Chronology of Data Breaches
Security Breaches 2005 - Present

Posted Date: April 20, 2005
Updated Date: December 31, 2013

Is this your first visit to our Chronology of Data Breaches?

  • Read our FAQ about what we define as a breached record, how we calculate the "total" records breached, our data sources, state breach notice laws, studies and other resources

  • Learn how to use our Chronology and take advantage of its sophisticated search and sort features

  • Get our RSS Feed to see when we add new breaches to the list

What would you like to do?


Click or unclick the boxes then select go.


Select features, then click GO.



Help Guide

Can't find the sort feature you're looking for? Click here to download a CSV file of the data breach list as it exisits today.
Breach Total
864,188,052 RECORDS BREACHED
(Please see explanation about this total.)
from 4,252 DATA BREACHES made public since 2005

Save or Print PDF of Entire Breach List including introduction.Save or Print a PDF of Entire Breach List (including introductory FAQ)

Filter breach list before saving or printing PDF. Conduct a search of the Chronology using its sorting features, and Save or Print a PDF of your search results (Select filters)

If you do not have access to PDF, you can print the Chronology in landscape view.

Date Made Public Name Entity Type
May 4, 2010 Millennium Medical Management Resources
Westmont, Illinois
MED PORT

180,111

Health records belonging to patients were stolen in a break-in. The records were on a portable hard drive and stolen from the Westmont office of Millennium Medical Management Resources. Millenium believes the hard drive contained personally identifiable information about EHP patients including name, address, phone, date of birth, and Social Security number.  In some cases other information such as diagnosis, procedure (and/or codes), medical record number, account number, drivers license number and health insurance info. It was NOT encrypted.

 
Information Source:
Dataloss DB
records from this breach used in our total: 180,111

April 15, 2005 Polo Ralph Lauren, HSBC
New York, New York
BSR HACK

180,000

Credit card data was stolen. Individuals holding the HSBC-issued General Motors Mastercard were told their cards should be replaced.

UPDATE(07/10/07): U.S. Secret Service agents found Ralph Polo Lauren customers' credit card numbers in the hands of Eastern European cyber thieves who created high-quality counterfeit credit cards. Victims are from the U.S., Europe, Asia and Canada, among other places, Several Cuban nationals in Florida were arrested with more than 200,000 credit card account numbers.

 
Information Source:
Dataloss DB
records from this breach used in our total: 180,000

June 17, 2006 Western Illinios University
Macomb, Illinois
EDU HACK

180,000

http://www.wiu.edu/securityalert/

On June 5th, a hacker compromised a University server that contained names, addresses, credit card numbers and Social Security numbers of people connected to the University.

UPDATE (7/5/06): Number affected reduced from 240,000.

 
Information Source:
Dataloss DB
records from this breach used in our total: 180,000

November 11, 2011 Virginia Commonwealth University
Richmond, Virginia
EDU HACK

176,567

Those with questions may call (855) 886-2931 or email responseteam@vcu.edu.

Hackers were able to access a Virginia Commonwealth University (VCU) computer server.  It contained files with the personal information of current and former VCU and VCU Health System faculty, staff, students and affiliates.  Suspicious files were discovered on the server on October 24.  It was taken offline and subsequent investigation revealed that two unauthorized accounts had been created on a second server.  While the first server did not contain personal data, the second server did and had been compromised through the first server.  Data included either a name or eID, Social Security number, and in some cases, date of birth, contact information, and various programmatic or departmental information.  

 
Information Source:
Databreaches.net
records from this breach used in our total: 176,567

January 1, 2007 Wisconsin Department of Revenue via Ripon Printers
Madison, Wisconsin
GOV DISC

171,000 taxpayers

(608) 224-5163,  http://privacy.wi.gov/alerts/jan0107.jsp

Tax forms were mailed to taxpayers in which SSNs were inadvertently printed on the front of some Form 1 booklets. Some were retrieved before they were mailed.

 
Information Source:
Dataloss DB
records from this breach used in our total: 171,000

February 19, 2010 Valdosta State University
Valdosta, Georgia
EDU HACK

170,000

http://www.valdosta.edu/notify/

A Valdosta State server that was reported as being breached could have exposed the information of up to 170,000 students and faculty. Valdosta State officials reported the discovery of a breach on Dec. 11 and estimated it began on Nov. 11. The university said the grades and Social Security numbers of up to 170,000 students and faculty were exposed in the breach.

 
Information Source:
Dataloss DB
records from this breach used in our total: 170,000

March 6, 2014 Los Angeles County Department of Health/Sutherland Healthcare Solutions
Portland, Oregon
MED PHYS

168,000

On February 5, 2014 Sutherland Healthcare Solutions, who provides patient billing and collection services for Los Angeles County was broken into and computers were stolen. Information that was stored on these computers included first and last names, Social Security numbers, billing information, dates of birth, addresses, diagnosises and other medical information.

Currently the breach is being investigated by authorities and the agency is offering credit monitoring services through ID Experts free for 12 months. To enroll in the free services by calling 1-877-868-92841-877-868-9284 or going to www.myidcare.com/securityandprotection.

UPDATE (3/7/2014): The Los Angeles County Department of Health and Human Services (DHS) announced recently that they will be notifying 168,000 patients of a data breach at Sutherland Healthcare Solutions. When originally reported the number of patients was not divulged.

 
Information Source:
California Attorney General
records from this breach used in our total: 168,000

September 2, 2005 Iowa Student Loan
West Des Moines, Iowa
BSF PORT

165,000

A compact disk containing personal information, including SSNs, was lost when shipped by private courier.

 
Information Source:
Dataloss DB
records from this breach used in our total: 165,000

February 15, 2005 ChoicePoint
Alpharetta, Georgia
BSO INSD

163,000

Fraudsters who presented themselves as legitimate ChoicePoint customers purchased data profiles from ChoicePoint on individuals and used that data to commit identity theft. The initial number of affected records was estimated at 145,000 but was later revised to 163,000.

UPDATE(1/26/06): ChoicePoint settled with the Federal Trade Commission for $10 million in civil penalties and $5 million for consumer redress.

UPDATE (12/06/06): The FTC announced that victims of identity theft as a result of the data breach who had out-of-pocket expenses can now be reimbursed. The claims deadline is Feb. 4, 2007.

UPDATE (06/24/07): Starting Dec. 2006, the FTC began mailing claims forms to victims of the breach. Its Web site provides information about the claims process. Deadline is Aug. 18, 2007. Victims can be reimbursed for out-of-pocket expenses resulting from identity theft connected to the breach. Call (888) 884-8772, or email cpredress@ftc.gov.

UPDATE (11/04/07): Since its 2005 data security incident, ChoicePoint has implemented enhancements to its privacy and information security framework including the establishment of an Office of Privacy, Ethics and Compliance to reinforce the responsible use and protection of information at ChoicePoint through policies and procedures, audit and compliance, and outreach and education. Visit www.privacyatchoicepoint.com.

UPDATE (1/27/08): Has agreed to pay $10 million to settle a class action lawsuit

 
Information Source:
Security Breach Letter
records from this breach used in our total: 163,000

September 25, 2009 University of North Carolina, Chapel Hill
Chapel Hill, North Carolina
EDU HACK

236,000 (163,000 SSNs estimated)

A hacker has infiltrated a computer server housing the personal data of 236,000 women enrolled in a UNC Chapel Hill research study. The Social Security numbers of 163,000 participants were among the information exposed. The data is part of the Carolina Mammography Registry, a 14-year-old project that compiles and analyzes mammography data submitted by radiologists across North Carolina.

UPDATE (10/6/10): A lead researcher at the University is fighting a demotion and pay cut that resulted from the data breach in the medical study she directs.  It appears that the incident first occurred in 2007 and was not discovered until 2009.  An attorney representing the researcher claims that his client is not at fault because the University knew that the program's computer system had security deficiencies in 2006.  The University claims that the researcher acted negligently, but the attorney claims that the researcher was not alerted to the security flaws and there is no evidence that the researcher violated or ignored rules in obtaining patient information.

UPDATE (5/9/2011): The researcher and University reached a settlement.  The researcher agreed to retire at the end of 2011 and will receive her full rank and salary until that time.

 
Information Source:
Dataloss DB
records from this breach used in our total: 163,000

November 19, 2005 Boeing
Chicago, Illinois
BSO PORT

161,000

A laptop containing names, Social Security numbers, bank account information and other human resources data was stolen.  Affected current and former employees were notified.

 
Information Source:
Dataloss DB
records from this breach used in our total: 161,000

April 25, 2007 Neiman Marcus Group
Dallas, Texas
BSR STAT

160,000

http://phx.corporate-ir.net/phoenix.zhtml?c=118113&p=irol-recentdata, (800) 456-7019

Computer equipment was stolen containing files with sensitive information including name, address, Social Security number, date of birth, period of employment and salary information of retailer Neiman Marcus Group's current and former employees and their spouses.

 
Information Source:
Dataloss DB
records from this breach used in our total: 160,000

May 7, 2009 University of California, Berkeley
Berkeley, California
EDU HACK

160,000

http://datatheft.berkeley.edu

Hackers infiltrated restricted computer databases. Personal information of 160,000 current and former students and alumni may have been stolen. The University says Social Security numbers, health insurance information and non-treatment medical records dating back to 1999 were accessed. The breach was discovered April 21, 2009, when administrators performing routine maintenance identified messages left by the hackers. They found that restricted electronic databases had been illegally accessed by hackers beginning on October 9, 2008 and continued until April 6, 2009. All of the exposed databases were removed from service to prevent further attacks.

 
Information Source:
Dataloss DB
records from this breach used in our total: 160,000

May 9, 2013 Administrative Office of the Courts - Washington
Olympia, Washington
GOV HACK

1,000,000 (160,000 SSNs)

The Administrative Office of the Courts provided a website for additional information: www.courts.wa.gov/databreach

Those with questions may call 1-800-448-5584

A breach of the Administrative Office of the Courts' server resulted in the exposure of one million driver's license numbers between fall of 2012 and February of 2013.  It was confirmed that at least 94 people had their Social Security numbers accessed.  Up to 160,000 Social Security numbers could have been accessed. 

In April the court was able to confirm that public records and confidential information were exposed.  People who were booked in a city or county jail within the state of Washington between September 2011 and December 2012 may have had their name and Social Security number accessed.  Anyone who received a DUI citation in Washington state between 1989 and 2011, had a superior court criminal case in Washington state that was filed against them or resolved between 2011 and 2012, or had a traffic case in Washington filed or resolved in a district or municipal court between 2011 and 2012 may have had their names and driver's license numbers exposed.

 
Information Source:
Media
records from this breach used in our total: 160,000

October 16, 2007 Administaff Inc.
Houston, Texas
BSO PORT

159,000

Current and former workers personal data may be compromised because of a stolen laptop. The data wasn't encrypted when it was stored on the portable computer, which is password-protected. Data stored on the laptop included names, addresses and Social Security numbers for most employees paid by Administaff in 2006.

 
Information Source:
Dataloss DB
records from this breach used in our total: 159,000

January 29, 2011 Ankle and Foot Center of Tampa Bay, Inc.
Tampa Bay, Florida
MED HACK

156,000 (No SSNs or financial information reported)

The Center experienced a hacking or IT incident on or around November 10 of 2010. The protected health information of patients was exposed.

UPDATE (2/3/2011): Names, Social Security numbers, dates of birth, home addresses, account numbers, and health care services and related diagnostic codes may have also been exposed.

 
Information Source:
HHS via PHIPrivacy.net
records from this breach used in our total: 156,000

June 18, 2005 University of Hawai'i
Honolulu, Hawaii
EDU INSD

150,000

A former librarian with access to the personal information of students, faculty, staff and patrons was convicted of Social Security fraud.  The former librarian used Social Security information to obtain fraudulent loans.  The University used Social Security numbers to track who checked out library materials. At the time of the press release it was unclear whether any information had been stolen from the University.

 
Information Source:
Dataloss DB
records from this breach used in our total: 150,000

June 11, 2006 Denver Election Commission
Denver, Colorado
GOV PHYS

150,000

Records containing personal information on more than 150,000 voters are missing at city election offices. The microfilmed voter registration files from 1989 to 1998 were in a 500-pound cabinet that disappeared when the commission moved to new offices in February. The files contain voters' Social Security numbers, addresses and other personal information.

 
Information Source:
Dataloss DB
records from this breach used in our total: 150,000

November 30, 2007 Prescription Advantage
Boston, Massachusetts
MED UNKN

150,000

 (866) 523-6846 or (877) 610-0241 for those who are hearing impaired.

The state of Massachusetts is warning 150,000 members of its Prescription Advantage insurance program that their personal information may have been snatched by an identity thief. Local authorities arrested a lone identity thief who had been using information taken from the program in an attempted identity theft scheme. Although the thief used information from just a small number of participants in the scheme, state data-breach laws require that the 150,000 people who could have possibly been affected by the breach be contacted.

 
Information Source:
Dataloss DB
records from this breach used in our total: 150,000

January 17, 2008 GE Money , Iron Mountain
Boston, Massachusetts
BSF PORT

150,000

Personal information on customers of J.C. Penney and up to 100 other retailers could be compromised after a computer tape went missing. The missing information includes Social Security numbers for about 150,000 people.

 
Information Source:
Dataloss DB
records from this breach used in our total: 150,000

September 29, 2006 Kentucky Personnel Cabinet via Bluegrass Mailing
Frankfort, Kentucky
GOV DISC

146,000

State employees received letters from the Kentucky Personnel Cabinet with their SSNs visible through the envelope windows.

 
Information Source:
Dataloss DB
records from this breach used in our total: 146,000

July 17, 2013 Citigroup
New York, New York
BSF DISC

146,000

Citigroup exposed the Social Security numbers, dates of birth, and other sensitive information of customers by not properly redacting the information for court records.  Consumers who went into bankruptcy between 2007 and 2011 were affected.  The incident was discovered by the bank on April 2011.  Roughly 146,000 consumers were notified of the breach in July of 2013.

 
Information Source:
Media
records from this breach used in our total: 146,000

February 26, 2014 Indiana University
Bloomington, Indiana
EDU HACK

146,000

Indiana University announced that the personal data of 146,000 students and graduates was breached. The information included their Social Security numbers and addresses and may have affected students and graduates from 2011 to 2014 at seven of its campuses.

According to the university "The information was not downloaded by an authorized individual looking for specific sensitive data, but rather was accessed by three automated computer data-mining applications, called webcrawlers, used to improve Web search capabilities."

The university also announced that the information was stored in an insecure location for the past 11 months. The site has since been locked down.

The university has set up a hotline 1-866-254-14841-866-254-1484 for students as well as a website http://bit.ly/1kbX505 with information on how to monitor credit accounts and answers to any additional questions regarding an individuals exposure. The university will also be providing the Social Security numbers of those affected to the three major credit-reporting agencies.

 
Information Source:
Media
records from this breach used in our total: 146,000

July 8, 2011 Kiplinger Washington Editors Inc.
Washington, District Of Columbia
BSO HACK

142,000

A computer breach was discovered on June 25.  Hackers may have obtained encrypted customer credit card numbers, user names and passwords.

 
Information Source:
Databreaches.net
records from this breach used in our total: 142,000

May 17, 2007 Georgia Division of Public Health
Atlanta, Georgia
GOV HACK

140,000

The GA Dept. of Human Resources notified parents of infants born between 4/1/06 and 3/16/07 that paper records containing parents' SSNs and medical histories -- but not names or addresses -- were discarded without shredding.

 
Information Source:
Dataloss DB
records from this breach used in our total: 140,000

July 6, 2010 Massachusetts Secretary of State Office
Boston, Massachusetts
GOV PHYS

139,000

In an attempt to release public information from the Securities Division, the Massachusetts Secretary of State's office released the Social Security and driver's license information of 139,000 investment advisers registered with the state. The information was sent on a CD-ROM sent to IA Week, an investment industry publication.

 
Information Source:
Databreaches.net
records from this breach used in our total: 139,000

July 7, 2010 Massachusetts Secretary of State, Securities Division
Boston, Massachusetts
GOV PORT

139,000

The Massachusetts Secretary of State's office accidentally released confidential personal information earlier this year on 139,000 investment advisers registered with the state. The data, including the advisers' Social Security numbers, were on a CD-ROM sent to IA Week, an investment industry publication that had requested public information from the Securities Division. Secretary of State IA Week had asked for a list of registered investment companies. The Securities Division responded by sending a list of individual investment professionals. In addition to their names and Social Security numbers, this list included their dates and locations of birth, height, weight, hair color, and eye color.

 
Information Source:
Dataloss DB
records from this breach used in our total: 139,000

May 2, 2006 Ohio University
Athens, Ohio
EDU HACK

300,000 (137,000 SSNs)

http://www.ohio.edu/datasecurity/

Hackers accessed a computer system of the school's alumni relations department that included biographical information and 137,000 Social Security numbers of alum.

UPDATE (8/30/07) : An Ohio judge has granted a motion to dismiss a case against Ohio University (OU) regarding security breaches of the school's computer systems that compromised alumni data. The two alumni who filed the lawsuit wanted OU to pay for credit monitoring services for everyone whose data were compromised. The judge said the pair had not proven that they had suffered damages for which they could be compensated.

 
Information Source:
Dataloss DB
records from this breach used in our total: 137,000

February 7, 2007 Johns Hopkins University and Johns Hopkins Hospital
Baltimore, Maryland
MED PORT

52,000 past and present employees plus 83,000 patients

Johns Hopkins reported the disappearance of 9 backup computer tapes containing personal information of employees and patients.  Eight of the tapes contained payroll information on 52,000 past and present employees, including SSNs and in some cases bank account numbers. The 9th tape contained less sensitive information about 83,000 hospital patients.

 
Information Source:
Dataloss DB
records from this breach used in our total: 135,000

April 12, 2011 Oklahoma State Department of Health
Oklahoma City, Oklahoma
GOV PORT

133,000

People who might have been affected may call 1-888-278-7134 or email contactosdh@health.ok.gov.

An agency laptop and 50 pages of medical information were stolen from an employee's car on April 6. A database with information from the Oklahoma Birth Defects Registry was on the laptop. Data from hospital medical records were recorded on the laptop. The Oklahoma Birth Defects Registry uses the information to track and reduce the prevalence of birth defects. Notifications of the breach state that parent and child names, Social Security numbers, addresses, birth dates, medical records and medical test results may have been exposed. Notifications also warn that any phone calls or mail sent to home addresses that request Social Security numbers should be thoroughly investigated.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 133,000

August 9, 2006 U.S. Department of Transportation
Washington, District Of Columbia
GOV PORT

132,470

(800) 424-9071,  hotline@oig.dot.gov

The DOT's Office of the Inspector General reported a special agent's laptop was stolen on July 27 from a government-owned vehicle in Miami, FL, parked in a restaurant parking lot. It contained names, addresses, SSNs, and dates of birth for 80,670 persons issued commercial drivers licenses in Miami-Dade County, 42,800 persons in FL with FAA pilot certificates and 9,000 persons with FL driver's licenses.

UPDATE (11/21/06):A suspect was arrested in the same parking lot where the theft occurred, but the laptop has not been recovered. Investigators found a theft ring operating in the vicinity of the restaurant parking lot.

 
Information Source:
Dataloss DB
records from this breach used in our total: 132,470

August 13, 2009 National Guard Bureau
Arlington, Virginia
GOV PORT

131,000

An Army contractor had a laptop stolen containing personal information on 131,000 soldiers. The stolen laptop contained personal information on soldiers enrolled in the Army National Guard Bonus and Incentives Program. The data includes names, Social Security numbers, incentive payment amounts and payment dates.

 
Information Source:
Dataloss DB
records from this breach used in our total: 131,000

June 30, 2010 Lincoln Medical and Mental Health Center
Bronx, New York
MED PORT

130,495

Multiple CDs containing patient personal information were lost in transit by FedEx. Information included dates of birth, driver's license numbers, descriptions of medical procedures, addresses, and Social Security numbers. Siemens Medical Solutions USA, the Hospital's billing contractor, shipped the CDs around March 16th. They were never received.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 130,495

October 21, 2005 Wilcox Memorial Hospital
Lihue, Hawaii
MED PORT

130,000

A backup computer data drive containing medical record numbers, addresses, names and Social Security numbers of current and former patients was lost.  Letters have been sent to affected patients.

 
Information Source:
Dataloss DB
records from this breach used in our total: 130,000

February 8, 2007 St. Mary's Hospital
Leonardtown, Maryland
MED PORT

130,000

A laptop was stolen in December that contained names, SSNs, and birthdates for many of the Hospital's patients.

 
Information Source:
Dataloss DB
records from this breach used in our total: 130,000

December 31, 2009 Eastern Washington University
Cheney, Washington
EDU HACK

130,000

Eastern Washington University is trying to notify up to 130,000 current or former students whose names, Social Security numbers and dates of birth were on a computer network involved in a security breach. The student information goes back to 1987. The notification process could take up to two weeks. The University recently discovered the breach during an assessment of its network. Information-technology staff also discovered that the hacker installed software to store and share video files on the system.

 
Information Source:
Dataloss DB
records from this breach used in our total: 130,000

February 6, 2007 Merchant America
Camarillo, California
BSR HACK

130,000

A hacker gained access to a customer database. Customers who made transactions with merchants that Merchant America provides payment processing services to may have had their names, bank account numbers and driver's license numbers exposed.

 
Information Source:
Dataloss DB
records from this breach used in our total: 130,000

April 8, 2008 WellPoint
Indianapolis, Indiana
BSO DISC

128,000

Personal information that may have included Social Security numbers and pharmacy or medical data for customers in several states was exposed online over the past year.

 
Information Source:
Dataloss DB
records from this breach used in our total: 128,000

July 24, 2008 Saint Mary's Regional Medical Center
Reno, Nevada
MED HACK

128,000

An unauthorized person may have accessed the St. Mary's database. The database, used for Saint Mary's health education classes and wellness programs, contained personal information such as names and addresses, limited health information and some Social Security numbers. The database did not contain medical records or credit card information.

 
Information Source:
Dataloss DB
records from this breach used in our total: 128,000

August 10, 2010 College Center for Library Automation (CCLA)
Tallahassee, Florida
GOV DISC

126,000

Personal data from students, faculty and staff from six colleges was accessible through an Internet search for five days. The information may have included full names, Social Security numbers, driver's license numbers, and Florida identification card numbers. The institutions were Broward College, Florida State College at Jacksonville, Northwest Florida State College, Pensacola State College, South Florida Community College, and Tallahassee Community College.

 
Information Source:
Databreaches.net
records from this breach used in our total: 126,000

April 9, 2013 Kirkwood Community College
Cedar Rapids, Iowa
EDU HACK

125,000

Hackers accessed Kirkwood Community College's website and applicant database system on March 13.  Anyone who applied to a Kirkwood Campus may have had their names, Social Security numbers, dates of birth, race, and contact information exposed.  People who applied to take Kirkwood college-credit classes between February 25, 2005 and March 13, 2013 were affected.

 
Information Source:
Media
records from this breach used in our total: 125,000

May 25, 2012 Serco, Inc., Federal Retirement Thrift Investment Board
Reston, Virginia
BSF HACK

123,201

One of the computers used by the contractor Serco to support the Federal Retirement Thrift Investment Board (FRTIB) was the target of a sophisticated cyber attack.  Thrift Savings Plan participants and others who received TSP payments may have had their information exposed. However, there is no evidence that the entire TSP network of 4.5 million participants was breached. A total of 43,587 participants may have had their Social Security numbers, names, and addresses compromised. An additional 80,000 may have had their Social Security numbers and no other information compromised. The attack appears to have occurred in July of 2011 and was discovered through an FBI investigation in April of 2012.

 
Information Source:
Databreaches.net
records from this breach used in our total: 123,201

March 11, 2005 Boston College
Boston, Massachusetts
EDU HACK

120,000

A hacker gained access to a phone banking database that included alumni addresses and Social Security numbers.

 
Information Source:
Dataloss DB
records from this breach used in our total: 120,000

August 20, 2013 League of Legends, Riot Games
Santa Monica, California
BSO HACK

120,000

A security breach has resulted in the usernames, email addresses, first and last names, and encrypted passwords of League of Legends users to be exposed.  About 120,000 transaction records from 2011 may have been accessed.  The transaction records contained hashed and salted (encrypted) credit card numbers. The information was stored on a system that had not been used since 2011.

 
Information Source:
Media
records from this breach used in our total: 120,000

July 26, 2013 St. Mary's Bank
Manchester, New Hampshire
BSF HACK

115,775

Current and former members may have had their Social Security numbers, transaction records, and other personal information exposed due ot malware that was found on an employee's office computer.  The malware was discovered on May 26 and St. Mary's began mailing letters on July 12.  The malware could have been on up to 23 work stations as early as February.  There has been no evidence of names, Social Security numbers, addresses, account numbers, transaction records, or other sensitive information being accessed by an unauthorized individual so far.

 
Information Source:
Media
records from this breach used in our total: 115,775

July 29, 2006 Sentry Insurance
Stevens Point, Wisconsin
BSF INSD

112,270 

Personal information including SSNs on worker's compensation claimants was stolen, some of which was later sold on the Internet. At least 72 claimants of the 112,270 who may have had their information accessed had their information sold.  No medical records were included. The thief was a lead programmer-consultant who had access to claimants' data. The consultant was arrested and faces felony charges.

 
Information Source:
Dataloss DB
records from this breach used in our total: 112,270

September 11, 2007 Gander Mountain
Greensburg, Pennsylvania
BSR STAT

112,000

Somebody either lost or stole a computer potentially containing the credit card information of anyone who has shopped at the Greensburg store since it first opened more than five years ago. Gander Mountain said credit card information for 112,000 customers of its Greensburg store might have been compromised. That includes 10,000 records with names, card numbers and expiration dates.

 
Information Source:
Dataloss DB
records from this breach used in our total: 112,000

July 24, 2012 Wisconsin Department of Revenue
Madison, Wisconsin
GOV DISC

110,795

An annual sales report contained the Social Security and tax identification numbers of people and businesses who sold property in Wisconsin in 2011.  The report was available online between April 5, 2012 and July 23, 2012 and meant for real estate professionals.  The report was accessed a total of 138 times before being taken down.  Sensitive seller information was in an an embedded file included in an Microsoft Access file which showed sales data. A total of 110,795 sales were made in Wisconsin in 2011, but not everyone who made a sale provided their Social Security or tax identification number for the paperwork.

 
Information Source:
Media
records from this breach used in our total: 110,795

December 16, 2010 Twin America LLC, CitySights NY
New York, New York
BSO HACK

110,000

On or around October 25 a web programmer discovered that malicious script had been placed on the server. The script appears to have been uploaded on September 26 and had allowed access to the customer database multiple times between that date and October 19. Customer names, credit card numbers, credit card expiration dates, CVV2 data, addresses and email addresses may have been exposed.

 
Information Source:
Databreaches.net
records from this breach used in our total: 110,000

February 20, 2013 Central Hudson Gas & Electric
Poughkeepsie, New York
NGO HACK

110,000

Central Hudson learned of a cyber attack that occurred over President's Day weekend.  Customers were notified the day after the holiday and encouraged to monitor their bank accounts and credit reports.  Customer banking information and other personal information may have been accessed during the attack.

 
Information Source:
Databreaches.net
records from this breach used in our total: 110,000

Breach Total
864,188,052 RECORDS BREACHED
(Please see explanation about this total.)
from 4,252 DATA BREACHES made public since 2005
Showing 151-200 of 4252 results


X

Sign In!

Loading