Data Breaches

Breach Subtotal

Breach Type: all
Organization Type: all
Year(s) of Breach: all
Company or Organization: all
Date Made Public:
December 17, 2018
Company: University of Vermont Health Network - Elizabethtown Community Hospital
Location: , New York
Type of breach:
HACK
Type of organization:
MED
Records Breached:
32,470

Location of breached information: Email

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
December 17, 2018
Company: Fort Defiance Indian Hospital
Location: , Arizona
Type of breach:
HACK
Type of organization:
MED
Records Breached:
1,000

Location of breached information: Desktop Computer

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
December 16, 2018
Company: Ben-Ora, Hansen & Vanesian Imaging, Ltd d/b/a Solis Mammography
Location: , Arizona
Type of breach:
PHYS
Type of organization:
MED
Records Breached:
500

Location of breached information: Desktop Computer

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
December 14, 2018
Company: Massachusetts General Hospital
Location: , Massachusetts
Type of breach:
DISC
Type of organization:
MED
Records Breached:
588

Location of breached information: Paper/Films

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
December 13, 2018
Company: Contra Costa Health Plan
Location: , California
Type of breach:
DISC
Type of organization:
MED
Records Breached:
862

Location of breached information: Electronic Medical Record, Email

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
December 13, 2018
Company: Smile Designs by Sandwick
Location: , Minnesota
Type of breach:
HACK
Type of organization:
MED
Records Breached:
900

Location of breached information: Other

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
December 11, 2018
Company: Adams County
Location: , Wisconsin
Type of breach:
DISC
Type of organization:
MED
Records Breached:
258,120

Location of breached information: Network Server, Other

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
December 11, 2018
Company: Ramsey County
Location: , Minnesota
Type of breach:
HACK
Type of organization:
MED
Records Breached:
599

Location of breached information: Email

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
December 8, 2018
Company: Leon A Cohen MM.,PA
Location: , Florida
Type of breach:
PHYS
Type of organization:
MED
Records Breached:
2,122

Location of breached information: Paper/Films

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
December 4, 2018
Company: Butler County Board of County Commissioners
Location: , Ohio
Type of breach:
DISC
Type of organization:
MED
Records Breached:
1,912

Location of breached information: Email

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
November 30, 2018
Company: Marriott International
Location: , Maryland
Type of breach:
HACK
Type of organization:
BSR
Records Breached:
327,000,000

Marriott International disclosed a massive security breach of the reservations system for its Starwood Hotels and Resorts brand, a hack it said Friday may have compromised private info on up to 500 million guests.

According to Marriott, for around 327 million Starwood guests, the database included such personal information as name, mailing address, phone number, email address, passport number, date of birth, and gender. For some Starwood customers, the hacked database also stored payment card numbers and expiration dates, although Marriott said that information was encrypted.

Information Source:
Media
Date Made Public:
November 30, 2018
Company: CHI Health Care, Inc.
Location: , Maryland
Type of breach:
DISC
Type of organization:
MED
Records Breached:
722

Location of breached information: Other Portable Electronic Device, Paper/Films

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
November 30, 2018
Company: Mind and Motion, LLC
Location: , Georgia
Type of breach:
HACK
Type of organization:
MED
Records Breached:
16,000

Location of breached information: Network Server

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
November 30, 2018
Company: CCRM Dallas-Fort Worth
Location: , Texas
Type of breach:
HACK
Type of organization:
MED
Records Breached:
1,117

Location of breached information: Email

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
November 30, 2018
Company: Thielen Student Health Center
Location: , Iowa
Type of breach:
DISC
Type of organization:
MED
Records Breached:
599

Location of breached information: Email

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
November 30, 2018
Company: Prairie Fields Family Medicine, PC
Location: , Nebraska
Type of breach:
DISC
Type of organization:
MED
Records Breached:
6,450

Location of breached information: Email

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
November 30, 2018
Company: Georgia Department of Human Services
Location: , Georgia
Type of breach:
DISC
Type of organization:
MED
Records Breached:
435,339

Location of breached information: Network Server, Other Portable Electronic Device

Business associate present: Yes

Information Source:
US Department of Health and Human Services
Date Made Public:
November 28, 2018
Company: OrthoTexas Physicians and Surgeons, PLLC
Location: , Texas
Type of breach:
DISC
Type of organization:
MED
Records Breached:
2,172

Location of breached information: Paper/Films

Business associate present: Yes

Information Source:
US Department of Health and Human Services
Date Made Public:
November 28, 2018
Company: Steward Medical Group
Location: , Massachusetts
Type of breach:
HACK
Type of organization:
MED
Records Breached:
16,276

Location of breached information: Network Server

Business associate present: Yes

Information Source:
US Department of Health and Human Services
Date Made Public:
November 27, 2018
Company: Health equity inc
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
189,957

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
November 27, 2018
Company: AccuDoc Solutions, Inc.
Location: , North Carolina
Type of breach:
HACK
Type of organization:
MED
Records Breached:
2,652,540

Location of breached information: Network Server

Business associate present: Yes

Information Source:
US Department of Health and Human Services
Date Made Public:
November 26, 2018
Company: Cancer Treatment Centers of America (CTCA) at Western Regional Medical Center
Location: , Arizona
Type of breach:
HACK
Type of organization:
MED
Records Breached:
41,948

Location of breached information: Email

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
November 26, 2018
Company: Baylor Scott & White Medical Center - Frisco
Location: , Texas
Type of breach:
HACK
Type of organization:
MED
Records Breached:
47,984

Location of breached information: Network Server

Business associate present: Yes

Information Source:
US Department of Health and Human Services
Date Made Public:
November 26, 2018
Company: Mercy Medical Center- North Iowa
Location: , Iowa
Type of breach:
DISC
Type of organization:
MED
Records Breached:
1,971

Location of breached information: Electronic Medical Record

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
November 23, 2018
Company: Independence community college
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
4,839

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
November 21, 2018
Company: Lundberg family farms
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
201

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
November 21, 2018
Company: Tandigm Health
Location: , Pennsylvania
Type of breach:
HACK
Type of organization:
MED
Records Breached:
7,376

Location of breached information: Network Server

Business associate present: Yes

Information Source:
US Department of Health and Human Services
Date Made Public:
November 20, 2018
Company: R r bowker llc
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
18,578

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
November 20, 2018
Company: East End Disability Associates, Inc.
Location: , New York
Type of breach:
HACK
Type of organization:
MED
Records Breached:
896

Location of breached information: Email

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
November 19, 2018
Company: Francescas services corporation
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
84,275

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
November 19, 2018
Company: Inova Health System
Location: , Virginia
Type of breach:
HACK
Type of organization:
MED
Records Breached:
857

Location of breached information: Electronic Medical Record

Business associate present: Yes

Information Source:
US Department of Health and Human Services
Date Made Public:
November 19, 2018
Company: James R. Etzkorn, MD
Location: , Missouri
Type of breach:
DISC
Type of organization:
MED
Records Breached:
6,845

Location of breached information: Paper/Films

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
November 19, 2018
Company: Episcopal Health Services
Location: , New York
Type of breach:
HACK
Type of organization:
MED
Records Breached:
218,055

Location of breached information: Email

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
November 17, 2018
Company: LPL Financial llc
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
270,000

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
November 17, 2018
Company: HealthEquity, Inc.
Location: , Utah
Type of breach:
HACK
Type of organization:
MED
Records Breached:
165,800

Location of breached information: Email

Business associate present: Yes

Information Source:
US Department of Health and Human Services
Date Made Public:
November 16, 2018
Company: Jo ann jody hendryx
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
67

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
November 16, 2018
Company: Pentegra services inc
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
301

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
November 16, 2018
Company: Smithand nephew
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
22

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
November 16, 2018
Company: Texas VSI, LLC
Location: , Texas
Type of breach:
HACK
Type of organization:
MED
Records Breached:
500

Location of breached information: Network Server

Business associate present: Yes

Information Source:
US Department of Health and Human Services
Date Made Public:
November 16, 2018
Company: New York Oncology Hematology, P.C.
Location: , New York
Type of breach:
HACK
Type of organization:
MED
Records Breached:
128,400

Location of breached information: Email

Business associate present: No

Information Source:
US Department of Health and Human Services
CSV