Chronology of Data Breaches
Security Breaches 2005 - Present

Posted Date: April 20, 2005
Updated Date: December 31, 2013

Is this your first visit to our Chronology of Data Breaches?

  • Read our FAQ about what we define as a breached record, how we calculate the "total" records breached, our data sources, state breach notice laws, studies and other resources

  • Learn how to use our Chronology and take advantage of its sophisticated search and sort features

  • Get our RSS Feed to see when we add new breaches to the list

What would you like to do?


Click or unclick the boxes then select go.


Select features, then click GO.



Help Guide

Can't find the sort feature you're looking for? Click here to download a CSV file of the data breach list as it exisits today.
Breach Total
868,045,823 RECORDS BREACHED
(Please see explanation about this total.)
from 4,347 DATA BREACHES made public since 2005

Save or Print PDF of Entire Breach List including introduction.Save or Print a PDF of Entire Breach List (including introductory FAQ)

Filter breach list before saving or printing PDF. Conduct a search of the Chronology using its sorting features, and Save or Print a PDF of your search results (Select filters)

If you do not have access to PDF, you can print the Chronology in landscape view.

Date Made Public Name Entity Type
March 20, 2005 Northwestern University
Evanston, Illinois
EDU HACK

17,500

Hackers gained access to multiple computers and gathered user ID and password information from the University's network.  The personal information for around 500 faculty members, 2000 staff members, and 14,000 alumni was compromised. 

 
Information Source:
Media
records from this breach used in our total: 17,500

December 15, 2006 University of Colorado, Boulder, Academic Advising Center
Boulder, Colorado
EDU HACK

17,500

http://www.colorado.edu/its/security/awareness/privacy/identitytheft.pdf

A server in the Academic Advising Center was the subject of a hacking attack. Personal information exposed included names and SSNs for individuals who attended orientation sessions from 2002-2004. CU-Boulder has since ceased using SSNs as identifiers for students, faculty, staff, and administrators.

 
Information Source:
Dataloss DB
records from this breach used in our total: 17,500

May 23, 2007 Waco Independent School District
Waco, Texas
EDU HACK

17,400

Two high school seniors recently hacked into the district's computer network potentially compromising the personal information including Social Security numbers of students and employees.

 
Information Source:
Dataloss DB
records from this breach used in our total: 17,400

June 23, 2008 Colt Express Outsourcing Services, CNET Networks
Walnut Creek, California
BSO STAT

17241

Burglars stole computer systems from the offices of the company that administers the Internet publisher's benefit plans. The computers contained names, birth dates, Social Security numbers and employment information of the beneficiaries of CNET's health insurance plans. CNET was only one of several clients affected.

UPDATE (8/26/08): Among the companies whose staffers have been exposed by the Colt break-in in Walnut Creek, California: Google, Bebe Stores, Alston & Bird, and the California Bankers Assn.

 
Information Source:
Dataloss DB
records from this breach used in our total: 17,241

June 5, 2009 Virginia Commonwealth University
Richmond, Virginia
EDU STAT

17,214

A desktop computer was stolen from a secured area within Cabell Library in mid-April. The computer may have contained student names, Social Security numbers and test scores dating from October 2005 to the present. VCU discontinued use of Social Security numbers as ID numbers in January 2007. An additional 22,500 students are being notified that their names and test scores may have also been on the computer. No Social Security numbers were recorded with those names, but computer-generated student ID numbers may have been.

 
Information Source:
Dataloss DB
records from this breach used in our total: 17,214

February 17, 2006 Mount St. Mary's Hospital
Lewiston, New York
MED PORT

17,000

Two laptops containing dates of birth, addresses and Social Security numbers of patients were stolen in an armed robbery in New Jersey.  The laptops and sensitive files were password protected.  The Hospital contacted those whose information may have been compromised.  St. Mary's is just one of ten hospitals that were affected by the theft.

 
Information Source:
Dataloss DB
records from this breach used in our total: 17,000

April 27, 2006 Long Island Railrad via contractor Iron Mountain
Jamaica, New York
GOV PORT

17,000

Data tapes containing personal information including names, addresses, Social Security numbers and salary figures of virtually everyone who worked for or currently works for the agency were lost.  The lost occurred during delivery by contractor Iron Mountain. Data tapes belonging to the U.S. Department of Veteran's Affairs may also have been affected.

 
Information Source:
Dataloss DB
records from this breach used in our total: 17,000

June 3, 2006 Humana
Louisville, Kentucky
MED DISC

17,000 current and former Medicare enrollees

Personal information of Humana customers enrolled in the company's Medicare prescription drug plans could have been compromised when an insurance company employee called up the data through a hotel computer and then failed to delete the file.

 
Information Source:
Dataloss DB
records from this breach used in our total: 17,000

July 14, 2006 Northwestern University
Evanston, Illinois
EDU HACK

17,000

(888) 209-0097. http://www.northwestern.edu/newscenter/stories/2006/07/data.html 

Files containing names and some personal information including SSNs were on 9 desktop computers that had been accessed by unauthorized persons outside the University. The computers were in the Office of Admissions and Financial Aid.

 
Information Source:
Dataloss DB
records from this breach used in our total: 17,000

October 19, 2006 Allina Hospitals and Clinics
Minneapolis, Minnesota
MED PORT

Individuals in 17,000 households

A laptop stolen from a nurse's car on October 8 contains the names and SSNs of individuals in approximately 17,000 households participating in the Allina Hospitals and Clinics obstetric home-care program since June 2005.

 
Information Source:
Dataloss DB
records from this breach used in our total: 17,000

June 11, 2007 Pfizer
New York, New York
BSO DISC

17,000

866-274-3891

Installation of certain file sharing software on a Pfizer laptop, exposed files containing names, Social Security numbers, addresses and bonus information of present and former Pfizer colleagues. Investigation revealed that certain files containing data were accessed and copied.

 
Information Source:
Dataloss DB
records from this breach used in our total: 17,000

May 2, 2008 Marine Corps Reserve Center
San Antonio, Texas
GOV INSD

17,000

A former U.S. military contractor has pleaded guilty to exceeding authorized access to a computer and aggravated identity theft after he was accused of selling names and Social Security numbers of 17,000 military employees.

 
Information Source:
Media
records from this breach used in our total: 17,000

July 9, 2010 Emily Morgan Hotel
San Antonio, Texas
BSO PHYS

17,000

Identity thieves obtained stacks of credit card receipts from one of the hotel's storage rooms in 2006.  Hundreds of thousands of dollars in fraudulent charges were then made in three different states.  Investigators first became aware of a large identity theft issue in the area during the beginning of 2009.

UPDATE (12/4/2010): The ringleader pleaded guilty to ID theft fraud conspiracy, access device fraud and conspiracy to launder money. Seven other co-conspirators have been identified.

UPDATE (4/7/2011): A former hotel worker faces up to 22 years in prison for stealing customer information and using it to go on a shopping spree.  In 2006, the former employee used credit card receipts from the Emily Morgan hotel in downtown San Antonio to make fraudulent charges totaling $300,000.  This appears to be the one of the largest cases in Alamo City’s history.  The accused former employee pleaded guilty to three charges and is scheduled to be sentenced in July.

 
Information Source:
Databreaches.net
records from this breach used in our total: 17,000

June 25, 2007 UnitedHealthCare
Trumbull, Connecticut
MED INSD

17,000

A former employee had the names, Social Security numbers, dates of birth and addresses of about 127 members. The employee is believed to have participated in fraudulent activity and may have accessed approximately 17,000 members' information during the final 2 1/2 years of his or her employment.

 
Information Source:
Dataloss DB
records from this breach used in our total: 17,000

May 14, 2012 York County, South Carolina
York, South Carolina
GOV HACK

17,000

Hackers gained access to York County's web application server.  It contained two databases with the information of 17,000 job applicants and vendors.  The first database contained about 12,500 names from as far back as 15 years ago.  The second database was newer and contained information that had been collected up until August 29, 2011.  The intrusion was discovered by the county on August 29 and no new applicants or vendors were affected by the breach.  Those who may have been affected were not notified until after a thorough investigation by York County's IT department.  No definitive evidence was found for a breach after the nine-month investigation.

 
Information Source:
Dataloss DB
records from this breach used in our total: 17,000

October 10, 2012 Equifax
Atlanta, Georgia
BSF DISC

17,000

Equifax settled charges with the Federal Trade Commission after it was discovered that Equifax Information Services improperly sold lists of consumer data.  People who were late on their mortgage payments had their information sold to firms that should not have received the information and subsequently resold it to other firms.  Equifax agreed to pay nearly $1.6 million to resolve charges that it violated the FTC and Fair Credit Reporting Acts. The settlement prohibits Equifax from providing prescreened lists to unauthorized parties, having poor procedures for releasing prescreened lists, and selling prescreened lists in certain circumstances.

 
Information Source:
Media
records from this breach used in our total: 17,000

December 24, 2008 Federal Emergency Management Agency
New Orleans, Louisiana
GOV DISC

16,857

An unauthorized breach of private information resulted in the information release of 16,857 names, Social Security numbers, phone numbers, and other private details of people who had applied for benefits. The information was flashed on a pair of privately run Web sites, but for how long was unclear.

 
Information Source:
Dataloss DB
records from this breach used in our total: 16,857

April 5, 2005 MCI
Colorado Springs, Colorado
BSO PORT

16,500

A laptop containing names and Social Security numbers of current and former employees was stolen from the car trunk of an MCI financial analyst.  An MCI spokesperson stated that MCI would continue its policy of allowing laptops to be taken home by employees and will evaluate new security technologies.

 
Information Source:
Dataloss DB
records from this breach used in our total: 16,500

June 30, 2006 U.S. Department of Veteran Affairs
Washington, District Of Columbia
GOV PORT

16,500

A data tape disappeared from a VA facility in Indianapolis, IN that contained information on legal cases involving U.S. veterans and included veterans' Social Security numbers, dates of birth and legal documents.

UPDATE (10/11/06): The VA's Office of the General Counsel is offering identity theft protection services to those affected by the missing tape.

 
Information Source:
Dataloss DB
records from this breach used in our total: 16,500

September 14, 2006 Illinois Department of Corrections (IDOC)
Springfield, Illinois
GOV PHYS

16,500

A document containing employees' personal information was found outside the agency's premises where it should not have been. It has since been retrieved. Information included employees' names, SSNs, and salaries.

 
Information Source:
Dataloss DB
records from this breach used in our total: 16,500

April 26, 2005 Christus St. Joseph's Hospital
Houston, Texas
MED STAT

16,000

Two computers used for converting paper medical records into digital files were stolen.  One of the computers contained Social Security numbers and medical records for hundreds of patients.  Letters were sent to about 16,000 patients.

 
Information Source:
Dataloss DB
records from this breach used in our total: 16,000

August 1, 2006 Ron Tonkin Nissan
Portland, Oregon
BSR UNKN

Up to 16,000 affected

Questions? Call: (503) 251-3349

Several months ago the car dealership experienced a security breach affecting the personal information of those who bought cars or applied for credit between 2001 and March 2006.

 
Information Source:
Dataloss DB
records from this breach used in our total: 16,000

September 28, 2006 North Carolina Department of Motor Vehicles
Louisville, North Carolina
GOV STAT

16,000

(888) 495-5568

A computer was stolen from a NC Dept. of Motor Vehicles office, reported Sept. 10. It contains names, addresses, driver's license numbers, SSNs, and in some cases immigration visa information of 16,000 people who have been issued licenses in the past 18 months. Most are residents of Franklin County.

 
Information Source:
Dataloss DB
records from this breach used in our total: 16,000

March 26, 2007 Fort Monroe
Fort Monroe, Virginia
GOV PORT

16,000

A laptop computer containing the names, Social Security numbers and payroll information for as many as 16,000 civilian employees was stolen from an employee's personal vehicle. Bank account and bank routing information were not included.  People who work at the U.S. Army Training and Doctrine Command were affected.

 
Information Source:
Dataloss DB
records from this breach used in our total: 16,000

October 30, 2007 University of Nevada, Reno
Reno, Nevada
EDU PORT

16,000

A University of Nevada, Reno administrative employee has lost a flash drive that contained the names and Social Security numbers of 16,000 current and former students.

 
Information Source:
Dataloss DB
records from this breach used in our total: 16,000

December 25, 2008 Pulte Homes Las Vegas Division
Las Vegas, Nevada
BSO PHYS

16,000

A box containing computer backup tapes was stolen. Computer tapes holding private customer information including names, addresses, driver's license numbers and financial account numbers were stolen from a Pulte Homes office in Las Vegas.

 
Information Source:
Dataloss DB
records from this breach used in our total: 16,000

April 11, 2011 GunnAllen Financial
Tampa, Florida
BSF INSD

16,000

Former employees of GunnAllen Financial have been fined by the U.S. Securities and Exchange Commission (SEC) for failing to adequately protect customer data.  The former president and national sales manager broke privacy by transferring the information of GunnAllen Financial clients over to a new business after or during GunnAllen’s November 2010 liquidation.  The sales manager was authorized by the president to take a thumb drive with the information of about 16,000 clients with him to his new job.  The two former employees were fined $20,000 each and a third former chief compliance officer was fined $15,000 for failing “to ensure that the firm’s policies and procedures were reasonably designed to safeguard confidential customer information.” The fines are based on violations of the SEC’s Safeguard Rule, which requires institutions and financial advisers under SEC jurisdiction to protect customer data and give customers the opportunity to opt out of having their information shared with unaffiliated third parties.

 
Information Source:
Media
records from this breach used in our total: 16,000

June 11, 2012 Eugene School District 4J
Eugene, Oregon
EDU HACK

16,000

An unauthorized person accessed confidential files that contained current and former students' personal information.  Names, Social Security numbers, Dates of birth, student ID numbers, phone numbers, students' free or reduced-price school lunch status, and addresses may have been exposed.  Eugene School District 4J's notification can be read here: http://www.4j.lane.edu/communications/story/2012/06/11/securitybreachinformation

UPDATE (07/12/2012): A minor was arrested for possible involvement in the breach.  It appears that the teenager may have obtained the login credentials of an employee and used them to access the computer system.  Records for approximately 16,000 current students, as well as free and reduced-price lunch records from 2007 were exposed.

UPDATE (08/25/2012): The student was released from custody and expelled by North Eugene High School.  He also posted hundreds of students' confidential information on a computer account to taunt district officials. He is on house arrest and his attorney entered not guilty pleas.

 
Information Source:
Databreaches.net
records from this breach used in our total: 16,000

May 13, 2013 Adobe, Washington Administrative Office of the Courts
Olympia, Washington
BSO HACK

160,000

An official notice can be viewed here: http://www.courts.wa.gov/newsinfo/?fa=newsinfo.displayContent&theFile=dataBreach/commonQuestions

Up to 160,000 people may have had their information exposed by a breach.  Anyone who was booked into a city or county jail int he state of Washington between September of 2011 and December of 2012 may have had their Social Security number exposed.

Additionally, three classes of people may have had their names and driver's license information exposed.  First, people who received a DUI citation between 1989 and 2011 in the state of Washington may have had their names and drivers' license numbers exposed. Anyone who had a traffic case filed or resolved in a district or municipal court between 2011 and 2012 may have been affected. Finally, anyone who had a criminal case in Washington filed against them or resolved between 2011 and 2012 may have had their name and driver's license number exposed.

 

 
Information Source:
Media
records from this breach used in our total: 16,000

August 15, 2013 Harris County
Harris, Texas
GOV HACK

16,000

The information of current and former Harris County employees was found on electronic files in Vietnam.  Names, Social Security numers, and dates of birth were exposed.  The files were from 2005 and 2007 and appear to have been created before Harris County put in place stricter identity theft regulations.

 
Information Source:
Media
records from this breach used in our total: 16,000

January 22, 2005 University of Northern Colorado
Greeley, Colorado
EDU PORT

15,790 (15,790 employees and an unknown number of employee beneficiaries)

A hard drive was lost or stolen. It contained information on current and former University employees and their beneficiaries and dates back to April of 1997.  Names, dates of birth, SSNs, addresses, bank account numbers and routing numbers may have been accessed.

 
Information Source:
Dataloss DB
records from this breach used in our total: 15,790

May 4, 2009 Kapiolani Community College
Honolulu, Hawaii
EDU HACK

15,487

More than 15,000 students at Kapiolani Community College are at risk of identity theft because of an Internet security breach. School officials found that a computer was infected with malware that can steal sensitive data.  The computer contained the personal information of 15,487 students who applied for financial aid between January 2004 and April 15. The computer did not have sensitive information, but it was hooked up to a network that had access to names, addresses, phone numbers dates of birth and Social Security numbers.

 
Information Source:
Dataloss DB
records from this breach used in our total: 15,487

May 11, 2012 First Data Corporation
Atlanta, Georgia
BSF DISC

15,399

On April 25, 2012, First Data learned that certain limited personal information about approximately 108,500 merchants who currently process with First Data or who applied for processing services had been shared outside of the company. The names, addresses, and Social Security numbers of merchants who submitted applications to First Data for merchant processing services were purposely disclosed to an outside party in January and February of 2012.  First Data later discovered that this action was not clearly permitted in some merchant contracts.

UPDATE: (5/29/2012): Bank of America Merchant Services (BAMS), a joint venture between First Data Corporation and Bank of America, was also involved in the breach.  The personal information of 15,399 California residents was involved.  Of the 15,399 California residents affected, a total of 4,058 residents were merchant customers of BAMS.

 
Information Source:
California Attorney General
records from this breach used in our total: 15,399

April 8, 2005 Eastern National
Ft. Washington, Pennsylvania
NGO HACK

15,000

A hacker gained access to a server containing the names, credit card information, and billing addresses of 15,000 customers.  Letters were mailed to all customers who bought products through the educational website for national parks.

 
Information Source:
Dataloss DB
records from this breach used in our total: 15,000

June 30, 2005 Ohio State University Medical Center, MTE Consulting
Columbus, Ohio
MED PORT

15,000

A laptop containing patient information was stolen from a financial consultant.  MTE Consulting notified OSU medical center a month after the laptop was stolen and OSU sent a brief letter to the affected clients.

 
Information Source:
Dataloss DB
records from this breach used in our total: 15,000

April 1, 2006 Con Edison
New York, New York
BSO PORT

15,000 Con Edison employees

Con Edison shipped two cartridge tapes to JPMorgan Chase in upstate Binghamton so it could input data on behalf of the NY Dept. of Taxation and Finance. One tape was apparently lost and contained employees' W-2 data, including names, addresses, Social Security numbers, taxes paid and salaries.

 
Information Source:
Dataloss DB
records from this breach used in our total: 15,000

December 22, 2006 Texas Woman's University
Dallas, Texas
EDU DISC

15,000 students

Additional locations: Denton and Houston, TX

A document containing names, addresses and SSNs of 15,000 TWU students was transmitted over a non-secure connection.

 
Information Source:
Media
records from this breach used in our total: 15,000

August 4, 2008 Arapahoe Community College
Littleton, Colorado
EDU PORT

15,000

A contractor who manages the student information database had a flash drive lost or stolen. Information on the drive included the names, addresses, credit card numbers and Social Security numbers.

 
Information Source:
Dataloss DB
records from this breach used in our total: 15,000

February 6, 2010 University of Texas, El Paso
El Paso, Texas
EDU DISC

15,000

University of Texas at El Paso is notifying students that their Social Security numbers were visible when their tax forms were sent out. The University notified 15,000 students but they don't know exactly how many students were affected. UTEP blames a glitch in a machine used to fold letters when student’s forms were sent out. Some of the forms were folded in such a way that the document shifted on the envelope and allowed for the Social Security numbers to be visible through the mailing window on the envelope.

 
Information Source:
Dataloss DB
records from this breach used in our total: 15,000

December 22, 2006 Utah Valley State College
Orem, Utah
EDU DISC

15,000

Social Security numbers and other personal information of students and faculty were accessible via Yahoo's search engine. The information was removed from UVSC's servers. Some Distance Education instructors and some students enrolled in UVSC courses between January 2002 and January 2005 were affected.

 
Information Source:
Dataloss DB
records from this breach used in our total: 15,000

December 15, 2010 Social Security Administration Office of Temporary Disability Assistance
New York, New York
GOV INSD

15,000

A subcontractor illegally downloaded around 15,000 Social Security numbers while performing upgrades. People who had made Social Security disability claims may have been affected.

UPDATE (1/4/2011): Dates of birth, addresses and phone numbers may have also been accessed.

 
Information Source:
Databreaches.net
records from this breach used in our total: 15,000

September 19, 2012 Blue Cross Blue Shield of Massachusetts (BCBS)
Boston, Massachusetts
MED INSD

15,000

A BCBS vendor misused BCBS employee information.  The misuse appears to have been limited to one instance.  Names, Social Security numbers, dates of birth, compensation information, and bank account information may have been exposed.

 
Information Source:
Media
records from this breach used in our total: 15,000

November 28, 2012 Advanced Data Processing, Inc. (ADPI), Grady EMS
Roseland, New Jersey
BSF INSD

At least 15,000 people were affected.

Information from certain ambulance agencies was inappropriately accessed and disclosed.  Patient account information such as names, Social Security numbers, dates of birth, and record identifiers were exposed by a dishonest ADPI employee. ADPI learned of the breach on October 1. The dishonest employee was fired and apprehended by authorities.

UPDATE (12/04/2012): The former ADPI employee stole information associated with Grady EMS ambulance service. About 900 Grady EMS patients had their information exposed between June 15, 2012 and October 12, 2012.

UPDATE (01/05/2013): A detailed list of the organizations and number of people who were affected is available on phiprivacy.net herehttp://www.phiprivacy.net/?p=10825

UPDATE (03/08/2013): Osceola County EMS released a notification in March of 2013 here: http://tinyurl.com/a335kak

UPDATE (03/14/2013): The Yuma, Arizona Fire Department was also affected by the breach.  ADP handles the billing for Yuma's emergency medical services.  Names, Social Security numbers, dates of birth, and record identifiers may have been accessed.

UPDATE (08/28/2013): ADPI learned of the tax scheme after being notified by Tampa, Florida police.  The IRS confirmed that Valparaiso Fire Department information was compromised by the breach in July of 2013.  Patients seen at Valparaiso Fire Department or by Valparaiso Fire Department ambulances between January 1 and June 21 of 2012 may have had their names, Social Security numbers, and dates of birth exposed.

 
Information Source:
California Attorney General
records from this breach used in our total: 15,000

March 27, 2014 The University of Wisconsin-Parkside
Kenosha, Wisconsin
EDU HACK

15,000

Students were notified by officials from The University of Wisconsin-Parkside of a data breach that occured to their system by hackers that installed malware on one university server.

The information that is at risk includes names, addresses, telephone numbers, email addresses and Social Security numbers. The breach affects students who were either admitted or enrolled at the university since the fall of 2010.

The server was shut down and the hacking was reported to local authorities. After launching an investigation it appears the malware was searching for credit card information and they show no evidence that any Social Security numbers were compromised.

The university has set up a website with information for those who may have been affected http://www.uwp.edu/explore/contactus/index.cfm 

 
Information Source:
Media
records from this breach used in our total: 15,000

October 21, 2009 Roane State Community College
Harriman, Tennessee
EDU PORT

14,783

Hotline (865) 882-4688, (866) 462-7722 ext. 4688

Roane State Community College has announced that the names and Social Security numbers of 9,747 current or former students were on a data storage device stolen from an employee's vehicle, along with 1,194 current/former employees' information. The Social Security numbers alone, with no names, were also stolen for 5,036 additional current or former students. The data was on a 4GB USB drive used for work-related purposes. An employee took it home to do work after hours, and left it in the car. The employee forgot to lock the car doors. The USB drive was stolen along with a personal hand-held device.

 
Information Source:
Dataloss DB
records from this breach used in our total: 14,783

September 29, 2006 University of Iowa Department of Psychology
Iowa City, Iowa
EDU HACK

14,500

A computer containing SSNs of 14,500 psychology department research study subjects was the object of an automated attack designed to store pirated video files for subsequent distribution.

 
Information Source:
Dataloss DB
records from this breach used in our total: 14,500

September 1, 2011 Birdville
Haltom City, Texas
EDU HACK

14,500

Two students may face criminal charges for hacking into the Birdville School District's network server and accessing a file with 14,500 student names and Social Security numbers.  The students are a high school junior and a senior.  Students who attended during the 2008-2009 school year may have been affected.

 
Information Source:
Databreaches.net
records from this breach used in our total: 14,500

April 13, 2009 Moses Cone Hospital
Greensboro, North Carolina
MED PORT

14,380

Moses Cone Hospital is offering free credit monitoring to 14,380 patients after a laptop computer containing confidential information was stolen from a VHA employee's car. The information on the laptop, including patients' Social Security numbers.

 
Information Source:
Dataloss DB
records from this breach used in our total: 14,380

June 3, 2013 Champlain College
Burlington, Vermont
EDU PORT

14,217

Those with questions may call 877-643-2062.

During the weekend of June 3, a hard drive was discovered to have been misplaced.  The device had been left unattended in a computer lab for about two days in March.  The hard drive contained names, Social Security numbers, and other information related to admissions and financial aid for the Fall 2010 through the February 2013 school terms.  Some graduate and continuing professional studies students may have also been affected.

 
Information Source:
Media
records from this breach used in our total: 14,217

October 20, 2009 ChoicePoint
Alpharetta, Georgia
BSO DISC

14,023

http://www.ftc.gov/opa/2009/10/choicepoint.shtm

ChoicePoint has been fined $275,000 by the U.S. Federal Trade Commission for a data breach that exposed personal information of 13,750 people last year. In April 2008, ChoicePoint turned off a key electronic security tool that it used to monitor access to one of its databases and failed to notice the problem for four months, according to an FTC statement. During that period, unauthorized searches were conducted for 30 days on a ChoicePoint database that contained Social Security numbers and other sensitive information.

UPDATE (9/22/10): The Federal Trade Commission mailed checks worth $18.17 to 14,023 ChoicePoint customers.  These checks were meant to cover the money and time customers spent monitoring their credit after ChoicePoint's 2008 breach.  ChoicePoint had been ordered to implement a comprehensive information security program after a 2006 breach.  Due to ChoicePoint's failure to do this, they suffered another breach and were fined.

 
Information Source:
Dataloss DB
records from this breach used in our total: 14,023

Breach Total
868,045,823 RECORDS BREACHED
(Please see explanation about this total.)
from 4,347 DATA BREACHES made public since 2005
Showing 551-600 of 4347 results


X

Sign In!

Loading