Data Breaches

Breach Subtotal

Breach Type: all
Organization Type: all
Year(s) of Breach: 2017
Company or Organization: all
Date Made Public:
July 16, 2018
Company: The cityof bozeman montana
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
2,962

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
July 11, 2018
Company: Tommie copper inc
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
28,437

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
June 27, 2018
Company: NameTests
Location: , California
Type of breach:
DISC
Type of organization:
BSR
Records Breached:
120,000,000

According to a post on Medium by the security researcher that discovered the flaw, Inti De Ceukelaire, "Nametests.com, the website behind the quizzes, recently fixed a flaw that publicly exposed information of their more than 120 million monthly users — even after they deleted the app

. . . .

  • Who was affected?

According to Facebook, NameTests has more than 120 million active monthly users. I have no insights in how many users have given their data to the app since their launch early 2015. It is important to note that if this flaw was ever abused, only the users that actually visited the attacker’s website would have their data leaked to the attacker.

  • What Data could have been leaked?

Depending on what quizzes you took, the javascript could leak your facebook ID, first name, last name, language, gender, date of birth, profile picture, cover photo, currency, devices you use, when your information was last updated, your posts and statuses, your photos and your friends.

  • What data could have been leaked after the app was deleted?

If you ever took a quiz and removed the app afterwards, external websites would still be able to read your facebook id, first name, last name, language, gender, date of birth. You could have only prevented this from happening if you manually deleted your cookies, as the website does not offer a logout functionality."

 

Information Source:
Media
Date Made Public:
June 15, 2018
Company: Central christian college of kansas
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
631

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
June 12, 2018
Company: Guaranteed rate inc
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
5,956

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
June 11, 2018
Company: Weicher company
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
3,553

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
June 7, 2018
Company: Stein eriksen lodge hotel
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
1,992

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
June 6, 2018
Company: Sentry insurancea mutual company
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
20

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
June 4, 2018
Company: Cityof goodyear arizona
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
11,247

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
June 4, 2018
Company: Health care service corporation
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
161

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
June 1, 2018
Company: Transamerica
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
226,881

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
May 31, 2018
Company: Chattanooga clothing company
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
835

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
May 29, 2018
Company: Southport familyand sports medicine
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
15

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
May 25, 2018
Company: SEIU 32BJ
Location:
Type of breach:
UNKN
Type of organization:
NGO
Records Breached:
1

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
May 24, 2018
Company: Luxury retreats
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
345

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
May 23, 2018
Company: National railroad passenger corporation( amtrak)
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
2,853

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
May 23, 2018
Company: Bell partners inc
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
523

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
May 22, 2018
Company: Muir Medical Group, IPA. Inc.
Location: , California
Type of breach:
PHYS
Type of organization:
MED
Records Breached:
500
What happened? On March 7, 2018, Muir discovered that a former employee of Muir IPA took with her certain information in the possession of Muir IPA before her employment ended with Muir IPA in December 2017. .
 
What information was involved? The information taken by Muir IPA’s former employee may have included your personal information, including demographic information (such as your name, address, email address, telephone number, date of birth, and Social Security number to the extent your Medicare number is derived from your Social Security number), insurance information (such as your health insurance plan name and health insurance identification number), and clinical information (such as your diagnoses, test results, medication information, and other treatment information in Muir IPA’s possession)
 
** Disclaimer ** The number of breached records reported reflects our best estimate, based on all the data currently available. Because the specific number of breached records was not disclosed in the notification letter sent to the California Attorney General’s Office, the number is estimated as the minimum number of breached records necessary to trigger the obligation to notify the Attorney General.
 
Under Cal. Civ. Code §§ 1798.29, 1798.82, notification to the Attorney General is only required whenever a breach of records affects more than 500 California residents.
If you are a business representative and believe this number is inaccurate, please contact us at chronology@privacyrights.org and we will review and update this record.
 
Information Source:
Security Breach Letter
Date Made Public:
May 17, 2018
Company: Corporation service company
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
94,148

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
May 16, 2018
Company: Providence Saint John's Health Center
Location: , California
Type of breach:
HACK
Type of organization:
MED
Records Breached:
500
For more information, see the security breach letter sent to the California Attorney General's Office.
 
** Disclaimer ** The number of breached records reported reflects our best estimate, based on all the data currently available. Because the specific number of breached records was not disclosed in the notification letter sent to the California Attorney General’s Office, the number is estimated as the minimum number of breached records necessary to trigger the obligation to notify the Attorney General.
 
Under Cal. Civ. Code §§ 1798.29, 1798.82, notification to the Attorney General is only required whenever a breach of records affects more than 500 California residents.
If you are a business representative and believe this number is inaccurate, please contact us at chronology@privacyrights.org and we will review and update this record.
 
Information Source:
Security Breach Letter
Date Made Public:
May 11, 2018
Company: Rail europe s a s
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
3,714

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
May 11, 2018
Company: Maron electric company
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
274

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
May 11, 2018
Company: Verint systems inc
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
229

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
May 10, 2018
Company: Fareportal inc
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
880,000

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
May 10, 2018
Company: Taco Johns of iowa
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
6,012

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
May 10, 2018
Company: Standard insurance company
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
89

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
May 9, 2018
Company: Knape and Vogt Manufacturing Company
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
1,873

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
May 8, 2018
Company: Global university
Location:
Type of breach:
UNKN
Type of organization:
EDU
Records Breached:
139,810

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
May 4, 2018
Company: PAR Electrical Contractors, Inc.
Location: Kansas City, Missouri
Type of breach:
PHYS
Type of organization:
BSO
Records Breached:
25,000

According to a breach notification form and letter sent to the Indiana Office of Attorney General, PAR Electrical Contractors, Inc. experienced a data breach that resulted in the exposure of "~25,000" persons. According to the accompanying notification letter, "On or about December 22, 2017, a thief stole a container holding daily backup tapes that, as part of PAR's regular practices, had been taken off-site. . . The backup tapes included data from PAR's employment records for present and former employees.We believe the data included your name, contact information, Social Security number, date of birth, and payroll dataincluding bank account number if used for direct deposit). In addition, the tapes may have included your driver'slicense or passport number (if submitted as part of the new hire process)."

Information Source:
Security Breach Letter
Date Made Public:
May 4, 2018
Company: Alaska airlines inc
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
4,102

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
May 3, 2018
Company: The Pleasure Chest ltd
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
222

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
April 30, 2018
Company: Rail Europe North America inc
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
18,785

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
April 30, 2018
Company: The national restaurant association
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
1,595

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
April 27, 2018
Company: CPT Group Inc.
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
42,587

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
April 27, 2018
Company: Mc Mahan Thomson and Associates
Location:
Type of breach:
UNKN
Type of organization:
BSF
Records Breached:
2,677

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
April 27, 2018
Company: Staff quick
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
108

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
April 27, 2018
Company: Hudsons bay company
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
1

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
April 25, 2018
Company: Sears holdings management corporation
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
95,547

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
April 25, 2018
Company: Cetera advisors llc
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
2,299

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
April 20, 2018
Company: Orbitz
Location:
Type of breach:
HACK
Type of organization:
BSO
Records Breached:
0

Between Oct. 1, 201 and Dec. 22, 2017, Orbitz determined that an unauthorized third party may have accessed personal information stored on a third party business partner platform. Information affected including name, payment card number and expiration date, phone number, email address and physical and/or billing address. Certain hotel reservations made through Southwest.com, whih was powere dby orbitz, may have been affected.

 

Information Source:
Security Breach Letter
CSV