Georgia
BSF DISC

15,399

On April 25, 2012, First Data learned that certain limited personal information about approximately 108,500 merchants who currently process with First Data or who applied for processing services had been shared outside of the company. The names, addresses, and Social Security numbers of merchants who submitted applications to First Data for merchant processing services were purposely disclosed to an outside party in January and February of 2012.  First Data later discovered that this action was not clearly permitted in some merchant contracts.

UPDATE: (5/29/2012): Bank of America Merchant Services (BAMS), a joint venture between First Data Corporation and Bank of America, was also involved in the breach.  The personal information of 15,399 California residents was involved.  Of the 15,399 California residents affected, a total of 4,058 residents were merchant customers of BAMS.

 
Information Source:
California Attorney General
records from this breach used in our total: 15,399

April 8, 2005 Eastern National
Ft. Washington, Pennsylvania
NGO HACK

15,000

A hacker gained access to a server containing the names, credit card information, and billing addresses of 15,000 customers.  Letters were mailed to all customers who bought products through the educational website for national parks.

 
Information Source:
Dataloss DB
records from this breach used in our total: 15,000

June 30, 2005 Ohio State University Medical Center, MTE Consulting
Columbus, Ohio
MED PORT

15,000

A laptop containing patient information was stolen from a financial consultant.  MTE Consulting notified OSU medical center a month after the laptop was stolen and OSU sent a brief letter to the affected clients.

 
Information Source:
Dataloss DB
records from this breach used in our total: 15,000

April 1, 2006 Con Edison
New York, New York
BSO PORT

15,000 Con Edison employees

Con Edison shipped two cartridge tapes to JPMorgan Chase in upstate Binghamton so it could input data on behalf of the NY Dept. of Taxation and Finance. One tape was apparently lost and contained employees' W-2 data, including names, addresses, Social Security numbers, taxes paid and salaries.

 
Information Source:
Dataloss DB
records from this breach used in our total: 15,000

December 22, 2006 Texas Woman's University
Dallas, Texas
EDU DISC

15,000 students

Additional locations: Denton and Houston, TX

A document containing names, addresses and SSNs of 15,000 TWU students was transmitted over a non-secure connection.

 
Information Source:
Media
records from this breach used in our total: 15,000

August 4, 2008 Arapahoe Community College
Littleton, Colorado
EDU PORT

15,000

A contractor who manages the student information database had a flash drive lost or stolen. Information on the drive included the names, addresses, credit card numbers and Social Security numbers.

 
Information Source:
Dataloss DB
records from this breach used in our total: 15,000

February 6, 2010 University of Texas, El Paso
El Paso, Texas
EDU DISC

15,000

University of Texas at El Paso is notifying students that their Social Security numbers were visible when their tax forms were sent out. The University notified 15,000 students but they don't know exactly how many students were affected. UTEP blames a glitch in a machine used to fold letters when student’s forms were sent out. Some of the forms were folded in such a way that the document shifted on the envelope and allowed for the Social Security numbers to be visible through the mailing window on the envelope.

 
Information Source:
Dataloss DB
records from this breach used in our total: 15,000

December 22, 2006 Utah Valley State College
Orem, Utah
EDU DISC

15,000

Social Security numbers and other personal information of students and faculty were accessible via Yahoo's search engine. The information was removed from UVSC's servers. Some Distance Education instructors and some students enrolled in UVSC courses between January 2002 and January 2005 were affected.

 
Information Source:
Dataloss DB
records from this breach used in our total: 15,000

December 15, 2010 Social Security Administration Office of Temporary Disability Assistance
New York, New York
GOV INSD

15,000

A subcontractor illegally downloaded around 15,000 Social Security numbers while performing upgrades. People who had made Social Security disability claims may have been affected.

UPDATE (1/4/2011): Dates of birth, addresses and phone numbers may have also been accessed.

 
Information Source:
Databreaches.net
records from this breach used in our total: 15,000

September 19, 2012 Blue Cross Blue Shield of Massachusetts (BCBS)
Boston, Massachusetts
MED INSD

15,000

A BCBS vendor misused BCBS employee information.  The misuse appears to have been limited to one instance.  Names, Social Security numbers, dates of birth, compensation information, and bank account information may have been exposed.

 
Information Source:
Media
records from this breach used in our total: 15,000

Breach Total
929,676,448 RECORDS BREACHED
(Please see explanation about this total.)
from 4,421 DATA BREACHES made public since 2005
Showing 551-600 of 4421 results


X

Sign In!

Loading