Chronology of Data Breaches
Security Breaches 2005 - Present

Posted Date: April 20, 2005
Updated Date: December 31, 2013

Is this your first visit to our Chronology of Data Breaches?

  • Read our FAQ about what we define as a breached record, how we calculate the "total" records breached, our data sources, state breach notice laws, studies and other resources

  • Learn how to use our Chronology and take advantage of its sophisticated search and sort features

  • Get our RSS Feed to see when we add new breaches to the list

What would you like to do?


Click or unclick the boxes then select go.


Select features, then click GO.



Help Guide

Can't find the sort feature you're looking for? Click here to download a CSV file of the data breach list as it exisits today.
Breach Total
864,188,052 RECORDS BREACHED
(Please see explanation about this total.)
from 4,252 DATA BREACHES made public since 2005

Save or Print PDF of Entire Breach List including introduction.Save or Print a PDF of Entire Breach List (including introductory FAQ)

Filter breach list before saving or printing PDF. Conduct a search of the Chronology using its sorting features, and Save or Print a PDF of your search results (Select filters)

If you do not have access to PDF, you can print the Chronology in landscape view.

Date Made Public Name Entity Type
January 3, 2013 King Drug & Home Care
Owensboro, Kentucky
MED PORT

13,619

An employee reported that a portable hard drive was missing on November 23, 2010.  The device had last been seen sometime around November 19.  The data on the device included information from before July 31, 2009.  Client names, Social Security numbers, medical record numbers, account numbers, dates of service, race, insurance carriers and insurance numbers, addresses, phone numbers, sex, dates of birth, diagnosis information, allergies, initial referral forms, patient assessments/plans of care, physician orders and/or delivery ticket information may have been on the hard drive.

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 13,619

July 25, 2006 Cablevision Systems Corp., ACS, FedEx
Bethpage, New York
BSO PORT

13,700 current and former employees

Additional locations: Dallas, TX, Connecticut, New Jersey and New York

A tape en route to the company's 401(k) plan record-keeper ACS was lost when shipped by FedEx to Dallas, TX. No customer data was on the tape.

 
Information Source:
Dataloss DB
records from this breach used in our total: 13,700

August 30, 2008 National Technical Institute for the Deaf and Rochester Institute of Technology
Rochester, New York
EDU PORT

13,800

RIT Hotline through 9/26/08 (866) 624-8330, RIT Public Safety (585) 475-2853

http://www.rit.edu/news/?v=46283

A recently stolen laptop contained the names, birth dates and Social Security numbers of about 12,700 applicants to the National Technical Institute for the Deaf and another 1,100 people at Rochester Institute of Technology. The laptop belonged to an employee and was stolen on Monday from an office at NTID. People at RIT, who are not affiliated with NTID, are affected because their personal information was being used as part of a control group in an internal study.

 
Information Source:
Dataloss DB
records from this breach used in our total: 13,800

August 16, 2010 Aultman Health Foundation
Canton, Ohio
MED PORT

13,800

On June 7, a laptop was stolen. Patient information from the Aultman Healthcare in Your Home program may have been exposed. This information included names, insurance identification numbers, health information, telephone numbers, addresses, dates of birth and Social Security numbers.

 
Information Source:
Databreaches.net
records from this breach used in our total: 13,800

February 22, 2012 Coca-Cola Company Family Federal Credit Union
Atlanta, Georgia
BSR PORT

13,800

The theft of two laptops resulted in the exposure of credit union member information. The laptops were stolen on December 21, 2011 and contained names and Social Security numbers, as well as credit card numbers in some cases.

 
Information Source:
Dataloss DB
records from this breach used in our total: 13,800

June 3, 2013 Office of Dr. Lee D. Pollan, DMD, PC.
Rochester, New York
MED PORT

13,806

The theft of the doctor's laptop may have exposed patient information.  The theft occurred sometime between November 6, 2012 and November 15, 2012.  Information related to patient names, dates of birth, addresses, Social Security numbers, diagnose and surgery billing codes, dates of service, and person responsible for the billing was on the laptop.  

 
Information Source:
PHIPrivacy.net
records from this breach used in our total: 13,806

March 24, 2006 Vermont State Colleges
Waterbury, Vermont
EDU PORT

14,000

Note: there are several locations in Vermont.  We list the Office of the Chancellor as the primary location.

A laptop containing Social Security numbers and payroll data of students, faculty and staff associated with the five-college system was stolen.  It contained information from as long ago as 2000.

 
Information Source:
Dataloss DB
records from this breach used in our total: 14,000

April 28, 2006 U.S. Department of Defense
Washington, District Of Columbia
GOV HACK

14,000

A hacker accessed a Tricare Management Activity (TMA) public server containing personal information about military employees. TMA is used to provide health care services to military personnel and their families.

 
Information Source:
Dataloss DB
records from this breach used in our total: 14,000

April 18, 2007 Ohio State University
Columbus, Ohio
EDU HACK

14,000

http://www.osu.edu/news/newsitem1673

A hacker accessed the names, Social Security numbers, employee ID numbers and birth dates of 14,000 current and former staff members.

 
Information Source:
Dataloss DB
records from this breach used in our total: 14,000

October 2, 2007 The Nature Conservancy
Arlington, Virginia
NGO HACK

14,000

Additional locations: Little Rock, Fayetteville, Arkadelphia, Batesville and Ponca, (Arkansas)

A hacker illegally gained access to a computer of The Nature Conservancy containing personal information on current and former employees and their dependents. The stolen information included the names, home addresses, Social Security numbers and birth dates. It also included direct deposit bank account numbers for employees who were on the payroll between 2000 and 2004, as well as the Social Security numbers of those employees' dependents. When employees accessed a particular Web site, the site planted a program on the employees' computers that copied the contents of the hard drives and sent the information to the hacker.

 
Information Source:
Dataloss DB
records from this breach used in our total: 14,000

February 17, 2009 Broome Community College
Binghamton, New York
EDU DISC

14,000

Broome Community College, sent out a mailing last week with Social Security number posted prominently on the back cover. The winter/spring 2009 alumni magazine was mailed to 28,000 people, it assumed that less than 14,000 copies had Social Security numbers on the magazine.

 
Information Source:
Dataloss DB
records from this breach used in our total: 14,000

July 19, 2006 Group 1 Automotive Inc, Weinstein Spira & Company, P.C.
Houston, Texas
BSF PORT

14,000

Five laptops were stolen from a Weinstein Spira office sometime between the night of July 10 and the morning of July 11.  The laptops contained personal information of clients and the employees of clients. Names, addresses, Social Security numbers and financial data were accessed. 

 
Information Source:
Dataloss DB
records from this breach used in our total: 14,000

September 28, 2011 Fairview and North Memorial Hospitals, Accretive
Minneapolis,
MED PORT

23,500 (14,000 SSNs or financial records reported)

The July 25 theft of a laptop resulted in the exposure of patient information.  It was stolen from a rental car parked in the parking lot of a Minneapolis restaurant.  The laptop was in the possession of an employee of the contractor Accretive.  It contained the names, addresses, dates of birth, medical information, and Social Security numbers of patients.  A total of 14,000 Fairview patients were affected.  Approximately 2,800 North Memorial patients were affected, but did not have their Social Security numbers exposed.

UPDATE (1/20/2012): A lawsuit was filed against Accretive Health, Inc. as a result of the breach. Approximately 23,500 patients in Minnesota were affected by the breach.  The Minnesota Attorney General claims that Accretive failed to protect patient health care records and failed to disclose its extensive involvement in patient health care.  According to the Minnesota Attorney General, Accretive gained access to sensitive patient data through contracts with the two hospitals and numerically scored patients' risk of hospitalization and medical complexity, graded their "frailty," compiled per-patient profit and loss reports, and identified patients deemed to be "outliers." The physical and mental health information included a checklist of 22 different chronic medical conditions that patients did or did not have.  This was without the knowledge or consent of patients and the Attorney General argues that patients had the right to know how their information was being used and to have it kept confidential.

Accretive tells investors that its contracts with hospitals include risk scoring patients, reducing avoidable hospital admissions, identifying the sickest and most impact-able patients for proactive management, and identifying real-time interventions with significant revenue or cost impact. The lawsuit alleges that Accretive violated state and federal health privacy laws, state debt collection laws, and state consumer protection laws.  It seeks an order requiring Accretive to fully disclose to patients: 1) what information it has about Minnesota patients; 2) what information it has lost about Minnesota patients; 3) where and to whom it has sent information about Minnesota patients; and 4) the purposes for which it amasses and uses information about Minnesota patients. In addition, the lawsuit asks Accretive to disclose whether it has sent health data about Minnesota patients to an offshore site in new Delhi, India and requests that restrictions be applied to how Accretive treats and uses patient data.

The press release from the Office of Minnesota Attorney General Lori Swanson can be found here.

UPDATE (08/24/2012): A settlement agreement with Accretive Health was announced at the end of July.  The settlement requires Accretive to stop doing business in Minnesota for two years and to pay approximately $2.5 million to the State of Minnesota, a portion of which will be used to compensate patients.

 
Information Source:
Databreaches.net
records from this breach used in our total: 14,000

March 12, 2012 Impairment Resources, LLC
San Diego, California
MED PORT

14,000

An office burglary on New Year's Eve 2011 resulted in the loss of hardware that contained sensitive personal information.  The full names, addresses, Social Security numbers, and medical information of clients were on the hardware.  Impairment Resources notified patients in February and then filed for bankruptcy in March. The high cost of handling the breach led directly to the decision to file for bankruptcy.

 
Information Source:
California Attorney General
records from this breach used in our total: 14,000

April 30, 2012 Volunteer State Community College
Gallatin, Tennessee
EDU DISC

14,000

Those with questions may call (615) 230-3390.

The University became aware of an unintended disclosure.  Files with the information of current and former faculty and former students were placed on a web server that was not secure.  The information could have been accessed anytime between 2008 and the discovery of the error.  Names and Social Security numbers were exposed.

 
Information Source:
Databreaches.net
records from this breach used in our total: 14,000

December 5, 2012 California Department of Healthcare Services
Sacramento, California
MED DISC

14,000

Those who may have been affected may call 1-855-297-5064 for assistance from DHCS.

Names and Social Security numbers were discovered on the website of the Department of Health Care Services.  People who sent their information in order to become a provider of In-Home Supportive Services (IHSS) may have had their information exposed online between November 5, 2012 and November 20.  The issue was discovered on November 14 and was not fully addressed until November 20.  

The list should have only contained provider names, addresses, and provider types. It also contained Social Security numbers that were listed in the column for Provider Billing Numbers.  The Social Security numbers were not easily recognizable in this format.

UPDATE (12/11/2012): Nearly 14,000 people were affected.

 
Information Source:
California Attorney General
records from this breach used in our total: 14,000

October 20, 2009 ChoicePoint
Alpharetta, Georgia
BSO DISC

14,023

http://www.ftc.gov/opa/2009/10/choicepoint.shtm

ChoicePoint has been fined $275,000 by the U.S. Federal Trade Commission for a data breach that exposed personal information of 13,750 people last year. In April 2008, ChoicePoint turned off a key electronic security tool that it used to monitor access to one of its databases and failed to notice the problem for four months, according to an FTC statement. During that period, unauthorized searches were conducted for 30 days on a ChoicePoint database that contained Social Security numbers and other sensitive information.

UPDATE (9/22/10): The Federal Trade Commission mailed checks worth $18.17 to 14,023 ChoicePoint customers.  These checks were meant to cover the money and time customers spent monitoring their credit after ChoicePoint's 2008 breach.  ChoicePoint had been ordered to implement a comprehensive information security program after a 2006 breach.  Due to ChoicePoint's failure to do this, they suffered another breach and were fined.

 
Information Source:
Dataloss DB
records from this breach used in our total: 14,023

June 3, 2013 Champlain College
Burlington, Vermont
EDU PORT

14,217

Those with questions may call 877-643-2062.

During the weekend of June 3, a hard drive was discovered to have been misplaced.  The device had been left unattended in a computer lab for about two days in March.  The hard drive contained names, Social Security numbers, and other information related to admissions and financial aid for the Fall 2010 through the February 2013 school terms.  Some graduate and continuing professional studies students may have also been affected.

 
Information Source:
Media
records from this breach used in our total: 14,217

April 13, 2009 Moses Cone Hospital
Greensboro, North Carolina
MED PORT

14,380

Moses Cone Hospital is offering free credit monitoring to 14,380 patients after a laptop computer containing confidential information was stolen from a VHA employee's car. The information on the laptop, including patients' Social Security numbers.

 
Information Source:
Dataloss DB
records from this breach used in our total: 14,380

September 29, 2006 University of Iowa Department of Psychology
Iowa City, Iowa
EDU HACK

14,500

A computer containing SSNs of 14,500 psychology department research study subjects was the object of an automated attack designed to store pirated video files for subsequent distribution.

 
Information Source:
Dataloss DB
records from this breach used in our total: 14,500

September 1, 2011 Birdville
Haltom City, Texas
EDU HACK

14,500

Two students may face criminal charges for hacking into the Birdville School District's network server and accessing a file with 14,500 student names and Social Security numbers.  The students are a high school junior and a senior.  Students who attended during the 2008-2009 school year may have been affected.

 
Information Source:
Databreaches.net
records from this breach used in our total: 14,500

October 21, 2009 Roane State Community College
Harriman, Tennessee
EDU PORT

14,783

Hotline (865) 882-4688, (866) 462-7722 ext. 4688

Roane State Community College has announced that the names and Social Security numbers of 9,747 current or former students were on a data storage device stolen from an employee's vehicle, along with 1,194 current/former employees' information. The Social Security numbers alone, with no names, were also stolen for 5,036 additional current or former students. The data was on a 4GB USB drive used for work-related purposes. An employee took it home to do work after hours, and left it in the car. The employee forgot to lock the car doors. The USB drive was stolen along with a personal hand-held device.

 
Information Source:
Dataloss DB
records from this breach used in our total: 14,783

April 8, 2005 Eastern National
Ft. Washington, Pennsylvania
NGO HACK

15,000

A hacker gained access to a server containing the names, credit card information, and billing addresses of 15,000 customers.  Letters were mailed to all customers who bought products through the educational website for national parks.

 
Information Source:
Dataloss DB
records from this breach used in our total: 15,000

June 30, 2005 Ohio State University Medical Center, MTE Consulting
Columbus, Ohio
MED PORT

15,000

A laptop containing patient information was stolen from a financial consultant.  MTE Consulting notified OSU medical center a month after the laptop was stolen and OSU sent a brief letter to the affected clients.

 
Information Source:
Dataloss DB
records from this breach used in our total: 15,000

April 1, 2006 Con Edison
New York, New York
BSO PORT

15,000 Con Edison employees

Con Edison shipped two cartridge tapes to JPMorgan Chase in upstate Binghamton so it could input data on behalf of the NY Dept. of Taxation and Finance. One tape was apparently lost and contained employees' W-2 data, including names, addresses, Social Security numbers, taxes paid and salaries.

 
Information Source:
Dataloss DB
records from this breach used in our total: 15,000

December 22, 2006 Texas Woman's University
Dallas, Texas
EDU DISC

15,000 students

Additional locations: Denton and Houston, TX

A document containing names, addresses and SSNs of 15,000 TWU students was transmitted over a non-secure connection.

 
Information Source:
Media
records from this breach used in our total: 15,000

August 4, 2008 Arapahoe Community College
Littleton, Colorado
EDU PORT

15,000

A contractor who manages the student information database had a flash drive lost or stolen. Information on the drive included the names, addresses, credit card numbers and Social Security numbers.

 
Information Source:
Dataloss DB
records from this breach used in our total: 15,000

February 6, 2010 University of Texas, El Paso
El Paso, Texas
EDU DISC

15,000

University of Texas at El Paso is notifying students that their Social Security numbers were visible when their tax forms were sent out. The University notified 15,000 students but they don't know exactly how many students were affected. UTEP blames a glitch in a machine used to fold letters when student’s forms were sent out. Some of the forms were folded in such a way that the document shifted on the envelope and allowed for the Social Security numbers to be visible through the mailing window on the envelope.

 
Information Source:
Dataloss DB
records from this breach used in our total: 15,000

December 22, 2006 Utah Valley State College
Orem, Utah
EDU DISC

15,000

Social Security numbers and other personal information of students and faculty were accessible via Yahoo's search engine. The information was removed from UVSC's servers. Some Distance Education instructors and some students enrolled in UVSC courses between January 2002 and January 2005 were affected.

 
Information Source:
Dataloss DB
records from this breach used in our total: 15,000

December 15, 2010 Social Security Administration Office of Temporary Disability Assistance
New York, New York
GOV INSD

15,000

A subcontractor illegally downloaded around 15,000 Social Security numbers while performing upgrades. People who had made Social Security disability claims may have been affected.

UPDATE (1/4/2011): Dates of birth, addresses and phone numbers may have also been accessed.

 
Information Source:
Databreaches.net
records from this breach used in our total: 15,000

September 19, 2012 Blue Cross Blue Shield of Massachusetts (BCBS)
Boston, Massachusetts
MED INSD

15,000

A BCBS vendor misused BCBS employee information.  The misuse appears to have been limited to one instance.  Names, Social Security numbers, dates of birth, compensation information, and bank account information may have been exposed.

 
Information Source:
Media
records from this breach used in our total: 15,000

November 28, 2012 Advanced Data Processing, Inc. (ADPI), Grady EMS
Roseland, New Jersey
BSF INSD

At least 15,000 people were affected.

Information from certain ambulance agencies was inappropriately accessed and disclosed.  Patient account information such as names, Social Security numbers, dates of birth, and record identifiers were exposed by a dishonest ADPI employee. ADPI learned of the breach on October 1. The dishonest employee was fired and apprehended by authorities.

UPDATE (12/04/2012): The former ADPI employee stole information associated with Grady EMS ambulance service. About 900 Grady EMS patients had their information exposed between June 15, 2012 and October 12, 2012.

UPDATE (01/05/2013): A detailed list of the organizations and number of people who were affected is available on phiprivacy.net herehttp://www.phiprivacy.net/?p=10825

UPDATE (03/08/2013): Osceola County EMS released a notification in March of 2013 here: http://tinyurl.com/a335kak

UPDATE (03/14/2013): The Yuma, Arizona Fire Department was also affected by the breach.  ADP handles the billing for Yuma's emergency medical services.  Names, Social Security numbers, dates of birth, and record identifiers may have been accessed.

UPDATE (08/28/2013): ADPI learned of the tax scheme after being notified by Tampa, Florida police.  The IRS confirmed that Valparaiso Fire Department information was compromised by the breach in July of 2013.  Patients seen at Valparaiso Fire Department or by Valparaiso Fire Department ambulances between January 1 and June 21 of 2012 may have had their names, Social Security numbers, and dates of birth exposed.

 
Information Source:
California Attorney General
records from this breach used in our total: 15,000

March 27, 2014 The University of Wisconsin-Parkside
Kenosha, Wisconsin
EDU HACK

15,000

Students were notified by officials from The University of Wisconsin-Parkside of a data breach that occured to their system by hackers that installed malware on one university server.

The information that is at risk includes names, addresses, telephone numbers, email addresses and Social Security numbers. The breach affects students who were either admitted or enrolled at the university since the fall of 2010.

The server was shut down and the hacking was reported to local authorities. After launching an investigation it appears the malware was searching for credit card information and they show no evidence that any Social Security numbers were compromised.

The university has set up a website with information for those who may have been affected http://www.uwp.edu/explore/contactus/index.cfm 

 
Information Source:
Media
records from this breach used in our total: 15,000

May 11, 2012 First Data Corporation
Atlanta, Georgia
BSF DISC

15,399

On April 25, 2012, First Data learned that certain limited personal information about approximately 108,500 merchants who currently process with First Data or who applied for processing services had been shared outside of the company. The names, addresses, and Social Security numbers of merchants who submitted applications to First Data for merchant processing services were purposely disclosed to an outside party in January and February of 2012.  First Data later discovered that this action was not clearly permitted in some merchant contracts.

UPDATE: (5/29/2012): Bank of America Merchant Services (BAMS), a joint venture between First Data Corporation and Bank of America, was also involved in the breach.  The personal information of 15,399 California residents was involved.  Of the 15,399 California residents affected, a total of 4,058 residents were merchant customers of BAMS.

 
Information Source:
California Attorney General
records from this breach used in our total: 15,399

May 4, 2009 Kapiolani Community College
Honolulu, Hawaii
EDU HACK

15,487

More than 15,000 students at Kapiolani Community College are at risk of identity theft because of an Internet security breach. School officials found that a computer was infected with malware that can steal sensitive data.  The computer contained the personal information of 15,487 students who applied for financial aid between January 2004 and April 15. The computer did not have sensitive information, but it was hooked up to a network that had access to names, addresses, phone numbers dates of birth and Social Security numbers.

 
Information Source:
Dataloss DB
records from this breach used in our total: 15,487

January 22, 2005 University of Northern Colorado
Greeley, Colorado
EDU PORT

15,790 (15,790 employees and an unknown number of employee beneficiaries)

A hard drive was lost or stolen. It contained information on current and former University employees and their beneficiaries and dates back to April of 1997.  Names, dates of birth, SSNs, addresses, bank account numbers and routing numbers may have been accessed.

 
Information Source:
Dataloss DB
records from this breach used in our total: 15,790

April 26, 2005 Christus St. Joseph's Hospital
Houston, Texas
MED STAT

16,000

Two computers used for converting paper medical records into digital files were stolen.  One of the computers contained Social Security numbers and medical records for hundreds of patients.  Letters were sent to about 16,000 patients.

 
Information Source:
Dataloss DB
records from this breach used in our total: 16,000

August 1, 2006 Ron Tonkin Nissan
Portland, Oregon
BSR UNKN

Up to 16,000 affected

Questions? Call: (503) 251-3349

Several months ago the car dealership experienced a security breach affecting the personal information of those who bought cars or applied for credit between 2001 and March 2006.

 
Information Source:
Dataloss DB
records from this breach used in our total: 16,000

September 28, 2006 North Carolina Department of Motor Vehicles
Louisville, North Carolina
GOV STAT

16,000

(888) 495-5568

A computer was stolen from a NC Dept. of Motor Vehicles office, reported Sept. 10. It contains names, addresses, driver's license numbers, SSNs, and in some cases immigration visa information of 16,000 people who have been issued licenses in the past 18 months. Most are residents of Franklin County.

 
Information Source:
Dataloss DB
records from this breach used in our total: 16,000

March 26, 2007 Fort Monroe
Fort Monroe, Virginia
GOV PORT

16,000

A laptop computer containing the names, Social Security numbers and payroll information for as many as 16,000 civilian employees was stolen from an employee's personal vehicle. Bank account and bank routing information were not included.  People who work at the U.S. Army Training and Doctrine Command were affected.

 
Information Source:
Dataloss DB
records from this breach used in our total: 16,000

October 30, 2007 University of Nevada, Reno
Reno, Nevada
EDU PORT

16,000

A University of Nevada, Reno administrative employee has lost a flash drive that contained the names and Social Security numbers of 16,000 current and former students.

 
Information Source:
Dataloss DB
records from this breach used in our total: 16,000

December 25, 2008 Pulte Homes Las Vegas Division
Las Vegas, Nevada
BSO PHYS

16,000

A box containing computer backup tapes was stolen. Computer tapes holding private customer information including names, addresses, driver's license numbers and financial account numbers were stolen from a Pulte Homes office in Las Vegas.

 
Information Source:
Dataloss DB
records from this breach used in our total: 16,000

April 11, 2011 GunnAllen Financial
Tampa, Florida
BSF INSD

16,000

Former employees of GunnAllen Financial have been fined by the U.S. Securities and Exchange Commission (SEC) for failing to adequately protect customer data.  The former president and national sales manager broke privacy by transferring the information of GunnAllen Financial clients over to a new business after or during GunnAllen’s November 2010 liquidation.  The sales manager was authorized by the president to take a thumb drive with the information of about 16,000 clients with him to his new job.  The two former employees were fined $20,000 each and a third former chief compliance officer was fined $15,000 for failing “to ensure that the firm’s policies and procedures were reasonably designed to safeguard confidential customer information.” The fines are based on violations of the SEC’s Safeguard Rule, which requires institutions and financial advisers under SEC jurisdiction to protect customer data and give customers the opportunity to opt out of having their information shared with unaffiliated third parties.

 
Information Source:
Media
records from this breach used in our total: 16,000

June 11, 2012 Eugene School District 4J
Eugene, Oregon
EDU HACK

16,000

An unauthorized person accessed confidential files that contained current and former students' personal information.  Names, Social Security numbers, Dates of birth, student ID numbers, phone numbers, students' free or reduced-price school lunch status, and addresses may have been exposed.  Eugene School District 4J's notification can be read here: http://www.4j.lane.edu/communications/story/2012/06/11/securitybreachinformation

UPDATE (07/12/2012): A minor was arrested for possible involvement in the breach.  It appears that the teenager may have obtained the login credentials of an employee and used them to access the computer system.  Records for approximately 16,000 current students, as well as free and reduced-price lunch records from 2007 were exposed.

UPDATE (08/25/2012): The student was released from custody and expelled by North Eugene High School.  He also posted hundreds of students' confidential information on a computer account to taunt district officials. He is on house arrest and his attorney entered not guilty pleas.

 
Information Source:
Databreaches.net
records from this breach used in our total: 16,000

May 13, 2013 Adobe, Washington Administrative Office of the Courts
Olympia, Washington
BSO HACK

160,000

An official notice can be viewed here: http://www.courts.wa.gov/newsinfo/?fa=newsinfo.displayContent&theFile=dataBreach/commonQuestions

Up to 160,000 people may have had their information exposed by a breach.  Anyone who was booked into a city or county jail int he state of Washington between September of 2011 and December of 2012 may have had their Social Security number exposed.

Additionally, three classes of people may have had their names and driver's license information exposed.  First, people who received a DUI citation between 1989 and 2011 in the state of Washington may have had their names and drivers' license numbers exposed. Anyone who had a traffic case filed or resolved in a district or municipal court between 2011 and 2012 may have been affected. Finally, anyone who had a criminal case in Washington filed against them or resolved between 2011 and 2012 may have had their name and driver's license number exposed.

 

 
Information Source:
Media
records from this breach used in our total: 16,000

August 15, 2013 Harris County
Harris, Texas
GOV HACK

16,000

The information of current and former Harris County employees was found on electronic files in Vietnam.  Names, Social Security numers, and dates of birth were exposed.  The files were from 2005 and 2007 and appear to have been created before Harris County put in place stricter identity theft regulations.

 
Information Source:
Media
records from this breach used in our total: 16,000

April 5, 2005 MCI
Colorado Springs, Colorado
BSO PORT

16,500

A laptop containing names and Social Security numbers of current and former employees was stolen from the car trunk of an MCI financial analyst.  An MCI spokesperson stated that MCI would continue its policy of allowing laptops to be taken home by employees and will evaluate new security technologies.

 
Information Source:
Dataloss DB
records from this breach used in our total: 16,500

June 30, 2006 U.S. Department of Veteran Affairs
Washington, District Of Columbia
GOV PORT

16,500

A data tape disappeared from a VA facility in Indianapolis, IN that contained information on legal cases involving U.S. veterans and included veterans' Social Security numbers, dates of birth and legal documents.

UPDATE (10/11/06): The VA's Office of the General Counsel is offering identity theft protection services to those affected by the missing tape.

 
Information Source:
Dataloss DB
records from this breach used in our total: 16,500

September 14, 2006 Illinois Department of Corrections (IDOC)
Springfield, Illinois
GOV PHYS

16,500

A document containing employees' personal information was found outside the agency's premises where it should not have been. It has since been retrieved. Information included employees' names, SSNs, and salaries.

 
Information Source:
Dataloss DB
records from this breach used in our total: 16,500

December 24, 2008 Federal Emergency Management Agency
New Orleans, Louisiana
GOV DISC

16,857

An unauthorized breach of private information resulted in the information release of 16,857 names, Social Security numbers, phone numbers, and other private details of people who had applied for benefits. The information was flashed on a pair of privately run Web sites, but for how long was unclear.

 
Information Source:
Dataloss DB
records from this breach used in our total: 16,857

Breach Total
864,188,052 RECORDS BREACHED
(Please see explanation about this total.)
from 4,252 DATA BREACHES made public since 2005
Showing 3651-3700 of 4252 results


X

Sign In!

Loading