Chronology of Data Breaches
Security Breaches 2005 - Present

Posted Date: April 20, 2005
Updated Date: December 31, 2013

Is this your first visit to our Chronology of Data Breaches?

  • Read our FAQ about what we define as a breached record, how we calculate the "total" records breached, our data sources, state breach notice laws, studies and other resources

  • Learn how to use our Chronology and take advantage of its sophisticated search and sort features

  • Get our RSS Feed to see when we add new breaches to the list

What would you like to do?


Click or unclick the boxes then select go.


Select features, then click GO.



Help Guide

Can't find the sort feature you're looking for? Click here to download a CSV file of the data breach list as it exisits today.
Breach Total
872,715,019 RECORDS BREACHED
(Please see explanation about this total.)
from 4,391 DATA BREACHES made public since 2005
Date Made Public Name Entity Type
February 11, 2013 American HomePatient Inc., LifeGas
Brentwood, Tennessee
MED PORT

1,103 (No SSNs or financial information reported)

A laptop was stolen or discovered stolen on October 11, 2012.  The incident appeared on the HHS website in February of 2013.

 
Information Source:
HHS via PHIPrivacy.net
records from this breach used in our total: 0

February 11, 2013 Riderwood Village
Baltimore, Maryland
MED PORT

3,230 (No SSNs or financial information reported)

Five laptops were stolen during the weekend of November 17, 2012.  They did not contain Social Security numbers and did contain unspecified personal information of patients.  A notice about the incident was sent on January 18, 2013 and the breach appeared on the HHS website in February of 2013.

 
Information Source:
HHS via PHIPrivacy.net
records from this breach used in our total: 0

February 19, 2013 Hotusa Group
,
BSR HACK

Unknown

Hotusa Group is headquartered in Barcelona, Spain.

A server breach or other incident related to credit cards may have affected people who used their American Express cards at locations linked to Hotusa Group's servers.  Account numbers, names, credit card expiration date, and other credit card information may have been exposed for American Express and other cards. The incident occurred on August 24, 2012.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

February 20, 2013 Mid-Florida Urological Associates
Orlando, Florida
MED INSD

Unknown

A dishonest employee misused patient information in order to claim them as her children and receive insurance compensation.  The dishonest employee was charged with insurance fraud and ID theft.

UPDATE (02/22/2013): Orlando Health patient records were accessed.  The Orlando Health hospitals include MD Anderson Cancer Center Orlando, Orlando Regional Medical Center, Winnie Palmer Hospital for Women and Babies, Dr. P. Phillips Hospital, Arnold Palmer Hospital for Children, South Seminole Hospital, South Lake Hospital, and Health Center Hospital.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

February 21, 2013 Zendesk
San Francisco, California
BSR HACK

Unknown

An official notice can be found here: http://www.zendesk.com/blog/weve-been-hacked.

Those with questions may call (415) 287-9976.

A hacker accessed Zendesk information that was online.  Three clients who use Zendesk to store information had user lists downloaded by the hacker.  Users who contacted those clients for support may have had their email addresses and the subject lines of those email addresses accessed.

UPDATE (02/22/2013): Tumblr, Twitter, and Pinterest were the affected clients. Twitter let users know that emails, phone numbers, Twitter usernames, and any other information that was provided to Twitter may have been exposed.  Passwords were not compromised.

 
Information Source:
Media
records from this breach used in our total: 0

February 22, 2013 NBC.com
New York, New York
BSO HACK

Unknown

NBC's website was attacked by malware in the form of a Citadel Trojan.  The purpose of the attack was most likely to steal usernames, passwords, and other personal information.  NBC is unclear on how the malware entered their system.

 
Information Source:
Media
records from this breach used in our total: 0

February 22, 2013 Minnesota Department of Natural Resources, Minnesota Department of Motor Vehicles
Little Falls, Minnesota
GOV INSD

5,000 (No SSNs or financial information reported)

An employee working as an administrative manager in the Enforcement Division viewed the DMV information of around 5,000 people outside of work hours and for no job-related reason.  His activities between January 2008 and October 2012 were discovered and he was discharged on January 11, 2013.  It is believed that the driver's license and other motor vehicle record information was viewed for curiosity and not malicious purposes.

UPDATE (05/01/2013): A group of people who had their driver's license information accessed filed lawsuits against Minnesota.  The state asked the federal judge hearing the case to dismiss the motions and argued that the state isn't liable under a federal law that protects the privacy of driver's license data.  The employee responsible for the breach is facing criminal charges; though the breach may not have been for malicious purposes.

UPDATE (08/07/2013): The lawsuit was filed against other state employees as well as the employee responsible for the breach.

UPDATE (9/25/2013): A district court dismissed the lawsuit.  The judge ruled that state agencies are not liable for a rogue employee's actions.  The case against the dishonest employee is still active.  The liability of the employee's supervisors has been limited and they will not pay damages for the breach.

 
Information Source:
Media
records from this breach used in our total: 0

February 19, 2013 Kork and Keg
Greencastle, Indiana
BSR HACK

Unknown

Fraudulent activity on the accounts of DePauw University students was linked to Kork and Keg.  It is not clear how the store's payment system was compromised; however it was a common link among those who had their accounts breached.  Kork and Keg did not make a statement.

 
Information Source:
Media
records from this breach used in our total: 0

February 18, 2013 Express Scripts, Ernst & Young
St. Louis, Missouri
BSF DISC

Unknown

A partner at Ernst & Young is accused of sneaking into the headquarters of Express Scripts Holding Co.  It is not clear how the Ernst & Young partner got into the headquarters, but it is believed that he emailed over 20,000 pages of data to a personal account.  Express Scripts Holding Co. accused Ernst & Young of stealing the information in order to develop its health care division. Express Scripts Holding filed a lawsuit; the accused partner is no longer employed by Ernst & Young.

 
Information Source:
Media
records from this breach used in our total: 0

February 5, 2013 U.S. Department of Energy
Washington, District Of Columbia
GOV HACK

Unknown

The U.S. Department of Energy discovered that unidentified malicious activity had been detected on 14 servers and 20 workstations in January.  The personal information of several hundred employees was exposed.  The U.S. Department of Energy had known about the need to patch computers, network ssytems, and servers since 2012.

 
Information Source:
Media
records from this breach used in our total: 0

February 13, 2013 Los Angeles Times, OffersandDeals.latimes.com
Los Angeles, California
BSO HACK

Unknown

The Los Angeles Times learned that a segment of its website housed malicious code for six weeks.  The subdomain OffersandDeals.latimes.com redirected visitors to a malicious website.  The website then used code to receive compensation for web traffic.  The compromise appears to have occurred sometime before December 23, 2012.  An LA Times spokesperson initially responded to the breach by claiming that a glitch in Google's display ad exchange had caused a malicious script warning rather than actual malicious script.

 
Information Source:
Media
records from this breach used in our total: 0

February 14, 2013 FCC, Emergency Alert System
Washington, District Of Columbia
GOV HACK

Unknown

The Emergency Alert Systems (EAS) of several TV stations nationwide were hacked and alerted people to a fictitious zombie attack.  The FCC ordered local broadcasters to change their passwords on EAS equipment and check the security of firewalls before resuming normal internet connections.

 
Information Source:
Media
records from this breach used in our total: 0

February 14, 2013 Häagen-Daz
Tampa, Florida
BSR HACK

Unknown

Anyone who made a purchase at the Häagen-Daz inside the food court in International Plaza since April of 2012 may have been affected by identity theft.  A flash drive that contained key-logger software was connected to a register at the store.  It recorded payment card transactions and allowed thieves to make counterfeit credit cards.  Two men were arrested in June of 2012 for using fraudulent card information and that information was later linked to the Häagen-Daz shop.

 
Information Source:
Media
records from this breach used in our total: 0

February 13, 2013 Jawbone
San Francisco, California
BSR HACK

Unknown

Hackers were able to access Jawbone's MyTALK customer accounts for several hours.  Names, email addresses, and encrypted passwords were exposed.  Any customers who were affected received an email warning them to reset their passwords.

 
Information Source:
Media
records from this breach used in our total: 0

February 8, 2013 United States Federal Reserve, Grand Banks Yachts
Washington, District Of Columbia
GOV HACK

Unknown

The hacking group known as Anonymous claimed responsibility for a hack of the Alabama Criminal Justice Center and indicated that they had access to US Federal Reserve servers. Some internal documents were also exposed.  The hack attack was a response to the US Federal Reserve's reaction, or failure to react, to the February 4 hack of the Alabama Criminal Justice Center.  Anonymous released a document showing that they had extensive access to US Federal Reserve servers and internal documents.  Anonymous hacked into the Grand Banks Yachts website and used it to host a file that contained the document.

UPDATE (08/23/2013): Federal Reserve employee data was posted on a website.  Phone numbers, emails, and other Federal Reserve employee information was placed on a publicly accessible spreadsheet.  Anonymous claims to have full details of every Federal Reserve Bank of America employee.  The information may have been from the breach in February.  

 
Information Source:
Media
records from this breach used in our total: 0

February 25, 2013 Mercedes-Benz of Walnut Creek
Walnut Creek, California
BSR PHYS

Unknown

A February 7 or 8 office burglary at Mercedes-Benz of Walnut Creek resulted in the exposure of customer information.  Locked file cabinets that contained customer deal files were burglarized and customer files were taken from the Service Department.  The theft was discovered on the morning of February 8 and immediately reported.  Customer names, Social Security numbers, addresses, credit reports, driver's license information, insurance information, and credit card numbers may have been exposed.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

February 26, 2013 Massachusetts Mutual Life Insurance Company, Convey Compliance Systems, Inc.
Springfield, Massachusetts
BSF DISC

Unknown

An error at Convey Compliance Systems, Inc. resulted in 1099 forms being mailed to incorrect addresses.  The 1099 forms contained names, Social Security numbers, tax identification numbers, and addresses.  The financial information of some Massachusetts Mutual Life Insurance Company clients was exposed.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

February 28, 2013 First National Bank of Southern California
, California
BSF PORT

Unknown

The city in which the theft occurred was not revealed.

A back-up tape that contained First National Bank of Southern California client information was stolen on February 1, 2013 from a data service provider.  Social Security numbers, taxpayer identification numbers, account balances, and account numbers were exposed.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

March 1, 2013 Samaritan Hospital, Rensselaer County Jail
Troy, New York
MED INSD

Unknown

A nursing supervisor of Rensselaer County Jail was found to have misused credentials to access patient records without cause.  The Rensselaer County Jail information is maintained by Samaritan Hospital.  The hospital learned of the breach in November 2011, disabled the employee's account, and notified the sheriff's office immediately.  Subsequently, the Hospital may have delayed notifying patients because of the ongoing investigation.  Notifications were sent out during the first week of March in 2013.

UPDATE (04/01/2013): A total of 48 people have been notified.  Patients from as far back as 2006 may have been affected.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

February 26, 2013 First Choice Home Health Care Services Inc., Reliance Home Care, LLC
Detroit, Michigan
MED INSD

Unknown

A group of co-conspirators used Medicaid information from Medicare beneficiaries in and near Detroit to defraud Medicaid and file for $24.7 million in fraudulent claims.  The fraud took place between 2008 and May of 2012.  Hundreds of patients had their information misused so that co-conspirators could bill Medicare for psychotherapy, home health services, and other medical services.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

March 1, 2013 Bank of Hawaii, First Hawaiian Bank
Oahu, Hawaii
BSR HACK

Unknown

An unnamed restaurant in Oahu experienced a computer system breach.  Customers who visited the restaurant during a period in February had their credit and debit cards blocked by Bank of Hawaii and First Hawaiian Bank when the breach was discovered.  Not all of the payment cards that were blocked had been compromised.

 
Information Source:
Media
records from this breach used in our total: 0

February 27, 2013 Information Handling Services, Inc. (IHS)
Englewood, Colorado
BSO HACK

Unknown

Hackers breached the servers of IHS and may have been able to access credit card, customer, and nuclear information.  IHS does not believe that confidential information was compromised.  However, the hacker group claimed to have obtained the records of 8,500 customers. The hacker group is known to attack sites in order to further their goal of revealing sensitive nuclear data to pressure the Israeli government and others into disclosing their nuclear activities.

UPDATE (05/13/2013): The unauthorized parties acquired the relevant data from the IHS Jane's environment on or about November 22, 2012.

 
Information Source:
Media
records from this breach used in our total: 0

February 27, 2013 Bit9, Inc.
Waltham, Massachusetts
BSO HACK

Unknown

Hackers were able to exploit a vulnerability in a web application and use an SQL injection.  The breach occurred in July of 2012, however the server was shut down until January of 2013. Hackers then used Bit9's systems to attack other organizations who relied on Bit9 as a security platform vendor.  Three unnamed companies were affected.  The vulnerability was caused by Bit9 failing to install its own security software.

 
Information Source:
Media
records from this breach used in our total: 0

March 1, 2013 Fabric Depot
Portland, Oregon
BSR HACK

Unknown

On January 7, 2013 Fabric Depot became aware of a breach that had occurred sometime around October 16, 2012.  Fabric Depot changed their online payment system and notified customers.  Customer names, credit card numbers, credit card verification codes, debit card numbers, and account billing addresses may have been exposed.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

March 4, 2013 TD Bank, N.A.
Cherry Hill, New Jersey
BSF PORT

Unknown

Two backup tapes with customer and customer dependent names, Social Security numbers, addresses, account numbers, debit card numbers, and credit card numbers went missing while being transported between two TD Bank office locations in March of 2012.  

 
Information Source:
California Attorney General
records from this breach used in our total: 0

March 4, 2013 The Prudential Insurance Company of America, Unisys
Newark, New Jersey
BSF DISC

Unknown

An administrative error resulted in documents with sensitive information from Unisys members being emailed to an incorrect party associated with Unisys. The mistake occurred on December 13, 2012.  The document may have contained names, Social Security numbers, dates of birth, and salary information. The mistake was immediately noticed by the recipient and the information was deleted from their computer.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

March 4, 2013 Family Intervention Services
Hiram, Georgia
MED PHYS

Unknown

A caller contacted a local news team member and an investigation of mishandled medical documents began.  The documents were in an unlocked dumpster and contained Social Security numbers, bank account information, addresses, dates of birth, and health information.  The documents were associated with Family Intervention Services and an unnamed orthopedic office.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

March 3, 2013 Evernote
Redwood City, California
BSO HACK

50,000,000 (No SSNs or financial information reported)

Evernote's breach notice can be found here: http://evernote.com/corp/news/password_reset.php.

A hacker or hackers attacked and may have accessed Evernote's online system. Evernote reset all user passwords as a precaution.  User names, email addresses, and encrypted passwords may have been exposed. 

UPDATE (03/09/2013): A total of 50 million users were told to reset their passwords.

 
Information Source:
Media
records from this breach used in our total: 0

March 7, 2013 Uniontown Hospital
Uniontown, Pennsylvania
MED HACK

Unknown

A hacker or hackers accessed patient information and posted it online.  The breach was discovered by a data privacy expert. Uniontown indirectly notified the public of the breach and breach containment after the privacy expert attempted to reach Uniontown Hospital for several days.  Names, encrypted passwords, contact names, email addresses, and usernames may have been exposed.  It is unclear how long the information was available.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

March 8, 2013 University of Connecticut Health Center
Farmington, Connecticut
MED INSD

1,400 (Unknown number of Social Security numbers)

An employee accessed patient records for reasons unrelated to their job function.  The Heath Center became aware of an unauthorized access in January of 2013.  Patient names, addresses, dates of birth, and in some cases health information and Social Security numbers may have been exposed.

 
Information Source:
Media
records from this breach used in our total: 0

February 25, 2013 Sprouts
Phoenix, Arizona
BSR CARD

Unknown

A number of credit card terminals in 19 California and Arizona stores were affected by point-of-sale malware between January 25 and 29.  Credit card and debit card numbers were exposed.  Customer PINs associated with the payment cards were not affected. Sprouts identified the issue within a few days of the breach and updated customer information protection procedures in all of its stores.

 
Information Source:
Media
records from this breach used in our total: 0

February 25, 2013 Capella University
Minneapolis, Minnesota
EDU INSD

Unknown

Capella University's official breach notice can be found here: http://www.atg.state.vt.us/assets/files/Capella%20University%20Security%20Breach

%20Notice%20to%20consumer.pdf

A collection department employee sent sensitive information to a personal email account.  The incident was discovered on January 28 and the employee was fired.  A small group of learners may have had their names, Social Security numbers, and other information that was kept by Capella's collection department exposed.

 
Information Source:
Security Breach Letter
records from this breach used in our total: 0

March 11, 2013 Stanley Black & Decker, Inc.
New Britain, Connecticut
BSR PORT

Unknown

Those with questions or concerns may contact (877) 795-2356.

The theft of an employee's laptop resulted in the exposure of information from employees and people who received checks from Stanley Black & Decker.  Names, and the account numbers and routing numbers associated with direct deposits may have been exposed. The laptop was stolen from a finance employee on January 28.  

 
Information Source:
California Attorney General
records from this breach used in our total: 0

February 15, 2013 Facebook
Menlo Park, California
BSO HACK

Unknown

Facebook's official notification can be found here: http://www.facebook.com/notes/facebook-security/protecting-people-on-facebook/10151249208250766

Facebook discovered that hackers had exploited a vulnerability and accessed unspecified data.  Facebook found no evidence that Facebook user data was compromised.  Malware was installed on a number of employee laptops after a small number of them visited a mobile developer website that turned out to be unsafe. Microsoft, Twitter, and Apple were affected by the same issue around the same time.

 
Information Source:
Media
records from this breach used in our total: 0

February 22, 2013 Microsoft
Redmond, Washington
BSR HACK

Unknown

Microsoft's official notice can be found here: https://blogs.technet.com/b/msrc/archive/2013/02/22/recent-cyberattacks.aspx?Redirected=true

Microsoft security discovered that a number of employee devices were affected by malware.  The employees had visited unsafe websites and downloaded material. It is unclear if the employee devices spread the infection to other areas of Microsoft's network, but Microsoft found no evidence of customer data being affected. Facebook, Twitter, and Apple were affected by a similar issue around the same time.

 
Information Source:
Media
records from this breach used in our total: 0

February 19, 2013 Apple
Cupertino, California
BSR HACK

Unknown

Apple detected malware on employee computers.  A small number of employee computers had been affected after their users went to a website for software developers.  Facebook, Microsoft, and Twitter experienced the same breach around the same time.

 
Information Source:
Media
records from this breach used in our total: 0

January 16, 2013 Utah Department of Health, Goold Health Systems
Salt Lake City, Utah
MED PORT

6,000 (No SSNs or financial information reported)

An employee of Goold Health Systems lost an unencrypted USB memory stick that contained the information of around 6,000 Medicaid recipients in Utah.  Goold Health Systems is a contractor for the Utah Department of Health.  Medicaid recipient names, Medicaid identification numbers, ages, and recent prescription drug use were on the memory stick.  The memory stick was lost during travel between Salt Lake City, Denver, and Washington.  The loss was confirmed on Tuesday, January 15.  

 
Information Source:
Media
records from this breach used in our total: 0

January 13, 2013 Advanced Micro Devices (AMD), Nvidia
Sunnyvale, California
BSR INSD

Unknown

Four managers who left AMD to work for Nvidia are being sued by AMD for intellectual property theft.  AMD accused the former employees of setting up a spying ring in the company before leaving to work for rivaling company Nvidia.  One of the managers is accused of using two external hard drives to download Microsoft Outlook email files, licensing agreements, and strategic plans from his work computer before leaving AMD in July of 2012. Another employee is accused of taking an AMD technical work and development database with over 200 files.  The four employees are accused of taking over 150,000 documents.

 
Information Source:
Media
records from this breach used in our total: 0

April 9, 2012 Intel, Advanced Micro Devices (AMD)
Hudson, Massachusetts
BSR INSD

Unknown

A former Intel employees pleaded guilty to stealing documents for competitive advantage.  The employee worked for AMD at the time of the theft and was able to retain access to some of Intel's processor designs and chip fabrication process documents.  He used his vacation time from Intel to begin working at AMD.  The dishonest employee was charged with one count of stealing trade secrets for stealing a stack of documents in 2008 and four counts of wire fraud.  Intel valued the documents at between $200 million and $400 million.

 
Information Source:
Media
records from this breach used in our total: 0

March 15, 2013 Tribune Co.
Sacramento, California
BSO INSD

Unknown

A former employee revealed a password and username combination for Tribune Co. to hackers.  The hackers were part of anonymous and used the information to access Tribune Co.'s servers in 2010.  A number of online stories that had been published through Tribune Co. were defaced by hackers as a result.  

The former employee of a TV station owned by Tribune Co. was indicted on charges of conspiracy to cause damage to a protected computer, transmission of malicious code, and attempted transmission of malicious code.

UPDATE (04/23/2013): The former employee worked at Reuters as a deputy social media editor at the time of the cyber attack.  He was fired from Reuters in April of 2013.

 
Information Source:
Media
records from this breach used in our total: 0

March 19, 2013 Subway
, California
BSR HACK

Unknown

No specific California city was involved.  Subway restaurants in California, Massachusetts, and Wyoming were involved.

A former owner of a Subway franchise used software from his new job to access the computer systems of Subway restaurants.  The former owner sold point-of-sale software to Subway restaurants across the country and then worked with an accomplice to remotely hack into at least 13 Subway point-of-sale systems.  The fraud began in 2011.  Fraudulent Subway gift cards totaling at least $40,000 were created.  Two of the California participants were indicted on March 6.

 
Information Source:
Media
records from this breach used in our total: 0

March 19, 2013 General Services Administration (GSA)
Washington, District Of Columbia
GOV DISC

Unknown

GSA users may have been able to view the financial information and trade secrets of other GSA users due to a security vulnerability.  The specific database that was affected is called the System for Award Management (SAM).  Contractor and vendor registration records are cataloged by SAM.  It is not clear how GSA became aware of the issue or how long it was a problem.  Agency officials revealed that users could purposefully or inadvertently view the information of other users after following a series of steps.

UPDATE (03/23/2013):  Users had Social Security numbers and tax identification numbers exposed.

 
Information Source:
Media
records from this breach used in our total: 0

March 16, 2013 Lawrence Melrose Medical Electronic Record, Inc.
Melrose, Massachusetts
MED INSD

Unknown

Patients at Baystate Gastroenterology, Hallmark Health Medical Associates, Main Street Family Practice, and Womens Healthcare Associates were affected.  Patients of Maury Goldman, MD and John Mudrock, MD were also affected.

An employee of Lawrence Melrose accessed patient information for reasons unrelated to their work.  It is unclear what type of patient information was exposed and how many patients were affected.  

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

March 22, 2013 Comfort Inn and Suites
Willard, Missouri
BSO INSD

Unknown

A dishonest employee working at a Comfort Inn and Suites in Willard, Missouri during 2009 worked with a conspirator to misuse the information of hotel customers.  They were ordered to pay restitution of $23,000.  The dishonest employee was sentenced to three years of probation and her accomplice was sentenced to 42 months for aggravated identity theft and conspiracy to commit wire fraud.

 
Information Source:
Media
records from this breach used in our total: 0

March 22, 2013 University of Mississippi Medical Center (UMMC)
Jackson, Mississippi
EDU PORT

Unknown

A laptop used by UMMC clinicians was discovered missing on January 22.  The password-protected laptop contained information from patients who entered the hospital between 2008 and 2013.  Patient names, Social Security numbers, addresses, diagnoses, medications, treatments, dates of birth, and other personal information may have been exposed.

UPDATE (04/25/2013): The laptop may have been lost or stolen in November of 2012.

 
Information Source:
Media
records from this breach used in our total: 0

April 1, 2013 Granger Medical Clinic
West Valley City, Utah
MED PHYS

2,600 (No SSNs or financial information reported)

A total of 2,600 medical appointment records disappeared before they could be shredded.  The records contained patient names, dates of appointments, times of appointments, and reason for appointment.  No medical claim information, financial information, or Social Security numbers were exposed.

 
Information Source:
Media
records from this breach used in our total: 0

March 21, 2013 National Institute of Aerospace, National Aeronautics and Space Administration (NASA)
Hampton, Virginia
NGO INSD

Unknown

A Chinese national who worked as a contractor for the National Institute of Aerospace had access to NASA's Langley Research Center.  He was caught boarding a plane with two external hard drives, two laptops, a memory stick, and an SIM card on March 16.  He originally did not reveal the second laptop, hard drive, and SIM card when detained.  The information he was attempting to steal was not revealed.  

 
Information Source:
Media
records from this breach used in our total: 0

April 5, 2013 Scribd
San Francisco, California
BSO HACK

100,000 (No SSNs or financial information exposed)

A hack affected less than 1% of Scribd's 50 million users. "A few hundred thousand" users had their passwords stolen.  Users who were affected received instructions for resetting passwords.  The passwords were encrypted and it is unlikely that hackers were able to decrypt and use the passwords before Scribd and Scribd users learned of the breach.

 
Information Source:
Media
records from this breach used in our total: 0

April 16, 2013 Schneck Medical Center
Seymour, Indiana
MED DISC

3,000 (no SSNs or financial information reported)

A Schneck Medical Center employee gave a presentation that was later placed online.  People who searched through the files from the presentation could find the names of 3,000 Schneck Medical Center patients.  The presentation was removed from online and Google removed all cached information from the Internet.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

March 22, 2013 United Shore Financial Services, LLC
Troy, Michigan
BSF HACK

Unknown

A computer intrusion resulted in the exposure of names, Social Security numbers, contact information, dates of birth, driver's license numbers, and financial account information. The breach occurred sometime around December 2, 2012. 

 
Information Source:
California Attorney General
records from this breach used in our total: 0

Showing 3851-3900 of 4391 results


X

Sign In!

Loading