Chronology of Data Breaches
Security Breaches 2005 - Present

Posted Date: April 20, 2005
Updated Date: December 31, 2013

Is this your first visit to our Chronology of Data Breaches?

  • Read our FAQ about what we define as a breached record, how we calculate the "total" records breached, our data sources, state breach notice laws, studies and other resources

  • Learn how to use our Chronology and take advantage of its sophisticated search and sort features

  • Get our RSS Feed to see when we add new breaches to the list

What would you like to do?

Chronology of Data Breaches

Custom Sort
Select your desired results. Then click "Go!"

Click or unclick the boxes then select go.


Select features, then click GO.



Help Guide

Can't find the sort feature you're looking for? Click here to download a CSV file of the data breach list as it exisits today.
Breach Total
867,188,052 RECORDS BREACHED
(Please see explanation about this total.)
from 4,253 DATA BREACHES made public since 2005

Save or Print PDF of Entire Breach List including introduction.Save or Print a PDF of Entire Breach List (including introductory FAQ)

Filter breach list before saving or printing PDF. Conduct a search of the Chronology using its sorting features, and Save or Print a PDF of your search results (Select filters)

If you do not have access to PDF, you can print the Chronology in landscape view.

Date Made Publicsort icon Name Entity Type
May 16, 2013 DENT Neurologic Institute of Amherst
Amherst, New York
MED DISC

10,200 (No SSNs or financial information exposed)

An administrative error led to the personal information of 10,200 patients being emailed to 200 patients.  Names, addresses, date of last appointment, visit type, primary care physician, referring physician, email addresses, and whether or not the patient was actively receiving treatment were in an Excel attachment of an email that was sent to unspecified parties. The recipients were called and instructed to delete the email.

 
Information Source:
Media
records from this breach used in our total: 0

May 16, 2013 Weather Shield
Medford, Wisconsin
BSO UNKN

Unknown

A total of 55 current and former Weather Shield employees across the country discovered that someone had stolen their identities and filed fraudulent tax refunds.  Several employees who were victims of identity theft in 2012 discovered that they had been affected again when filing their taxes in April of 2013. It is unclear how the 2012 or 2013 breaches occurred.

 
Information Source:
Media
records from this breach used in our total: 0

May 16, 2013 City of Akron
Akron, Ohio
GOV HACK

47,452 (Unknown number of Social Security numbers)

The City of Akron's website and internal systems were hacked by a foreign group.  Files with 47,452 entries were posted online.  Names, Social Security numbers, account numbers, credit card numbers, credit card expiration dates, addresses, and other information were in the files.  The hacking attack appears to be part of an organized international effort to hack into various U.S. government websites.

 
Information Source:
Media
records from this breach used in our total: 0

May 15, 2013 El Centro Regional Medical Center
El Centro, California
MED PHYS

189,489

El Centro Regional Medical Center is claiming that they were defrauded by an unnamed company.  The company was responsible for digitizing El Centro Regional's x-rays, but never returned the digitized version.  The process should have been completed by the end of July.  The original x-rays were most likely taken and destroyed to extract silver.

UPDATE (05/18/2013): The information on the records was as recent as February 2011.  El Centro Regional Medical Center learned of the issue on March 22, 2013.  Patients were notified on May 13.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 189,489

May 15, 2013 OptiNose US Inc.
Yardley, Pennsylvania
MED PORT

Unknown

An unencrypted laptop was stolen from an employee's car.  It may have contained names, Social Security numbers, and personal information related to people who worked at OptiNose.

 
Information Source:
Media
records from this breach used in our total: 0

May 14, 2013 Presbyterian Anesthesia Associates, E-dreamz, Pledmont Healthcare
Charlotte, North Carolina
MED HACK

9,988

A hacker took advantage of a security flaw in Presbyterian Anesthesia Associates' website and gained access to a database of patient information.  Names, credit card numbers, dates of birth, and contact information may have been exposed.

UPDATE (05/15/2013): E-dreamz was the organization that hackers breached.  Patients from Pledmont Healthcare may have also been affected by E-dreamz's breach.  Names, addresses, phone numbers, email addresses, and credit card numbers may have been exposed.  Social Security numbers were not among the data that could have been exposed.

 
Information Source:
Media
records from this breach used in our total: 9,988

May 13, 2013 80sTees.com
Mount Pleasant, Pennsylvania
BSR HACK

Unknown

Unauthorized activity was detected on the 80sTees.com website.  Customers may have had their credit or debit card information exposed.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

May 13, 2013 Adobe, Washington Administrative Office of the Courts
Olympia, Washington
BSO HACK

160,000

An official notice can be viewed here: http://www.courts.wa.gov/newsinfo/?fa=newsinfo.displayContent&theFile=dataBreach/commonQuestions

Up to 160,000 people may have had their information exposed by a breach.  Anyone who was booked into a city or county jail int he state of Washington between September of 2011 and December of 2012 may have had their Social Security number exposed.

Additionally, three classes of people may have had their names and driver's license information exposed.  First, people who received a DUI citation between 1989 and 2011 in the state of Washington may have had their names and drivers' license numbers exposed. Anyone who had a traffic case filed or resolved in a district or municipal court between 2011 and 2012 may have been affected. Finally, anyone who had a criminal case in Washington filed against them or resolved between 2011 and 2012 may have had their name and driver's license number exposed.

 

 
Information Source:
Media
records from this breach used in our total: 16,000

May 11, 2013 Regional Medical Center
Memphis, Tennessee
MED DISC

1,200 

Those with questions may call 1-855-716-3627 for more information.

Some patients who were treated at an outpatient facility between May 1 of 2012 and January 31 of 2013 had their information attached to emails that went out to an unspecified organization or organizations.  Three emails that were not secure were sent on October 29 and November 1 of 2012 and February 4, 2013.  Patient names, Social Security numbers, account numbers, dates of birth, home phone numbers, and reasons for outpatient physical therapy services may have been exposed.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 1,200

May 10, 2013 Indiana University Health Arnett
Lafayette, Indiana
MED PORT

10,300 (No SSNs reported)

The theft of an employee's unencrypted laptop resulted in the exposure of patient information.  The laptop was stolen from an employee's car on April 9 and contained email records.  Patient names, medical record numbers, dates of birth, physician names, diagnoses, and dates of service may have been exposed. 

 
Information Source:
Media
records from this breach used in our total: 0

May 10, 2013 PHH Corporation
Suwanee, Georgia
MED INSD

6,700 

A former employee was indicted on charges related to misuse of applicant and employee personal information.  Employee names, Social Security numbers, dates of birth, telephone numbers, email addresses, addresses, I-9 alien registration numbers, and other personal information may have been exposed.  The issue was discovered on April 3.  

 
Information Source:
California Attorney General
records from this breach used in our total: 6,700

May 10, 2013 Coinbase
San Francisco, California
BSR DISC

Unknown

A flaw in Coinbase's systems cause the information of some merchants to be exposed.  Any merchant who created a "buy now" button, donate button, or hosted a payment page using Coinbase's Merchant Tools and posted a public link to it online had the page publicly visible on the internet.  The page contained the company name, website, phone number, email address, and mailing address.  Additionally, anyone could search for public Coinbase merchant payment pages and collect the email addresses of merchants. At least one phishing attack targeted merchants with an email that appeared to come from Coinbase.

 
Information Source:
Media
records from this breach used in our total: 0

May 10, 2013 Equity Trust Company
Elyria, Ohio
BSF HACK

Unknown

An unauthorized third party accessed Equity Trust Company's computer network.  The breach was discovered at the end of January 2013 and notification letters were sent on April 15.  Equity Trust customers may have had their names, Social Security numbers, addresses, and other information viewed by online intruders.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

May 9, 2013 Administrative Office of the Courts - Washington
Olympia, Washington
GOV HACK

1,000,000 (160,000 SSNs)

The Administrative Office of the Courts provided a website for additional information: www.courts.wa.gov/databreach

Those with questions may call 1-800-448-5584

A breach of the Administrative Office of the Courts' server resulted in the exposure of one million driver's license numbers between fall of 2012 and February of 2013.  It was confirmed that at least 94 people had their Social Security numbers accessed.  Up to 160,000 Social Security numbers could have been accessed. 

In April the court was able to confirm that public records and confidential information were exposed.  People who were booked in a city or county jail within the state of Washington between September 2011 and December 2012 may have had their name and Social Security number accessed.  Anyone who received a DUI citation in Washington state between 1989 and 2011, had a superior court criminal case in Washington state that was filed against them or resolved between 2011 and 2012, or had a traffic case in Washington filed or resolved in a district or municipal court between 2011 and 2012 may have had their names and driver's license numbers exposed.

 
Information Source:
Media
records from this breach used in our total: 160,000

May 9, 2013 Lutheran Social Services of South Central Pennsylvania
York, Pennsylvania
MED HACK

7,300

Lutheran Social Services became aware of a malware program that was on its software system.  Resident names, Social Security numbers, dates of birth, Medicare numbers, medical diagnosis codes, payer names, and health insurance numbers may have been exposed.  The breach was discovered in March and Lutheran Social Services had not involved investigators or police as of May 9.

 
Information Source:
Media
records from this breach used in our total: 7,300

May 8, 2013 Name.com
Denver, Colorado
BSO HACK

Unknown

Hackers accessed Name.com servers and may have obtained usernames, email addresses, passwords, and credit card account information.  Customer passwords and credit card information were encrypted.  Customers were notified of the breach and received an email asking them to reset their passwords.

 
Information Source:
Media
records from this breach used in our total: 0

May 8, 2013 Linode.com
Galloway, New Jersey
BSO HACK

Unknown

This notice appeared on Linode's website on April 16, 2013: https://blog.linode.com/2013/04/16/security-incident-update/

Those with questions may email support@linode.com.

Hackers exploited an Adobe vulnerability and used it to access Linode Manager web servers.  One of Linode's web servers, parts of their source code, and their database were accessed.  No other components of the Linode infrastructure were accessed by the hackers.  Encrypted customer credit card numbers and passwords were obtained.  The group HTP claimed responsibility for the hack. 

 
Information Source:
Media
records from this breach used in our total: 0

May 8, 2013 Department of Family and Support Services (DFSS)
Chicago, Illinois
GOV STAT

Unknown

Nearly $41,000 in computer equipment was reported stolen from the Department of Family Support Services on May 7.  The Division on Domestic Violence and a satellite senior center share the building where the theft occurred.  The types of information that may have been on the device or devices were not reported.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

May 7, 2013 Tomren Wealth Management
San Ramon, California
BSF HACK

Unknown

A server with client information was accessed by an unauthorized outside party between February 21 and March 6, 2013.  The attack was an attempt to use the server for spam emailing.  Client names, Social Security numbers, driver's license information, and FSC broker account numbers may have been accessed.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

May 7, 2013 Raleigh Orthopaedic Clinic
Raleigh, North Carolina
MED PHYS

17,300 

Raleigh Orthopaedic Clinic contracted with a vendor in order to have information from X-ray films transferred into electronic format.  The X-ray film was actually sold by the unnamed vendor and melted harvest for silver by a recycling company in Ohio. Patient names and dates of birth were on the film.  The Clinic does not believe that personally identifiable information was on the film.

 
Information Source:
Media
records from this breach used in our total: 0

May 7, 2013 Mapco
Brentwood, Tennessee
BSR CARD

Unknown

Customers who made purchases between March 19-25, April 14-15, or April 20-21 may have had their credit or debit card information compromised.  Tennessee and six other Southern states may have been affected by the breach. It is not clear if the payment card information was taken inside the stores or outside of the stores at gas pumps.

UPDATE (06/10/2013): The accounts of consumers who used payment cards at 373 Mapco Express stores may have been affected. Two additional locations in Tennessee were affected on April 14 and 15. There are unnamed stores that may have been affected on April 20 and 21.

UPDATE (07/08/2013): Three lawsuits have been filed as a result of data stolen in three MAPCO breaches that occurred in March, April, and June.

 
Information Source:
Media
records from this breach used in our total: 0

May 6, 2013 California Department of Public Health (CDPH)
Sacramento, California
GOV PHYS

2,000

Those with questions may call (855) 737-1796.

A reel containing images of 2,000 State of California Birth Records from May through September of 1974 was found in a publicly accessible location.  Names, Social Security numbers, addresses, and certain types of medical information were in the birth record images.  People in Santa Clara, Santa Cruz, Shasta, Siskiyou, Solano, Sonoma, Stanislaus, Sutter, or Tehama counties and who were born or had a child born in 1974 between May and September were affected.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 2,000

May 3, 2013 University of Rochester Medical Center
Rochester, New York
MED PORT

537 (No SSNs or financial information exposed)

The loss of an unencrypted flash drive exposed sensitive patient information.  The flash drive contained name, date of birth, weight, gender, telephone number, URMC internal medical record number, orthopaedic physician name, date of service, diagnosis, diagnostic study, procedure, and complications.  The flash drive is believed to have been destroyed after ending up in the medical center laundry. It was not found.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

May 3, 2013 Schoenbar Middle School
Ketchikan, Alaska
EDU HACK

Unknown

A ring of middle school students were able to gain access to and control of more than 300 computers by phishing for teacher administrative codes.  At least 18 students were involved.  The breach happened when students used software to imitate a legitimate software update on their computers.  The students then asked teachers to enter administrative account information so that they could complete the software updates or installations.  The phony software then stored teacher credentials.  The students were then able to control 300 laptops belonging to other students by using the administrative credentials.  The school believes that servers and sensitive information were not exposed.  The breach occurred around Friday, April 26 and was discovered on Monday, April 29 when students noticed that other students appeared to be controlling student laptops remotely and reported the issue.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

May 2, 2013 Reputations.com
Redwood, California
BSO HACK

Unknowm

Reputation.com experienced a hack that exposed customer names, email addresses, mailing addresses, date of birth, and employment information. Additionally, some customers had their encrypted passwords stolen.  Reputation.com immediately reset all customer passwords after learning about the breach.  Customers are encouraged to change their passwords on other sites if they reused their Reputation.com password.

 
Information Source:
Media
records from this breach used in our total: 0

May 2, 2013 Spellman High Voltage Electronics Corporation
Valhalla, New York
BSR INSD

Unknown

A disgruntled employee announced his resignation and then was caught copying files from his computer to a flash drive.  Employees at Spellman began experiencing transaction and intranet disruptions after the disgruntled employee left even though his access to company servers was disabled after discovery of his suspicious activities.  The events began to occur sometime around January of 2012.  An investigation of the events led to the arrest of the former employee and federal prosecutors claim that he caused enough mayhem to cost Spellman over $90,000 by using his knowledge of Spellman's computer system and stolen passwords.  The former employee pleaded not guilty.

 
Information Source:
Media
records from this breach used in our total: 0

May 1, 2013 U.S. Department of Labor
Washington, District Of Columbia
GOV HACK

Unknown

The Department of Labor's website was found to have been infected with malware that spreads to visitors using the web browser Internet Explorer.  Microsoft had already released a patch to address the Internet Explorer vulnerability and the malware targets users who have not taken advantage of the patch.

 
Information Source:
Media
records from this breach used in our total: 0

May 1, 2013 U.S. Army Corps of Engineers' National Inventory of Dams
Washington, District Of Columbia
GOV HACK

Unknown

Users of the National Inventory of Dams received notification that their information was reset after a hack may have compromised usernames and passwords.  Hackers obtained non-public information of around 8,100 major dams in the United States by breaching the database.  The information included dam vulnerabilities and could be used by cyber terrorists.  

 
Information Source:
Media
records from this breach used in our total: 0

May 1, 2013 Lakeshore Mental Health Institute, Middle Tennessee Mental Health Institute
Knoxville, Tennessee
MED PHYS

Unknown

Patient records were found on the floor at an abandoned hospital building named Waterside.  The woman who discovered them was a former Lakeshore employee and she alerted a local news station.  Names, Social Security information, case numbers, dates of birth, and other patient information were exposed.

UPDATE (06/27/2013): At least 20 boxes of patient records were found in an abandoned building at the Clover Bottom Campus of the Middle Tennessee Mental Health Institute.  The records dated back to the 1980's and had been reviewed to confirm which had sensitive information that needed to be destroyed.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

April 29, 2013 Hope Hospice
New Braunfels, Texas
MED DISC

818 (No SSNs reported)

Those with questions may call CEO Debra Houser-Bruchmiller's office at 800-499-7501.

An employee used an unsecured email to send sensitive patient information.  Two separate administrative violations occurred on December 27, 2012 and on February 22, 2013. The issue was discovered on February 25.  The information was secured on February 28, 2013.  Patient names, referral sources, Hospice admission and discharge dates, the names of insurance providers, and chart numbers may have been exposed. 

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

April 29, 2013 Gomez Gasoline and Automotive
Watsonville, California
BSR CARD

50

Those with information or questions about the investigation may call 831-768-3350 or the anonymous tip line at 831-768-3544.

More than 50 reports of credit card fraud have been traced to people who were customers at Gomez Gasoline and Automotive.  Police suspect that a credit-card skimming device was placed on one or more gas pumps.  The skimming devices have been spotted at other gas stations.

 
Information Source:
Media
records from this breach used in our total: 50

April 28, 2013 Orthopedic Physician Associates, Proliance Surgeons
Seattle, Washington
MED PORT

Unknown

Proliance Surgeons' breach notice can be found here: http://proliancesurgeons.adhostclient.com/images/PDF/websitenotice.pdf. 

Those with questions may call 1-888-608-7344 or email hipaa@proliancesurgeons.com

An employee's car was the target of an April 1 break-in.  A company laptop and 10 patient files were taken during the car theft.  The paper files were recovered, but the laptop also contained patient information.  Names, Social Security numbers, addresses, telephone numbers, health insurance information, names of providers, and the reasons for patients' appointments may have been included in emails stored on the laptop.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

April 26, 2013 LivingSocial
Washington, District Of Columbia
BSO HACK

29 million (no SSNs or financial information reported)

As many as 50 million LivingSocial members may have had their names, email addresses, dates of birth, and encrypted passwords exposed by a cyber attack.  Customer credit card information was not compromised.  Customers were encouraged to change their passwords on any other sites on which they used the same or similar passwords.

UPDATE (05/03/2013): As many as 50 million acounts may have been affected.  It is estimated that 29 million people used LivingSocial and many had multiple accounts.

 
Information Source:
Media
records from this breach used in our total: 0

April 26, 2013 Life Flight (IHC Health Services Inc.)
Aurora, Oregon
MED DISC

842 (107)

An administrative error caused the information of patients flown by Life Flight helicopters to be available online.  Patients flown during April, May, and June of 2004 may have had unspecified information exposed.  It was confirmed that 107 patients had their Social Security numbers exposed.  It is unclear how long the information was available and if patients flown during additional months may have been affected.  The information was moved to a secure server to address the breach.

UPDATE (05/17/2013): The sensitive information was available online as early as October 12, 2009.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 107

April 26, 2013 Upstate University Hospital
Syracuse, New York
MED PORT

283 (No SSNs or financial information reported)

A portable electronic device was stolen from Upstate University Hospital on March 30 or 31.  It contained the names, hospital medical record numbers, dates of birth, and diagnosis information of patients.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

April 25, 2013 Child and Family Services of New Hampshire
Manchester, New Hampshire
MED PHYS

23 (No SSNs or financial information exposed)

Someone took 23 files from a secure area in the Child and Family Services of New Hampshire main office sometime between March 15 and March 18.  The breach was discovered on March 19.  The files contained client names, dates of birth, addresses, Medicaid numbers, notes from home visits, and other health information related to home visits.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

April 24, 2013 City of Berkeley
Berkeley, California
GOV DISC

11,000

A media group who regularly collects public employee salary and benefit information released Social Security numbers after they were mistakenly included in a file that the City of Berkeley provided.  The information was sent by Berkeley in March and the mistake was discovered in early April.  Around 2,000 active staff members and 9,000 retirees were affected.  mistakenly released the Social Security numbers of the employees as well.  

 
Information Source:
Media
records from this breach used in our total: 11,000

April 23, 2013 Portal Healthcare Solutions, Glens Falls Hospital
Glens Falls, New York
MED DISC

2,300 (No SSNs reported)

Two patients ran a google search of their names and were able to find their medical information online.  Doctors' reports with medications, medical treatments, lab information, future and past treatment plans, physical examination information, and lifestyle information could be downloaded by anyone who found the information online.  The documents were from November 2012 through January 2013 and discovered online in mid-March.  Portal Healthcare secured the sensitive information on its servers on March 14.  A lawsuit was filed against Glens Falls Hospital, Portal Healthcare Solutions LLC, and Carpathia Hosting in mid-April for patient privacy violations.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

April 23, 2013 Hostgator
Houston, Texas
BSO INSD

Unknown

An employee was found to have installed backdoors on more than 2,700 company servers.  The issue was discovered the day after the dishonest employee was dismissed.  He worked for Hostgator from September 2011 to February 15, 2012. The dishonest employee was arrested and charged with breach of computer security.

 
Information Source:
Media
records from this breach used in our total: 0

April 23, 2013 Kmart, Sears
Little Rock, Arkansas
BSR PORT

788 ("a few hundred" SSNs involved)

An assistant manager was forced to open a Kmart safe and give a thief access to $6,000 in cash and an unencrypted backup disk with a day's worth of customer information.  The backup disk contained names, addresses, dates of birth, prescription numbers, prescription providers, insurance cardholder IDs and drug names.  The armed robbery occurred on March 17.

 
Information Source:
Media
records from this breach used in our total: 200

April 23, 2013 Macy's
Lafayette, Indiana
BSR DISC

Unknown

A man guessed or accessed the Social Security numbers of Macy's customers in order to exploit a Macy's policy for the purpose of making fraudulent purchases.  He then created ID cards that paired his picture with the customer information.  A Macy's policy allowed him to charge purchases to the accounts of other Macy's customers by using their Social Security numbers and showing his falsified IDs.  

 
Information Source:
Media
records from this breach used in our total: 0

April 23, 2013 City of Monroeville
Monroeville, Pennsylvania
MED DISC

Unknown

A number of inappropriate security practices may have exposed the information of people who called Monroeville's 911 dispatch center, police department, fire department, or EMS department in 2012 or 2013.  Monroeville is being investigated for possible violations of federal health privacy laws.  An August 2012 complaint to the U.S. Department of Health and Human Services' Office for Civil Rights stated that protected health information may have been given to a former police chief via email and that weak and poorly managed usernames and passwords were used to access a database of 911 callers' medical information.

UPDATE (07/18/2013): Monroeville 911 records from August 2010 through February 2013 were available to volunteer firefighters and former and inacitive emergency responders.  There was no protocol in place for removing the former personnel from the list of people who received 911 dispatch data.

 
Information Source:
Media
records from this breach used in our total: 0

April 23, 2013 OneWest Bank
Pasadena, California
BSF HACK

Unknown

A OneWest service provider suffered an unauthorized network intrusion during the first quarter of 2011.  OneWest client names, Social Security numbers, addresses, dates of birth, phone numbers, driver's license numbers, and passport numbers may have been exposed.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

April 17, 2013 Erlanger Health System, Erlanger Hospital
Chattanooga, Tennessee
MED PHYS

87 

Erlanger Health System sent notes to 87 families and apologized for an incident that left the patient records of children exposed.  The records contained names, Social Security numbers, phone numbers, and dianosis information.  Erlanger has not been made aware of the records being used in an unauthorized manner.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 87

April 17, 2013 Arizona Counseling and Treatment Services (ACTS), Cenpatico Behavioral Health of Arizona
Yuma, Arizona
MED PORT

3,000 (No SSNs reported)

The home theft of any employee's laptop and external drive resulted in the exposure of patient information.  The theft occurred sometime between March 18 and March 25; other items were stolen besides the laptop and hard drive.  Neither the laptop nor the hard drive were encrypted. Patients who visited either Cenpatico or its contractor ATS between 2011 and 2013 may have had their names, dates of birth, and treatment plans exposed.

UPDATE (04/17/2013): More than 3,000 patients were affected by the breach.

 
Information Source:
Media
records from this breach used in our total: 0

April 16, 2013 Schneck Medical Center
Seymour, Indiana
MED DISC

3,000 (no SSNs or financial information reported)

A Schneck Medical Center employee gave a presentation that was later placed online.  People who searched through the files from the presentation could find the names of 3,000 Schneck Medical Center patients.  The presentation was removed from online and Google removed all cached information from the Internet.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

April 16, 2013 Iberdola USA, Central Maine Power
Augusta, Maine
BSO HACK

5,100 (No SSNs or financial information reported)

A hack of Iberdrola USA's recruitment website may have exposed the information of anyone who applied for a job at Central Maine Power or any of its sister companies since January 2007.  Rochester Gas and Electric Corp and New York State Electric and Gas Corp. were also affected.

 
Information Source:
Media
records from this breach used in our total: 0

April 15, 2013 Wawa
Burlington, New Jersey
BSF CARD

Unknown

Customers who shopped at a Wawa on Salem Road in Burlington, New Jersey noticed fraudulent purchases on their credit cards.  Investigators were able to trace the fraud to four people and arrest them. The four men were charged with credit card theft, credit card fraud, identity theft, and having electronic devices for criminal use.  More victims are expected to be found.

 
Information Source:
Media
records from this breach used in our total: 0

April 12, 2013 Chapman University
Orange, California
EDU DISC

Unknown

An administrative error caused the personal information of some students to be exposed online.  The issue was discovered on February 27.  Authenticated users of Chapman's on-campus network could have viewed names, Social Security numbers, student identification numbers, and dates of birth.  The documents were blocked from access by unauthorized users once the breach was discovered.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

April 12, 2013 Pentagon
Washington, District Of Columbia
GOV UNKN

Unknown

Lawyers working with Guantanamo Bay detainees had to pause their work after being told to stop using the Pentagon's computer system.  An unspecified issue left over 500,000 emails unsafe to access or deleted from a Pentagon common drive. The breach left defense files unsecured and it may have been possible for prosecutors to view confidential defense emails.

 
Information Source:
Media
records from this breach used in our total: 0

Breach Total
867,188,052 RECORDS BREACHED
(Please see explanation about this total.)
from 4,253 DATA BREACHES made public since 2005
Showing 501-550 of 4253 results


X

Sign In!

Loading