Chronology of Data Breaches
Security Breaches 2005 - Present

Posted Date: April 20, 2005
Updated Date: December 31, 2013

Is this your first visit to our Chronology of Data Breaches?

  • Read our FAQ about what we define as a breached record, how we calculate the "total" records breached, our data sources, state breach notice laws, studies and other resources

  • Learn how to use our Chronology and take advantage of its sophisticated search and sort features

  • Get our RSS Feed to see when we add new breaches to the list

What would you like to do?

Chronology of Data Breaches

Custom Sort
Select your desired results. Then click "Go!"

Click or unclick the boxes then select go.


Select features, then click GO.



Help Guide

Can't find the sort feature you're looking for? Click here to download a CSV file of the data breach list as it exisits today.
Breach Total
815,842,526 RECORDS BREACHED
(Please see explanation about this total.)
from 4,489 DATA BREACHES made public since 2005

Save or Print PDF of Entire Breach List including introduction.Save or Print a PDF of Entire Breach List (including introductory FAQ)

Filter breach list before saving or printing PDF. Conduct a search of the Chronology using its sorting features, and Save or Print a PDF of your search results (Select filters)

If you do not have access to PDF, you can print the Chronology in landscape view.

Date Made Public Name Entity Type
June 11, 2012 Eugene School District 4J
Eugene, Oregon
EDU HACK

16,000

An unauthorized person accessed confidential files that contained current and former students' personal information.  Names, Social Security numbers, Dates of birth, student ID numbers, phone numbers, students' free or reduced-price school lunch status, and addresses may have been exposed.  Eugene School District 4J's notification can be read here: http://www.4j.lane.edu/communications/story/2012/06/11/securitybreachinformation

UPDATE (07/12/2012): A minor was arrested for possible involvement in the breach.  It appears that the teenager may have obtained the login credentials of an employee and used them to access the computer system.  Records for approximately 16,000 current students, as well as free and reduced-price lunch records from 2007 were exposed.

UPDATE (08/25/2012): The student was released from custody and expelled by North Eugene High School.  He also posted hundreds of students' confidential information on a computer account to taunt district officials. He is on house arrest and his attorney entered not guilty pleas.

 
Information Source:
Databreaches.net
records from this breach used in our total: 16,000

May 13, 2013 Adobe, Washington Administrative Office of the Courts
Olympia, Washington
BSO HACK

160,000

An official notice can be viewed here: http://www.courts.wa.gov/newsinfo/?fa=newsinfo.displayContent&theFile=dataBreach/commonQuestions

Up to 160,000 people may have had their information exposed by a breach.  Anyone who was booked into a city or county jail int he state of Washington between September of 2011 and December of 2012 may have had their Social Security number exposed.

Additionally, three classes of people may have had their names and driver's license information exposed.  First, people who received a DUI citation between 1989 and 2011 in the state of Washington may have had their names and drivers' license numbers exposed. Anyone who had a traffic case filed or resolved in a district or municipal court between 2011 and 2012 may have been affected. Finally, anyone who had a criminal case in Washington filed against them or resolved between 2011 and 2012 may have had their name and driver's license number exposed.

 

 
Information Source:
Media
records from this breach used in our total: 16,000

August 15, 2013 Harris County
Harris, Texas
GOV HACK

16,000

The information of current and former Harris County employees was found on electronic files in Vietnam.  Names, Social Security numers, and dates of birth were exposed.  The files were from 2005 and 2007 and appear to have been created before Harris County put in place stricter identity theft regulations.

 
Information Source:
Media
records from this breach used in our total: 16,000

April 5, 2005 MCI
Colorado Springs, Colorado
BSO PORT

16,500

A laptop containing names and Social Security numbers of current and former employees was stolen from the car trunk of an MCI financial analyst.  An MCI spokesperson stated that MCI would continue its policy of allowing laptops to be taken home by employees and will evaluate new security technologies.

 
Information Source:
Dataloss DB
records from this breach used in our total: 16,500

June 30, 2006 U.S. Department of Veteran Affairs
Washington, District Of Columbia
GOV PORT

16,500

A data tape disappeared from a VA facility in Indianapolis, IN that contained information on legal cases involving U.S. veterans and included veterans' Social Security numbers, dates of birth and legal documents.

UPDATE (10/11/06): The VA's Office of the General Counsel is offering identity theft protection services to those affected by the missing tape.

 
Information Source:
Dataloss DB
records from this breach used in our total: 16,500

September 14, 2006 Illinois Department of Corrections (IDOC)
Springfield, Illinois
GOV PHYS

16,500

A document containing employees' personal information was found outside the agency's premises where it should not have been. It has since been retrieved. Information included employees' names, SSNs, and salaries.

 
Information Source:
Dataloss DB
records from this breach used in our total: 16,500

December 24, 2008 Federal Emergency Management Agency
New Orleans, Louisiana
GOV DISC

16,857

An unauthorized breach of private information resulted in the information release of 16,857 names, Social Security numbers, phone numbers, and other private details of people who had applied for benefits. The information was flashed on a pair of privately run Web sites, but for how long was unclear.

 
Information Source:
Dataloss DB
records from this breach used in our total: 16,857

February 17, 2006 Mount St. Mary's Hospital
Lewiston, New York
MED PORT

17,000

Two laptops containing dates of birth, addresses and Social Security numbers of patients were stolen in an armed robbery in New Jersey.  The laptops and sensitive files were password protected.  The Hospital contacted those whose information may have been compromised.  St. Mary's is just one of ten hospitals that were affected by the theft.

 
Information Source:
Dataloss DB
records from this breach used in our total: 17,000

April 27, 2006 Long Island Railrad via contractor Iron Mountain
Jamaica, New York
GOV PORT

17,000

Data tapes containing personal information including names, addresses, Social Security numbers and salary figures of virtually everyone who worked for or currently works for the agency were lost.  The lost occurred during delivery by contractor Iron Mountain. Data tapes belonging to the U.S. Department of Veteran's Affairs may also have been affected.

 
Information Source:
Dataloss DB
records from this breach used in our total: 17,000

June 3, 2006 Humana
Louisville, Kentucky
MED DISC

17,000 current and former Medicare enrollees

Personal information of Humana customers enrolled in the company's Medicare prescription drug plans could have been compromised when an insurance company employee called up the data through a hotel computer and then failed to delete the file.

 
Information Source:
Dataloss DB
records from this breach used in our total: 17,000

July 14, 2006 Northwestern University
Evanston, Illinois
EDU HACK

17,000

(888) 209-0097. http://www.northwestern.edu/newscenter/stories/2006/07/data.html 

Files containing names and some personal information including SSNs were on 9 desktop computers that had been accessed by unauthorized persons outside the University. The computers were in the Office of Admissions and Financial Aid.

 
Information Source:
Dataloss DB
records from this breach used in our total: 17,000

October 19, 2006 Allina Hospitals and Clinics
Minneapolis, Minnesota
MED PORT

Individuals in 17,000 households

A laptop stolen from a nurse's car on October 8 contains the names and SSNs of individuals in approximately 17,000 households participating in the Allina Hospitals and Clinics obstetric home-care program since June 2005.

 
Information Source:
Dataloss DB
records from this breach used in our total: 17,000

June 11, 2007 Pfizer
New York, New York
BSO DISC

17,000

866-274-3891

Installation of certain file sharing software on a Pfizer laptop, exposed files containing names, Social Security numbers, addresses and bonus information of present and former Pfizer colleagues. Investigation revealed that certain files containing data were accessed and copied.

 
Information Source:
Dataloss DB
records from this breach used in our total: 17,000

May 2, 2008 Marine Corps Reserve Center
San Antonio, Texas
GOV INSD

17,000

A former U.S. military contractor has pleaded guilty to exceeding authorized access to a computer and aggravated identity theft after he was accused of selling names and Social Security numbers of 17,000 military employees.

 
Information Source:
Media
records from this breach used in our total: 17,000

July 9, 2010 Emily Morgan Hotel
San Antonio, Texas
BSO PHYS

17,000

Identity thieves obtained stacks of credit card receipts from one of the hotel's storage rooms in 2006.  Hundreds of thousands of dollars in fraudulent charges were then made in three different states.  Investigators first became aware of a large identity theft issue in the area during the beginning of 2009.

UPDATE (12/4/2010): The ringleader pleaded guilty to ID theft fraud conspiracy, access device fraud and conspiracy to launder money. Seven other co-conspirators have been identified.

UPDATE (4/7/2011): A former hotel worker faces up to 22 years in prison for stealing customer information and using it to go on a shopping spree.  In 2006, the former employee used credit card receipts from the Emily Morgan hotel in downtown San Antonio to make fraudulent charges totaling $300,000.  This appears to be the one of the largest cases in Alamo City’s history.  The accused former employee pleaded guilty to three charges and is scheduled to be sentenced in July.

 
Information Source:
Databreaches.net
records from this breach used in our total: 17,000

June 25, 2007 UnitedHealthCare
Trumbull, Connecticut
MED INSD

17,000

A former employee had the names, Social Security numbers, dates of birth and addresses of about 127 members. The employee is believed to have participated in fraudulent activity and may have accessed approximately 17,000 members' information during the final 2 1/2 years of his or her employment.

 
Information Source:
Dataloss DB
records from this breach used in our total: 17,000

May 14, 2012 York County, South Carolina
York, South Carolina
GOV HACK

17,000

Hackers gained access to York County's web application server.  It contained two databases with the information of 17,000 job applicants and vendors.  The first database contained about 12,500 names from as far back as 15 years ago.  The second database was newer and contained information that had been collected up until August 29, 2011.  The intrusion was discovered by the county on August 29 and no new applicants or vendors were affected by the breach.  Those who may have been affected were not notified until after a thorough investigation by York County's IT department.  No definitive evidence was found for a breach after the nine-month investigation.

 
Information Source:
Dataloss DB
records from this breach used in our total: 17,000

October 10, 2012 Equifax
Atlanta, Georgia
BSF DISC

17,000

Equifax settled charges with the Federal Trade Commission after it was discovered that Equifax Information Services improperly sold lists of consumer data.  People who were late on their mortgage payments had their information sold to firms that should not have received the information and subsequently resold it to other firms.  Equifax agreed to pay nearly $1.6 million to resolve charges that it violated the FTC and Fair Credit Reporting Acts. The settlement prohibits Equifax from providing prescreened lists to unauthorized parties, having poor procedures for releasing prescreened lists, and selling prescreened lists in certain circumstances.

 
Information Source:
Media
records from this breach used in our total: 17,000

June 5, 2009 Virginia Commonwealth University
Richmond, Virginia
EDU STAT

17,214

A desktop computer was stolen from a secured area within Cabell Library in mid-April. The computer may have contained student names, Social Security numbers and test scores dating from October 2005 to the present. VCU discontinued use of Social Security numbers as ID numbers in January 2007. An additional 22,500 students are being notified that their names and test scores may have also been on the computer. No Social Security numbers were recorded with those names, but computer-generated student ID numbers may have been.

 
Information Source:
Dataloss DB
records from this breach used in our total: 17,214

June 23, 2008 Colt Express Outsourcing Services, CNET Networks
Walnut Creek, California
BSO STAT

17241

Burglars stole computer systems from the offices of the company that administers the Internet publisher's benefit plans. The computers contained names, birth dates, Social Security numbers and employment information of the beneficiaries of CNET's health insurance plans. CNET was only one of several clients affected.

UPDATE (8/26/08): Among the companies whose staffers have been exposed by the Colt break-in in Walnut Creek, California: Google, Bebe Stores, Alston & Bird, and the California Bankers Assn.

 
Information Source:
Dataloss DB
records from this breach used in our total: 17,241

May 23, 2007 Waco Independent School District
Waco, Texas
EDU HACK

17,400

Two high school seniors recently hacked into the district's computer network potentially compromising the personal information including Social Security numbers of students and employees.

 
Information Source:
Dataloss DB
records from this breach used in our total: 17,400

March 20, 2005 Northwestern University
Evanston, Illinois
EDU HACK

17,500

Hackers gained access to multiple computers and gathered user ID and password information from the University's network.  The personal information for around 500 faculty members, 2000 staff members, and 14,000 alumni was compromised. 

 
Information Source:
Media
records from this breach used in our total: 17,500

December 15, 2006 University of Colorado, Boulder, Academic Advising Center
Boulder, Colorado
EDU HACK

17,500

http://www.colorado.edu/its/security/awareness/privacy/identitytheft.pdf

A server in the Academic Advising Center was the subject of a hacking attack. Personal information exposed included names and SSNs for individuals who attended orientation sessions from 2002-2004. CU-Boulder has since ceased using SSNs as identifiers for students, faculty, staff, and administrators.

 
Information Source:
Dataloss DB
records from this breach used in our total: 17,500

July 17, 2013 Office of the Medicaid Inspector General (OMIG)
Albany, New York
MED INSD

17,743

A link to the official notice can be foudn here:

http://apps.cio.ny.gov/apps/mediaContact/public/preview.cfm?parm=E5EBBF4...

An OMIG employee sent an email that contained sensitive records to their own email account on October 12, 2012.  Medicaid paitient first and last names, Social Security numbers, dates of birth, and Medicaid client information numbers may have been compromised. 

 
Information Source:
Media
records from this breach used in our total: 17,743

June 29, 2005 Bank of America
Charlotte, North Carolina
BSF PORT

18,000

A laptop containing the names, Social Security numbers, and addresses of customers was stolen from a consultant's car.

 
Information Source:
Dataloss DB
records from this breach used in our total: 18,000

August 7, 2006 U.S. Department of Veterans Affairs via contractor Unisys Corporation
Reston, Virginia
GOV INSD

5,000

Five thousand Philadelphia patients, 11,000 Pittsburgh patients and 2,000 deceased patients were affected.  There is a possibility that 20,000 others were also affected.

A computer at contractor's office was reported missing Aug. 3.  It contained billing records with names, addresses, SSNs, and dates of birth of veterans at two Pennsylvania locations.

UPDATE (9/15/06): Law enforcement recovered the computer and arrested an individual who had worked for a company that provides temporary labor to Unisys.

 
Information Source:
Dataloss DB
records from this breach used in our total: 18,000

December 31, 2008 Ohio State University
Columbus, Ohio
EDU DISC

18,000

http://www.studentlife.osu.edu/dataexposure

Ohio State University has notified 18,000 current and former students that their personel information was mistakenly stored on a computer server exposed to the Internet. The data included student names, Social Security numbers, addresses and coverage dates for those enrolled in the health insurance plan for three quarters in 2005-06.

 
Information Source:
Dataloss DB
records from this breach used in our total: 18,000

April 8, 2009 Metro Nashville School/Public Consulting Group
Nashville, Tennessee
EDU DISC

18,000

(615) 259-INFO (4636)

Metro Nashville students' names, Social Security numbers, addresses and dates of birth and parents' demographic information were available by searching Google. A private contractor unintentionally put student data on a computer Web server that wasn't secure. The data was available online from Dec. 28 to March 31.

 
Information Source:
Dataloss DB
records from this breach used in our total: 18,000

January 24, 2014 Coca-Cola Company
Atlanta, Georgia
BSO PORT

Unknown

The Coca-Cola Company announced the theft of several computers from one of their locations that contained personal information on employees and other individuals. The company did not detail the specific information that was stored on the stolen computers. The theft was discovered on December 19, 2013.

UPDATE (11/13/2014): "A class action lawsuit has been filed against the Coca-Cola company and its regional distribution subsidiaries on behalf of 70,000 people whose information and identities have been allegedly compromised by the theft of 55 laptops from the company's Atlanta headquarters over a six year period."

The company did not notice the theft of these laptops until November of 2013 prompting the company to send notices to those affected in January 2014. According to the company 18,000 individuals had Social Security numbers affected, and an additional 56,000 individuals that may have had their drivers license information compromised. The laptops were not encrypted and along with the above information, the laptops may have also included names, addresses, ethnicity and other personal information.

The class action suit alleges that the company failed to protect personal data, but failed in adequately notifying victims of the breach.

More Information: http://pennrecord.com/news/15093-class-action-filed-against-coca-cola-fo...

 
Information Source:
California Attorney General
records from this breach used in our total: 18,000

June 11, 2014 Stanford Federal Credit Union
Palo Alto, California
BSF DISC

18,000

Stanford Federal Credit Union informed 18,000 members that their personal information was sent to another member accidentally. According to the letter sent to the members,  credit union employees recognized the error immediately and the data was destroyed without it being read to the recipient. The data sent was a list of members who were pre-approved for loans. The credit union employee who sent the list inadvertently sent it to a member who had the same first name as the staff member it was meant for.

According to the credit union, the member had not yet read the mail and worked with the staff of the credit union to properly destroy it.

 
Information Source:
California Attorney General
records from this breach used in our total: 18,000

July 3, 2014 Blue Shield of California/Department of Managed Healthcare
San Francisco, California
BSF DISC

18,000

The Department of Managed Health Care informed individuals of a breach concerning their personal information. Health plans regulated by the Department of Managed Health Care (DMHC) are required to provide the DMHC periodically with current rosters of the medical providers the health plans contract with.

These plans are not supposed to include confidential or personal information in the rosters because these rosters are generally public documents.

"The DMHC discovered that Blue Shield of California had inadvertently included provider Social Security numbers in the rosters Blue Shield provided to the DMHC in February, March and April, 2013". Blue Shield neglected to inform the DMHC that the information was confidential or alert the DMHC that a mistake had been made on the documentation.

The information included Social Security numbers, providers' names, business addresses, business telephone numbers, medical groups, and practice areas.

For those affected Blue Shield is offering you a free-one-year membership in Experian's ProtectMyID Alert.  For those with questions they can call 1-877-371-7902.

 
Information Source:
California Attorney General
records from this breach used in our total: 18,000

January 11, 2011 University of Connecticut, HuskyDirect.com
Storrs, Connecticut
EDU HACK

18,059

Customers who used their credit cards on UConn's Huskydirect.com sports gear website may have had their personal information exposed in a data security breach. A hacker was able to access the Huskydirect.com customer database and may have viewed billing information with names, addresses, telephone numbers, credit card numbers, expiration dates, security codes and email addresses. The Huskydirect.com database is run by an outside vendor. People who made purchases offline are not at risk.

UPDATE (1/31/2011): Some people who were affected by the breach have recently reported fraudulent charges.

UPDATE (2/19/2011): Additional details reveal the exact number of names that were on the customer database, the fact that the perpetrator used an administrative password, and the fact that Fandotech, the company that was hosting and managing the site, was not following correct web security procedures.

 
Information Source:
Databreaches.net
records from this breach used in our total: 18,059

May 30, 2013 California Department of Developmental Services
Santa Monica, California
MED PORT

18,100

An employee at North Los Angeles County Regional Center left a work laptop, a personal laptop, and an iPhone in their car overnight. The items were stolen during the night.  The employee worked for a program that served disabled infants and toddlers.  Names, Social Security numbers, and other personal information were on the unencrypted work laptop.  The theft occurred in November and patients were notified in January of 2013. 

 
Information Source:
Media
records from this breach used in our total: 18,100

January 28, 2008 Kiwanis International, On-Net Services
Indianapolis, Indiana
NGO HACK

18,432

On January 4, Kiwanis learned of an unauthorized intrusion into its Kiwanis Family Store Website and database that occurred sometime between December 1 of 2007 and January 4 of 2008. The unauthorized person or persons illegally accessed information by running a SQL injection program that gathered names, credit card numbers, expiration dates and billing/shipping addresses of individuals who had purchased items from the Kiwanis Family Store.

 
Information Source:
Dataloss DB
records from this breach used in our total: 18,432

September 29, 2010 Morgan Keegan & Company
Memphis, Tennessee
BSF PORT

18,500

An attorney was able to collect a disk with client names and detailed financial information during an investigation. Clients were notified and their accounts are being monitored for unauthorized use. The breach was discovered on September 15 and the disk was later returned by the attorney.

 
Information Source:
Media
records from this breach used in our total: 18,500

July 19, 2013 University of Virginia, Aetna Health Care
Charlottesville, Virginia
EDU DISC

18,700

A mailing error by a third-party mailing vendor used by Aetna Health Care resulted in the Social Security numbers of students being exposed in open-enrollment brochures.

 
Information Source:
Media
records from this breach used in our total: 18,700

February 16, 2012 Central Connecticut State University (CCSU)
New Britain, Connecticut
EDU HACK

18,763

A computer breach in a CCSU Business Office exposed the information of current and former faculty, staff, and student workers.  A Z-Bot virus designed to relay information was discovered on the computer on December 6, 2011.  The computer had been exposed for eight days and only exposed the Social Security numbers of those who were affected. People associated with CCSU as far back as 1998 were affected.

 
Information Source:
Databreaches.net
records from this breach used in our total: 18,763

December 17, 2013 Colorado Governor's Office of Information Technology
Denver, Colorado
GOV PORT

18,800

A Colorado state employee lost a flash drive that contained the information of current and former Colorado state employees.  It contained names, Social Security numbers, and a limited number of home addresses.  The flash drive was discovered missing in late November and is believed to have been lost while the employee traveled between work sites.  Approximately 8,000 of those who were affected were current employees while 10,800 were former employees.

 
Information Source:
Media
records from this breach used in our total: 18,800

October 10, 2011 University of Georgia (UGA)
Athens, Georgia
EDU DISC

18,931

A data file that contained employment information such as names, Social Security numbers, dates of birth, dates of employment, gender, race, home phone numbers, and addresses was accidentally placed on a publicly available web server. The information was available from 2008 until 2011. Faculty and staff who worked at UGA in 2002 were affected.

 
Information Source:
Media
records from this breach used in our total: 18,931

April 21, 2005 Carnegie Mellon University
Pittsburgh, Pennsylvania
EDU HACK

19,000

The compromised information included Social Security numbers and grades from master's alumni classes 1997 through 2004, job offer information from master's alumni classes 1985 through 2004, contact information for all alumni, and Social Security numbers and grades from doctoral students enrolled between 1998 and 2004.  Between 5,000 and 6,000 of those affected had their credit card information and Social Security numbers compromised. Emails and letters were sent to those who were affected.

 
Information Source:
Dataloss DB
records from this breach used in our total: 19,000

January 31, 2006 Honeywell International
Morristown, New Jersey
BSO UNKN

19,000

Personal information of current and former employees including Social Security numbers and bank account information was posted on an Internet Web site. It was not known whether this was the result of a malicious insider or an administrative error.  Current and former employees whose information was compromised were informed immediately and offered free credit monitoring and identity theft insurance.

 
Information Source:
Dataloss DB
records from this breach used in our total: 19,000

August 29, 2006 AT&T via vendor that operates an order processing computer
San Francisco, California
BSO HACK

19,000

Computer hackers accessed credit card account data and other personal information of customers who purchased DSL equipment from AT&T's online store. The company is notifying fewer than 19,000 customers.

UPDATE (9/1/06). The breach was followed by a bogus phishing e-mail to those customers that attempted to trick them into revealing more info such as SSN and birthdate -- essential for crime of identity theft.

 
Information Source:
Dataloss DB
records from this breach used in our total: 19,000

May 23, 2008 R.E. Moulton
Irving, Texas
BSF PORT

19,000

Thieves broke into the Irving, Texas, regional office and stole a laptop computer containing personally information of numerous individuals, including names and Social Security numbers. The company is in the medical stop-loss insurance industry. 

 
Information Source:
Dataloss DB
records from this breach used in our total: 19,000

May 13, 2009 United Food and Commercial Workers Union 555
Tigard, Oregon
NGO PORT

19,000

A union employee's laptop was stolen on the East Coast. The laptop may have contained personal information of Local 555 members, including birth dates and Social Security numbers.

 
Information Source:
Dataloss DB
records from this breach used in our total: 19,000

May 18, 2012 UnitedHealthcare (United Health Group Plan)
Minneapolis, Minnesota
MED INSD

19,100

A dishonest employee used the names, Social Security numbers, addresses, phone numbers, dates of birth, and Medicare Health Insurance Claim Numbers to steal the identities of at least 24 Idaho customers enrolled in UnitedHealthcare Medicare plans. On January 30, 2012, it was discovered that the former employee may have accessed the information in the United Health Care database in a way that was inconsistent with his job duties and possibly for fraud purposes.  The information was taken between June 28 and December 12 of 2011. Affected patients were notified on March 30.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 19,100

September 21, 2010 Pediatric and Adult Allergy, PC
Des Moines, Iowa
MED PORT

19,222

Patients of Dr. George Caudill (retired), Dr. Veljko Zivkovich (retired) Dr. Robert Colman and Dr. Whitney Molis were notified that a backup tape with their personal information was lost on or around July 11. The patient information included name, address, phone number, date of birth, Social Security number, dates of service, services and diagnoses. Medical records and financial information were not on the backup tape. It appears that all patients with accounts created before July 10, 2010 were affected.

 
Information Source:
HHS via PHIPrivacy.net
records from this breach used in our total: 19,222

October 11, 2010 University of Oklahoma-Tulsa Neurology Clinic, Neurology Services of Oklahoma, LLC
Oklahoma City, Oklahoma
MED HACK

19,264

Neurology Services of Oklahoma, LLC is located in Tulsa, OK.

Malware was discovered on a clinic computer on or around July 28. Patients who saw Dr. John Cattaneo at the clinic and at his former employer Neurology, LLC were notified of the breach. Patient names, Social Security numbers, phone numbers, addresses, dates of birth, medical record numbers, lab reports and dates of service were in documents that may have been accessed by the virus.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 19,264

June 23, 2010 Florida International University
Miami, Florida
EDU DISC

19,495

Florida International University is in the process of sending notification letters to 19,407 students and 88 faculty members after the university’s IT Security Office discovered personal data may have been exposed over the internet via a database’s external search function. An announcement posted on the FIU website lists the personal data as GPAs, test scores, and Social Security numbers that were stored on the College of Education’s E-Folio software app. This database kept track of student data related to state mastery standards, grade tracking, assignments, and Social Security numbers for both students and faculty.

 
Information Source:
Dataloss DB
records from this breach used in our total: 19,495

September 28, 2006 New York State Banking Department
New York, New York
BSF DISC

19,640

During the routine process of indexing the search engine of the Department's website, data files from the 2005 Volume of Operations Reports were inadvertently made accessible to members of the public between July 27 and August 29. Personal information included the Social Security numbers of all independent contractors employed by both licensed mortgage bankers and registered mortgage brokers. Social Security numbers of all felons employed by those registrants who also opted to electronically failed their 2005 VOO reports were also available through the Department's website search engine.

 
Information Source:
Dataloss DB
records from this breach used in our total: 19,640

July 20, 2011 Swedish Medical Center
Seattle, Washington
MED DISC

19,799

The full names and Social Security numbers of current and former employees were accessible online for nearly nine weeks. Employees who worked for Swedish, but not Swedish Physician Division,  in 1994, 1995, 2002, 2003, 2004 and 2006 had their information posted sometime between the middle of April and June 17, 2011. The cause of the accidental disclosure was not reported.

 
Information Source:
Databreaches.net
records from this breach used in our total: 19,799

Breach Total
815,842,526 RECORDS BREACHED
(Please see explanation about this total.)
from 4,489 DATA BREACHES made public since 2005
Showing 3901-3950 of 4489 results


X

Sign In!

Loading