Chronology of Data Breaches
Security Breaches 2005 - Present

Posted Date: April 20, 2005
Updated Date: December 31, 2013

Is this your first visit to our Chronology of Data Breaches?

  • Read our FAQ about what we define as a breached record, how we calculate the "total" records breached, our data sources, state breach notice laws, studies and other resources

  • Learn how to use our Chronology and take advantage of its sophisticated search and sort features

  • Get our RSS Feed to see when we add new breaches to the list

What would you like to do?


Click or unclick the boxes then select go.


Select features, then click GO.



Help Guide

Can't find the sort feature you're looking for? Click here to download a CSV file of the data breach list as it exisits today.
Breach Total
864,188,052 RECORDS BREACHED
(Please see explanation about this total.)
from 4,252 DATA BREACHES made public since 2005

Save or Print PDF of Entire Breach List including introduction.Save or Print a PDF of Entire Breach List (including introductory FAQ)

Filter breach list before saving or printing PDF. Conduct a search of the Chronology using its sorting features, and Save or Print a PDF of your search results (Select filters)

If you do not have access to PDF, you can print the Chronology in landscape view.

Date Made Publicsort icon Name Entity Type
April 10, 2013 Schnuck Markets Inc.
St. Louis, Missouri
BSR HACK

Unknown

A lawsuit was filed against Schnucks Markets Inc. after customers learned that Schnucks failed to warn customers about a data breach within two weeks.  On March 15, Schnucks learned that a portion of their loyalty cards were affected, but waited until March 30 to send a press release.   Customer payment card numbers and expiration dates were exposed through a magnetic strip swiping security breach. No customer names were exposed.

UPDATE (04/15/2013): The breach affected about 2.4 million customer debit and credit cards at 79 Schnucks locations.  Payment cardholders' contact and identifying information were not exposed.  Customers who visited a Schnucks between December of 2012 and March 29, 2013 may have been affected.

UPDATE (05/24/2013): A class action lawsuit was filed against Schnuck Markets in early May.  Schnuck Markets claims that the the lawsuit belongs in federal court because of the case's scope and damages.  The lawsuit sought damages from Schnucks for time and effort that affected individuals had to put into monitoring and managing compromised credit card information.  The lawsuit also alleges Schnucks of willful and wanton neglect, a charge for which punitive damages are available under Illinois law.  However Schnucks states that the "time and effort" claims for Illinois alone easily exceed the $5 million threshold for federal consideration.

UPDATE (06/21/2013): A new estimate from Schnucks states that 500,000 unique credit or debit cards may have been involved.

UPDATE (07/11/2013): After a review, the Missouri Attorney General's office has stated that Schnuck Markets did not violate state data security law.

UPDATE (08/31/2013): Liberty Mutual Insurance Co. is suing Schnuck Markets Inc. Liberty Mutual claims that it should not be held liable for eight lawsuits filed against Schnucks.

 
Information Source:
Media
records from this breach used in our total: 0

April 9, 2013 VUDU
Santa Clara, California
BSO PORT

Unknown

Those with questions may call 855-968-8838 or email passwordreset@vudu.com.

A March 24, 2013 VUDU office theft resulted in the exposure of customer information.  Hard drives with customer names, addresses, email addresses, account activity, dates of birth, and encrypted passwords were stolen.  Customers who used their VUDU passwords for other sites should change the passwords on other sides as well.

 
Information Source:
Media
records from this breach used in our total: 0

April 9, 2013 Kirkwood Community College
Cedar Rapids, Iowa
EDU HACK

125,000

Hackers accessed Kirkwood Community College's website and applicant database system on March 13.  Anyone who applied to a Kirkwood Campus may have had their names, Social Security numbers, dates of birth, race, and contact information exposed.  People who applied to take Kirkwood college-credit classes between February 25, 2005 and March 13, 2013 were affected.

 
Information Source:
Media
records from this breach used in our total: 125,000

April 9, 2013 Hospice Palliative Care of Alamance-Caswell, LifePath Home Health
Burlington, North Carolina
MED PORT

5,300 (Unknown number of Social Security numbers)

The February 24 burglary of three laptops resulted in the exposure of patient information.  The laptops were stolen from the hospital in addition to needles, syringes, and miscellaneous items.  The unencrypted laptops contained emails that had sensitive patient information.

 
Information Source:
Media
records from this breach used in our total: 0

April 9, 2013 Connextions, Anthem Blue Cross Blue Shield of Indiana, Anthem Blue Cross Blue Shield of Ohio, Empire Blue Cross Blue Shield of Indiana
Orlando, Florida
MED INSD

6,000

A Connextions employee used Social Security numbers from a number of other organizations for criminal activity.  At least four members of Anthem Blue Cross and Blue Shield were affected by the criminal activity.  The breach was reported on HHS as affecting 4,814 patients, but more were affected.

 
Information Source:
HHS via PHIPrivacy.net
records from this breach used in our total: 6,000

April 7, 2013 Works Bakery Cafe
Portland, Maine
BSR HACK

Unknown

Customers who used a debit or credit card at any Works Bakery Cafe location are advised to check their payment cards for fraudulent activity.  A breach occurred when malware was introduced to the Works Bakery Cafe computer system.  Locations in Durham, Manchester, Keene, Concord, Brattleboro Vermont, and Portland Maine were affected.

 
Information Source:
Media
records from this breach used in our total: 0

April 7, 2013 Agincourt Wallboard
Westbrook, Maine
BSR HACK

Unknown

On, January 19, Agincourt Wallboard notified employees of a breach of its payroll system.  Agincourt Wallboard became aware of the issue on January 17 when eight employees reported receiving a physical payroll check.  Someone had entered Agincourt Wallboard's payroll vendor and edited information without authorization so that the employees received a physical check rather than an electronic deposit.  The person who hacked into the payroll vendor also attempted to change the bank routing information for 10 of its employees.  Agincourt Wallboard is investigating how the hacker could have obtained the administrator's credentials and notified employees of the issue immediately.  Agincourt Wallboard also learned that five of the computers on its network were infected with malware called a Trojan horse.

 
Information Source:
Media
records from this breach used in our total: 0

April 5, 2013 Scribd
San Francisco, California
BSO HACK

100,000 (No SSNs or financial information exposed)

A hack affected less than 1% of Scribd's 50 million users. "A few hundred thousand" users had their passwords stolen.  Users who were affected received instructions for resetting passwords.  The passwords were encrypted and it is unlikely that hackers were able to decrypt and use the passwords before Scribd and Scribd users learned of the breach.

 
Information Source:
Media
records from this breach used in our total: 0

April 5, 2013 William Jennings Bryan Dorn VA Medical Center
Columbia, South Carolina
MED PORT

7,405

The February 11 theft of an unencrypted laptop from the respiratory department resulted in the exposure of patient information.  Veterans who were patients may have had their name, Social Security number, age, race, weight, and medical test results on the laptop.  The laptop was taken during regular clinic hours.

UPDATE (05/01/2013): A lawsuit has been filed by two veterans on behalf of people who were affected by the breach.

UPDATE (07/22/2013): The Dorn VA has motioned to dismiss the case.  On July 16 the Dorn VA said that it has not been proven that the records were improperly disclosed. It also argued that the plaintiffs never asserted that the records had been shown to another or unauthorized person.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 7,405

April 3, 2013 United HomeCare Services, Inc., United Home Care Services of Southwest Florida, LLC
Fort Myers, Florida
MED PORT

13,617

A total of 12,299 United HomeCare Services, Inc. clients were affected. Additionally, 1,318 United Home Care Services of Southwest Florida clients were affected. 

The January 8 theft of a billing manager's laptop resulted in the exposure of patient information.  It was stolen from the manager's car.  It contained client names, Social Security numbers, health plan numbers, dates of birth, and addresses dating as far back as 2002.  Some patients may have also had treatment service codes or diagnostic codes on the laptop.

 
Information Source:
HHS via PHIPrivacy.net
records from this breach used in our total: 13,617

April 3, 2013 Computer Sciences Corporation
Raleigh, North Carolina
BSO PORT

Unknown

A thumb drive with information from the Medicare Exclusion Database was placed on a thumb drive.  The thumb drive was discovered to be missing from the CSC facilities in Raleigh, North Carolina in early March; it had most likely been lost in late February.  The thumb drive contained names, Social Security numbers, federal tax Employer Identification numbers, dates of birth, and other information.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

April 2, 2013 Ellison Systems, Inc., Shoplet.com
New York, New York
BSR HACK

Unknown

A hacker may have accessed credit card information, names, and addresses associated with Shoplet accounts.  The breach was discovered on January 11, 2013.  A new firewall was installed and Ellison Systems, Inc. moved their database server to a more secure zone.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

April 1, 2013 Oregon Health and Science University
Portland, Oregon
MED PORT

4,022 (Nine Social Security Numbers reported)

The theft of a surgeon's unencrypted laptop resulted in the exposure of patient information.

UPDATE (04/25/2013): The laptop was stolen from a surgeon's Hawaii rental home and was used for research purposes.  Any laptops used for patient care are required to be encrypted while laptops used for research are not required to be encrypted.  The laptop was used to access emails related to patient care such as patient names, medical record numbers, types of surgery and dates of surgery, times and locations of surgery, gender, age, and name of surgeon and anesthesiologist information.  Nine patients had their Social Security numbers exposed.

 
Information Source:
Media
records from this breach used in our total: 9

April 1, 2013 Granger Medical Clinic
West Valley City, Utah
MED PHYS

2,600 (No SSNs or financial information reported)

A total of 2,600 medical appointment records disappeared before they could be shredded.  The records contained patient names, dates of appointments, times of appointments, and reason for appointment.  No medical claim information, financial information, or Social Security numbers were exposed.

 
Information Source:
Media
records from this breach used in our total: 0

April 1, 2013 Tennis Express, American Express
Houston, Texas
BSR HACK

Unkown

A hacker or hackers accessed Tennis Expresses computer network on or around December 19, 2012.  The breach was discovered in mid-February of 2013.  The issue was caused by a vulnerability in a third party vendor program.  Names, addresses, credit card numbers, verification value, and expiration dates may have been exposed.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

March 31, 2013 Allen County
Lima, Ohio
GOV DISC

1,100

An administrative error caused the Social Security numbers and other personal information of Allen County employees to be available online for less than an hour.

 
Information Source:
Media
records from this breach used in our total: 1,100

March 29, 2013 Washington Department of Social and Health Services
Gig Harbor, Washington
GOV PORT

652

A private contractor working for the Department of Social and Health Services discovered that their laptop had been stolen on February 4.  The laptop was recovered in a pawn shop on February 14.  It contained the names, ID numbers, psychological evaluations, dates of birth, diagnoses, dates of services, addresses, and last four digits of Social Security numbers of clients.

UPDATE (10/14/2013): The private contractor was a psychologist who had his license suspended as a result of the incident.  The Washington State Department of Health suspended the license after a history of being charged with unprofessional conduct.  He is accused of misrepresenting the number of people who could be affected by the breach and failing to report it to the Department of Social and Health Services until five days after the breach.

 
Information Source:
Media
records from this breach used in our total: 652

March 29, 2013 American Express
New York, New York
BSF HACK

Unknown

Hackers were able to access and disrupt American Express' website. American Express was offline for two hours.  

 
Information Source:
Media
records from this breach used in our total: 0

March 28, 2013 MedStar Good Samaritan Nursing Center, Mid America Health, Inc. (MAH)
Baltimore, Maryland
MED PHYS

18 (Three Social Security Numbers reported)

A paper file was stolen from the car of a dental assistant who was treating residents at the MedStar Good Samaritan Nursing Center.  The file contained names, dates of birth, medical and dental evaluation information, medical and dental providers' names and license numbers, and the Social Security numbers of three residents.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 3

March 28, 2013 Tooele County
Tooele, Utah
GOV PORT

200

A former employee received a CD with the names and Social Security numbers of around 200 current and former employees when he requested his personnel file.  The disc may have held the information of employees who signed up for a specific dental insurance plan in 1996 and workers who joined the Utah Public Employees Association in 1999.  When the HR department realized their mistake they requested that the former employee return the CD.  He initially refused; he then gave the CD to the Tooele County Attorney's office.  

 
Information Source:
Media
records from this breach used in our total: 200

March 28, 2013 Citi
Irving, Texas
BSF DISC

Unknown

Current and former parties involved in a bankruptcy proceeding for a Citi loan may have had their information exposed.  Citi filed legal documents that should have been concealed but were accidentally made available online.  The information, which included personally identifiable and loan related information, could be exposed and read by any person who accessed court records.  The issue was addressed and Citi is not aware of any  instances where information was accessed.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

March 28, 2013 JPMorgan Chase
New York, New York
BSF HACK

Unknown

JPMorgan Chase's website was taken offline by a hacker or hackers. The website was made unavailable by a denial-of-service attack.  Chase.com was down for around a day.

 
Information Source:
Media
records from this breach used in our total: 0

March 28, 2013 Mid America Health
Greenwood, Indiana
MED PORT

Unknown

The theft of a laptop resulted in the exposure of patient information.  Names, Social Security numbers, dates of birth, residential facility names, and digital oral x-ray images may have been exposed.  Specific details of the case are being withheld until the breach investigation has concluded.  

The location of the breach is listed as the corporate headquarters of MAH.  Those with questions or concerns may contact the MAH Compliance Department at 1-855-224-0004.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

March 27, 2013 Rollins, Inc.
Atlanta, Georgia
BSO DISC

Unknown

An administrative error caused a mailing distribution to contain the Social Security numbers of some people.  Rollins learned of the issue on March 12.  The Rollins TODAY quarterly issue mailed during the week of March 4 contained Social Security numbers within a number sequence on the mailing label.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

March 26, 2013 Texas Tech University Health Sciences Center (TTUHSC)
Lubbock, Texas
MED DISC

700

Patients with questions may call (877) 272-0570.

An administrative error caused the billing statements of around 700 patients to be sent to the mailing addresses of other patients.  Patient names, account numbers, invoice numbers, charge amounts, dates of service, department and provider names, adjustment amounts, payments from insurance companies, amounts due, and total account balances may have been exposed.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 700

March 26, 2013 The Finish Line, Inc.
Indianapolis, Indiana
BSR PORT

Unknown

The January 11 theft of an employee's laptop resulted in the exposure of sensitive information.  The laptop was stolen from the employee's vehicle and contained names, Social Security numbers, and other information related to current and former Finish Line staff.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

March 22, 2013 Comfort Inn and Suites
Willard, Missouri
BSO INSD

Unknown

A dishonest employee working at a Comfort Inn and Suites in Willard, Missouri during 2009 worked with a conspirator to misuse the information of hotel customers.  They were ordered to pay restitution of $23,000.  The dishonest employee was sentenced to three years of probation and her accomplice was sentenced to 42 months for aggravated identity theft and conspiracy to commit wire fraud.

 
Information Source:
Media
records from this breach used in our total: 0

March 22, 2013 University of Mississippi Medical Center (UMMC)
Jackson, Mississippi
EDU PORT

Unknown

A laptop used by UMMC clinicians was discovered missing on January 22.  The password-protected laptop contained information from patients who entered the hospital between 2008 and 2013.  Patient names, Social Security numbers, addresses, diagnoses, medications, treatments, dates of birth, and other personal information may have been exposed.

UPDATE (04/25/2013): The laptop may have been lost or stolen in November of 2012.

 
Information Source:
Media
records from this breach used in our total: 0

March 22, 2013 Tallahassee Community College (TCC)
Tallahassee, Florida
EDU HACK

3,300

Federal investigators informed Tallahassee Community College that a hacker gained access to their main computer system.  The personal information of students who applied for financial aid may have been accessed.  It appears that an insider hacked into the computer system. Hacked 2011 TCC financial aid records were misused to file fraudulent tax refunds.  Federal Investigators told TCC when they traced where the information came from.

 
Information Source:
Media
records from this breach used in our total: 3,300

March 22, 2013 United Shore Financial Services, LLC
Troy, Michigan
BSF HACK

Unknown

A computer intrusion resulted in the exposure of names, Social Security numbers, contact information, dates of birth, driver's license numbers, and financial account information. The breach occurred sometime around December 2, 2012. 

 
Information Source:
California Attorney General
records from this breach used in our total: 0

March 22, 2013 OCS America, Inc.
Long Island City, New York
BSF HACK

Unknown

A phishing attack affected an OCS America computer on March 4, 2013.  The computer contained names, Social Security numbers, addresses, telephone numbers, dates of birth, job titles, and salary information.  It appears that only one computer was affected. 

 
Information Source:
California Attorney General
records from this breach used in our total: 0

March 22, 2013 TLO, LLC
Boca Raton, Florida
BSO HACK

Unknown

On January 15, 2013 TLO discovered that there had been limited fraudulent access to their system.  A hacker or hackers were able to access names, Social Security numbers, and driver's license numbers between August 2012 and January 2013. 

 
Information Source:
California Attorney General
records from this breach used in our total: 0

March 21, 2013 National Institute of Aerospace, National Aeronautics and Space Administration (NASA)
Hampton, Virginia
NGO INSD

Unknown

A Chinese national who worked as a contractor for the National Institute of Aerospace had access to NASA's Langley Research Center.  He was caught boarding a plane with two external hard drives, two laptops, a memory stick, and an SIM card on March 16.  He originally did not reveal the second laptop, hard drive, and SIM card when detained.  The information he was attempting to steal was not revealed.  

 
Information Source:
Media
records from this breach used in our total: 0

March 21, 2013 Insurance Co. of the West (ICW)
Del Mar, California
BSF PHYS

Unknown

Confidential medical records were found under a freeway by a concerned citizen. A local news team investigation traced the documents back to the insurance claims processor ICW. ICW reported that the issue occurred on February 28 when a bin with files broke open on the way to a disposal site.  An unnamed document destruction company responsible for the documents was replaced. Names, dates of birth, Social Security numbers, and other sensitive and medical information were on the documents. 

 
Information Source:
Media
records from this breach used in our total: 0

March 20, 2013 Savannah River Site (SRS)
Aiken, South Carolina
GOV DISC

12,000

A security breach allowed access to the personal records of at least 12,000 SRS workers.  The breach does not appear to be the result of a cyber attack.  Workers may have had financial information exposed.

 
Information Source:
Media
records from this breach used in our total: 12,000

March 19, 2013 Subway
, California
BSR HACK

Unknown

No specific California city was involved.  Subway restaurants in California, Massachusetts, and Wyoming were involved.

A former owner of a Subway franchise used software from his new job to access the computer systems of Subway restaurants.  The former owner sold point-of-sale software to Subway restaurants across the country and then worked with an accomplice to remotely hack into at least 13 Subway point-of-sale systems.  The fraud began in 2011.  Fraudulent Subway gift cards totaling at least $40,000 were created.  Two of the California participants were indicted on March 6.

 
Information Source:
Media
records from this breach used in our total: 0

March 19, 2013 General Services Administration (GSA)
Washington, District Of Columbia
GOV DISC

Unknown

GSA users may have been able to view the financial information and trade secrets of other GSA users due to a security vulnerability.  The specific database that was affected is called the System for Award Management (SAM).  Contractor and vendor registration records are cataloged by SAM.  It is not clear how GSA became aware of the issue or how long it was a problem.  Agency officials revealed that users could purposefully or inadvertently view the information of other users after following a series of steps.

UPDATE (03/23/2013):  Users had Social Security numbers and tax identification numbers exposed.

 
Information Source:
Media
records from this breach used in our total: 0

March 16, 2013 Salem State University
Salem, Massachusetts
EDU HACK

25,000

A server was found to be infected with a virus.  The University computer contained information related to paychecks distributed by the University.  Current and former employees who may have been students or staff may have been affected.

 
Information Source:
Media
records from this breach used in our total: 25,000

March 16, 2013 Lawrence Melrose Medical Electronic Record, Inc.
Melrose, Massachusetts
MED INSD

Unknown

Patients at Baystate Gastroenterology, Hallmark Health Medical Associates, Main Street Family Practice, and Womens Healthcare Associates were affected.  Patients of Maury Goldman, MD and John Mudrock, MD were also affected.

An employee of Lawrence Melrose accessed patient information for reasons unrelated to their work.  It is unclear what type of patient information was exposed and how many patients were affected.  

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

March 15, 2013 Tribune Co.
Sacramento, California
BSO INSD

Unknown

A former employee revealed a password and username combination for Tribune Co. to hackers.  The hackers were part of anonymous and used the information to access Tribune Co.'s servers in 2010.  A number of online stories that had been published through Tribune Co. were defaced by hackers as a result.  

The former employee of a TV station owned by Tribune Co. was indicted on charges of conspiracy to cause damage to a protected computer, transmission of malicious code, and attempted transmission of malicious code.

UPDATE (04/23/2013): The former employee worked at Reuters as a deputy social media editor at the time of the cyber attack.  He was fired from Reuters in April of 2013.

 
Information Source:
Media
records from this breach used in our total: 0

March 11, 2013 Stanley Black & Decker, Inc.
New Britain, Connecticut
BSR PORT

Unknown

Those with questions or concerns may contact (877) 795-2356.

The theft of an employee's laptop resulted in the exposure of information from employees and people who received checks from Stanley Black & Decker.  Names, and the account numbers and routing numbers associated with direct deposits may have been exposed. The laptop was stolen from a finance employee on January 28.  

 
Information Source:
California Attorney General
records from this breach used in our total: 0

March 8, 2013 University of Connecticut Health Center
Farmington, Connecticut
MED INSD

1,400 (Unknown number of Social Security numbers)

An employee accessed patient records for reasons unrelated to their job function.  The Heath Center became aware of an unauthorized access in January of 2013.  Patient names, addresses, dates of birth, and in some cases health information and Social Security numbers may have been exposed.

 
Information Source:
Media
records from this breach used in our total: 0

March 7, 2013 Uniontown Hospital
Uniontown, Pennsylvania
MED HACK

Unknown

A hacker or hackers accessed patient information and posted it online.  The breach was discovered by a data privacy expert. Uniontown indirectly notified the public of the breach and breach containment after the privacy expert attempted to reach Uniontown Hospital for several days.  Names, encrypted passwords, contact names, email addresses, and usernames may have been exposed.  It is unclear how long the information was available.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

March 4, 2013 TD Bank, N.A.
Cherry Hill, New Jersey
BSF PORT

Unknown

Two backup tapes with customer and customer dependent names, Social Security numbers, addresses, account numbers, debit card numbers, and credit card numbers went missing while being transported between two TD Bank office locations in March of 2012.  

 
Information Source:
California Attorney General
records from this breach used in our total: 0

March 4, 2013 The Prudential Insurance Company of America, Unisys
Newark, New Jersey
BSF DISC

Unknown

An administrative error resulted in documents with sensitive information from Unisys members being emailed to an incorrect party associated with Unisys. The mistake occurred on December 13, 2012.  The document may have contained names, Social Security numbers, dates of birth, and salary information. The mistake was immediately noticed by the recipient and the information was deleted from their computer.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

March 4, 2013 Family Intervention Services
Hiram, Georgia
MED PHYS

Unknown

A caller contacted a local news team member and an investigation of mishandled medical documents began.  The documents were in an unlocked dumpster and contained Social Security numbers, bank account information, addresses, dates of birth, and health information.  The documents were associated with Family Intervention Services and an unnamed orthopedic office.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

March 3, 2013 Evernote
Redwood City, California
BSO HACK

50,000,000 (No SSNs or financial information reported)

Evernote's breach notice can be found here: http://evernote.com/corp/news/password_reset.php.

A hacker or hackers attacked and may have accessed Evernote's online system. Evernote reset all user passwords as a precaution.  User names, email addresses, and encrypted passwords may have been exposed. 

UPDATE (03/09/2013): A total of 50 million users were told to reset their passwords.

 
Information Source:
Media
records from this breach used in our total: 0

March 1, 2013 Samaritan Hospital, Rensselaer County Jail
Troy, New York
MED INSD

Unknown

A nursing supervisor of Rensselaer County Jail was found to have misused credentials to access patient records without cause.  The Rensselaer County Jail information is maintained by Samaritan Hospital.  The hospital learned of the breach in November 2011, disabled the employee's account, and notified the sheriff's office immediately.  Subsequently, the Hospital may have delayed notifying patients because of the ongoing investigation.  Notifications were sent out during the first week of March in 2013.

UPDATE (04/01/2013): A total of 48 people have been notified.  Patients from as far back as 2006 may have been affected.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

March 1, 2013 South Miami Hospital, Baptist Health
Miami, Florida
MED INSD

834

A dishonest hospital employee misused patient records that were dated from June 2011 to February of 2012.  Patients may have had their names, Social Security numbers, and dates of birth exposed.

UPDATE (03/15/2013): A respiratory therapist provided Social Security numbers, dates of birth, patient names, and other patient data in exchange for payment. The patient data was then used to file fraudulent tax returns.  The dishonest employee now faces charges for selling the information to two others.

UPDATE (04/26/2013): Two women who purchased patient information from a Hospital employee were sentenced for their roles in the breach.  One woman was sentenced to 26 years and five months in federal prison in addition to being ordered to pay over $1.9 million in restitution.  She was convicted of 33 fraud and identity theft charges in January.  The other was sentenced to 10 years and one month in prison after pleading guilty to conspiracy to defraud the government and aggravated identity theft.  The fraud ring produced fraudulent income tax refunds totalling $11.7 million.

UPDATE (07/18/2013): A respiratory therapist who engaged in the theft of patient information between June of 2011 and February of 2012 pleaded guilty.  She faces up to seven years in federal prison and is scheduled to receive a lightened sentence for cooperating with authorities in the investigation of the tax fraud ring's leaders.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 834

March 1, 2013 Bank of Hawaii, First Hawaiian Bank
Oahu, Hawaii
BSR HACK

Unknown

An unnamed restaurant in Oahu experienced a computer system breach.  Customers who visited the restaurant during a period in February had their credit and debit cards blocked by Bank of Hawaii and First Hawaiian Bank when the breach was discovered.  Not all of the payment cards that were blocked had been compromised.

 
Information Source:
Media
records from this breach used in our total: 0

Breach Total
864,188,052 RECORDS BREACHED
(Please see explanation about this total.)
from 4,252 DATA BREACHES made public since 2005
Showing 551-600 of 4252 results


X

Sign In!

Loading