Chronology of Data Breaches
Security Breaches 2005 - Present

Posted Date: April 20, 2005
Updated Date: December 31, 2013

Is this your first visit to our Chronology of Data Breaches?

  • Read our FAQ about what we define as a breached record, how we calculate the "total" records breached, our data sources, state breach notice laws, studies and other resources

  • Learn how to use our Chronology and take advantage of its sophisticated search and sort features

  • Get our RSS Feed to see when we add new breaches to the list

What would you like to do?

Chronology of Data Breaches

Custom Sort
Select your desired results. Then click "Go!"

Click or unclick the boxes then select go.


Select features, then click GO.



Help Guide

Can't find the sort feature you're looking for? Click here to download a CSV file of the data breach list as it exisits today.
Breach Total
815,842,526 RECORDS BREACHED
(Please see explanation about this total.)
from 4,489 DATA BREACHES made public since 2005
Date Made Publicsort icon Name Entity Type
March 3, 2015 Toys "R" Us
Wayne, New Jersey
BSR HACK

Unknown

Toys "R" Us contacted customers that their passwords to their reward program account would be reset in order to avoid an unauthorized attempts to their rewards program account.

The company communicated that those notified did not necessarily have their accounts accessed, however, the risk was higher due to the discovery by the company of "recycled login details used by some of its customers." 

Between January 28th and January 30th, 2015, the company discovered a number of "illegal login attempts made to its Rewards "R" Us accounts." The current announcement is an additional security measure so that other customer accounts cannot be accessed in a similar way.  "Out of an abundance of caution, we are therefore treating your account password as compromised and taking appropriate steps to address the situation," in a letter sent by the company to its customers.

More Information: http://www.welivesecurity.com/2015/03/03/toys-r-us-resets-account-passwo...

 
Information Source:
Media
records from this breach used in our total: 0

February 18, 2015 The Office of Jeb Bush
Tallahassee, Florida
BSO DISC

12,000

Jeb Bush's office inadvertently exposed 12,500 individuals' personal information as part of a larger cached file of 332,999 emails sent to him when he was the Governor of Florida.

The email was sent as part of a measure for transparency, however his team neglected to remove personal information if 12,500 of those individuals exposing names, Social Security numbers, and birthdates.

The office has since redacted the information, which were believed to have been individuals on a family services waiting list from 2003.

More Information: http://www.welivesecurity.com/2015/02/18/12000-exposed-possible-id-theft...

 
Information Source:
Media
records from this breach used in our total: 12,500

February 5, 2015 Anthem
Indianapolis, Indiana
BSF HACK

80 million

Anthem, the second largest health insurance company operating under Anthem Blue Cross, Anthem Blue Cross and Blue Shield Amerigroup and Healthlink has suffered a massive data breach.

The company announced that they have been the victim of a "very sophisticated external cyber attack" on their system. The information compromised includes names, birthdays, medical ID's, Social Security Numbers, street addresses, e-mail addresses, employment and income information.

Over the next several weeks, those who were affected will be receiving some form of identity theft protection.

For those members with questions regarding the breach, the company has set up a toll- free line at 1-877-263-79951-877-263-7995 FREE.

More Information: For the statement by Anthem's CEO Joseph R. Swedish and the dedicated website created for customer information, click here.

Additional Information: http://money.cnn.com/2015/02/04/technology/anthem-insurance-hack-data-se...

UPDATE (2/10/2015): As further investigations are pursued regarding the Anthem breach, research by Brian Krebs and others show that the hacking began as early as April 2014 and is pointing to Chines hacker group known as "Deep Panda". 

At the time, Anthem was called Wellpoint, and upon further investigation Krebs "discovered a series of connected domain names that appear to imitate actual Wellpoint sites, including we11point.com and myhr.we11point.com."

Because these sites were contructed almost 10 months prior, the question has now been raised as to why it took the company such a long time to uncover the hacking.

More Information: http://thehill.com/policy/cybersecurity/232285-analysis-anthem-attack-ma...

 
Information Source:
Media
records from this breach used in our total: 80,000,000

January 30, 2015 CICS Employment Services, Inc
Lincoln City, Oregon
BSO HACK

Unknown

CICS Employment Services notified customers of a data breach when their system was accessed by an unauthorized user (s) gaining access to employment application information on individuals.

The information accessed included names, addresses, dates of birth and Social Security Numbers.

The company is providing 12 months free of AllClearID. Call 1-855-865-4453. For additional questions or concerns a company representative can be reached at 1-888-593-5379.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-48292

 
Information Source:
California Attorney General
records from this breach used in our total: 0

January 29, 2015 Riverside County Regional Medical Center
Moreno Valley, California
MED PORT

Unknown

Riverside Regional Medical Center notified patients of a databreach when one of their employee laptops used in their Opthamology and Dermatology clinics was stolen that contained patient information.

The information on the laptop included names, phone numbers, addresses, dates of birth, Social Security Numbers, and clinical information such as medical record numbers, physicians, diagnosis, treatments received, medical departments and health insurance information.

The facility has set up 12 months free of Experian's ProtectMyID Alert for those affected. For questions call 1-866-313-7993.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-48266

 
Information Source:
California Attorney General
records from this breach used in our total: 0

January 23, 2015 California Pacific Medical Center/Sutter Health
San Francisco, California
MED INSD

844

California Pacific Medical Center notified 844 patients of a data breach to their system when an employee accessed records without authorization.

A total of 844 patients between October 2013 and October 2014, were accessed by this person who has since been terminated. The information obtained included patient demographics, last four digits of Social Security number, clinical information such as diagnosis, clinical notes, and prescription information.

The company states that the employee did not have access to full Social Security numbers, credit card or financial information, driver's license numbers, or California identification numbers.

Those with questions can contact Sutter Health's Chief Privacy Officer toll-free at 1-855-771-42201-855-771-4220 FREE Monday through Friday from 8:00 am to 5 pm Pacific Standard Time.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-48217

 
Information Source:
California Attorney General
records from this breach used in our total: 0

January 21, 2015 Sunglo Home Health Services
Harlingen, Texas
MED PORT

Unknown

Sunglo Home Health Services notified customers/patients of a data breach when their facility was broken into and stole one of their company lap tops. The laptop contained patient information including Social Security Numbers and personal health information.

Currently the company does not know the number of affected patients.

More Information: http://www.krgv.com/news/local-news/Computer-with-Patients-Personal-Info...

 
Information Source:
Media
records from this breach used in our total: 0

January 21, 2015 Mount Pleasant School District
Mount Pleasant, Texas
EDU HACK

915

Mount Pleasant School District has informed approximately 915 present and former staff members that their personal information may have been compromised between January 18th 2015 and January 21st 2015.

 

A spokesperson for Mount Pleasant School District stated “Forest Hills District had a denial of service and discovered they had been hacked,” she said. “The district’s technology director found a Tweet that mentioned us. She looked us up on the Web and called us to let us know on Tuesday.”

When the technology director for Mount Pleasant clicked on the link, it directed him to a file that included names, addresses and Social Security numbers” of MPISD staff.

More Information: http://www.dailytribune.net/news/data-breach-hits-mpisd-employees/article_051ec5d0-a1d2-11e4-b1c7-afde4a6d4ed1.html

 
Information Source:
Media
records from this breach used in our total: 915

January 16, 2015 Grill Parts.com
Santa Rosa, California
BSR HACK

Unknown

Grillparts.com notified customers of a data breach to their website from January 2014 through October 2014.

The information compromised included first and last names, addresses, personal card account numbers, expiration dates, and credit/debit card security codes. It is currently unknown or has not been reported as to the number of people who were affected.

The company is providing the services of Kroll identity theft protection for one year at no cost to those who might have been affected by the breach.

Visit kroll.idMonitoringService.com and follow the online instructions to take advantage of the Identity Theft Protection Services. You will need to enter the membership ID provided by the company sent in a letter to those whose information has been or could have been compromised.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-48107

 
Information Source:
California Attorney General
records from this breach used in our total: 0

January 15, 2015 Oppenheimer Funds
Denver, Colorado
BSF DISC

Unknown

Oppenheimer Funds was notified by a brokerage firm that works with Oppenheimer Funds that customer information that was mistakenly made available to a representative of the associated brokerage firm.

The information included names, addresses, Oppenheimer Fund account numbers and Social Security numbers.

The company is offering credit protection through Equifax Consumer Services, LLC. For those affected they can reach out to Equifax Consumer Services at 1-888-766-00081-888-766-0008 FREE for information regarding the credit monitoring. Oppenheimer Funds provided a monitoring code to all those affected.  The company can be reached at 1-800-225-56771-800-225-5677 FREE Monday through Friday from 8:00am to 8:00pm Easter time or visit the website at www.oppenheimerfunds.com.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-48071

 
Information Source:
California Attorney General
records from this breach used in our total: 0

January 7, 2015 Lokai
New York, New York
BSO HACK

Unknown

Lokai informed customers of a data breach to their system from July 18, 2014 to October 28, 2014 by hackers who gained access to their server that hosts their website. The hackers installed a program that was designed to record information entered by customers.

The information affected included names, addresses, payment card information, expiration dates, verification codes, and user name and passwords.

For those affected who have questions they can call 1-800-981-75711-800-981-7571 Monday through Friday between the hours of 9:00 a.m and 9:00 p.m. Eastern Time.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47853

 
Information Source:
California Attorney General
records from this breach used in our total: 0

January 6, 2015 NVIDIA Corporation
Santa Clara, California
BSO HACK

Unknown

NVIDIA Corporation suffered a data breach when hackers infiltrated their network and stole employee usernames and passwords.

The company is requesting that those affected change their password and be cautious of "phishing" emails that look like they are coming from a colleague or friend requesting sensitive information.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47824

 
Information Source:
California Attorney General
records from this breach used in our total: 0

January 5, 2015 Morgan Stanley
New York, New York
BSF INSD

350,000

An employee of Morgan Stanley stole customer information on 350,000 clients including account numbers. Additional information on what other information was captured has not yet been released. Files for as many as 900 clients ended up on a website.

The employee has since been fired and the bank is notifying all of the individuals affected and the FBI is currently investigating the incidence.

More Information: http://www.bloomberg.com/news/print/2015-01-05/morgan-stanley-fires-empl...

 
Information Source:
Media
records from this breach used in our total: 0

January 2, 2015 Chic-Fil-A
Atlanta, Georgia
BSO HACK

Unknown

Chic-Fil-A has announced they are investigating a possible data breach to their payment card system. They have not released any details as to the reality of the breach, however, many experts are predicting it could be extensive.

The restaurant chaind operates over 1,850 stores nationwide. Suspicious activity on their payment systems and a report provided to the on December 19, 2014 as to suspicious activity, prompted the company to launch an investigation.

Additional information will be posted as soon as information is available.

More Information: http://www.eweek.com/security/chick-fil-a-may-be-the-latest-retail-data-...

Fast food restaurant chain Chick-fil-A could well be the first retail breach to be publicly confirmed in 2015. Chick-fil-A released a public statement on Jan. 2, confirming that it is investigating a possible data breach at its restaurants. While Chick-fil-A's statement was issued on Jan. 2, the company admitted that it received a report about a potential breach on Dec. 19. After the report was received, Chick-fil-A  indicated that it launched an investigation to determine what had occurred. "The initial report was of potential suspicious activity involving payment cards at a few restaurants," Chick-fil-A stated. "Our investigation is ongoing and we will update as we are able to do so." Chick-fil-A reported 2013 sales of more than $5 billion and has over 1,850 locations, including both stand-alone restaurants and mall locations.  - See more at: http://www.eweek.com/security/chick-fil-a-may-be-the-latest-retail-data-breach-victim.html#sthash.JLp7Xcee.dpuf
Fast food restaurant chain Chick-fil-A could well be the first retail breach to be publicly confirmed in 2015. Chick-fil-A released a public statement on Jan. 2, confirming that it is investigating a possible data breach at its restaurants. While Chick-fil-A's statement was issued on Jan. 2, the company admitted that it received a report about a potential breach on Dec. 19. After the report was received, Chick-fil-A  indicated that it launched an investigation to determine what had occurred. "The initial report was of potential suspicious activity involving payment cards at a few restaurants," Chick-fil-A stated. "Our investigation is ongoing and we will update as we are able to do so." Chick-fil-A reported 2013 sales of more than $5 billion and has over 1,850 locations, including both stand-alone restaurants and mall locations.  - See more at: http://www.eweek.com/security/chick-fil-a-may-be-the-latest-retail-data-breach-victim.html#sthash.JLp7Xcee.dpuf
 
Information Source:
Media
records from this breach used in our total: 0

December 29, 2014 LeapLab
,
BSO INSD

Unknown

LeapLab is being sued by the Federal Trade Commission for purchasing "payday loan applications of financially strapped consumers, and then sold that information to marketers whom it knew had no legitimate need for it".

In another FTC case, Ideal Financial Solutions, used this information sold to them to withdraw millions of dollars from individual accounts without permission.

More Information: http://krebsonsecurity.com/2014/12/payday-loan-network-sold-info-to-scam...

 
Information Source:
Krebs On Security
records from this breach used in our total: 0

December 26, 2014 Sony PlayStation
New York, New York
BSO HACK

Unknown

PlayStation and xBox networks over the holiday season. A group calling itself "LizardSquad" hacked both gaming networks on Christmas Day. 

According to the group and KrebsOnSecurity, "various statements posted by self-described LizardSquad members on their open online chat forum - chat.lizardpartrol.com - suggest that these misguided individuals launched the attack for no other reason than because they thought it would be amusing to annoy and dissapoint people who received new Xbox and Playstation consoles as holiday gifts"

More Information: http://krebsonsecurity.com/2014/12/cowards-attack-sony-playstation-micro...

 
Information Source:
Krebs On Security
records from this breach used in our total: 0

December 26, 2014 Microsoft xBox
Redmond, Washington
BSO HACK

Unknown

Microsoft Xbox Live networks were hacked by a group called "LizardSquad", preventing users from playing games over the holiday.

The assault was a DDoS attack (distributed denial-of-service) which "harness the Internet connectivity of many hacked or misconfigured systems so that those systems are forced to simultaneously flood target network with junk Internet traffic. The goal, of course, is to prevent legitimate visitors from being able to load the site or use the service under attack."

More Information: http://krebsonsecurity.com/2014/12/cowards-attack-sony-playstation-micro...

 
Information Source:
Krebs On Security
records from this breach used in our total: 0

December 26, 2014 Physicians Skin and Weight Systems
Roseville, California
MED PORT

Unknown

On November 14, 2014 an employee laptop and hard drive were stolen when their car was broken into. According to the company the laptop was password protected.

The information stored on the laptop included images taken during the course of treatment, names, banking, full routing numbers, credit card numbers, some financing applications that included Social Security Numbers, dates of birth, mailing address, email address, income, rent payments and employer names.

The company is providing 12 months free of AllClearID, call 1-877-437-3998

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47861

 

 
Information Source:
California Attorney General
records from this breach used in our total: 0

December 24, 2014 Boersma Bros.LLC/dba DutchWear
Grants Pass, Oregon
BSR HACK

Unknown

Boersma Brothers, dba DutchWear suffered a databreach when their website was breached exposing the payment information for customers from November 7 and December 6, 2014.

The information compromised included names, addresses, phone numbers, credit card numbers, expiration dates, and credit card security codes.

The company has set up a toll-free help line for customers at 1-844-835-8656 from 8 a.m. and 4 p.m PST, Monday through Friday.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47840

 
Information Source:
California Attorney General
records from this breach used in our total: 0

December 24, 2014 Corday Productions, Inc.
Burbank, California
BSO HACK

Unknown

Corday Productions, Inc. has payroll administered by Sony Pictures Entertainment. As part of the Sony breach, Corday Production Inc.'s employees, independent contractors or employees of contractors providing services to Corday may have had personal information compromised.

The incident is still under investigation as part of the larger Sony investigation. Corday is offering AllClear ID to those who may have been affected. They can be contacted at 1-855-434-80771-855-434-8077  or https://www.allclearid.com/

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47852

 

 
Information Source:
California Attorney General
records from this breach used in our total: 0

December 23, 2014 Rob Kirby, CPA
Santa Rosa, California
BSO PORT

Unknown

Rob Kirby CPA notified customers of a data breach when the car he was driving was broken into and his briefcase, a password protected laptop and flash drive containing confidential client information was stolen.

The information stolen included tax returns for current and previous years, copies of supporting documents associated with the returns, including names, addresses, birth dates, and Social Security numbers for clients, spouses, and dependents.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47844

 

 
Information Source:
California Attorney General
records from this breach used in our total: 0

December 23, 2014 Public Architecture/theonepercent.org
San Francisco, California
BSO HACK

Unknown

On December 8th, 2014 Public Architecture, theonepercent.org, was breached when a hacker broker through the sites security protocols and firewalls to put up a brag page touting his success in hacking. 

The hacker deleted files that affected the operation of the site, and possibly stole usernames, passwords, and contact information.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47847

 
Information Source:
California Attorney General
records from this breach used in our total: 0

December 12, 2014 Acosta Sales and Marketing
Jacksonville, Florida
BSO PORT

Unknown

Acosta, Inc. and its subsidiaries (Mosaic Sales Solutions US Operating Co. LLC) informed customers of a data breach when an employee of their Human Resources department had a laptop containing personal information stolen from their car on November 11, 2014.

For those affected, the company has set up a toll free number to assist with questions at 1-877-237-49711-877-237-4971  Monday through Friday 9:00 a.m to 7:00 p.m Eastern Standard Time. The reference number to the incident is #5316120814.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47713

 

 
Information Source:
California Attorney General
records from this breach used in our total: 0

December 12, 2014 University of California Berkeley
Berkeley, California
EDU HACK

Unknown

The University of California Berkeley has notified individuals of a data breach in their Real Estate Division that resulted in unauthorized access to servers used to support a number of Real Estate programs and work stations. 

These workstations contained files that included some personal information. The investigation of the hacking showed that these servers were breached in mid-to late September.

The personal information included names, Social Security Numbers, credit card numbers and driver's license numbers.

The university is offering identity theft protection and fraud resolution through ID Experts for free for one year. For those affected call 1-877-846-63401-877-846-6340  Monday through Friday from 6 a.m to 6 p.m Pacific Time or go to www.myidcare.com/ucbinfo.

 

 

 

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47717

 
Information Source:
California Attorney General
records from this breach used in our total: 0

December 11, 2014 Emcor Services Mesa Energy Systems
El Cajon, California
BSO PORT

Unknown

Emcor Services Mesa Energy Systems notified individual of a data breach when a company laptop was stolen that contained customers personal information.

The information contained on thelaptop included names, Social Security numbers, dates of birth, dates of hire, addresses, salaries, gender and ethnicity. The theft occurred on or around November 25, 2014.

The company is offering the services of Kroll for one year at no cost. For those who were affected they can call 1-866-775-42091-866-775-4209  from 8:00 a.m to 5 p.m Central Time, Monday through Friday.

For those with questions for the company can call Mike Cook at 1-949-460-46051-949-460-4605.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47705

 

 
Information Source:
California Attorney General
records from this breach used in our total: 0

December 11, 2014 ABM Parking Services
St. Louis, Missouri
BSO HACK

Unknown

ABM Parking Services notified customers of a data breach when the point of sale software system implemented by Datapark USA Inc, a third party vendor for several Chicago, Illinois parking facilities was hacked. The information was compromised from October 6, 2014 through October 31, 2014.

The hackers were able to compromise certain customer credit and debit card information, including payment card numbers.

A toll-free information line has been made available for those affected. Customers can call 1-877-238-37901-877-238-3790. The company is offering one year free of Experian's ProtectMyID Elite for those affected.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47710

 
Information Source:
California Attorney General
records from this breach used in our total: 0

December 9, 2014 Charge Anywhere LLC
South Plainfield, New Jersey
BSF HACK

Unknown

The electronic payment provider Charge Anywhere has notified individuals of a data breach of their networks when an unauthorized person(s) installed "sophisticated malware" that allowed the hackers to "capture segments of outbound network traffic" as the company has explained in a statement released December 9, 2014.

The information captured included customer names, card numbers, expiration dates and verification codes of debit/credit cards.

The company stated that transactions completed from August 17, 2014 through September 24, 2014 were compromised. However, information as far back as November 5, 2009 could have been captured as well.

"The incident is the latest reminder of what happens to businesses that handle credit card data and other sensitive information and yet fail to full encrypt the data as it traverses their network. The company has provided a searchable list of merchants who may have been affected by the breach."

More Information: http://krebsonsecurity.com/2014/12/unencrypted-data-lets-thieves-charge-...

 
Information Source:
Krebs On Security
records from this breach used in our total: 0

December 6, 2014 WellCare Health Plans
Monroe County, New York
MED DISC

47

500 Monroe County residents were notified by WellCare Health of disclosure of some of their personal information when their Medicare records were "mishandled" by a sub-contractor for the insurer.

The insurers vendor had an error in their computer coding causing denial letters to be sent to the wrong members. The information on the letters included names, addresses, member ID numbers and general descriptions of the procedure. According to the insurer, no Social Security numbers or financial information was disclosed in the letter.

Subscribers with questions can call WellCare at (888) 240-4946(888) 240-4946.

More Information: http://www.democratandchronicle.com/story/news/2014/12/06/wellcare-medic...

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

December 5, 2014 Bebe Retail
Brisbane, California
BSR HACK

Unknown

Bebe Stores have notified customers of a data breach to their point of sale systems that took place last month for several weeks. The goal of the hackers was to obtain payment card information. The hacking took place between November 8, 2014 and November 26, 2014

The retailer is not stating how many cards were affected and the breach is currently being investigated by forensic IT specialists.

Bebe has more than 200 stores that could have been affected.

 

More Information: http://fortune.com/2014/12/05/bebe-data-breach/

 
Information Source:
Media
records from this breach used in our total: 0

December 2, 2014 Dallas Fire-Rescue
Dallas, Texas
MED PORT

Unknown

Dallas Fire-Rescue had several laptops containing patient information come up missing from several of their ambulances.

"According to the city, those computers disappeared between January 1, 2011, and August 29, 2014. The city’s release did not say how many laptops were unaccounted for — or how they disappeared. Messages have been left for Sana Syed, the city’s spokesperson."

No specific information was provided as to what information was in the files. For those patients who have questions can call the Dallas Fire-Rescue EMS staff at (844) 532-5527.

More Information: http://cityhallblog.dallasnews.com/2014/10/dallas-warns-that-small-numbe...

 
Information Source:
Media
records from this breach used in our total: 0

December 1, 2014 American Residuals and Talent Inc.
Los Angeles, California
BSO HACK

Unknown

American Residuals and Talen Inc, dba ART Payroll, a specialized payroll company for the entertainment, advertising and events production industry, notified customers of a breach to their system when hackers infiltrated their servers and obtained personal information.

The information included names, addresses, dates of birth, Social Security number, email addresses, phone numbers, ART account numbers, bank account information, ART account user ID and password.

The company is providing ProtectMyID for 1 year at no cost to those who were affected. For questions call 1-877-297-7780.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47623

 
Information Source:
California Attorney General
records from this breach used in our total: 0

December 1, 2014 Highlands-Cashier Hospital
Highlands, North Carolina
MED DISC

25,000

Highlands-Cashier hospital in North Carolina informed patients of a data breach to their servers that contained patient data. The disclosure of the data was due to an error by one of their third party vendors, TruBridge a subsidiary of Computer Programs and Systems, Inc. when they were contracted to complete some specialized computer services.

A data security screening caught the disclosure on September 29, 2014 that exposed patient information between May 2012 through September 2014.

The information exposed included patient names, addresses, dates of birth, treatment information, diagnosis, helath insurance information and Social Security numbers. All of this information could be accessed via the Internet.

For those who might have been affected you can call 1-888-227-14161-888-227-1416  Monday through Friday between 9:00 a.m and 9:00 p.m Eastern Time.

More Information: http://www.phiprivacy.net/highlands-cashiers-hospital-discovers-patient-...

 

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 25,000

November 28, 2014 University Hospitals
Cleveland, Ohio
MED INSD

692

University Hospital has informed 692 patients of that their personal information has been compromised. An employee of the hospital had been accessing the personal information of patients for over 3 years. The employee has been dismissed.

The information this person accessed included names, addresses, phone numbers, email addresses, medical and health-insurance account numbers, financial information including debt/credit card information and Social Security numbers.

Those with additional questions or concerns can call (866) 329-5860

More Information: http://www.cleveland.com/metro/index.ssf/2014/11/uh_employee_gained_impr...

 
Information Source:
Media
records from this breach used in our total: 692

November 26, 2014 Shutterfly/Tiny Prints/Treats/Wedding Divas
Redwood City, California
BSO HACK

Unknown

Tiny Prints, Treat and Wedding Paper Divas, owned by Shutterfly Inc. notified customers of a data breach to their online system by hackers. The hacking may have exposed customer usernames and passwords. The company is urging customers to change all usernames and passwords to each site.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47602

 

 

 
Information Source:
California Attorney General
records from this breach used in our total: 0

November 25, 2014 Texas Health and Human Services
Houston, Texas
GOV DISC

2 million

The Texas Health and Human Services department discovered a data breach it appears by "chance" after terminating their relationship with Xerox Corporation.

"In August, after the transition to a new Medicaid vendor, the Texas commission filed a lawsuit against Xerox, alleging that the contractor had failed to turn over computer equipment, as well as paper records, containing Medicaid and health information for 2 million individuals, "putting the state out of compliance with federal regulations and at risk of massive federal fines," says a statement issued by Texas HHSC in August."

The Texas Health and Human Services department has notified individuals of the data breach communicating that their information may have been compromised. The information includes "Medicaid clients' names, birthdates, Medicaid numbers, and medical and billing records related to care provided through Medicaid, such as reports, diagnosis codes and photographs."

More Information: http://www.govinfosecurity.com/breach-reported-after-vendor-dispute-a-7605

 

 
Information Source:
Media
records from this breach used in our total: 0

November 25, 2014 State Compensation Insurance Fund
Pleasanton, California
GOV HACK

Unknown

The State Compensation Insurance Fund, a state agency that provides workers compensation insurance to businesses informed customers of a data breach when one of their brokers suffered a data breach to their system.

Lucy Gomez Blankley Interpreting Inc., a provider of Stat Fund was the victim of a computer hack that resulted in theft of emails in which contained information regarding patient workers compensation claims.

The specific information included names, addresses, phone, Social Security Number, dates of birth and workers compensation claim number.

The agency is providing one year free of Experian ProtectMyID services to those who were affected. Those with questions can call 1-877-220-1388,

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47592

 
Information Source:
California Attorney General
records from this breach used in our total: 0

November 25, 2014 Godiva Chocolatier Inc.
New York, New York
BSR PORT

Unknown

Godiva notified employees of the company of a data breach when a Human Resources employee, who was traveling to retail sites, had a briefcase stolen from a car. The briefcase contained a lap top that had employee information on it. The lap top was not encrypted.

The information included names, addresses, Social Security numbers and drivers license numbers.

The company is providing Experian ProtectMyID Alert for 12 months for free. For questions call 1-866-328-1993 Monday through Friday 6:00 a.m to 6:00 p.m Pacific time.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47593

 
Information Source:
California Attorney General
records from this breach used in our total: 0

November 24, 2014 Sony Pictures
New York, New York
BSO HACK

47,000

Sony Pictures Entertainment has suffered a data breach when hackers posted threatening messages on company computers.

According to a report the threat "began with a skull appearing on screens, and then a strangely ominous message telling users they’d been hacked by something called #GOP. It gets more bizarre as the message claims this is just the beginning and then threatens to release documents by 11 PM this evening."

The company has completely shut down all email communications and employees are not allowed to use company computers while the entertainment giant works through where and what the threat is and if it is real. The original threat did not give specifics or communicate any kind of "ransom" for the data that had supposedly been hacked.

More Information: https://deadline.com/2014/11/sony-computers-hacked-skull-message-1201295...

 

UPDATE (12/5/2014): A data security analyst has discovered information leaked by the hacker (s) goes beyond what was originally reported.

According to the security company Identity Finder, showed that leaked files included vast amount of personal data on "more than 47,000 celebrities, freelancers, and current and former Sony employees".

"An analysis of 33,000 leaked Sony Pictures documents by data security software firm Identity Finder showed that the leaked files included the personal information, salaries and home addresses for employees and freelancers who worked at the studio. Some of the celebrities include Sylvester Stallone, director Judd Apatow and Australian actress Rebel Wilson, according to the Wall Street Journal, which first reported on the analysis".

Additional information such as contracts, termination dates, termination reason and other data was also leaks. Unfortunately these files were in Excel format without any password protection.

More Information: http://www.cnet.com/news/sony-hack-said-to-leak-47000-social-security-nu...

UPDATE (12/16/2014): "Sony Pictures Entertainment has been sued by two self-described former employees who accuse the movie studio of failing to protect Social Security numbers, healthcare records, salaries and other data from computer hackers who attacked it last month.

 

The proposed class action lawsuit against Sony Corp's studio was filed on Monday in federal court in Los Angeles. It alleges that the company failed to secure its computer network and protect confidential information."

More Information: http://www.reuters.com/article/2014/12/16/sony-cybersecurity-classaction...

 
Information Source:
Media
records from this breach used in our total: 47,000

November 17, 2014 US State Department
Washington, District Of Columbia
GOV HACK

Unknown

The US State Department shut down one of its computer networks when it was believed to have been hacked. Experts believe this is related to the breach to the White House's unclassified computer network.

On Monday Jeff Rathke, a State Department spokesperson said "the department had recently detected "activity of concern" in portions of the system handling non-classified emails, and the weekend maintenance included security improvements responding to the breach."

More Information: http://phys.org/news/2014-11-state-dept-hacked-email.html#inlRlv

on Monday, Rathke said the department had recently detected "activity of concern" in portions of the system handling non-classified emails, and the weekend maintenance included security improvements responding to the breach.

Read more at: http://phys.org/news/2014-11-state-dept-hacked-email.html#jCp
on Monday, Rathke said the department had recently detected "activity of concern" in portions of the system handling non-classified emails, and the weekend maintenance included security improvements responding to the breach.

Read more at: http://phys.org/news/2014-11-state-dept-hacked-email.html#jCp
 
Information Source:
Media
records from this breach used in our total: 0

November 14, 2014 Seattle Public Schools
Seattle, Washington
EDU DISC

8,000

The Seattle Public School District announced in a letter to parents Thursday about a data breach that involved their children's information.

"Late Tuesday night Seattle Public Schools learned that a law firm retained by the district to handle a complaint against the district inadvertently sent personally identifiable student information to an individual involved in the case. The district promptly removed the law firm from the case and is working to ensure that all improperly released records are retrieved or destroyed."

Over 800 special education students were involved in a breach. The information involved in the breach included their names, addresses, student identification numbers, test scores and disabilities.

More Information: http://www.king5.com/story/news/local/seattle/2014/11/14/seattle-public-...

 
Information Source:
Media
records from this breach used in our total: 0

November 14, 2014 Cone Health
Greensboro, North Carolina
MED DISC

2,076

Cone Health notified patients to a data breach when after letters sent from one of its facilities were addressed to the wrong patients.

The information on 2,076 patients included names, Social Security numbers, dates of birth and insurance information.

More Information: http://www.wfmynews2.com/story/news/local/2014/10/09/cone-health-admits-...

 
Information Source:
Media
records from this breach used in our total: 2,076

November 14, 2014 Reeve-Wood Eye Center
Chico, California
MED UNKN

Unknown

The Reeve-Wood Eye Center reported a data breach to the California Attorney General's office. No specific details were provided as to the scope of the breach, type of breach or individuals affected.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

November 13, 2014 U.S. Weather System
Washington, District Of Columbia
GOV HACK

Satellite systems that forecast weather

Officials from the National Oceanic and Atmospheric Administration (NOAA), which includes the National Weather Service, have notified officials of a data breach to the National Weather Service's satellite network.

Reports are stating "hackers from China breached the federal weather network recently, forcing cybersecurity teams to seal off data vital to disaster planning, aviation, shipping and scores of other crucial uses, officials said."

It appears the system was affected in September, but officials did not communicate that there was a problem until late October. an NOAA spokesman Scott Smullen did confirm that there were hacks and communicated that "incident response began immediately".

More Information: http://www.washingtonpost.com/local/chinese-hack-us-weather-systems-sate...

 

 
Information Source:
Media
records from this breach used in our total: 0

November 12, 2014 Onsite Health Diagnostics
Dallas, Texas
MED HACK

60,582

Dallas-based Onsite Health Diagnostics, a third party contractor with state of Tennessee,  who completes medical testing and health screenings for various government insurance plans has suffered a data breach. The company discovered hackers had gained access to a computer system that houses personal information for members of the Tennessee's State Insurance Plan, Local Government Insurance Plan and Local Education Insurance plan.

The information affected in the breach included health benefit member names, dates of birth, addresses, emails, phone numbers and gender.

More Information: http://www.healthcareitnews.com/news/hackers-swipe-data-60k-vendor-hipaa...

 

 
Information Source:
Media
records from this breach used in our total: 0

November 10, 2014 US Postal Service
Washington, District Of Columbia
GOV HACK

800,000

The US Postal Service is releasing information today that they have been the victim of a cyber attack with Chinese hackers being suspected of hacking into their computer networks compromising the information of over 800,000 employees.

Currently the FBI is investigating the breach and it appears that information obtained included names, dates of birth, Social Security numbers, addresses, dates of employment. According to officials, all postal service employees were affected and they are not yet clear why their information was of interest to these hackers. They are not seeing any evidence of customer information being compromised. The investigators are calling the hackers "sophisticated actors".  More information will be posted as additional information comes out with the investigation.

More Information: http://www.washingtonpost.com/blogs/federal-eye/wp/2014/11/10/china-susp...

 
Information Source:
Media
records from this breach used in our total: 800,000

November 10, 2014 Anthem Blue Cross
Southern and Northern California cities, California
BSF DISC

Unknown

Anthem Blue Cross in California sent text emails with personal details about individuals health information and member specific demographic information such as age, language spoken, specific medical test received or not received as part of the text message.

The company is reviewing whether or not they have to report this information as part of the specific notification laws in California, which does include the breach of medical history, mental or physical condition, medical treatment or diagnosis by a health care professional.

A spokesperson for Blue Cross stated that they are investigating the incident.

More Information: http://bits.blogs.nytimes.com/2014/11/10/oops-health-insurer-exposes-mem...

 

 
Information Source:
Media
records from this breach used in our total: 0

November 10, 2014 Central Dermatology Center
Chapel Hill, North Carolina
MED HACK

Unknown

Central Dermatology Center notified patients of a data breach to their system when malware was found on one of their servers.

The information compromised included patient names, addresses, phone numbers, dates of birth, Social Security Numbers, sex, treatment dates, account balances, email addresses, insurer, providers, employers and race.

Currently, the center has hired an forensic IT firm to investigate the breach. They did not provide the number of individuals at risk.

More Information: http://healthitsecurity.com/2014/11/10/potential-health-data-breach-hits...

 

 
Information Source:
Media
records from this breach used in our total: 0

November 7, 2014 Jessie Trice Community Health Center
Miami, Florida
MED HACK

8,000

Jessie Trice Community Health Center announced a data breach when members of an identity theft ring accessed the personal information of 8,000 patients.

The informaton accessed included names, dates of birth and Social Security Numbers. No medical information was compromised according to the facility.

The FBI and the IRS are currently investigating the breach.

More Information: http://www.clinical-innovation.com/topics/privacy-security/identity-thef...

 
Information Source:
Media
records from this breach used in our total: 8,000

November 3, 2014 Fidelity National Financial
Jacksonville, Florida
BSF HACK

Unknown

Fidelity National Financial, Inc (FNF) informed customers of a breach to their system due to a targeted phishing attack to certain employees.

FNF is the parent company of Ticor Title Company of Oregon, Ticor Title of Nevada, Inc., Lawyers Title Company, and Lawyers Title of Oregon, LLC, which provides title insurance and real estate settlement services in Oregon, Nevada, and/or California.

From April 14, 2014 and April 16, 2014 a certain number of employees were targeted in a phishing attack that allowed the hackers to obtain username and password information for employees of the company. The company hosts their email with a third party vendor and after investigating did not find any evidence that the hackers were able to breach FNF's internal network or systems.

However, the investigation did reveal that personal information was obtained including Social Security numbers, bank account numbers, credit/debit card numbers and driver's license numbers.

The company is offering 12 months free of AllClear ID to those affected. Those affected can call 1-877-676-03741-877-676-0374 to reach an AllClear investigator.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47112

 
Information Source:
California Attorney General
records from this breach used in our total: 0

November 3, 2014 Palm Springs Federal Credit Union
Palm Springs, California
BSF PORT

Unknown

The Palm Springs Federal Credit Union was conducting an audit of their systems and realized that one of their external hard drives that contained customer data was missing.

The information contained on the drive included customer names, addresses, Social Security Numbers and account numbers.

The credit union is offering AllClearID and AllClearID Pro for 12 months at no cost to those who were affected by this breach. For those with questions they can call 1-866-979-25951-866-979-2595 or the credit union at dpitigliano@palmspringsfcu.com.

More Information: http://oag.ca.gov/ecrime/databreach/reports/sb24-47289

UPDATE (1/16/2015): The National Credit Union Administration has announced that it will be paying Palm Springs Federal Credit Union $50,000 to help cover expenses incurred due to a data breach the credit union suffered. The regulatory agency is taking responsibility for the breach.

More Information: http://www.bankinfosecurity.com/agency-takes-responsibility-for-breach-a...

 
Information Source:
California Attorney General
records from this breach used in our total: 0

Showing 1-50 of 4489 results


X

Sign In!

Loading