Chronology of Data Breaches
Security Breaches 2005 - Present

Posted Date: April 20, 2005
Updated Date: December 31, 2013

Is this your first visit to our Chronology of Data Breaches?

  • Read our FAQ about what we define as a breached record, how we calculate the "total" records breached, our data sources, state breach notice laws, studies and other resources

  • Learn how to use our Chronology and take advantage of its sophisticated search and sort features

  • Get our RSS Feed to see when we add new breaches to the list

What would you like to do?


Click or unclick the boxes then select go.


Select features, then click GO.



Help Guide

Can't find the sort feature you're looking for? Click here to download a CSV file of the data breach list as it exisits today.
Breach Total
815,842,526 RECORDS BREACHED
(Please see explanation about this total.)
from 4,488 DATA BREACHES made public since 2005

Save or Print PDF of Entire Breach List including introduction.Save or Print a PDF of Entire Breach List (including introductory FAQ)

Filter breach list before saving or printing PDF. Conduct a search of the Chronology using its sorting features, and Save or Print a PDF of your search results (Select filters)

If you do not have access to PDF, you can print the Chronology in landscape view.

Date Made Publicsort icon Name Entity Type
December 18, 2012 Western University of Health Sciences
Pomona, California
EDU DISC

Unknown

Western University of Health Sciences' BanWeb Self-Service Federal Work Study reports were accessible to people who used BanWeb with a Western University of Health Sciences user ID and password.  The reports contained names, Social Security numbers, and direct deposit bank account information in some cases. The information was available for an unspecified amount of time. Western University of Health Sciences conducted an investigation and reported that there was no reason to believe sensitive information was accessed by unauthorized BanWeb users.  Western University of Health Sciences disabled access to the reports after learning about the breach on November 14. Notifications were sent on December 18.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

December 17, 2012 Library Systems and Services, LLC
Germantown, Maryland
BSO PORT

Unknown

A laptop was discovered lost or stolen on November 5, 2012.  The possible theft is presumed to have taken place sometime around October 31, 2012.  The laptop may have contained employee names, Social Security numbers, addresses, and dates of birth.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

December 17, 2012 World Travel Holdings (WTH)
Wilmington, Massachusetts
BSO HACK

Unknown

CruiseOne and Crusies Inc. are affiliated with WTH and also mailed notifications to their customers.

An unauthorized party accessed WTH's booking system by misusing the log-in credentials of an authorized user.  Encrypted credit card numbers and expiration dates that were stored and could be decrypted in the system were exposed.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

December 17, 2012 EZ Step
San Jose, California
MED INSD

Unknown

The owner of EZ Step and an employee were both charged with conspiracy to commit health care fraud.  They were also charged on multiple counts of health care fraud.  The charges come from allegations that the two people sought reimbursement by forging physician signatures, fabricating prescriptions and equipment orders, forging patient signatures on delivery forms to misrepresent prescription medication and durable equipment deliveries, and altering valid prescriptions between 2005 and 2007.  Arrests were first made in July of 2011.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

December 13, 2012 Walgreens
San Diego, California
BSR PHYS

Unknown

At least 36 Walgreens stores in San Diego County had violations.  Over 600 Walgreens stores in California counties such as Alameda, Riverside, Los Angeles, San Joaquin, Solano, Monterey, and Yolo were also involved in the lawsuit.

Walgreens was ordered to pay $16.57 million as a part of a settlement of a civil environmental prosecution.  Walgreens was accused of illegally dumping hazardous waste as well as confidential customer medical information.  It is unclear what type of customer medical information was mishandled.

UPDATE (12/13/2012): The civil enforcement lawsuit was first filed in Alameda County in June of 2012.  It was the result of investigations that took place in San Diego County in the summer and fall of 2011. Investigators discovered that "Walgreens routinely and systematically sent hazardous waste to local landfills and failed to take measures to protect" customer medical privacy.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

December 13, 2012 Yolo Federal Credit Union
Woodland, California
BSF CARD

Unknown

A skimming device on an ATM resulted in fraudulent transactions on over 800 accounts.  The fraudulent transactions appear to date from October 27, 2012 to November 7, 2012. It is not clear how many skimming devices were involved and where they were located.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

December 12, 2012 Wilton Brands, LLC.
Woodridge, Illinois
BSR HACK

Unknown

Wilton learned that a malicious user was able to view user information between July 19 and October 2 of 2012.  The user had added a file to a computer server that hosts www.wilton.com and www.copco.com.  Names, addresses, telephone numbers, and payment card numbers, expiration dates, and security codes may have been accessed.  The discovery was made sometime around October 31 and notifications were sent on December 10.

The malicious user was unable to access payment card information between October 2 and the discovery of the breach on October 31 because Wilton changed its payment processing system on October 2.  Wilton took additional security measures after learning of the breach on or around October 31.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

December 12, 2012 Mt. Diablo Unified School District
Concord, California
EDU STAT

Unknown

A December 1 office burglary resulted in the theft of an unencrypted computer.  The computer contained files that included current and former Mt. Diablo Unified School District employee names, Social Security numbers, dates of birth, and addresses.  People who were employees between 1998 and 2010 may have been affected.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

December 11, 2012 Pepperdine University
Malibu, California
EDU PORT

8,300

A University laptop was stolen from an employee's locked car.  Pepperdine learned of the theft on November 12, 2012.  The laptop may have contained names, Social Security numbers, addresses, and/or dates of birth.

UPDATE (12/11/2012): As many as 8,300 people may have been affected.  The laptop had been used for work related to the IRS and contained data from as far back as 2008.  About 75 percent of the people affected were students.

 
Information Source:
California Attorney General
records from this breach used in our total: 8,300

December 11, 2012 Jackson Health System, Jackson South Community Hospital
Miami, Florida
MED DISC

566 (No SSNs or financial information exposed)

Approximately 1,200 photo records of 566 patients were publicly posted on November 30.  The information was removed and two managers resigned as a result of the breach.

 
Information Source:
Media
records from this breach used in our total: 0

December 10, 2012 Accume Partners, WeiserMazars
Moorestown, New Jersey
BSF PORT

Unknown

The October 10 theft of a laptop resulted in the exposure of sensitive information.  A WeiserMazars employee had a laptop stolen that contained names, Social Security numbers, and in some cases, addresses, dates of birth, 401(k) information, and payroll information for Accume Partner 401(l) Plan participants.  WeiserMazars audits the statement of net assets available for Accume Partner's 401(k) plan.  WeiserMazars notified Accume Partners on October 31 and Accume Partners sent notifications to those who may have been affected on November 16.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

December 10, 2012 ABQ Health Partners
Albuquerque, New Mexico
MED PORT

Unknown

A laptop computer was discovered lost or stolen.  It contained a spreadsheet of patient names, dates of birth, health plan ID numbers, and diagnosis information.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

December 10, 2012 West Pittsburgh Partnership
Pittsburgh, Pennsylvania
NGO PHYS

Unknown

A concerned citizen investigated a pile of documents next to a dumpster.  The documents contained names and Social Security numbers.  A local news team responded to the story and contacted a representative from West Pittsburgh Partnership.  West Pittsburgh Partnership began an investigation into how the job placement program documents dating back to 1992 were exposed.

 
Information Source:
Databreaches.net
records from this breach used in our total: 0

December 10, 2012 Michigan State University
East Lansing, Michigan
EDU HACK

1,500 (No Social Security numbers exposed)

A hacker published approximately 1,500 Michigan State University names, email addresses, user IDs, encrypted passwords, and mailing addresses.

 
Information Source:
Media
records from this breach used in our total: 0

December 7, 2012 Pinkerton Government Services (PGS)
Washington, District Of Columbia
BSO STAT

Unknown

The November 15 office theft of several computers may have resulted in the exposure of current and former employee information.  PGS believes that the computers were stolen for their hardware and software value rather than the information they contained.  Some former and current PGS employees had their names, addresses, Social Security numbers, and possibly other types of information exposed.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

December 7, 2012 Carolinas HealthCare System
Charlotte, North Carolina
MED HACK

6,300 (5 SSNs reported)

An unauthorized electronic intrusion may have affected up to 6,300 patients from Carolinas Medical Center-Randolph. The intruder accessed a provider's email account and could have obtained patient names, dates and times of service, dates of birth, diagnosis and prognosis information, medications, results, and referrals.  The Social Security numbers of five patients who had their Social Security numbers sent through or received by the email account may have also been obtained.

 

The issue was discovered on October 8 and the intruder is believed to have accessed emails from the account between March 11, 2012 and October 8, 2012.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 5

December 7, 2012 Rock Bottom Auto Sales
Hudson, Florida
BSR PHYS

Unknown

At least eight garbage bags that were left unattended on a dirt road contained sensitive documents.  A woman found the bags and reported the issue to a local news team.  The paperwork included credit applications with names, driver's license information, and Social Security numbers.  

 
Information Source:
Databreaches.net
records from this breach used in our total: 0

December 5, 2012 California Department of Healthcare Services
Sacramento, California
MED DISC

14,000

Those who may have been affected may call 1-855-297-5064 for assistance from DHCS.

Names and Social Security numbers were discovered on the website of the Department of Health Care Services.  People who sent their information in order to become a provider of In-Home Supportive Services (IHSS) may have had their information exposed online between November 5, 2012 and November 20.  The issue was discovered on November 14 and was not fully addressed until November 20.  

The list should have only contained provider names, addresses, and provider types. It also contained Social Security numbers that were listed in the column for Provider Billing Numbers.  The Social Security numbers were not easily recognizable in this format.

UPDATE (12/11/2012): Nearly 14,000 people were affected.

 
Information Source:
California Attorney General
records from this breach used in our total: 14,000

December 4, 2012 Louisiana State University (LSU) Hospital System
Baton Rouge, Louisiana
MED INSD

416

A dishonest employee working in the billing department used her position to access account information.  She scanned checks and identification information from the LSU hospital system database and passed them on to at least four women.  The scheme was discovered when the four women were allegedly caught on camera making purchases with fake checks.  Handwritten Social Security numbers, check and ID card printing items, computers, and copies of scanned checks were found when the womens' homes were searched.

At least seven people face charges that include identity theft, conspiracy to commit identity theft, conspiracy to commit monetary abuse, and possession of fraudulent documents for identification purposes.  The dishonest employee was charged with 377 counts of identity theft.

UPDATE (01/02/2013): LSU Health notified 416 patients after a hospital employee discovered fraudulent activity on her checking account.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 416

December 4, 2012 Surgical Associates of Utica, Quanterion Solutions, Inc.
Utica, New York
MED STAT

1,017 (No SSNs or financial information reported)

The theft of a network server on or around September 18 may have resulted in the exposure of sensitive patient information.  A notification was sent to the US Department of Health and Human Services (HHS) on November 16.

 
Information Source:
HHS via PHIPrivacy.net
records from this breach used in our total: 0

December 4, 2012 First Step Counseling, Inc.
Metuchen, New Jersey
MED PHYS

638 (No SSNs or financial information reported)

An unauthorized disclosure of paper records may have exposed patient information.  The breach may have taken place between May 1, 2011 and August 5, 2011.  It was discovered or reported on November 16 of 2012.

 
Information Source:
HHS via PHIPrivacy.net
records from this breach used in our total: 0

December 4, 2012 CVS Caremark
Woonsocket, Rhode Island
MED PHYS

955 (No SSNs or financial information reported)

The theft of paper records may have resulted in the exposure of patient information.  The theft may have occurred on August 13, 2012 and was reported or discovered on November 16, 2012.

 
Information Source:
HHS via PHIPrivacy.net
records from this breach used in our total: 0

December 1, 2012 University of Virginia Medical Center, Continuum Home Infusion
Charlottesville, Virginia
MED PORT

1,846 (Unknown number of SSNs)

A handheld electronic devices used by Continuum pharmacists was discovered missing on October 5.  The device was not encrypted and contained patient names, addresses, diagnoses, medications, and health insurance identification numbers.  Some health insurance identification numbers were Social Security numbers or contained Social Security numbers.  Patients who received services from Continuum during the month of September 2012 and potential patients who were referred to Continuum between August 2007 and September 2012.  Notifications were sent on November 30.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

December 1, 2012 Jackson North Medical Center, Jackson Health System
Miami, Florida
MED INSD

566

A dishonest volunteer was caught passing patient information to people who used it to file fraudulent tax returns.  The volunteer used his smart phone to capture patient records while working in an emergency room.  Around 1,200 photos of 566 patient records were found on his phone. The breach was discovered when three men were caught using free wi-fi at McDonald's to file fraudulent tax returns in March.

UPDATE (01/11/2013): Jackson Health banned volunteers from using cell phone in patient areas in order to prevent similar events from occurring.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 566

November 30, 2012 Inova Fairfax Hospital Cardiac Care Center, Inova Fair Oaks Hospital
Fairfax, Virginia
MED CARD

Unknown

Someone discovered card skimming devices at an ATM near a gift shop of the Inova Fairfax Hospital Cardiac Care Center and at an ATM next to the Inova Fair Oaks Hospital cafeteria.  One device was discovered by a hospital employee who attempted to use the ATM and witnessed the skimmer fall from the ATM.  A skimming device was previously discovered at the same Inova Fairfax Hospital Cardiac Care Center ATM in September.  It is unclear how long the devices were there and people who used them are urged to check their financial statements.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

November 30, 2012 Florida Hospital Tampa (formerly University Community Hospital Medical Center), Crothall Healthcare, Naval Medical Center (Bob Wilson Naval Hospital)
Tampa, Florida
MED INSD

45

Three people were arrested for their roles in filing 225 fraudulent tax returns.  They face charges of conspiracy, theft of government property, and aggravated identity theft.  About $555,000 in refund money was obtained.  One of the defendants worked at Florida Hospital Tampa through a maintenance and housekeeping company.  Information came from a variety of medical centers in California and Florida.  There was an incident where the dishonest worker provided her co-conspirators with a list of names and Social Security numbers from patients seen at Florida Hospital Tampa on January 17 of 2012 and another incident where ER patient names, Social Security numbers, and other information was stolen from Crothall Healthcare in January.  

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 45

November 30, 2012 Western Connecticut State University
Danbury, Connecticut
EDU DISC

235,000

A computer vulnerability allowed the information of students, student families, and other people affiliated with the University to be exposed. The records covered a 13 year period and included Social Security numbers.  High school students who had associations with the University may have had their SAT scores exposed as well.  The issue existed between April 2009 and September 2012.  

 
Information Source:
Media
records from this breach used in our total: 235,000

November 29, 2012 WestCoast Children's Clinic
Oakland, California
MED DISC

Unknown

A referral document containing sensitive information was accidentally sent in an email to an unauthorized recipient.  Patient names, Social Security numbers, dates of birth, addresses, and health concerns were sent to a county social worker. The county social worker deleted the sensitive email and any other existing copies of the document were securely deleted from the network.  

The WestCoast Children's Clinic will not provide referral forms to outside agencies in order to protect against future inadvertent sharing of private information.  Disciplinary actions will also be taken against the employees involved in the privacy breach.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

November 29, 2012 St. Catherine Medical Center
Ashland, Pennsylvania
MED PHYS

Unknown

Sensitive patient and employee records were left unsecured in the abandoned medical center.  A November 10 auction of office equipment and computers was held in the medical center, but one person reported seeing piles of sensitive documents and being able to access sensitive items like badges of former employees. The person provided pictures of personnel records and other items that should have been secured. A representative speaking on behalf of those responsible for safeguarding private information responded that the pictures were taken behind an area that had been secured with a rope. Additionally, the person claims that one of the computers that was purchased at the auction still contained sensitive information.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

November 29, 2012 Vidant Pungo Hospital
Belhaven, North Carolina
MED PHYS

1,100 (No SSNs or financial information reported)

Patient information was exposed by the accidental disposal of paper jackets with old radiology films.  Patient information such as name, address, age, date of birth, race, sex, name of radiology procedure and radiology procedure date was exposed.  The paper jackets were sent to a local landfill.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

November 28, 2012 Advanced Data Processing, Inc. (ADPI), Grady EMS
Roseland, New Jersey
BSF INSD

At least 15,000 people were affected.

Information from certain ambulance agencies was inappropriately accessed and disclosed.  Patient account information such as names, Social Security numbers, dates of birth, and record identifiers were exposed by a dishonest ADPI employee. ADPI learned of the breach on October 1. The dishonest employee was fired and apprehended by authorities.

UPDATE (12/04/2012): The former ADPI employee stole information associated with Grady EMS ambulance service. About 900 Grady EMS patients had their information exposed between June 15, 2012 and October 12, 2012.

UPDATE (01/05/2013): A detailed list of the organizations and number of people who were affected is available on phiprivacy.net herehttp://www.phiprivacy.net/?p=10825

UPDATE (03/08/2013): Osceola County EMS released a notification in March of 2013 here: http://tinyurl.com/a335kak

UPDATE (03/14/2013): The Yuma, Arizona Fire Department was also affected by the breach.  ADP handles the billing for Yuma's emergency medical services.  Names, Social Security numbers, dates of birth, and record identifiers may have been accessed.

UPDATE (08/28/2013): ADPI learned of the tax scheme after being notified by Tampa, Florida police.  The IRS confirmed that Valparaiso Fire Department information was compromised by the breach in July of 2013.  Patients seen at Valparaiso Fire Department or by Valparaiso Fire Department ambulances between January 1 and June 21 of 2012 may have had their names, Social Security numbers, and dates of birth exposed.

 
Information Source:
California Attorney General
records from this breach used in our total: 15,000

November 28, 2012 Westside Park Elementary School Based Health Center
Adelanto, California
MED PHYS

1,370 (No SSNs or financial information reported)

A burglary sometime around October 1 may have resulted in the exposure of patient names, Social Security numbers, phone numbers, addresses, dates of birth, health conditions, medications, and other health information.  The information was in a locked room that was accessed, but it appears that none of the paper records were stolen.  Thieves took a television and other items. 

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

November 27, 2012 Soundental Associates P.C.
West Haven, Connecticut
MED PORT

Unknown

A bag of personal items and back-up media cartridges from Soundental was stolen from an employee's car on September 24.  The back-up cartridges had patient names, addresses, treatment records, and dates of birth.  Social Security numbers were also exposed in some cases.  The cartridges had been scrambled to prevent easy access.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

November 27, 2012 Long Chiropractic
Dayton, Ohio
MED PHYS

Unknown

A November 26 office burglary may have resulted in the theft of patient records.  A safe with computer disks and a laptop computer were stolen.  It is unclear if either contained sensitive patient information.  The burglars were in the office for 15 minutes and may have taken or viewed sensitive patient information in other areas.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

November 27, 2012 University of Arkansas for Medical Sciences (UAMS)
Little Rock, Arkansas
MED INSD

1,500 (No SSNs or financial information reported)

Anyone who was a patient at UAMS and had surgery or was seen by a neurosurgeon from January 2010 to June 2010 may call UAMS toll-free hotline at 888-729-2755 to learn if they were affected by the breach.

A former resident doctor kept the personal information of about 1,500 patients as part of a lawsuit she filed against UAMS.  She also claimed to have kept the information for research purposes.  UAMS became aware of the issue on October 9 when the former resident doctor used the documents as part of her lawsuit.  UAMS learned that she kept additional documents on November 7 and had provided them to UAMS attorneys on June 25. Some patients had their names, addresses, dates of birth, medical record numbers, and dates of service exposed.  Other patients had their ages, locations of care, dates of service, diagnoses, medications, surgical procedures, procedure names, and lab results exposed.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

November 27, 2012 Pinnacle Foods Group, LLC
Clinton, Wisconsin
BSR PORT

1,818

Those with questions may call Pinnacle at (855) 477-6879.

A laptop taken from an employee's home on October 11 contained sensitive information.  It contained names, Social Security numbers, driver's license numbers, credit card numbers , and other personal information.

 
Information Source:
Databreaches.net
records from this breach used in our total: 1,818

November 27, 2012 Sourcefire
Columbia, Maryland
BSO PORT

500

The November 6 theft of an unencrypted laptop may have resulted in the exposure of employee Social security numbers.  It is unclear if other types of information were also exposed.  A total of 500 employees may have been affected.  

 
Information Source:
Media
records from this breach used in our total: 500

November 27, 2012 Pulaski Bank
Overland Park, Kansas
BSF PHYS

Unknown

An employee left sensitive loan application documents in a vehicle while at the gym.  The documents were stolen and included loan applicant tax returns. The breach occurred in September.

 
Information Source:
Databreaches.net
records from this breach used in our total: 0

November 24, 2012 CHRISTUS St. John Hospital
Houston, Texas
MED PORT

Unknown

An unencrypted flash drive was discovered lost or stolen on September 25.  It contained patient names, Social Security numbers, dates of birth, health insurance information, diagnoses, and progress notes.  The information came from patients who participated in the St. John Sports Medicine Program and were treated between January 1, 2011 and July 31, 2012.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 0

November 22, 2012 Scripps College
Anaheim, California
EDU PHYS

940 (No SSNs or financial information reported)

Scripps College is located in Claremont, California and the theft took place in Anaheim, California.

Sensitive records were stolen from a tote bag in a staff member's vehicle on the night of November 18.  The records included names, dates of birth, cell phone numbers, email addresses, and emergency contact information.

 
Information Source:
Databreaches.net
records from this breach used in our total: 0

November 21, 2012 Oak River Insurance Institute
San Francisco, California
BSF INSD

2,700

An employee disclosed personal information about workers compensation claimants between October 2011 and March 2012.  Workers compensation claimants who received spinal surgery in Southern California between 2004 and 2011 or had urinalysis testing, diagnostics or medical services performed in California between 2006 and 2011 may have had their information exposed.

It does not appear that Social Security numbers or other identifying information exposed were used to compromise the security, confidentiality, or integrity of the personal information. 

UPDATE (11/23/2012): About 2,700 workers' compensation claimants were affected.

 
Information Source:
California Attorney General
records from this breach used in our total: 2,700

November 19, 2012 American Tool Supply (ATS)
Suwanee, Georgia
BSR HACK

617

A hacker gained access to the ATS system and may have accessed financial information.  The attack was discovered on August 1 and financial information was immediately removed from the ATS online system.  

 
Information Source:
California Attorney General
records from this breach used in our total: 617

November 16, 2012 Nationwide Mutual Insurance Company and Allied Insurance
Columbus, Ohio
BSF HACK

1,000,000

Affected Georgia consumers may call 1-800-760-1125. Other consumers with questions may call 1-800-656-2298.

A portion of the computer network used by Nationwide and Allied Insurance agents was breached by cyber criminals on October 3.  The attack was discovered on the same day and contained.  On October 16, it was determined that names, Social Security numbers, driver's license numbers, dates of birth, marital status, gender, occupation, and employer information had been stolen.  Affected parties were identified on November 2 and notifications were sent on November 16.

UPDATE (11/20/2012): At least 28,000 people in Georgia were affected.  The total number of affected people is not known.

UDPATE (12/10/2012): A total of 28,468 people in Georgia, 534 in Oklahoma, 12,490 in South Carolina, 286 in Maryland, 5,050 in California, 91,000 in Iowa, 170 in Hawaii, 8,000 in New Mexico, and 98,191 in Minnesota were affected. This brings the known total to 244,188.  Nationwide/Allied Group reported that the breach compromised the information of one million policyholders and non-policyholders nationwide.

 
Information Source:
California Attorney General
records from this breach used in our total: 1,000,000

November 16, 2012 Landmark Medical Center
Woonsocket, Rhode Island
MED PORT

683

The office theft of a laptop resulted in the exposure of patient information.  A spreadsheet with sensitive information that could be easily accessed was on the stolen laptop. It is unclear what type of information was exposed, but Social Security numbers, addresses, and medical information were not involved.

UPDATE (12/21/2012): A Health and Human Services (HHS) notice reveals that the theft occurred on October 1.  A total of 683 patients were affected by the breach.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 683

November 14, 2012 Highlandtown Community Health Center, Johns Hopkins Hospital
Baltimore, Maryland
MED INSD

250

At least four people were involved in an identity theft ring that affected over 250 people.  One member of the ring was employed by Highlandtown Community Health Center and provided personal and financial patient information that he accessed through his position. The information was used by other ring members to create counterfeit checks and fraudulent state identification cards. The fraud occurred between August and October of 2009.

Another member of the ring was employed by Johns Hopkins Hospital and provided the information of doctors who applied for fellowships there.  Several ring members rented apartments under the identities of doctors. Two of the members pleaded guilty to conspiring to commit wire fraud and aggravated identity theft.  The four members of the ring are required to collectively pay restitution for fraudulently obtained cash, merchandise, and services worth over $188,000.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 250

November 14, 2012 Adobe
San Jose, California
BSO HACK

230 (No SSNs or financial information reported)

A hacker released the names, email addresses, and encrypted passwords of 230 members of Adobe's company database.  The hacker claimed to have access to over 150,000 records.  Adobe announced that it would reset approximately 150,000 passwords of members of the Connectusers.com site.

UPDATE (11/14/2012): The 230 people who were affected also had their titles, affiliated organizations, and usernames exposed.  A number of those affected were associated with U.S. government agencies such as the Department of Transportation, the Department of Homeland Security, the U.S. State Department, and the Federal Aviation Administration.

 
Information Source:
Databreaches.net
records from this breach used in our total: 0

November 13, 2012 Sprechman & Associates, P.A.
Miami, Florida
BSF INSD

Unknown

An employee may have performed unauthorized searches on clients.  The employee is no longer with the company.  Names, Social Security numbers, addresses, dates of birth, and driver's license numbers may have been exposed.  The potential breach was discovered in July and clients were notified in October after their contact information was confirmed.

 
Information Source:
California Attorney General
records from this breach used in our total: 0

November 13, 2012 National Aeronautics and Space Administration (NASA)
Washington, District Of Columbia
GOV PORT

10,000 (No SSNs or financial information reported)

An October 31 theft of a NASA laptop and sensitive NASA documents from an employee's locked car resulted in the exposure of employee information.  Contractors and other non-employees associated with NASA were also affected.  Employees are encouraged to be suspicious of communication from individuals claiming to be from NASA. It may take up to 60 days to send official notifications to those who were affected.

UPDATE (12/14/2012): Up to 10,000 employees and people associated with NASA may have been affected.  

 
Information Source:
Databreaches.net
records from this breach used in our total: 0

November 13, 2012 Chicago Board of Elections Commissioners
Chicago, Illinois
GOV DISC

1,200 (No SSNs or financial information reported)

The sensitive information of Chicago voters was exposed online due to a mistake by the election authority. A database that included names, the last four digits of Social Security numbers, addresses, and drivers license numbers was accidentally placed online in a publicly accessible place.  Only people who applied to work for the board in Chicago polling places on Election Day were determined to have been affected.  

A forensic investigation firm believes that as many as 1.7 million registered voters had their names, addresses, and voter registration numbers exposed. However the Chicago Board does not believe that information should be considered sensitive.

 
Information Source:
Databreaches.net
records from this breach used in our total: 0

November 11, 2012 Labelmaster (American Labelmark Company)
Chicago, Illinois
BSO HACK

Unknown

A hacker accessed the e-commerce site labelmaster.com.  Customer names, addresses, credit card numbers, and credit card expiration dates were exposed.  

 
Information Source:
Databreaches.net
records from this breach used in our total: 0

Breach Total
815,842,526 RECORDS BREACHED
(Please see explanation about this total.)
from 4,488 DATA BREACHES made public since 2005
Showing 951-1000 of 4488 results


X

Sign In!

Loading