Chronology of Data Breaches
Security Breaches 2005 - Present

Posted Date: April 20, 2005
Updated Date: December 31, 2013

Is this your first visit to our Chronology of Data Breaches?

  • Read our FAQ about what we define as a breached record, how we calculate the "total" records breached, our data sources, state breach notice laws, studies and other resources

  • Learn how to use our Chronology and take advantage of its sophisticated search and sort features

  • Get our RSS Feed to see when we add new breaches to the list

What would you like to do?


Click or unclick the boxes then select go.


Select features, then click GO.



Help Guide

Can't find the sort feature you're looking for? Click here to download a CSV file of the data breach list as it exisits today.
Breach Total
868,045,823 RECORDS BREACHED
(Please see explanation about this total.)
from 4,348 DATA BREACHES made public since 2005

Save or Print PDF of Entire Breach List including introduction.Save or Print a PDF of Entire Breach List (including introductory FAQ)

Filter breach list before saving or printing PDF. Conduct a search of the Chronology using its sorting features, and Save or Print a PDF of your search results (Select filters)

If you do not have access to PDF, you can print the Chronology in landscape view.

Date Made Public Name Entity Type
July 29, 2006 Sentry Insurance
Stevens Point, Wisconsin
BSF INSD

112,270 

Personal information including SSNs on worker's compensation claimants was stolen, some of which was later sold on the Internet. At least 72 claimants of the 112,270 who may have had their information accessed had their information sold.  No medical records were included. The thief was a lead programmer-consultant who had access to claimants' data. The consultant was arrested and faces felony charges.

 
Information Source:
Dataloss DB
records from this breach used in our total: 112,270

September 11, 2007 Gander Mountain
Greensburg, Pennsylvania
BSR STAT

112,000

Somebody either lost or stole a computer potentially containing the credit card information of anyone who has shopped at the Greensburg store since it first opened more than five years ago. Gander Mountain said credit card information for 112,000 customers of its Greensburg store might have been compromised. That includes 10,000 records with names, card numbers and expiration dates.

 
Information Source:
Dataloss DB
records from this breach used in our total: 112,000

July 24, 2012 Wisconsin Department of Revenue
Madison, Wisconsin
GOV DISC

110,795

An annual sales report contained the Social Security and tax identification numbers of people and businesses who sold property in Wisconsin in 2011.  The report was available online between April 5, 2012 and July 23, 2012 and meant for real estate professionals.  The report was accessed a total of 138 times before being taken down.  Sensitive seller information was in an an embedded file included in an Microsoft Access file which showed sales data. A total of 110,795 sales were made in Wisconsin in 2011, but not everyone who made a sale provided their Social Security or tax identification number for the paperwork.

 
Information Source:
Media
records from this breach used in our total: 110,795

December 16, 2010 Twin America LLC, CitySights NY
New York, New York
BSO HACK

110,000

On or around October 25 a web programmer discovered that malicious script had been placed on the server. The script appears to have been uploaded on September 26 and had allowed access to the customer database multiple times between that date and October 19. Customer names, credit card numbers, credit card expiration dates, CVV2 data, addresses and email addresses may have been exposed.

 
Information Source:
Databreaches.net
records from this breach used in our total: 110,000

February 20, 2013 Central Hudson Gas & Electric
Poughkeepsie, New York
NGO HACK

110,000

Central Hudson learned of a cyber attack that occurred over President's Day weekend.  Customers were notified the day after the holiday and encouraged to monitor their bank accounts and credit reports.  Customer banking information and other personal information may have been accessed during the attack.

 
Information Source:
Databreaches.net
records from this breach used in our total: 110,000

April 11, 2005 Tufts University
Boston, Massachusetts
EDU HACK

106,000

RuffaloCODY is the software management company.

The University's donor database was breached sometime in late 2004.  The database was managed by a software company for nonprofit organizations named RuffaloCODY.  Letters were sent to the alumni who may have had their personal information stolen.

 
Information Source:
Dataloss DB
records from this breach used in our total: 106,000

August 28, 2007 Connecticut Department of Revenue Services
Hartford, Connecticut
GOV PORT

106,000

A computer laptop with the names and Social Security numbers of more than 100,000 Connecticut taxpayers has been stolen. The Department of Revenue Services intends to launch a web page soon that residents can search to determine whether their personal information was stored on the laptop.

UPDATE (9/14/07): More than 2 dozen state laptops have gone missing since July 2006.

UPDATE (10/19/07): A supervisor at the state Department of Revenue Services was suspended without pay. His computer was stolen from his car in August at a hotel in New York. Police say it was possible the vehicle was not locked because there were no signs of a break-in.

 
Information Source:
Dataloss DB
records from this breach used in our total: 106,000

August 16, 2013 U.S. Department of Energy
Washington, District Of Columbia
GOV UNKN

104,000 (5,711 confirmed)

An unspecified security incident caused the personal information of current and former employees to be exposed.  No classified data was lost.

UPDATE (08/30/2013): An August 29 memo revealed that the system that was hacked was called DOEInfo.  A total of 2,539 current employees and 3,172 former employees were affected.  Names, Social Security numbers, and dates of birth were exposed.

UPDATE (09/03/2013): Approximately 53,000 current and former federal employees, employee dependents and contractors had their information exposed.  The incident occurred in July of 2013.

UPDATE (10/22/2013): The Department of Energy revised the number of affected current and former employees to 104,000.

UPDATE (12/13/2013): Up to 150,000 employees may have been affected.

UPDATE (12/17/2013): A federal audit revealed that the Department of Energy had received warnings about the security of its information systems, yet failed to act.

 
Information Source:
Media
records from this breach used in our total: 104,000

February 27, 2008 Health Net Federal Services
Rancho Cordova, California
MED DISC

103,000

Thousands of doctors in eleven states had their personal information openly posted on a company website. Social Security numbers were part of the personal information exposed. The states involved include Wisconsin, Michigan, Illinois, Indiana, Ohio, Pennsylvania, Tennessee, Iowa, Missouri, Kentucky and West Virginia.

 
Information Source:
Dataloss DB
records from this breach used in our total: 103,000

October 15, 2009 Virginia Department of Education
Richmond, Virginia
EDU PORT

103,000

(877) 347-5224

A flash drive containing the personal information of more than 103,000 former adult education students in Virginia was misplaced. The information included names, Social Security numbers and employment and demographic information. The flash drive contained information on all students who finished an adult education course in Virginia from April 2007 through June 2009 or who passed a high school equivalency test between January 2001 and June 2009.

 
Information Source:
Dataloss DB
records from this breach used in our total: 103,000

August 3, 2012 Memorial Healthcare System (MHS)
,
MED INSD

102,153

MHS discovered a second breach during the process of investigating a dishonest employee's misuse of patient data in January of 2012.  Employees of affiliated physicians' offices may have improperly accessed patient information through a web portal used by physicians who provide care and treatment at MHS.  Patient names, Social security numbers, and dates of birth may have been accessed during the period between January 1, 2011 and July 5, 2012.  

 
Information Source:
HHS via PHIPrivacy.net
records from this breach used in our total: 102,153

November 27, 2006 Greenville County School District
Greenville, South Carolina
EDU STAT

At least 101,000 students and employees

School district computers sold to the WH Group at auctions between 1999 and early 2006 contained the birth dates, SSNs, driver's license numbers and Department of Juvenile Justice records of approximately 100,000 students. The computers also held sensitive data for more than 1,000 school district employees.

UPDATE(12/10/06): A judge ordered the WH Group to return the computers and the confidential data on them to the school district.

 
Information Source:
Dataloss DB
records from this breach used in our total: 101,000

February 25, 2005 PayMaxx
Miramar, Florida
BSF DISC

100,000

A software glitch at PayMaxx Inc., a Franklin, Tenn., payroll processing company, accidentally revealed personal financial information on as many as 100,000 individuals, including Social Security numbers. The problem arose in a PayMaxx feature that enabled employees to use the Internet to get their W-2 forms, the standard tax information form issued by companies to their employees.

 
Information Source:
Dataloss DB
records from this breach used in our total: 100,000

August 9, 2005 University of Utah
Salt Lake City, Utah
EDU HACK

100,000

A server containing library archival databases was hacked.  The server included names and Social Security numbers of former University employees.  The University issued a warning that people may try to get personal information by posing as University officials involved in the investigation.

 
Information Source:
Dataloss DB
records from this breach used in our total: 100,000

September 10, 2005 Kent State University
Kent, Ohio
EDU STAT

100,000

Five desktop computers were stolen from the locked offices of two deans. Names, Social Security numbers, and grades were on the computers.  The information goes back to 2000 for students and 2002 for instructors.  Affected students and professors were alerted by the University.

 
Information Source:
Dataloss DB
records from this breach used in our total: 100,000

December 1, 2005 First Trust Bank
Memphis, Tennessee
BSF PORT

100,000

A man claiming to be a janitor bypassed security and stole a laptop from the bank.  The laptop contained Social Security numbers and other personal information of current and former customers.  Affected customers were contacted and the theft was caught on tape.

 
Information Source:
Dataloss DB
records from this breach used in our total: 100,000

July 7, 2006 Naval Safety Center, United States Navy
Norfolk, Virginia
GOV DISC

100,000

The SSNs and other personal information of more than 100,000 naval and Marine Corps aviators and air crew, both active and reserve, were exposed on the Center website and on 1,100 computer discs mailed to naval commands.

 
Information Source:
Dataloss DB
records from this breach used in our total: 100,000

May 5, 2007 Transportation Security Administration (TSA)
Crystal City, Virginia
GOV PORT

100,000

A computer hard drive containing payroll data from January 2002 to August 2005 including employee names, Social Security numbers, birth dates, bank account and routing information of current and former workers including airport security officers and federal air marshals was stolen.

UPDATE (5/14/07) The American Federation of Government Employees is suing the TSA for the loss of the hard drive. It calls the breach a violation of the Privacy Act.

 
Information Source:
Dataloss DB
records from this breach used in our total: 100,000

July 16, 2007 Transportation Security Administration (TSA)
Arlington, Virginia
GOV PORT

100,000

Authorities realized in May a storage device was missing from TSA headquarters. The drive contained historical payroll data, Social Security numbers, dates of birth, addresses, time and leave datas, bank account, routing information, and details about financial allotments and deductions.

 
Information Source:
Media
records from this breach used in our total: 100,000

November 1, 2008 Baylor Health Care System Inc.
Dallas, Texas
MED PORT

100,000 (7,400 were SSN)

 (800) 554-5281

A laptop computer containing limited health information on 100,000 patients was stolen from an employee's car. Included were 7,400 patients whose Social Security numbers were stored on the computer.

 
Information Source:
Dataloss DB
records from this breach used in our total: 100,000

March 11, 2009 Binghamton University
Binghamton, New York
EDU STAT

100,000

Binghamton University kept payment information for every student, possibly dating back at least ten years in a storage area next to one of the most trafficked lecture halls on campus, behind a door that was not only unlocked but taped open. The information itself contained Social Security numbers, credit card numbers, scans of tax forms, business information (including Social Security numbers and salary information for employees of students' parents), asylum records and more, all kept in a haphazard and disorganized fashion, sprawled out in boxes, in unlocked (yet lockable) filing cabinets and shelving units. If the information inside the room pertained only to the current students enrolled and their parents that would mean the story would effect, roughly, forty-two thousand people. However, because the information goes back at least ten years, if not more, the potential number of people effect lies well in the hundred thousands.

 
Information Source:
Media
records from this breach used in our total: 100,000

April 11, 2009 Peninsula Orthopaedic Associates
Salisbury, Maryland
MED PORT

100,000

As many as 100,000 patients of Peninsula Orthopaedic Associates are being warned to protect themselves against identity theft after tapes containing patient information were stolen. Patients also were advised to keep an eye on benefits statements from their health insurance companies since they may also be at risk for medical identity theft. The records from Peninsula Orthopaedic were stolen March 25 while in transport to an off-site storage facility. Patients' personal information including their Social Security numbers, employers and health insurance plan numbers may have been among the information stolen.

 
Information Source:
Dataloss DB
records from this breach used in our total: 100,000

May 2, 2012 Florida Department of Children and Families
Tallahassee, Florida
GOV DISC

100,000

The information of Florida child care workers was placed on a state website.  The information was not password protected and could have been found through an internet search. An unnamed vendor working for the state of Florida was responsible for placing the information online.  Florida daycare workers may have had their dates of birth, names, and Social Security numbers exposed. It is not clear how long the information was exposed.

 
Information Source:
Databreaches.net
records from this breach used in our total: 100,000

November 10, 2012 Alere Home Monitoring, Inc.
Livermore, California
MED PORT

100,000

The September 23 theft of an employee's unencrypted laptop resulted in the exposure of information of over 100,000 patients.  The laptop was stolen from the employee's home.  Names, Social Security numbers, addresses, and diagnosis information of patients taking drugs to prevent blood clots were exposed. Alere became aware of the breach on October 1.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 100,000

February 22, 2013 Crescent Health Inc., Walgreens
Anaheim, California
MED STAT

100,000

Desktop computer hardware was stolen from the Anaheim Billing Center of Crescent Healthcare, Inc. on December 28, 2012.  The theft was discovered on Monday, December 31 and reported to law enforcement.  Names, Social Security numbers, health insurance identification numbers, health insurance information, dates of birth, diagnoses, other medical information, disability codes, addresses, and phone numbers may have been exposed.

UPDATE (04/03/2013): Over 100,000 people were affected.

 
Information Source:
California Attorney General
records from this breach used in our total: 100,000

May 5, 2009 Fulton County Board of Registration and Elections
Atlanta, Georgia
GOV PHYS

99,000

Boxes were found in a trash bin at Atlanta Technical College. They contained about 75,000 voter registration application cards and 24,000 precinct cards. Many of the documents contained personal information on active voters, such as full names and Social Security numbers.

 
Information Source:
Dataloss DB
records from this breach used in our total: 99,000

September 15, 2008 Forever21
Los Angeles, California
BSR HACK

98,930

(888) 757-4447, http://www.forever21.com/notice/notice.html

If you shopped at the stores between November 26, 2003, and October 24, 2005, criminals may have hijacked your credit and debit card numbers from its computers. Approximately 20,500 of these numbers were obtained from the Fresno store transaction data. The data included credit and debit card numbers and in some instances expiration dates and other card data, but did not include customer name and address.

 
Information Source:
Dataloss DB
records from this breach used in our total: 98,930

March 11, 2005 University of California, Berkeley
Berkeley, California
EDU PORT

98,400

A laptop containing the Social Security numbers of doctoral degree recipients from 1976 to 1999, graduate students enrolled between 1989 and 2003, and graduate school applicants between fall 2001 and spring of 2004 was stolen.  Birth dates and addresses for about one-third of the affected people were also on the laptop.

 
Information Source:
Dataloss DB
records from this breach used in our total: 98,369

February 19, 2009 University of Florida
Gainesville, Florida
EDU HACK

97,200

(877) 657-9133

A foreign hacker gained access to a University of Florida computer system containing the personal information of students, faculty and staff. The files included the names and Social Security numbers of individuals who used UF's Grove computer system since 1996.

 
Information Source:
Dataloss DB
records from this breach used in our total: 97,200

November 24, 2008 Starbucks Corp.
Seattle, Washington
BSR PORT

97,000

A laptop containing private information on employees was stolen. The information included names, addresses and Social Security numbers.
 

 
Information Source:
Dataloss DB
records from this breach used in our total: 97,000

June 9, 2012 Franklin's Budget Car Sales, Inc.
Statesboro, Georgia
BSR DISC

95,000

The FTC fined Franklin's Budget Car Sales for compromising consumers' personal information by allowing peer-to-peer software to be installed on its network.  Any computers that were connected to the peer-to-peer network could have accessed Franklin's network of consumer names, Social Security numbers, addresses, dates of birth, and driver's license numbers.  The FTC claimed that Franklin's failed to assess risks to the consumer information it collected and stored online and failed to adopt policies to prevent or limit unauthorized disclosure of information.  Franklin's also allegedly failed to prevent, detect and investigate unauthorized access to personal information on its networks, failed to adequately train employees and failed to employe reasonable measures to respond to unauthorized access to personal information.  Franklin's settlement agreement bars Franklin's from misrepresentations about the privacy, security, confidentiality, and integrity of personal information it collected from consumers.  Franklin's must also establish and maintain a comprehensive information security program and undergo data security audits.

 
Information Source:
Databreaches.net
records from this breach used in our total: 95,000

May 11, 2011 Michaels Stores Inc.
New York, New York
BSR CARD

94,000

The location listed is Michaels headquarters.  Customers from multiple states were affected.

Those with questions may call 800-MICHAELS (642-4235).

A number of PIN pads in Chicago-area Michaels stores were found to have been tampered with.  Michaels checked 7,200 PIN pads in 964 US stores.  Fewer than 90 pads were found to have been compromised, but the affected pads were in 20 states. Michaels expects the process of replacing the pads to last about 15 days. The number of affected customers is in the tens of thousands. PIN pads in Canada will also be checked.

The Chicago-area was the hardest hit; 14 stores had compromised PIN pads. Customers who used their debit or credit cards at Michaels are encouraged to monitor their transaction records. Michaels Stores released an official statement.

UPDATE (05/19/2011): A suit seeks class-action status and more than $5 million in damages for people whose credit and debit accounts were compromised by the breach.  The lawsuit claims that Michaels failed to protect customers from "cyber-pickpockets" who stole sensitive banking information from checkout keypads at stores in 20 states. Michaels is accused of knowingly violating federal and state law by failing to take reasonable steps to safeguard customers' personal information.  Michaels is also accused of failing to alert customers as soon as the security breach was discovered. There is now a theory that thieves used a combination of  "false card readers", wireless cameras or electronic membranes placed over keypads to collect the PINs and card information of MIchaels' customers. This allowed them to create fraudulent debit and credit cards.

UPDATE (05/31/2011): A second lawsuit was filed in late May.  The new suit also seeks class-action status.  It alleges that Michaels failed to safeguard shoppers' credit and debit PINs and other information.  The second lawsuit was filed by an Illinois resident who saw over $1,000 in fraudulent charges after making an $18.16 purchase at Michaels.

UPDATE (06/20/2011): An extensive fraud case has hit multiple areas of Oregon.  Over 250 people have reported fraudulent charges related to cards that were used at Michaels stores.

UPDATE (06/27/2011): Four suspects were caught making fraudulent debit card transactions on camera.  The images have been distributed by investigators hoping that someone in the Beaverton, Oregon area will recognize one or more of the people.  

Additionally, Michaels now faces a total of four lawsuits related to the data breach.

UPDATE (07/13/2011): A number of Iowa residents began reporting debit card fraud that could potentially be related to the Michaels breach.

UPDATE (03/21/2012): Two men will be sentenced for their roles in setting up phony debit and credit card pads in the 84 Michaels stores.  Each pleaded guilty to one count of conspiracy to commit bank fraud, one count of bank fraud, and one count of aggravated identity theft. A total of 94,000 credit and debit card account numbers were stolen.

UPDATE (07/30/2012): The two men were each sentenced to 36 months in prison for conspiracy to commit bank fraud.  An additional 24 months were added for aggravated identity theft.  The must also pay $42,000 in restitution and will have five years of supervised release.

 
Information Source:
Databreaches.net
records from this breach used in our total: 94,000

April 5, 2011 MidState Medical Center
Hartford, Connecticut
MED PORT

93,500

People with comments or questions regarding this incident may call (855) 398-6435.

A former Hartford Hospital employee misplaced a computer hard drive on February 15. It contained patient names, Social Security numbers, addresses, dates of birth and medical record numbers. Not all of the patients who were affected had their Social Security numbers exposed.

UPDATE (04/07/2011): Connecticut's Attorney General and Consumer Protection Commissioner are investigating the breach and data security policies of Hartford Medical Center and Midstate Medical Center.  Additional details reveal that the hospital employee misplaced the computer hard drive after taking it home. The Connecticut Attorney General is asking that affected patients receive two years of credit monitoring services, identity theft insurance and reimbursement for placing and lifting security freezes.

UPDATE (07/10/2012): The Connecticut Attorney General has decided to end an investigation of MidState's practices.  The Attorney General claimed to base his decision to close the investigation with no further action on the fact that the Hospital had taken significant actions on behalf of the affected patients.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 93,500

March 3, 2006 Metropolitan State College of Denver (MSCD)
Denver, Colorado
EDU PORT

93,000

http://www.mscd.edu/securityalert/

A laptop containing student information was stolen.  The information included names and Social Security numbers of students who registered for Metropolitan State courses between the 1996 fall semester and the 2005 summer semester.

 
Information Source:
Security Breach Letter
records from this breach used in our total: 93,000

July 16, 2010 Buena Vista University
Storm Lake, Iowa
EDU HACK

93,000

Someone gained unauthorized access to a BVU database. The database contained records of names, Social Security numbers, and driver's license numbers of BVU applicants, current and former students, parents, current and former faculty and staff, alumni and donors. These records go back as far as 1987.

 
Information Source:
Databreaches.net
records from this breach used in our total: 93,000

April 26, 2006 Pershing LLC
Jersey City, New Jersey
BSF PORT

92,541

A Pershing employee lost a laptop computer. Personal information of clients may have been stored on the laptop. Names, Social Security numbers, addresses, brokerage account numbers and account holdings may have been exposed.

 
Information Source:
Dataloss DB
records from this breach used in our total: 92,541

August 18, 2008 Dominion Enterprises
Richmond, Virginia
BSO HACK

92,095

(757) 351-7951

A computer server within InterActive Financial Marketing Group (IFMG), a division of Dominion Enterprises located in Richmond, Virginia, was hacked into and illegally accessed by an unknown and unauthorized third party between November 2007 and February 2008. The data intrusion resulted in the potential exposure of personal information, including the names, addresses, birth dates, and Social Security numbers of 92,095 applicants who submitted credit applications to IFMG's family of special finance Web sites.

 
Information Source:
Dataloss DB
records from this breach used in our total: 92,095

June 2, 2006 Ahold USA, parent company of Stop & Shop, Giant stores and Tops stores via subcontractor Electronic Data Systems (EDS)
Landover, Maryland
BSR PORT

92,000

Additional location: Plano, TX

An EDS employee lost a laptop computer during a commercial flight that contained pension data of former employees of Ahold's supermarket chains including Social Security numbers, birth dates and benefit amounts.  The laptop was lost form the checked baggage of a domestic commercial airline flight on May 2, 2006.  The laptop was not recovered even though the incident was reported immediately.

 
Information Source:
Dataloss DB
records from this breach used in our total: 92,000

August 23, 2011 Lincoln Financial Group, Lincoln National Life Insurance Company, Lincoln Life and Annuity Company of New York
New York, New York
BSF DISC

91,763

A programming error caused the names and Social Security numbers of current and former retirement plan enrollees to be accessible to unauthorized plan administrators.  The error had existed in the database's search function since October 2009.  A plan administrator notified Lincoln Financial Group of the issue on July 18.  

 
Information Source:
Databreaches.net
records from this breach used in our total: 91,763

January 12, 2006 People's Bank
Bridgeport, Connecticut
BSF PORT

90,000

A computer tape containing names, addresses, Social Security numbers, and checking account numbers was lost while being transported by UPS.  The bank alerted the affected customers and provided them with a credit monitoring service for one year.

 
Information Source:
Dataloss DB
records from this breach used in our total: 90,000

May 19, 2007 Stony Brook University
Stony Brook, New York
EDU DISC

90,000

http://www.stonybrook.edu/sb/disclosure/, Call Center, (866) 645-5830 (available until July 15, 2007)

SSNs and university ID numbers of faculty, staff, students, alumni, and other community members were visible via the Google search engine after they were posted to a Health Sciences Library Web server April 11. It was discovered and removed 2 weeks later.

 
Information Source:
Dataloss DB
records from this breach used in our total: 90,000

November 29, 2013 University of Washington Medicine
Seattle, Washington
MED HACK

90,000

An employee at UW Medicine opened an email attachment that contained malicious software in early October.  The malware affected the employee's computer and any information on the computer may have been compromised.  Patient names, Social Security numbers, phone numbers, addresses, and medical record numbers may have been affected.  Patients who were seen at UW Medicine dating back to at least 2008 could have had their information exposed.  Notifications of the breach were sent at the end of November.

 
Information Source:
Media
records from this breach used in our total: 90,000

September 23, 2008 Texas Lottery Commission
Austin, Texas
GOV INSD

89,000

A former Texas Lottery Commission computer analyst has been arrested for copying the personal data of Texas lottery winners. He downloaded his own work files off his computer and took them to his next job. The names and Social Security numbers of 27,075 mid-level lottery winners -- people who have won prizes from $600 up to around $1 million -- were on the employee's hard drive.

UPDATE 10/31/08: 89,000 lottery winners are being notified their personal information, including Social Security numbers, may have been breached.

 
Information Source:
Dataloss DB
records from this breach used in our total: 89,000

May 4, 2008 Staten Island University Hospital
Staten Island, New York
MED STAT

88,000

Computer equipment stolen from an administrator contained personal information from patients. Social Security numbers and health insurance numbers were contained in computer files on a desktop computer and the backup hard drive.

 
Information Source:
Dataloss DB
records from this breach used in our total: 88,000

April 12, 2012 Housatonic Community College
Bridgeport, Connecticut
EDU HACK

87,667 

Two campus computers were determined to have been infected by malware.  The breach occurred when a faculty or staff member opened an email that contained a virus.  The virus was immediately detected.  Faculty, staff, and students affiliated with the school between the early 1990's and the day of the breach may have had their names, Social Security numbers, dates of birth, and addresses exposed.  Housatonic's president acknowledged that the cost of handling the breach could be as much as $500,000.

 
Information Source:
Dataloss DB
records from this breach used in our total: 87,667

June 12, 2012 Bethpage Federal Credit Union
Bethpage, New York
BSF DISC

86,000

An employee accidentally posted data onto a file transfer protocol site that was not secure on May 3.  The data contained customer VISA debit card names, addresses, dates of birth, card expiration dates and checking and savings account numbers.  The error was discovered on June 3. The data was accessed, but there was no evidence of identity theft or fraud as of June 12.  New cards were issued to 25% of the affected members and the remaining members will have their affected cards deactivated on June 30.

 
Information Source:
Databreaches.net
records from this breach used in our total: 86,000

October 7, 2008 University of North Dakota Alumni Association
Grand Forks, North Dakota
EDU PORT

84,554

A laptop computer containing sensitive personal and financial information on alumni, donors and others was stolen from a vehicle belonging to a software vendor retained by the UND. The information, included individuals' credit card and Social Security numbers,

 
Information Source:
Dataloss DB
records from this breach used in our total: 84,554

June 17, 2009 Blackbaud Inc.
Charleston, South Carolina
BSO PORT

84,000

A computer that was stolen from a car in Charleston, SC, last year contained personal financial information on 84,000 University of North Dakota donors. The missing laptop belonged to Daniel Island-based software giant Blackbaud Inc., which stressed that all of the information was password-protected and encrypted.

 
Information Source:
Media
records from this breach used in our total: 84,000

March 15, 2006 Ernst & Young, IBM
New York, New York
BSF PORT

84,000

A laptop with sensitive information was stolen from an employee's car in January. IBM employees who may have been stationed overseas during their careers were affected. Names, Social Security numbers, dates of birth, genders, family sizes and tax identifiers for employees were exposed. Those affected were notified in March.

 
Information Source:
Dataloss DB
records from this breach used in our total: 84,000

February 12, 2011 Saint Francis Broken Arrow (Broken Arrow Medical Center)
Broken Arrow, Oklahoma
MED STAT

84,000

A computer that had not been used since May of 2004 was stolen from a secured information systems room. Patient billing information and some employee records were exposed. The information would have included names, Social Security numbers, dates of birth, addresses and patient insurance and diagnostic information.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 84,000

Breach Total
868,045,823 RECORDS BREACHED
(Please see explanation about this total.)
from 4,348 DATA BREACHES made public since 2005
Showing 201-250 of 4348 results


X

Sign In!

Loading