Data Breaches

Breach Subtotal

Breach Type: all
Organization Type: all
Year(s) of Breach: 2018
Company or Organization: all
Date Made Public:
July 16, 2018
Company: Pinnacle trailer sales inc
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
1,215

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
July 16, 2018
Company: Platinum partners credit opportunities master fund l p
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
77

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
July 16, 2018
Company: Sunspire Health
Location: , New Jersey
Type of breach:
HACK
Type of organization:
MED
Records Breached:
6,737

Location of breached information: Email

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
July 16, 2018
Company: PA Dept. of Human Services
Location: , Pennsylvania
Type of breach:
DISC
Type of organization:
MED
Records Breached:
2,130

Location of breached information: Other

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
July 16, 2018
Company: Blue springs family care p c
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
44,977

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
July 13, 2018
Company: Rocky Mountain Health Care Services
Location: , Colorado
Type of breach:
PHYS
Type of organization:
MED
Records Breached:
1,087

Location of breached information: Laptop

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
July 13, 2018
Company: Central New York Cardiology
Location: , New York
Type of breach:
PHYS
Type of organization:
MED
Records Breached:
824

Location of breached information: Paper/Films

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
July 13, 2018
Company: Billings Clinic
Location: , Montana
Type of breach:
HACK
Type of organization:
MED
Records Breached:
8,435

Location of breached information: Email

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
July 13, 2018
Company: New England Dermatology, P.C.
Location: , Massachusetts
Type of breach:
PHYS
Type of organization:
MED
Records Breached:
16,154

Location of breached information: Paper/Films

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
July 13, 2018
Company: Healthand hospital corporationof marion county
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
1

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
July 13, 2018
Company: Purdue university
Location: West Lafayette, Indiana
Type of breach:
UNKN
Type of organization:
EDU
Records Breached:
26,598

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
July 13, 2018
Company: Sanford heisler sharp
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
413

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
July 13, 2018
Company: Alive Hospice
Location: , Tennessee
Type of breach:
HACK
Type of organization:
MED
Records Breached:
1,868

Location of breached information: Email

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
July 13, 2018
Company: Charles Cole Memorial Hospital
Location: , Pennsylvania
Type of breach:
HACK
Type of organization:
MED
Records Breached:
790

Location of breached information: Email

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
July 13, 2018
Company: Concannon millerand co p c
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
292

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
July 13, 2018
Company: Plant therapy
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
13,927

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
July 13, 2018
Company: Salin bankand trust company
Location:
Type of breach:
UNKN
Type of organization:
BSF
Records Breached:
8

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
July 12, 2018
Company: Midwestern Regional Medical Center, Inc.
Location: , Illinois
Type of breach:
DISC
Type of organization:
MED
Records Breached:
2,675

Location of breached information: Other

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
July 12, 2018
Company: Heacock insurance group llcand heacock payroll llc
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
4,348

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
July 11, 2018
Company: The fruitful yield inc
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
632

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
July 11, 2018
Company: Schlage lock company llc
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
18

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
July 10, 2018
Company: MedEvolve
Location: , Arkansas
Type of breach:
DISC
Type of organization:
MED
Records Breached:
205,434

Location of breached information: Network Server

Business associate present: Yes

Information Source:
US Department of Health and Human Services
Date Made Public:
July 10, 2018
Company: Blue Springs Family Care, P.C.
Location: , Missouri
Type of breach:
HACK
Type of organization:
MED
Records Breached:
44,979

Location of breached information: Electronic Medical Record, Network Server

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
July 9, 2018
Company: GOLDEN HEART ADMINISTRATIVE PROFESSIONALS
Location: , Alaska
Type of breach:
HACK
Type of organization:
MED
Records Breached:
44,600

Location of breached information: Network Server

Business associate present: Yes

Information Source:
US Department of Health and Human Services
Date Made Public:
July 9, 2018
Company: Fidelity national financialonbehalfof chicago title company llc
Location:
Type of breach:
UNKN
Type of organization:
BSF
Records Breached:

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
July 9, 2018
Company: Jewish federationof cincinnati
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
812

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
July 9, 2018
Company: Life span inc
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
91

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
July 9, 2018
Company: S j gorowitz accountingand tax services p c
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
513

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
July 6, 2018
Company: VCU Health System
Location: , Virginia
Type of breach:
DISC
Type of organization:
MED
Records Breached:
4,686

Location of breached information: Electronic Medical Record

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
July 6, 2018
Company: The Terteling Co., Inc., Group Benefit Plan
Location: , Idaho
Type of breach:
HACK
Type of organization:
MED
Records Breached:
4,824

Location of breached information: Email

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
July 6, 2018
Company: Overlake arthritis and Osteoporosis Center
Location: , Washington
Type of breach:
HACK
Type of organization:
MED
Records Breached:
627

Location of breached information: Desktop Computer

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
July 6, 2018
Company: Career technology centersof licking county
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
9,578

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
July 6, 2018
Company: Coty inc
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
4,753

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
July 6, 2018
Company: Lipscomb pitts insurance llc
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
457

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
July 6, 2018
Company: The international mission board
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
187,749

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
July 5, 2018
Company: Health Alliance Plan
Location: , Michigan
Type of breach:
HACK
Type of organization:
MED
Records Breached:
2,814

Location of breached information: Desktop Computer, Email

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
July 5, 2018
Company: The information and referral federation of los angeles county, inc. dba 211 l a county
Location:
Type of breach:
UNKN
Type of organization:
UNKN
Records Breached:
26,678

Information on this security breach is provided by the Office of the Indiana Attorney General

Information Source:
Indiana Attorney General
Date Made Public:
July 3, 2018
Company: Exactis
Location: Palm Coast, Florida
Type of breach:
DISC
Type of organization:
BSO
Records Breached:
340,000,000

According to Wired, "Exactis, a data broker based in Palm Coast, Florida, had exposed a database that contained close to 340 million individual records on a publicly accessible server. The haul comprises close to 2 terabytes of data that appears to include personal information on hundreds of millions of American adults, as well as millions of businesses. While the precise number of individuals included in the data isn't clear—and the leak doesn't seem to contain credit card information or Social Security numbers—it does go into minute detail for each individual listed, including phone numbers, home addresses, email addresses, and other highly personal characteristics for every name. The categories range from interests and habits to the number, age, and gender of the person's children.

"It seems like this is a database with pretty much every US citizen in it," says Troia, who is the founder of his own New York-based security company, Night Lion Security. Troia notes that almost every person he's searched for in the database, he's found. And when WIRED asked him to find records for a list of 10 specific people in the database, he very quickly found six of them. "I don’t know where the data is coming from, but it’s one of the most comprehensive collections I’ve ever seen," he says.

"Aside from the sheer breadth of the Exactis leak, it may be even more remarkable for its depth: Each record contains entries that go far beyond contact information and public records to include more than 400 variables on a vast range of specific characteristics: whether the person smokes, their religion, whether they have dogs or cats, and interests as varied as scuba diving and plus-size apparel. WIRED independently analyzed a sample of the data Troia shared and confirmed its authenticity, though in some cases the information is outdated or inaccurate."

 

Information Source:
Media
Date Made Public:
July 3, 2018
Company: Advanced Law Enforcement Rapid Response Training, Texas State University
Location: San Marcos, Texas
Type of breach:
DISC
Type of organization:
EDU
Records Breached:
50,000

According to ZDNet, "A data breach at a federally funded active shooter training center has exposed the personal data of thousands of US law enforcement officials, ZDNet has learned.

The cache of data contained identifiable information on local and state police officers, and federal agents, who sought out or underwent active shooter response training in the past few years. The backend database powers the website of Advanced Law Enforcement Rapid Response Training -- known as ALERRT -- at Texas State University.

The database dates back to April 2017 and was uploaded a year later to a web server, believed to be owned by the organization, with no password protection.

. . . .

The database contained thousands of personal data records, including law enforcement officer's work contact information, with many of the records listing personal email addresses, work addresses, and cell numbers.

Officials from the FBI, Customs and Border Protection (CBP), and the US Border Patrol were listed in the database.

In another table, some 65,000 officers who had taken an ALERRT course and provided feedback had their full name and zip code exposed.

Another table listed detailed histories on instructors, including their skills and training, while another contained the names of more than 17,000 instructors.

Another table contained 51,345 sets of geolocation coordinates of schools, courts, police departments, and government buildings, like city halls and administrative offices. The data also included places of interest, such as where people gather -- like universities and malls. The list also contained, in some cases, police officers' home addresses. We confirmed this using Google's Street View, which in several cases revealed marked police vehicles outside the residence.

Many of the emails contained or asked for sensitive data. Password reset emails would often ask users for their date of birth or the last four digits of their Social Security number for their profile. It's not clear why this data was needed, or if it was stored in another database.

Other emails informed law enforcement staff of successful enrollment in classes, which contained names, email addresses, phone numbers, the course they were taking, and where and when the course was offered.

That data alone would give anyone insight into the capabilities of police and law enforcement departments across the country."

** Disclaimer ** The number of breached records reported reflects our best estimate, based on all the data currently available.
If you are a business representative and believe this number is inaccurate, please contact us at chronology@privacyrights.org and we will review and update this record.
 
Information Source:
Media
Date Made Public:
July 3, 2018
Company: Home for Little Wanderers
Location: , Massachusetts
Type of breach:
DISC
Type of organization:
MED
Records Breached:
861

Location of breached information: Paper/Films

Business associate present: No

Information Source:
US Department of Health and Human Services
CSV