Chronology of Data Breaches
Security Breaches 2005 - Present

Posted Date: April 20, 2005
Updated Date: December 31, 2013

Is this your first visit to our Chronology of Data Breaches?

  • Read our FAQ about what we define as a breached record, how we calculate the "total" records breached, our data sources, state breach notice laws, studies and other resources

  • Learn how to use our Chronology and take advantage of its sophisticated search and sort features

  • Get our RSS Feed to see when we add new breaches to the list

What would you like to do?


Click or unclick the boxes then select go.


Select features, then click GO.



Help Guide

Can't find the sort feature you're looking for? Click here to download a CSV file of the data breach list as it exisits today.
Breach Total
867,217,832 RECORDS BREACHED
(Please see explanation about this total.)
from 4,257 DATA BREACHES made public since 2005

Save or Print PDF of Entire Breach List including introduction.Save or Print a PDF of Entire Breach List (including introductory FAQ)

Filter breach list before saving or printing PDF. Conduct a search of the Chronology using its sorting features, and Save or Print a PDF of your search results (Select filters)

If you do not have access to PDF, you can print the Chronology in landscape view.

Date Made Public Name Entity Type
October 22, 2012 Compete Inc
Boston, Massachusetts
BSO DISC

Unknown

Compete Inc. reached an agreement with the Federal Trade Commission regarding the collection of consumer information. Compete agreed to obtain end users' consent before collecting future online browsing data.  Compete will also delete or anonymize consumer data already collected and provide direction for removing tracking software installed on the computers of those who had their data collected.

FTC charged that Compete failed to adequately describe two products used to collect details about end users' browsing habits.  A toolbar and input panel were used to collect extensive information about consumer activities and transmit the information in clear readable text to Compete's servers.  All websites visited by, links followed by, and advertisements displayed to Compete consumers were collected and stored.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

October 24, 2012 Aultman Hospital
Canton, Ohio
MED HACK

Unknown

People who made purchases at Aultman Hospital's gift shop may call 330-363-5319.

Hardware at Aultman was discovered to have been infected by a cyber attack.  Unauthorized parties may have been able to access credit and debit card information from Aultman gift shop purchases between February and September of 2012.  

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

October 19, 2012 U.S. National Weather Service, Weather.gov
Silver Spring, Maryland
GOV HACK

Unknown

Hackers targeted the U.S. National Weather Service website Weather.gov in an attempt to exploit vulnerabilities in U.S. government online systems.  The hackers claim to have begun a campaign in response to U.S. cyber attacks in Muslim nations.  Partial login credentials and system and network configuration files were accessed and posted online.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

October 8, 2012 www.naperville.il.us
Naperville, Illinois
GOV HACK

Unknown

A cyber intruder injected a virus into the website of the city of Naperville.  City officials claim that no resident credit card information was compromised.  There is no evidence that any type of information was stolen from the website.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

October 30, 2012 HSBC Bank USA National Association
New York, New York
BSF INSD

Unknown

An employee resigned and left with customer account information.  Names, Account numbers, account types, and phone numbers may have been exposed.  The breach occurred in late July.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

November 1, 2012 Salinas Valley State Prison (SVSP)
Soledad, California
GOV DISC

Unknown

Sensitive staff information on a database file was found to have been accessible to all SVSP staff.  Staff names, Social Security numbers, phone numbers, addresses, and institutional-position information were exposed.  The breach was discovered on September 26 and it is unclear how long the information was available.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

November 6, 2012 Women & Infants Hospital
Providence, Rhode Island
MED PORT

14,004 (Unknown number of SSNs)

WomenandInfants.org posted a notice: http://www.womenandinfants.org/news/Confidentiality-Notice-for-Patients.cfm

Those with questions may call 1-877-810-7928.

Unencrypted backup tapes containing ultrasound images from ambulatory sites were discovered missing on September 13.  The information was from Providence, Rhode Island between 1993 and 1997 and New Bedford, Massachusetts between 2002 and 2007.  Patient names, dates of birth, dates of exams, physicians' names, and patient ultrasound images were exposed.  A limited number of current and former patients also had their Social Security numbers exposed. Notifications began on November 5.

UPDATE (11/10/2012): A total of 14,004 patients were affected.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

November 7, 2012 4Access, National Processing Company
Louisville, Kentucky
BSF HACK

Unknown

An unauthorized person may have gained access to the computer network that supported certain 4Access terminals.  These terminals were connected to a computer network that allowed merchant transaction processing.  The unauthorized entry was discovered on September 24.  Check processing information stored in the network such as check writer's name, checking account and routing numbers, address, and driver's license number may have been accessed. No credit card information was exposed.  

 
Information Source:
California Attorney General
records from this breach used in our total: 0

November 9, 2012 Memorial Hospital
Colorado Springs, Colorado
MED PHYS

6,400 (No SSNs or financial information reported)

Concerned patients may call 1-866-283-9930

Laboratory reports for about 6,400 patients were discovered missing.  The reports contained bill processing information and charges for laboratory services.  Patients who had lab work done between May 1, 2012 and August 31, 2012 had their names, Memorial internal account numbers, lab work dates, and types of lab work exposed.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

November 4, 2012 Symantec, ImageShack
Mountain View, California
BSO HACK

1,000 (No SSNs or financial information exposed)

A hacking spree resulted in unauthorized access to the ImageShack server and a Symantec portal. Names, phone numbers, emails, domains, passwords, usernames, and other information were exposed.

 
Information Source:
Dataloss DB
records from this breach used in our total: 0

November 13, 2012 Sprechman & Associates, P.A.
Miami, Florida
BSF INSD

Unknown

An employee may have performed unauthorized searches on clients.  The employee is no longer with the company.  Names, Social Security numbers, addresses, dates of birth, and driver's license numbers may have been exposed.  The potential breach was discovered in July and clients were notified in October after their contact information was confirmed.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

November 10, 2012 Gulf Coast Health Care Services
Pensacola, Florida
MED INSD

13,000 (No SSNs or financial information reported)

A network security incident resulted in the expose of patient information.  The breach occurred on August 17.

UPDATE (11/26/2012): An employee accessed and downloaded patient information without authorization or a legitimate purpose on five occasions between June 29 and September 20 of 2012.  Gulf Coast Health Care Services discovered the issue on September 26.  Patients who were seen between 1992 and September 20, 2012 may have had their names, addresses, dates of birth, and phone numbers accessed.  It appears that the employee was accessing the data for the purpose of helping outside practitioners recruit patients to their own practices.  The incident was reported to the FBI, the Sarasota Police Department, and the Florida Department of Law Enforcement. 

This entry on the Privacy Rights Clearinghouse Chronology of Data Breaches was previously listed as a hack and was reclassified as an insider breach based on new information.

 
Information Source:
HHS via PHIPrivacy.net
records from this breach used in our total: 0

November 10, 2012 Baptist Physicians Lexington
Lexington, Kentucky
MED PORT

2,376 (No SSNs or financial information exposed)

A device with patient information was discovered lost or stolen on August 15.  

 
Information Source:
HHS via PHIPrivacy.net
records from this breach used in our total: 0

November 14, 2012 Adobe
San Jose, California
BSO HACK

230 (No SSNs or financial information reported)

A hacker released the names, email addresses, and encrypted passwords of 230 members of Adobe's company database.  The hacker claimed to have access to over 150,000 records.  Adobe announced that it would reset approximately 150,000 passwords of members of the Connectusers.com site.

UPDATE (11/14/2012): The 230 people who were affected also had their titles, affiliated organizations, and usernames exposed.  A number of those affected were associated with U.S. government agencies such as the Department of Transportation, the Department of Homeland Security, the U.S. State Department, and the Federal Aviation Administration.

 
Information Source:
Databreaches.net
records from this breach used in our total: 0

November 13, 2012 National Aeronautics and Space Administration (NASA)
Washington, District Of Columbia
GOV PORT

10,000 (No SSNs or financial information reported)

An October 31 theft of a NASA laptop and sensitive NASA documents from an employee's locked car resulted in the exposure of employee information.  Contractors and other non-employees associated with NASA were also affected.  Employees are encouraged to be suspicious of communication from individuals claiming to be from NASA. It may take up to 60 days to send official notifications to those who were affected.

UPDATE (12/14/2012): Up to 10,000 employees and people associated with NASA may have been affected.  

 
Information Source:
Databreaches.net
records from this breach used in our total: 0

November 13, 2012 Chicago Board of Elections Commissioners
Chicago, Illinois
GOV DISC

1,200 (No SSNs or financial information reported)

The sensitive information of Chicago voters was exposed online due to a mistake by the election authority. A database that included names, the last four digits of Social Security numbers, addresses, and drivers license numbers was accidentally placed online in a publicly accessible place.  Only people who applied to work for the board in Chicago polling places on Election Day were determined to have been affected.  

A forensic investigation firm believes that as many as 1.7 million registered voters had their names, addresses, and voter registration numbers exposed. However the Chicago Board does not believe that information should be considered sensitive.

 
Information Source:
Databreaches.net
records from this breach used in our total: 0

November 11, 2012 Labelmaster (American Labelmark Company)
Chicago, Illinois
BSO HACK

Unknown

A hacker accessed the e-commerce site labelmaster.com.  Customer names, addresses, credit card numbers, and credit card expiration dates were exposed.  

 
Information Source:
Databreaches.net
records from this breach used in our total: 0

November 10, 2012 Bob Ward & Sons
Bozeman, Montana
BSR HACK

Unknown

The Bob Ward & Sons website was hacked on June 6, 2011.  Customers who made online purchases between May 31 and August 3 of 2012 may have had their names, addresses, and credit card information exposed.  Ward became aware of the issue when he received a notice from Discover that revealed some customers had experienced fraudulent charges.  

 
Information Source:
Databreaches.net
records from this breach used in our total: 0

October 27, 2012 Department of State Bureau of Consular Affairs
Washington, District Of Columbia
GOV INSD

Unknown

A dishonest employee misused sensitive information in a State Department database to obtain fraudulent credit cards.  He was part of a conspiracy sometime during his employment between September 2007 and March 2008.  The group of conspirators successfully obtained $71,774 and attempted to obtain an additional $133,494 in fraudulent transactions.  The dishonest employee pled guilty to conducting illegal transaction with credit cards and agreed to pay $71,774 in restitution.

 
Information Source:
Databreaches.net
records from this breach used in our total: 0

October 12, 2012 Army Material Command
Huntsville, Alabama
GOV PHYS

400 (Unknown number of SSNs)

An employee transported a hard copy of sensitive employee documents home.  The employee is not believed to have took the information for fraudulent or criminal activity.

 
Information Source:
Databreaches.net
records from this breach used in our total: 0

October 12, 2012 FEI Company
Hillsboro, Oregon
BSR PORT

Unknown

The August 29 theft of a laptop resulted in the exposure of employee information.  Employee names, Social Security numbers, information related to taxpayer I.D., dates of birth, home addresses, and employment information such as salaries were exposed.

 
Information Source:
Databreaches.net
records from this breach used in our total: 0

November 29, 2012 WestCoast Children's Clinic
Oakland, California
MED DISC

Unknown

A referral document containing sensitive information was accidentally sent in an email to an unauthorized recipient.  Patient names, Social Security numbers, dates of birth, addresses, and health concerns were sent to a county social worker. The county social worker deleted the sensitive email and any other existing copies of the document were securely deleted from the network.  

The WestCoast Children's Clinic will not provide referral forms to outside agencies in order to protect against future inadvertent sharing of private information.  Disciplinary actions will also be taken against the employees involved in the privacy breach.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

November 30, 2012 Inova Fairfax Hospital Cardiac Care Center, Inova Fair Oaks Hospital
Fairfax, Virginia
MED CARD

Unknown

Someone discovered card skimming devices at an ATM near a gift shop of the Inova Fairfax Hospital Cardiac Care Center and at an ATM next to the Inova Fair Oaks Hospital cafeteria.  One device was discovered by a hospital employee who attempted to use the ATM and witnessed the skimmer fall from the ATM.  A skimming device was previously discovered at the same Inova Fairfax Hospital Cardiac Care Center ATM in September.  It is unclear how long the devices were there and people who used them are urged to check their financial statements.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

November 29, 2012 St. Catherine Medical Center
Ashland, Pennsylvania
MED PHYS

Unknown

Sensitive patient and employee records were left unsecured in the abandoned medical center.  A November 10 auction of office equipment and computers was held in the medical center, but one person reported seeing piles of sensitive documents and being able to access sensitive items like badges of former employees. The person provided pictures of personnel records and other items that should have been secured. A representative speaking on behalf of those responsible for safeguarding private information responded that the pictures were taken behind an area that had been secured with a rope. Additionally, the person claims that one of the computers that was purchased at the auction still contained sensitive information.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

November 29, 2012 Vidant Pungo Hospital
Belhaven, North Carolina
MED PHYS

1,100 (No SSNs or financial information reported)

Patient information was exposed by the accidental disposal of paper jackets with old radiology films.  Patient information such as name, address, age, date of birth, race, sex, name of radiology procedure and radiology procedure date was exposed.  The paper jackets were sent to a local landfill.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

November 28, 2012 Westside Park Elementary School Based Health Center
Adelanto, California
MED PHYS

1,370 (No SSNs or financial information reported)

A burglary sometime around October 1 may have resulted in the exposure of patient names, Social Security numbers, phone numbers, addresses, dates of birth, health conditions, medications, and other health information.  The information was in a locked room that was accessed, but it appears that none of the paper records were stolen.  Thieves took a television and other items. 

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

November 27, 2012 Soundental Associates P.C.
West Haven, Connecticut
MED PORT

Unknown

A bag of personal items and back-up media cartridges from Soundental was stolen from an employee's car on September 24.  The back-up cartridges had patient names, addresses, treatment records, and dates of birth.  Social Security numbers were also exposed in some cases.  The cartridges had been scrambled to prevent easy access.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

November 27, 2012 Long Chiropractic
Dayton, Ohio
MED PHYS

Unknown

A November 26 office burglary may have resulted in the theft of patient records.  A safe with computer disks and a laptop computer were stolen.  It is unclear if either contained sensitive patient information.  The burglars were in the office for 15 minutes and may have taken or viewed sensitive patient information in other areas.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

November 27, 2012 University of Arkansas for Medical Sciences (UAMS)
Little Rock, Arkansas
MED INSD

1,500 (No SSNs or financial information reported)

Anyone who was a patient at UAMS and had surgery or was seen by a neurosurgeon from January 2010 to June 2010 may call UAMS toll-free hotline at 888-729-2755 to learn if they were affected by the breach.

A former resident doctor kept the personal information of about 1,500 patients as part of a lawsuit she filed against UAMS.  She also claimed to have kept the information for research purposes.  UAMS became aware of the issue on October 9 when the former resident doctor used the documents as part of her lawsuit.  UAMS learned that she kept additional documents on November 7 and had provided them to UAMS attorneys on June 25. Some patients had their names, addresses, dates of birth, medical record numbers, and dates of service exposed.  Other patients had their ages, locations of care, dates of service, diagnoses, medications, surgical procedures, procedure names, and lab results exposed.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

November 24, 2012 CHRISTUS St. John Hospital
Houston, Texas
MED PORT

Unknown

An unencrypted flash drive was discovered lost or stolen on September 25.  It contained patient names, Social Security numbers, dates of birth, health insurance information, diagnoses, and progress notes.  The information came from patients who participated in the St. John Sports Medicine Program and were treated between January 1, 2011 and July 31, 2012.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

December 1, 2012 University of Virginia Medical Center, Continuum Home Infusion
Charlottesville, Virginia
MED PORT

1,846 (Unknown number of SSNs)

A handheld electronic devices used by Continuum pharmacists was discovered missing on October 5.  The device was not encrypted and contained patient names, addresses, diagnoses, medications, and health insurance identification numbers.  Some health insurance identification numbers were Social Security numbers or contained Social Security numbers.  Patients who received services from Continuum during the month of September 2012 and potential patients who were referred to Continuum between August 2007 and September 2012.  Notifications were sent on November 30.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

June 7, 2012 Wounded Warrior Project
Jacksonville, Florida
NGO HACK

22 (No SSNs or financial information exposed)

Hackers accessed and leaked information from the Wounded Warrior Project website.  A total of 22 administrator accounts with encrypted passwords and emails were released.  The hackers did not release the full database of thousands of users' information out of respect to the U.S. military.

 
Information Source:
Databreaches.net
records from this breach used in our total: 0

December 7, 2012 Pinkerton Government Services (PGS)
Washington, District Of Columbia
BSO STAT

Unknown

The November 15 office theft of several computers may have resulted in the exposure of current and former employee information.  PGS believes that the computers were stolen for their hardware and software value rather than the information they contained.  Some former and current PGS employees had their names, addresses, Social Security numbers, and possibly other types of information exposed.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

December 10, 2012 Accume Partners, WeiserMazars
Moorestown, New Jersey
BSF PORT

Unknown

The October 10 theft of a laptop resulted in the exposure of sensitive information.  A WeiserMazars employee had a laptop stolen that contained names, Social Security numbers, and in some cases, addresses, dates of birth, 401(k) information, and payroll information for Accume Partner 401(l) Plan participants.  WeiserMazars audits the statement of net assets available for Accume Partner's 401(k) plan.  WeiserMazars notified Accume Partners on October 31 and Accume Partners sent notifications to those who may have been affected on November 16.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

December 4, 2012 Surgical Associates of Utica, Quanterion Solutions, Inc.
Utica, New York
MED STAT

1,017 (No SSNs or financial information reported)

The theft of a network server on or around September 18 may have resulted in the exposure of sensitive patient information.  A notification was sent to the US Department of Health and Human Services (HHS) on November 16.

 
Information Source:
HHS via PHIPrivacy.net
records from this breach used in our total: 0

December 10, 2012 ABQ Health Partners
Albuquerque, New Mexico
MED PORT

Unknown

A laptop computer was discovered lost or stolen.  It contained a spreadsheet of patient names, dates of birth, health plan ID numbers, and diagnosis information.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

December 13, 2012 Walgreens
San Diego, California
BSR PHYS

Unknown

At least 36 Walgreens stores in San Diego County had violations.  Over 600 Walgreens stores in California counties such as Alameda, Riverside, Los Angeles, San Joaquin, Solano, Monterey, and Yolo were also involved in the lawsuit.

Walgreens was ordered to pay $16.57 million as a part of a settlement of a civil environmental prosecution.  Walgreens was accused of illegally dumping hazardous waste as well as confidential customer medical information.  It is unclear what type of customer medical information was mishandled.

UPDATE (12/13/2012): The civil enforcement lawsuit was first filed in Alameda County in June of 2012.  It was the result of investigations that took place in San Diego County in the summer and fall of 2011. Investigators discovered that "Walgreens routinely and systematically sent hazardous waste to local landfills and failed to take measures to protect" customer medical privacy.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

December 10, 2012 West Pittsburgh Partnership
Pittsburgh, Pennsylvania
NGO PHYS

Unknown

A concerned citizen investigated a pile of documents next to a dumpster.  The documents contained names and Social Security numbers.  A local news team responded to the story and contacted a representative from West Pittsburgh Partnership.  West Pittsburgh Partnership began an investigation into how the job placement program documents dating back to 1992 were exposed.

 
Information Source:
Databreaches.net
records from this breach used in our total: 0

December 12, 2012 Wilton Brands, LLC.
Woodridge, Illinois
BSR HACK

Unknown

Wilton learned that a malicious user was able to view user information between July 19 and October 2 of 2012.  The user had added a file to a computer server that hosts www.wilton.com and www.copco.com.  Names, addresses, telephone numbers, and payment card numbers, expiration dates, and security codes may have been accessed.  The discovery was made sometime around October 31 and notifications were sent on December 10.

The malicious user was unable to access payment card information between October 2 and the discovery of the breach on October 31 because Wilton changed its payment processing system on October 2.  Wilton took additional security measures after learning of the breach on or around October 31.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

December 12, 2012 Mt. Diablo Unified School District
Concord, California
EDU STAT

Unknown

A December 1 office burglary resulted in the theft of an unencrypted computer.  The computer contained files that included current and former Mt. Diablo Unified School District employee names, Social Security numbers, dates of birth, and addresses.  People who were employees between 1998 and 2010 may have been affected.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

December 13, 2012 Yolo Federal Credit Union
Woodland, California
BSF CARD

Unknown

A skimming device on an ATM resulted in fraudulent transactions on over 800 accounts.  The fraudulent transactions appear to date from October 27, 2012 to November 7, 2012. It is not clear how many skimming devices were involved and where they were located.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

December 17, 2012 Library Systems and Services, LLC
Germantown, Maryland
BSO PORT

Unknown

A laptop was discovered lost or stolen on November 5, 2012.  The possible theft is presumed to have taken place sometime around October 31, 2012.  The laptop may have contained employee names, Social Security numbers, addresses, and dates of birth.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

December 17, 2012 World Travel Holdings (WTH)
Wilmington, Massachusetts
BSO HACK

Unknown

CruiseOne and Crusies Inc. are affiliated with WTH and also mailed notifications to their customers.

An unauthorized party accessed WTH's booking system by misusing the log-in credentials of an authorized user.  Encrypted credit card numbers and expiration dates that were stored and could be decrypted in the system were exposed.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

December 19, 2012 New Jersey Department of Health
Trenton, New Jersey
GOV DISC

480 (No SSNs or financial information reported)

Over 480 registered medical marijuana patients received an email from the New Jersey Department of Health.  The email instructed them not to call New Jersey or the dispensary in Montclair to make an appointment.  The email did not hide the email addresses of the recipients.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

December 18, 2012 Western University of Health Sciences
Pomona, California
EDU DISC

Unknown

Western University of Health Sciences' BanWeb Self-Service Federal Work Study reports were accessible to people who used BanWeb with a Western University of Health Sciences user ID and password.  The reports contained names, Social Security numbers, and direct deposit bank account information in some cases. The information was available for an unspecified amount of time. Western University of Health Sciences conducted an investigation and reported that there was no reason to believe sensitive information was accessed by unauthorized BanWeb users.  Western University of Health Sciences disabled access to the reports after learning about the breach on November 14. Notifications were sent on December 18.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

December 20, 2012 Jetro, Restaurant Depot
College Point, New York
BSR CARD

Unknown

Customers who used payment cards in several store locations discovered fraudulent charges on their debit and credit cards.  It is unclear if a breach affected the physical machines in the stores or if the payment processing system was hacked.  The company discovered the issue on December 4 and an investigation revealed that the intrusions began on November 7, 2012.  Anyone who used their payment card in a store between November 7 and December 5 of 2012 should closely review their financial statements.  Customers are also warned to be suspicious of phishing emails or phone calls.  Customers should not give their information out over the phone or respond to emails asking for sensitive information.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

December 22, 2012 Coastal Behavioral Healthcare, Inc.
Sarasota, Florida
MED PHYS

4,907 (No SSNs or financial information reported)

Numerous documents containing patient information were found in a vehicle during a traffic stop.  A law enforcement officer notified Coastal Behavioral Healthcare of the potential breach on October 10, 2012.  The documents contained a list of 136 Coastal Behavioral Healthcare patient names and identifying information dated April 2011.  It is unclear how the information was breached and how many additional patients may have been affected.

 
Information Source:
HHS via PHIPrivacy.net
records from this breach used in our total: 0

December 22, 2012 Office of Dr. James M. McGee
Stone Mountain, Georgia
MED PHYS

1,306 (No SSNs or financial information reported)

The September 19 theft of paper records may have resulted in the exposure of dental patient information.  

 
Information Source:
HHS via PHIPrivacy.net
records from this breach used in our total: 0

December 22, 2012 Robbins Eye Center
Bridgeport, Connecticut
MED UNKN

1,749 (No SSNs or financial information reported)

The data of 1,749 patients was stolen during an October 7 incident.  

 
Information Source:
HHS via PHIPrivacy.net
records from this breach used in our total: 0

December 22, 2012 Vidant Pungo Hospital
Belhaven, North Carolina
MED PHYS

1,100 (No SSNs or financial information reported)

Paper jackets that held radiology films were thrown away with office trash instead of being properly discarded.  The paper jackets contained names, addresses, dates of birth, ages, sex, race, and information on dates and names of radiology procedures prior to May of 2012.  The paper jackets are believed to have been picked up by a sanitation company and discarded in a landfill.

 
Information Source:
HHS via PHIPrivacy.net
records from this breach used in our total: 0

Breach Total
867,217,832 RECORDS BREACHED
(Please see explanation about this total.)
from 4,257 DATA BREACHES made public since 2005
Showing 3701-3750 of 4257 results


X

Sign In!

Loading