Data Breaches

Breach Subtotal

Breach Type: all
Organization Type: all
Year(s) of Breach: 2018
Company or Organization: all
Date Made Public:
December 21, 2018
Company: San Diego Unified School District
Location: San Diego, California
Type of breach:
HACK
Type of organization:
EDU
Records Breached:
500,000

As reported at the Los Angeles Times, "The personal information of San Diego Unified students, former students and employees may have been compromised in a data breach that officials believe happened in January, the school district said Friday.

The breach could affect as many as 500,000 students who attended San Diego Unified schools as far back as the 2008-09 school year, officials said.

The breach may have included information about students and staff such as addresses and dates of birth, discipline, health, scheduling and grade information, according to an email sent to school families on Friday. Social Security numbers were also affected.

About 50 staff members’ accounts are known to have been compromised and have been reset, according to the district.

“The San Diego Unified School District has taken the steps necessary to eliminate the threat to your personal data and implement improvements to prevent such unauthorized access from happening again,” the district said in the email."

Information Source:
Media
Date Made Public:
November 30, 2018
Company: Marriott International
Location: , Maryland
Type of breach:
HACK
Type of organization:
BSR
Records Breached:
327,000,000

Marriott International disclosed a massive security breach of the reservations system for its Starwood Hotels and Resorts brand, a hack it said Friday may have compromised private info on up to 500 million guests.

According to Marriott, for around 327 million Starwood guests, the database included such personal information as name, mailing address, phone number, email address, passport number, date of birth, and gender. For some Starwood customers, the hacked database also stored payment card numbers and expiration dates, although Marriott said that information was encrypted.

Information Source:
Media
Date Made Public:
November 30, 2018
Company: CHI Health Care, Inc.
Location: , Maryland
Type of breach:
DISC
Type of organization:
MED
Records Breached:
722

Location of breached information: Other Portable Electronic Device, Paper/Films

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
November 30, 2018
Company: Mind and Motion, LLC
Location: , Georgia
Type of breach:
HACK
Type of organization:
MED
Records Breached:
16,000

Location of breached information: Network Server

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
November 30, 2018
Company: CCRM Dallas-Fort Worth
Location: , Texas
Type of breach:
HACK
Type of organization:
MED
Records Breached:
1,117

Location of breached information: Email

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
November 30, 2018
Company: Thielen Student Health Center
Location: , Iowa
Type of breach:
DISC
Type of organization:
MED
Records Breached:
599

Location of breached information: Email

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
November 30, 2018
Company: Prairie Fields Family Medicine, PC
Location: , Nebraska
Type of breach:
DISC
Type of organization:
MED
Records Breached:
6,450

Location of breached information: Email

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
November 28, 2018
Company: OrthoTexas Physicians and Surgeons, PLLC
Location: , Texas
Type of breach:
DISC
Type of organization:
MED
Records Breached:
2,172

Location of breached information: Paper/Films

Business associate present: Yes

Information Source:
US Department of Health and Human Services
Date Made Public:
November 28, 2018
Company: Steward Medical Group
Location: , Massachusetts
Type of breach:
HACK
Type of organization:
MED
Records Breached:
16,276

Location of breached information: Network Server

Business associate present: Yes

Information Source:
US Department of Health and Human Services
Date Made Public:
November 27, 2018
Company: Health equity inc
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
189,957

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
November 27, 2018
Company: AccuDoc Solutions, Inc.
Location: , North Carolina
Type of breach:
HACK
Type of organization:
MED
Records Breached:
2,652,540

Location of breached information: Network Server

Business associate present: Yes

Information Source:
US Department of Health and Human Services
Date Made Public:
November 26, 2018
Company: Cancer Treatment Centers of America (CTCA) at Western Regional Medical Center
Location: , Arizona
Type of breach:
HACK
Type of organization:
MED
Records Breached:
41,948

Location of breached information: Email

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
November 26, 2018
Company: Baylor Scott & White Medical Center - Frisco
Location: , Texas
Type of breach:
HACK
Type of organization:
MED
Records Breached:
47,984

Location of breached information: Network Server

Business associate present: Yes

Information Source:
US Department of Health and Human Services
Date Made Public:
November 26, 2018
Company: Mercy Medical Center- North Iowa
Location: , Iowa
Type of breach:
DISC
Type of organization:
MED
Records Breached:
1,971

Location of breached information: Electronic Medical Record

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
November 23, 2018
Company: Independence community college
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
4,839

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
November 21, 2018
Company: Lundberg family farms
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
201

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
November 21, 2018
Company: Tandigm Health
Location: , Pennsylvania
Type of breach:
HACK
Type of organization:
MED
Records Breached:
7,376

Location of breached information: Network Server

Business associate present: Yes

Information Source:
US Department of Health and Human Services
Date Made Public:
November 20, 2018
Company: East End Disability Associates, Inc.
Location: , New York
Type of breach:
HACK
Type of organization:
MED
Records Breached:
896

Location of breached information: Email

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
November 19, 2018
Company: Inova Health System
Location: , Virginia
Type of breach:
HACK
Type of organization:
MED
Records Breached:
857

Location of breached information: Electronic Medical Record

Business associate present: Yes

Information Source:
US Department of Health and Human Services
Date Made Public:
November 19, 2018
Company: James R. Etzkorn, MD
Location: , Missouri
Type of breach:
DISC
Type of organization:
MED
Records Breached:
6,845

Location of breached information: Paper/Films

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
November 17, 2018
Company: LPL Financial llc
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
270,000

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
November 17, 2018
Company: HealthEquity, Inc.
Location: , Utah
Type of breach:
HACK
Type of organization:
MED
Records Breached:
165,800

Location of breached information: Email

Business associate present: Yes

Information Source:
US Department of Health and Human Services
Date Made Public:
November 16, 2018
Company: Jo ann jody hendryx
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
67

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
November 16, 2018
Company: Next gen healthcare inc
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
1

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
November 16, 2018
Company: Smithand nephew
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
22

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
November 16, 2018
Company: Texas VSI, LLC
Location: , Texas
Type of breach:
HACK
Type of organization:
MED
Records Breached:
500

Location of breached information: Network Server

Business associate present: Yes

Information Source:
US Department of Health and Human Services
Date Made Public:
November 16, 2018
Company: New York Oncology Hematology, P.C.
Location: , New York
Type of breach:
HACK
Type of organization:
MED
Records Breached:
128,400

Location of breached information: Email

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
November 16, 2018
Company: Center for Vitreo-Retinal Diseases
Location: , Illinois
Type of breach:
DISC
Type of organization:
MED
Records Breached:
20,371

Location of breached information: Network Server

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
November 16, 2018
Company: Georgia Spine & Orthopaedics of Atlanta, LLC
Location: , Georgia
Type of breach:
HACK
Type of organization:
MED
Records Breached:
7,012

Location of breached information: Email

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
November 15, 2018
Company: Newegg inc
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
202,231

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
November 14, 2018
Company: Hatscom
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
1,268

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
November 14, 2018
Company: Jones lang la salle
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
106

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
November 13, 2018
Company: 1800 contacts inc
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
150

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
November 13, 2018
Company: Pharmacy times officeof continuing professional education llc
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
128,211

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
November 13, 2018
Company: San Mateo Medical Center
Location: , California
Type of breach:
DISC
Type of organization:
MED
Records Breached:
5,000

Location of breached information: Other

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
November 12, 2018
Company: Entrust energy
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
4,782

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
November 12, 2018
Company: Jennifer miller l t d
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
1,050

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
November 12, 2018
Company: Rainforest alliance holding inc
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
24

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
November 12, 2018
Company: The cityof bakersfield
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
2,180

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
November 9, 2018
Company: American Medical Response, Inc.
Location: , Texas
Type of breach:
HACK
Type of organization:
MED
Records Breached:
912

Location of breached information: Email

Business associate present: Yes

Information Source:
US Department of Health and Human Services
CSV