Data Breaches

Breach Subtotal

Breach Type: all
Organization Type: all
Year(s) of Breach: all
Company or Organization: all
Date Made Public:
October 4, 2018
Company: Professional publications inc
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
1,162

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
October 3, 2018
Company: Tillamook Chiropractic, PC
Location: , Oregon
Type of breach:
HACK
Type of organization:
MED
Records Breached:
4,058

Location of breached information: Desktop Computer, Network Server

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
October 3, 2018
Company: Shoe station inc
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
216

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
October 2, 2018
Company: Another Planet Entertainment
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
500

Information on this security breach is provided by the Office of the California Attorney General. ** Disclaimer: ** The number of breached records reported reflects our best estimate, based on all the data currently available, surrounding this breach. Because the specific number of breached records was not disclosed in the notification letter sent to the California Attorney General?s Office, the number is estimated as the minimum number of breached records necessary to trigger the obligation of notification to the Attorney General under California statute.
Under Cal. Civ. Code 1798.29, 1798.82, notification to the Attorney General is only required whenever a breach of records affects more than 500 California residents.
If you believe this number is inaccurate, please contact us at chronology@privacyrights.org

Information Source:
California Attorney General
Date Made Public:
October 2, 2018
Company: New Mexico Retiree Health Care Authority
Location: , New Mexico
Type of breach:
DISC
Type of organization:
MED
Records Breached:
586

Location of breached information: Paper/Films

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
October 2, 2018
Company: New penn financial llcdba shellpoint mortgage servicing
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
157

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
October 1, 2018
Company: Chegg
Location: Santa Clara, California
Type of breach:
HACK
Type of organization:
EDU
Records Breached:
40,000,000

According to a filing the company left with the SEC, Chegg, a technology giant specializing in textbook rental, has confirmed a data breach affecting some 40 million customers. Data exposed included usernames, email addresses, shipping addresses and hashed passwords. The company does not believe that financial data was taken.

Information Source:
Government Agency
Date Made Public:
October 1, 2018
Company: Rite Aid Corporation
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
500

Information on this security breach is provided by the Office of the California Attorney General. ** Disclaimer: ** The number of breached records reported reflects our best estimate, based on all the data currently available, surrounding this breach. Because the specific number of breached records was not disclosed in the notification letter sent to the California Attorney General?s Office, the number is estimated as the minimum number of breached records necessary to trigger the obligation of notification to the Attorney General under California statute.
Under Cal. Civ. Code 1798.29, 1798.82, notification to the Attorney General is only required whenever a breach of records affects more than 500 California residents.
If you believe this number is inaccurate, please contact us at chronology@privacyrights.org

Information Source:
California Attorney General
Date Made Public:
October 1, 2018
Company: Data intensity
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
266

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
October 1, 2018
Company: FSSA on behalf of Phoenix Data Corporation
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
2

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
October 1, 2018
Company: Snider fleet solutions
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
2,566

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
October 1, 2018
Company: Toyota industries north america inc
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
19,320

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
September 28, 2018
Company: Facebook, Inc.
Location: , California
Type of breach:
HACK
Type of organization:
BSO
Records Breached:
50,000,000

According to the New York Times, Facebook suffered an "attack" on their system that led to the exposure of information of 50,000,000 users. "The company discovered the breach earlier this week, finding that attackers had exploited a feature in Facebook’s code that allowed them to take over user accounts. Facebook fixed the vulnerability and notified law enforcement officials.

More than 90 million of Facebook’s users were forced to log out of their accounts Friday morning, a common safety measure for compromised accounts.

Facebook said it did not know the origin or identity of the attackers, nor had it fully assessed the scope of the attack. The company is in the beginning stages of its investigation."

 

 

Information Source:
Media
Date Made Public:
September 26, 2018
Company: Chegg, Inc.
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
500

Information on this security breach is provided by the Office of the California Attorney General. ** Disclaimer: ** The number of breached records reported reflects our best estimate, based on all the data currently available, surrounding this breach. Because the specific number of breached records was not disclosed in the notification letter sent to the California Attorney General?s Office, the number is estimated as the minimum number of breached records necessary to trigger the obligation of notification to the Attorney General under California statute.
Under Cal. Civ. Code 1798.29, 1798.82, notification to the Attorney General is only required whenever a breach of records affects more than 500 California residents.
If you believe this number is inaccurate, please contact us at chronology@privacyrights.org

Information Source:
California Attorney General
Date Made Public:
September 25, 2018
Company: Travis Credit Union
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
500

Information on this security breach is provided by the Office of the California Attorney General. ** Disclaimer: ** The number of breached records reported reflects our best estimate, based on all the data currently available, surrounding this breach. Because the specific number of breached records was not disclosed in the notification letter sent to the California Attorney General?s Office, the number is estimated as the minimum number of breached records necessary to trigger the obligation of notification to the Attorney General under California statute.
Under Cal. Civ. Code 1798.29, 1798.82, notification to the Attorney General is only required whenever a breach of records affects more than 500 California residents.
If you believe this number is inaccurate, please contact us at chronology@privacyrights.org

Information Source:
California Attorney General
Date Made Public:
September 22, 2018
Company: Mark’s International Wines
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
500

Information on this security breach is provided by the Office of the California Attorney General. ** Disclaimer: ** The number of breached records reported reflects our best estimate, based on all the data currently available, surrounding this breach. Because the specific number of breached records was not disclosed in the notification letter sent to the California Attorney General’s Office, the number is estimated as the minimum number of breached records necessary to trigger the obligation of notification to the Attorney General under California statute.
Under Cal. Civ. Code 1798.29, 1798.82, notification to the Attorney General is only required whenever a breach of records affects more than 500 California residents.
If you believe this number is inaccurate, please contact us at chronology@privacyrights.org

Information Source:
California Attorney General
Date Made Public:
September 22, 2018
Company: Mark?s International Wines
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
500

Information on this security breach is provided by the Office of the California Attorney General. ** Disclaimer: ** The number of breached records reported reflects our best estimate, based on all the data currently available, surrounding this breach. Because the specific number of breached records was not disclosed in the notification letter sent to the California Attorney General?s Office, the number is estimated as the minimum number of breached records necessary to trigger the obligation of notification to the Attorney General under California statute.
Under Cal. Civ. Code 1798.29, 1798.82, notification to the Attorney General is only required whenever a breach of records affects more than 500 California residents.
If you believe this number is inaccurate, please contact us at chronology@privacyrights.org

Information Source:
California Attorney General
Date Made Public:
September 21, 2018
Company: YRC Worldwide Inc.
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
500

Information on this security breach is provided by the Office of the California Attorney General. ** Disclaimer: ** The number of breached records reported reflects our best estimate, based on all the data currently available, surrounding this breach. Because the specific number of breached records was not disclosed in the notification letter sent to the California Attorney General?s Office, the number is estimated as the minimum number of breached records necessary to trigger the obligation of notification to the Attorney General under California statute.
Under Cal. Civ. Code 1798.29, 1798.82, notification to the Attorney General is only required whenever a breach of records affects more than 500 California residents.
If you believe this number is inaccurate, please contact us at chronology@privacyrights.org

Information Source:
California Attorney General
Date Made Public:
September 20, 2018
Company: Personal Assistance Services of Colorado, LLC
Location: , Colorado
Type of breach:
HACK
Type of organization:
MED
Records Breached:
1,839

Location of breached information: Email

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
September 20, 2018
Company: Blood Systems, Inc.
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
500

Information on this security breach is provided by the Office of the California Attorney General. ** Disclaimer: ** The number of breached records reported reflects our best estimate, based on all the data currently available, surrounding this breach. Because the specific number of breached records was not disclosed in the notification letter sent to the California Attorney General?s Office, the number is estimated as the minimum number of breached records necessary to trigger the obligation of notification to the Attorney General under California statute.
Under Cal. Civ. Code 1798.29, 1798.82, notification to the Attorney General is only required whenever a breach of records affects more than 500 California residents.
If you believe this number is inaccurate, please contact us at chronology@privacyrights.org

Information Source:
California Attorney General
Date Made Public:
September 19, 2018
Company: SaverSpy
Location: , California
Type of breach:
DISC
Type of organization:
BSR
Records Breached:
11,000,000

According to reporting by Catalin Cimbanu for ZDNet, "On Monday, a security researcher specialized in finding exposed databases has identified an unsecured MongoDB server that was leaking the personal details of nearly 11 million users. The server appears to belong to an email marketing firm based in California.

The data, contained in a 43.5GB dataset, included full names, email addresses, gender information, and physical addresses such as state, city, and ZIP code for 10,999,535 users.

All email addresses contained in this database were Yahoo-based, suggesting this was only a small part of a larger dataset, most likely stored on multiple servers.

. . .

While initially it was not clear who was the owner of this database, one small suffix in several records --such as "Content-SaverSpy-09092018"-- suggested this data may belong to a company named SaverSpy.

Combining a simple Google search along with the nature of the user records found in the exposed database led both this reporter and Diachenko to believe the data belonged to SaverSpy.com, a daily deals website. The SaverSpy.com website claims to operate under the Coupons.com brand, but a Quotient spokesperson told ZDNet today that SaverSpy is only part of an affiliate program."

Information Source:
Media
Date Made Public:
September 19, 2018
Company: Pulse Systems, Inc.
Location: , Kansas
Type of breach:
DISC
Type of organization:
MED
Records Breached:
722

Location of breached information: Paper/Films

Business associate present: Yes

Information Source:
US Department of Health and Human Services
Date Made Public:
September 19, 2018
Company: Tech Rabbit LLC
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
500

Information on this security breach is provided by the Office of the California Attorney General. ** Disclaimer: ** The number of breached records reported reflects our best estimate, based on all the data currently available, surrounding this breach. Because the specific number of breached records was not disclosed in the notification letter sent to the California Attorney General?s Office, the number is estimated as the minimum number of breached records necessary to trigger the obligation of notification to the Attorney General under California statute.
Under Cal. Civ. Code 1798.29, 1798.82, notification to the Attorney General is only required whenever a breach of records affects more than 500 California residents.
If you believe this number is inaccurate, please contact us at chronology@privacyrights.org

Information Source:
California Attorney General
Date Made Public:
September 19, 2018
Company: The Affiliated Group
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
500

Information on this security breach is provided by the Office of the California Attorney General. ** Disclaimer: ** The number of breached records reported reflects our best estimate, based on all the data currently available, surrounding this breach. Because the specific number of breached records was not disclosed in the notification letter sent to the California Attorney General?s Office, the number is estimated as the minimum number of breached records necessary to trigger the obligation of notification to the Attorney General under California statute.
Under Cal. Civ. Code 1798.29, 1798.82, notification to the Attorney General is only required whenever a breach of records affects more than 500 California residents.
If you believe this number is inaccurate, please contact us at chronology@privacyrights.org

Information Source:
California Attorney General
Date Made Public:
September 18, 2018
Company: Southwest Oregon IPA
Location: , Oregon
Type of breach:
DISC
Type of organization:
MED
Records Breached:
1,449

Location of breached information: Paper/Films

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
September 18, 2018
Company: ELS Language Services, Inc.
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
500

Information on this security breach is provided by the Office of the California Attorney General. ** Disclaimer: ** The number of breached records reported reflects our best estimate, based on all the data currently available, surrounding this breach. Because the specific number of breached records was not disclosed in the notification letter sent to the California Attorney General?s Office, the number is estimated as the minimum number of breached records necessary to trigger the obligation of notification to the Attorney General under California statute.
Under Cal. Civ. Code 1798.29, 1798.82, notification to the Attorney General is only required whenever a breach of records affects more than 500 California residents.
If you believe this number is inaccurate, please contact us at chronology@privacyrights.org

Information Source:
California Attorney General
Date Made Public:
September 17, 2018
Company: Independence Blue Cross, LLC
Location: , Pennsylvania
Type of breach:
DISC
Type of organization:
MED
Records Breached:
16,762

Location of breached information: Other

Business associate present: Yes

Information Source:
US Department of Health and Human Services
Date Made Public:
September 14, 2018
Company: Guardant Health, Inc.
Location: , California
Type of breach:
HACK
Type of organization:
MED
Records Breached:
1,112

Location of breached information: Email

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
September 13, 2018
Company: Blue Cross & Blue Shield of Rhode Island
Location: , Rhode Island
Type of breach:
DISC
Type of organization:
MED
Records Breached:
1,567

Location of breached information: Paper/Films

Business associate present: Yes

Information Source:
US Department of Health and Human Services
Date Made Public:
September 13, 2018
Company: Leominster Dermatology LLP
Location: , Massachusetts
Type of breach:
DISC
Type of organization:
MED
Records Breached:
500

Location of breached information: Paper/Films

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
September 11, 2018
Company: Peaceful Valley Farm & Garden Supply
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
500

Information on this security breach is provided by the Office of the California Attorney General. ** Disclaimer: ** The number of breached records reported reflects our best estimate, based on all the data currently available, surrounding this breach. Because the specific number of breached records was not disclosed in the notification letter sent to the California Attorney General?s Office, the number is estimated as the minimum number of breached records necessary to trigger the obligation of notification to the Attorney General under California statute.
Under Cal. Civ. Code 1798.29, 1798.82, notification to the Attorney General is only required whenever a breach of records affects more than 500 California residents.
If you believe this number is inaccurate, please contact us at chronology@privacyrights.org

Information Source:
California Attorney General
Date Made Public:
September 10, 2018
Company: Simonian Sports Medicine Clinic, A Medical Corporation
Location: , California
Type of breach:
DISC
Type of organization:
MED
Records Breached:
1,541

Location of breached information: Network Server

Business associate present: Yes

Information Source:
US Department of Health and Human Services
Date Made Public:
September 10, 2018
Company: Surgerical Specialties of Arroyo Grande, LLC, dba Oak Park Surgery Center
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
500

Information on this security breach is provided by the Office of the California Attorney General. ** Disclaimer: ** The number of breached records reported reflects our best estimate, based on all the data currently available, surrounding this breach. Because the specific number of breached records was not disclosed in the notification letter sent to the California Attorney General?s Office, the number is estimated as the minimum number of breached records necessary to trigger the obligation of notification to the Attorney General under California statute.
Under Cal. Civ. Code 1798.29, 1798.82, notification to the Attorney General is only required whenever a breach of records affects more than 500 California residents.
If you believe this number is inaccurate, please contact us at chronology@privacyrights.org

Information Source:
California Attorney General
Date Made Public:
September 7, 2018
Company: Ohio Living
Location: , Ohio
Type of breach:
HACK
Type of organization:
MED
Records Breached:
6,510

Location of breached information: Email

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
September 7, 2018
Company: TMC HealthCare
Location: , Arizona
Type of breach:
DISC
Type of organization:
MED
Records Breached:
1,776

Location of breached information: Paper/Films

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
September 7, 2018
Company: Rockdale Blackhawk, LLC d/b/a Little River Healthcare
Location: , Texas
Type of breach:
DISC
Type of organization:
MED
Records Breached:
1,494

Location of breached information: Electronic Medical Record, Other

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
September 7, 2018
Company: Boston Health Care for the Homeless Program
Location: , Massachusetts
Type of breach:
DISC
Type of organization:
MED
Records Breached:
861

Location of breached information: Paper/Films

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
September 7, 2018
Company: Catholic Charities Neighborhood Services, Inc.
Location: , New York
Type of breach:
HACK
Type of organization:
MED
Records Breached:
565

Location of breached information: Email

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
September 7, 2018
Company: Mt. Diablo Unified School District
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
500

Information on this security breach is provided by the Office of the California Attorney General. ** Disclaimer: ** The number of breached records reported reflects our best estimate, based on all the data currently available, surrounding this breach. Because the specific number of breached records was not disclosed in the notification letter sent to the California Attorney General?s Office, the number is estimated as the minimum number of breached records necessary to trigger the obligation of notification to the Attorney General under California statute.
Under Cal. Civ. Code 1798.29, 1798.82, notification to the Attorney General is only required whenever a breach of records affects more than 500 California residents.
If you believe this number is inaccurate, please contact us at chronology@privacyrights.org

Information Source:
California Attorney General
Date Made Public:
September 5, 2018
Company: Elkhart county prosecutor attorney office i v d child support
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
2

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
CSV