Black Kite vs. The Competition See the Difference →

Data Breaches Caused By Third-parties

2024 Data leaks

Data Leaks for 2024
Date
Company
Data Breached
Use of 3rd Party
3rd-party Company
Date February
Company Bank of America
Data Breached Names, addresses, social security numbers, dates of birth, and financial information, including account and credit card numbers
Use of 3rd Party Financial services company
3rd-party Company Infosys McCamish Systems (IMS)
Date February
Company The U.S. Government Accountability Office
Data Breached Personally identifiable information on employees (including some people who worked there from 2007 to 2017)
Use of 3rd Party Government agency
3rd-party Company CGI Federal
Date January
Company Woundcare Innovations of Golf Land
Data Breached Name, address, date of birth, driver’s license or other state identification number, Social Security number, account access credentials, health insurance information, medical treatment and diagnosis information, medical treatment cost information, patient account number, Medicare or Medicaid number, healthcare provider information, and prescription information.
Use of 3rd Party Health care company
3rd-party Company ConsensioHealth
Date January
Company Dr. Linda Jingle
Data Breached Name, address, date of birth, driver’s license or other state identification number, Social Security number, account access credentials, health insurance information, medical treatment and diagnosis information, medical treatment cost information, patient account number, Medicare or Medicaid number, healthcare provider information, and prescription information.
Use of 3rd Party Health care company
3rd-party Company ConsensioHealth
Date January
Company Fox Valley Emergency Medicine
Data Breached Name, address, date of birth, driver’s license or other state identification number, Social Security number, account access credentials, health insurance information, medical treatment and diagnosis information, medical treatment cost information, patient account number, Medicare or Medicaid number, healthcare provider information, and prescription information.
Use of 3rd Party Health care company
3rd-party Company ConsensioHealth
Date January
Company Kenosha Urgicare
Data Breached Name, address, date of birth, driver’s license or other state identification number, Social Security number, account access credentials, health insurance information, medical treatment and diagnosis information, medical treatment cost information, patient account number, Medicare or Medicaid number, healthcare provider information, and prescription information.
Use of 3rd Party Health care company
3rd-party Company ConsensioHealth
Date January
Company Wisconsin Urgent Care
Data Breached Name, address, date of birth, driver’s license or other state identification number, Social Security number, account access credentials, health insurance information, medical treatment and diagnosis information, medical treatment cost information, patient account number, Medicare or Medicaid number, healthcare provider information, and prescription information.
Use of 3rd Party Health care company
3rd-party Company ConsensioHealth
Date January
Company Ascension Wisconsin
Data Breached Name, address, date of birth, driver’s license or other state identification number, Social Security number, account access credentials, health insurance information, medical treatment and diagnosis information, medical treatment cost information, patient account number, Medicare or Medicaid number, healthcare provider information, and prescription information.
Use of 3rd Party Health care company
3rd-party Company ConsensioHealth
Date January
Company Emergency Medicine Specialists, S.C.
Data Breached Name, address, date of birth, driver’s license or other state identification number, Social Security number, account access credentials, health insurance information, medical treatment and diagnosis information, medical treatment cost information, patient account number, Medicare or Medicaid number, healthcare provider information, and prescription information.
Use of 3rd Party Health care company
3rd-party Company ConsensioHealth
Date January
Company Framework Computer
Data Breached Personally identifiable information
Use of 3rd Party Expansion card company
3rd-party Company Keating Consulting Group
Date January
Company Uppsala County
Data Breached Not disclosed
Use of 3rd Party County
3rd-party Company TietoEVRY
Date January
Company Vellinge municipality
Data Breached Not disclosed
Use of 3rd Party Municipality
3rd-party Company TietoEVRY
Date January
Company Statens service center
Data Breached Not disclosed
Use of 3rd Party Local government office
3rd-party Company TietoEVRY
Date January
Company Malmö University
Data Breached Not disclosed
Use of 3rd Party University
3rd-party Company TietoEVRY
Date January
Company Lunds Universitet
Data Breached Not disclosed
Use of 3rd Party University
3rd-party Company TietoEVRY
Date January
Company Stockholm University
Data Breached Not disclosed
Use of 3rd Party University
3rd-party Company TietoEVRY
Date January
Company University West
Data Breached Not disclosed
Use of 3rd Party University
3rd-party Company TietoEVRY
Date January
Company SLU
Data Breached Not disclosed
Use of 3rd Party University
3rd-party Company TietoEVRY
Date January
Company Karolinska Institutet
Data Breached Not disclosed
Use of 3rd Party Global Job Market
3rd-party Company TietoEVRY
Date January
Company Grangnården
Data Breached Not disclosed
Use of 3rd Party Farming supplier
3rd-party Company TietoEVRY
Date January
Company Moelven
Data Breached Not disclosed
Use of 3rd Party Wood Products Company
3rd-party Company TietoEVRY
Date January
Company Rusta
Data Breached Not disclosed
Use of 3rd Party Company
3rd-party Company TietoEVRY
Date January
Company Filmstaden
Data Breached Not disclosed
Use of 3rd Party Television company
3rd-party Company TietoEVRY
Date January
Company Meritas Health Corporation
Data Breached Not disclosed
Use of 3rd Party Health Corporation
3rd-party Company Perry Johnson & Associates, Inc., (PJ&A)
Date January
Company North Kansas City Hospital
Data Breached Not disclosed
Use of 3rd Party Hospital
3rd-party Company Perry Johnson & Associates, Inc., (PJ&A)
Date January
Company US Small Business Administration
Data Breached Names, addresses, dates of birth, Social Security numbers, driver’s license or other government ID numbers, passport numbers, email addresses, financial account details, tax identification numbers, medical and health information, health insurance and healthcare provider details, online account credentials, and credit or debit card numbers.
Use of 3rd Party Government agency
3rd-party Company Orrick, Herrington & Sutcliffe
Date January
Company MultiPlan
Data Breached Names, addresses, dates of birth, Social Security numbers, driver’s license or other government ID numbers, passport numbers, email addresses, financial account details, tax identification numbers, medical and health information, health insurance and healthcare provider details, online account credentials, and credit or debit card numbers.
Use of 3rd Party Corporation
3rd-party Company Orrick, Herrington & Sutcliffe
Date January
Company EyeMed Vision Care
Data Breached Names, addresses, dates of birth, Social Security numbers, driver’s license or other government ID numbers, passport numbers, email addresses, financial account details, tax identification numbers, medical and health information, health insurance and healthcare provider details, online account credentials, and credit or debit card numbers.
Use of 3rd Party Vision insurance plans
3rd-party Company Orrick, Herrington & Sutcliffe
Date January
Company Carelon (previously Beacon Health Options)
Data Breached Names, addresses, dates of birth, Social Security numbers, driver’s license or other government ID numbers, passport numbers, email addresses, financial account details, tax identification numbers, medical and health information, health insurance and healthcare provider details, online account credentials, and credit or debit card numbers.
Use of 3rd Party Health Options Company
3rd-party Company Orrick, Herrington & Sutcliffe
Date January
Company Upstate Family Health Center, Inc.
Data Breached Name Address Date of birth Social Security number Taxpayer Identification Number Medical Record number Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location) Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification) Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party Health Center
3rd-party Company HealthEC LLC
Date January
Company Hudson Valley Regional Community Health Centers
Data Breached Name Address Date of birth Social Security number Taxpayer Identification Number Medical Record number Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location) Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification) Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party Community Health Centers
3rd-party Company HealthEC LLC
Date January
Company East Georgia Healthcare Center
Data Breached Name Address Date of birth Social Security number Taxpayer Identification Number Medical Record number Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location) Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification) Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party Health care Center
3rd-party Company HealthEC LLC
Date January
Company Illinois Heath Practice Alliance, LLC
Data Breached Name Address Date of birth Social Security number Taxpayer Identification Number Medical Record number Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location) Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification) Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party Behavioral health network
3rd-party Company HealthEC LLC
Date January
Company Mid Florida Hematology & Oncology Centers
Data Breached Name Address Date of birth Social Security number Taxpayer Identification Number Medical Record number Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location) Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification) Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party Cancer center
3rd-party Company HealthEC LLC
Date January
Company Long Island Select Healthcare
Data Breached Name Address Date of birth Social Security number Taxpayer Identification Number Medical Record number Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location) Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification) Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party Health care company
3rd-party Company HealthEC LLC
Date January
Company Advantage Care Diagnostic & Treatment Center, Inc.
Data Breached Name Address Date of birth Social Security number Taxpayer Identification Number Medical Record number Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location) Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification) Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party Health care company
3rd-party Company HealthEC LLC
Date January
Company Metro Community Health Centers
Data Breached Name Address Date of birth Social Security number Taxpayer Identification Number Medical Record number Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location) Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification) Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party Health care company
3rd-party Company HealthEC LLC
Date January
Company Compassion Health Care
Data Breached Name Address Date of birth Social Security number Taxpayer Identification Number Medical Record number Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location) Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification) Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party Health care company
3rd-party Company HealthEC LLC
Date January
Company Alliance for Integrated Care of New York, LLC
Data Breached Name Address Date of birth Social Security number Taxpayer Identification Number Medical Record number Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location) Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification) Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party Home care
3rd-party Company HealthEC LLC
Date January
Company KidneyLink
Data Breached Name Address Date of birth Social Security number Taxpayer Identification Number Medical Record number Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location) Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification) Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party National kidney platform
3rd-party Company HealthEC LLC
Date January
Company Beaumont ACO
Data Breached Name Address Date of birth Social Security number Taxpayer Identification Number Medical Record number Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location) Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification) Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party Physician and health system company
3rd-party Company HealthEC LLC
Date January
Company State of Tennessee, Division of TennCare
Data Breached Name Address Date of birth Social Security number Taxpayer Identification Number Medical Record number Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location) Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification) Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party Medicaid program
3rd-party Company HealthEC LLC
Date January
Company Community Health Care Systems
Data Breached Name Address Date of birth Social Security number Taxpayer Identification Number Medical Record number Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location) Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification) Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party Health care company
3rd-party Company HealthEC LLC
Date January
Company University Medical Center of Princeton Physicians’ Organization
Data Breached Name Address Date of birth Social Security number Taxpayer Identification Number Medical Record number Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location) Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification) Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party Health care company
3rd-party Company HealthEC LLC
Date January
Company HonorHealth
Data Breached Name Address Date of birth Social Security number Taxpayer Identification Number Medical Record number Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location) Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification) Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party Health care company
3rd-party Company HealthEC LLC
Date January
Company Corewell Health
Data Breached Name Address Date of birth Social Security number Taxpayer Identification Number Medical Record number Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location) Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification) Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party Health care company
3rd-party Company HealthEC LLC

2023 Data leaks

Data Leaks for 2023
Date
Company
Data Breached
Use of 3rd Party
3rd-party Company
Date December
Company 60 Credit Unions
Data Breached Not disclosed for now
Use of 3rd Party Nonprofit cooperative financial institution
3rd-party Company Trellance
Date December
Company 40 Healthcare Companies
Data Breached Not disclosed for now
Use of 3rd Party Medical Center
3rd-party Company Asper Biogene
Date December
Company Mercy Medical Center (IA)
Data Breached Name, date of birth, gender, phone number and address; health insurance information; and some clinical information. No Social Security numbers were compromised.
Use of 3rd Party Medical Center
3rd-party Company Perry Johnson & Associates, Inc., (PJ&A)
Date December
Company Salem Regional Medical Center (OH)
Data Breached Name, date of birth, gender, phone number and address; health insurance information; and some clinical information. No Social Security numbers were compromised.
Use of 3rd Party Medical Center
3rd-party Company Perry Johnson & Associates, Inc., (PJ&A)
Date December
Company Valley Health System
Data Breached Full name Dates of birth Phone number Patient account/medical record number Injury type and date Diagnosis information Treatment type and date Procedure information Social Security Number (SSN)
Use of 3rd Party Medical Center
3rd-party Company ESO Solutions, Inc.
Date December
Company Ascension Providence Hospital in Waco
Data Breached Full name Dates of birth Phone number Patient account/medical record number Injury type and date Diagnosis information Treatment type and date Procedure information Social Security Number (SSN)
Use of 3rd Party Medical Center
3rd-party Company ESO Solutions, Inc.
Date December
Company Desert View Hospital
Data Breached Full name Dates of birth Phone number Patient account/medical record number Injury type and date Diagnosis information Treatment type and date Procedure information Social Security Number (SSN)
Use of 3rd Party Medical Center
3rd-party Company ESO Solutions, Inc.
Date December
Company Universal Health Services (UHS) Manatee Memorial Hospital
Data Breached Full name Dates of birth Phone number Patient account/medical record number Injury type and date Diagnosis information Treatment type and date Procedure information Social Security Number (SSN)
Use of 3rd Party Medical Center
3rd-party Company ESO Solutions, Inc.
Date December
Company Providence Alaska Medical Center
Data Breached Full name Dates of birth Phone number Patient account/medical record number Injury type and date Diagnosis information Treatment type and date Procedure information Social Security Number (SSN)
Use of 3rd Party Medical Center
3rd-party Company ESO Solutions, Inc.
Date December
Company Providence St Joseph Health (Providence Kodiak Island Medical Center)
Data Breached Full name Dates of birth Phone number Patient account/medical record number Injury type and date Diagnosis information Treatment type and date Procedure information Social Security Number (SSN)
Use of 3rd Party Medical Center
3rd-party Company ESO Solutions, Inc.
Date December
Company Memorial Hospital at Gulfport Health System
Data Breached Full name Dates of birth Phone number Patient account/medical record number Injury type and date Diagnosis information Treatment type and date Procedure information Social Security Number (SSN)
Use of 3rd Party Medical Center
3rd-party Company ESO Solutions, Inc.
Date December
Company HCA Healthcare Alaska Regional Hospital
Data Breached Full name Dates of birth Phone number Patient account/medical record number Injury type and date Diagnosis information Treatment type and date Procedure information Social Security Number (SSN)
Use of 3rd Party Medical Center
3rd-party Company ESO Solutions, Inc.
Date December
Company Forrest Health Forrest General Hospital
Data Breached Full name Dates of birth Phone number Patient account/medical record number Injury type and date Diagnosis information Treatment type and date Procedure information Social Security Number (SSN)
Use of 3rd Party Medical Center
3rd-party Company ESO Solutions, Inc.
Date December
Company ESO EMS Agency
Data Breached Full name Dates of birth Phone number Patient account/medical record number Injury type and date Diagnosis information Treatment type and date Procedure information Social Security Number (SSN)
Use of 3rd Party Medical Center
3rd-party Company ESO Solutions, Inc.
Date December
Company Merit Health River Oaks
Data Breached Full name Dates of birth Phone number Patient account/medical record number Injury type and date Diagnosis information Treatment type and date Procedure information Social Security Number (SSN)
Use of 3rd Party Medical Center
3rd-party Company ESO Solutions, Inc.
Date December
Company Community Health Systems Merit Health Biloxi
Data Breached Full name Dates of birth Phone number Patient account/medical record number Injury type and date Diagnosis information Treatment type and date Procedure information Social Security Number (SSN)
Use of 3rd Party Medical Center
3rd-party Company ESO Solutions, Inc.
Date December
Company Mississippi Baptist Medical Center
Data Breached Full name Dates of birth Phone number Patient account/medical record number Injury type and date Diagnosis information Treatment type and date Procedure information Social Security Number (SSN)
Use of 3rd Party Medical Center
3rd-party Company ESO Solutions, Inc.
Date November
Company Crouse Health in Syracuse
Data Breached Insurance and clinical information from medical transcription files and some Social Security numbers.
Use of 3rd Party Healthcare Company
3rd-party Company Perry Johnson & Associates, Inc., (PJ&A)
Date November
Company Taylor Rose
Data Breached Not disclosed for now
Use of 3rd Party Independent firm of solicitors
3rd-party Company CTS
Date November
Company Sutter Health
Data Breached names, dates of birth, health insurance information, provider names, treatment cost information, and diagnoses/treatment information.
Use of 3rd Party Healthcare center
3rd-party Company Virgin Pulse
Date November
Company St. Bernards Healthcare, Inc.
Data Breached names, dates of birth, health insurance information, provider names, treatment cost information, and diagnoses/treatment information.
Use of 3rd Party Healthcare center
3rd-party Company Welltok, a Virgin Pulse company
Date November
Company O’Neill Patient
Data Breached Not disclosed for now
Use of 3rd Party Law firm
3rd-party Company CTS
Date November
Company Setfords
Data Breached Not disclosed for now
Use of 3rd Party Law firm
3rd-party Company CTS
Date November
Company Talbots
Data Breached Not disclosed for now
Use of 3rd Party Fashion company
3rd-party Company CTS
Date November
Company Gateley
Data Breached Not disclosed for now
Use of 3rd Party Commercial law firm
3rd-party Company CTS
Date November
Company Dollar Tree
Data Breached Names, dates of birth, and Social Security numbers (SSNs).
Use of 3rd Party Discount store company
3rd-party Company Zeroed-In Technologies
Date November
Company Family Dollar
Data Breached Names, dates of birth, and Social Security numbers (SSNs).
Use of 3rd Party Discount store company
3rd-party Company Zeroed-In Technologies
Date November
Company Blue Cross and Blue Shield of Minnesota and Blue Plus
Data Breached Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party Healthcare Center
3rd-party Company Welltok
Date November
Company Blue Cross and Blue Shield of Alabama
Data Breached Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party Healthcare Center
3rd-party Company Welltok
Date November
Company Blue Cross and Blue Shield of Kansas
Data Breached Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party Healthcare Center
3rd-party Company Welltok
Date November
Company Blue Cross and Blue Shield of North Carolina
Data Breached Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party Healthcare Center
3rd-party Company Welltok
Date November
Company Corewell Health
Data Breached Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party Healthcare Center
3rd-party Company Welltok
Date November
Company Faith Regional Health Services
Data Breached Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party Healthcare Center
3rd-party Company Welltok
Date November
Company Hospital & Medical Foundation of Paris, Inc. dba Horizon Health
Data Breached Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party Healthcare Center
3rd-party Company Welltok
Date November
Company Mass General Brigham Health Plan
Data Breached Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party Healthcare Center
3rd-party Company Welltok
Date November
Company Westat, Inc.
Data Breached Demographic, clinical, and financial information were present in the impacted files.
Use of 3rd Party Management services company
3rd-party Company Nuance Communications, Inc.
Date November
Company Priority Health
Data Breached Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party Healthcare Center
3rd-party Company Welltok
Date November
Company St. Bernards Healthcare
Data Breached Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party Healthcare Center
3rd-party Company Welltok
Date November
Company Sutter Health
Data Breached Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party Healthcare Center
3rd-party Company Welltok
Date November
Company Trane Technologies Company LLC
Data Breached Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party Healthcare Center
3rd-party Company Welltok
Date November
Company The group health plans of Stanford Health Care
Data Breached Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party Healthcare Center
3rd-party Company Welltok
Date November
Company The Guthrie Clinic
Data Breached Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party Healthcare Center
3rd-party Company Welltok
Date November
Company The Canadian Government
Data Breached 1.5TB of documents leaked + 3 full backups of CRM for branches
Use of 3rd Party Government
3rd-party Company Sirva Worldwide, Inc.
Date November
Company Samsung Electronics
Data Breached No financial data
Use of 3rd Party Appliance company
3rd-party Company Unknown
Date November
Company Northwell Health
Data Breached Names, Social Security numbers, Dates of birth, Addresses, Medical record numbers, Hospital account numbers, Admission diagnoses, and Dates and times of service.
Use of 3rd Party Nonprofit integrated healthcare company
3rd-party Company Perry Johnson & Associates, Inc., (PJ&A)
Date November
Company California Physicians’ Service d/b/a Blue Shield of California
Data Breached Not disclosed for now
Use of 3rd Party Physicians’ Service
3rd-party Company Medical Eye Services, Inc.
Date November
Company 1Password
Data Breached Employees’ full names, their social security numbers (SSNs), and Health or Medical Insurance plan numbers.
Use of 3rd Party Software company
3rd-party Company Okta
Date November
Company BeyondTrust
Data Breached Employees’ full names, their social security numbers (SSNs), and Health or Medical Insurance plan numbers.
Use of 3rd Party Identity management company
3rd-party Company Okta
Date November
Company Okta
Data Breached Not disclosed for now
Use of 3rd Party IT service management company
3rd-party Company Rightway Health
Date November
Company Cloudflare
Data Breached Employees’ full names, their social security numbers (SSNs), and Health or Medical Insurance plan numbers.
Use of 3rd Party IT service management company
3rd-party Company Okta
Date October
Company Cook County Health
Data Breached Date of birth, address, medical record number, encounter number, medical information, dates/times of service, and, in some cases, Social Security number.
Use of 3rd Party Health company
3rd-party Company Perry Johnson & Associates, Inc., (PJ&A)
Date October
Company United States Department of Justice
Data Breached Personal information
Use of 3rd Party Government department
3rd-party Company Ipswitch, Inc.
Date October
Company SA Health
Data Breached Health information (personal, medical and/or legal documents)
Use of 3rd Party Local health networks
3rd-party Company Personify Care
Date October
Company Virginia Dept. of Medical Assistance Services
Data Breached PII
Use of 3rd Party Health Plan
3rd-party Company Maximus
Date October
Company Gillette Children’s Specialty Healthcare
Data Breached Date of birth, address, medical record number, encounter number, medical information, dates/times of service, and, in some cases, Social Security number.
Use of 3rd Party Medical Transcription Firm
3rd-party Company Nuance Communications
Date October
Company Super SA
Data Breached Pll
Use of 3rd Party State government office
3rd-party Company Former external service provider
Date October
Company Temple University Health System, Inc.
Data Breached PII
Use of 3rd Party Health company
3rd-party Company unknown
Date October
Company Humana Inc.
Data Breached Names, addresses, dates of birth, Social Security numbers, and medical treatment information.
Use of 3rd Party Health insurance company
3rd-party Company PNC Bank
Date October
Company Chatham-Kent Health Alliance
Data Breached Not disclosed for now
Use of 3rd Party Health services provider
3rd-party Company TransForm
Date October
Company Hospice of Windsor-Essex
Data Breached Not disclosed for now
Use of 3rd Party Health services provider
3rd-party Company TransForm
Date October
Company Erie Shores Healthcare
Data Breached Not disclosed for now
Use of 3rd Party Health services provider
3rd-party Company TransForm
Date October
Company Hotel Dieu Grace
Data Breached Not disclosed for now
Use of 3rd Party Health services provider
3rd-party Company TransForm
Date October
Company Windsor Regional Hospital
Data Breached Not disclosed for now
Use of 3rd Party Health services provider
3rd-party Company TransForm
Date October
Company NorthStar Anesthesia
Data Breached Consumers’ names, dates of birth, driver’s license numbers, state identification card numbers, addresses, Social Security numbers and protected health information.
Use of 3rd Party Corporate medical office
3rd-party Company Arietis Health
Date October
Company Arietis Health
Data Breached Patient data, including names, driver’s license numbers, Social Security numbers, dates of birth, medical record numbers, patient account numbers, diagnosis and treatment information, health insurance information, and prescription and provider information.
Use of 3rd Party Medical billing service
3rd-party Company Ipswitch, Inc.
Date October
Company Sony
Data Breached Not disclosed for now
Use of 3rd Party Japanese multinational conglomerate corporation
3rd-party Company Ipswitch, Inc.
Date October
Company Flagstar Bank
Data Breached Names and Social Security Numbers (SSNs)
Use of 3rd Party Commercial banking company
3rd-party Company Fiserv
Date October
Company Fiserv
Data Breached Names and Social Security Numbers (SSNs)
Use of 3rd Party Financial services company
3rd-party Company Ipswitch, Inc.
Date September
Company Sutter North Surgery Center Patients
Data Breached Employees’ first and last names, claimants first and last names, case numbers, employer CERT codes, provider name, provider city, claim number, date(s) of service, internal INEL codes, and amounts billed and paid.
Use of 3rd Party Endoscopy Center
3rd-party Company SightPath Medical
Date September
Company Sanford Health
Data Breached Employees’ first and last names, claimants first and last names, case numbers, employer CERT codes, provider name, provider city, claim number, date(s) of service, internal INEL codes, and amounts billed and paid.
Use of 3rd Party Rural health system
3rd-party Company DMS Health Technologies
Date September
Company Delta Dental of California
Data Breached Employees’ first and last names, claimants first and last names, case numbers, employer CERT codes, provider name, provider city, claim number, date(s) of service, internal INEL codes, and amounts billed and paid.
Use of 3rd Party Emergency Services
3rd-party Company Orrick, Herrington & Sutcliffe
Date September
Company Judiciary Branch
Data Breached Not disclosed for now
Use of 3rd Party Government ministry
3rd-party Company IFX Networks Colombia
Date September
Company Superintendency of Industry and Commerce
Data Breached Not disclosed for now
Use of 3rd Party Government ministry
3rd-party Company IFX Networks Colombia
Date September
Company Ministry of Health and Social Protection
Data Breached Not disclosed for now
Use of 3rd Party Government ministry
3rd-party Company IFX Networks Colombia
Date September
Company 890 Schools
Data Breached Names, dates of birth, contact information, Social Security numbers, student ID numbers, and some school-related records (e.g., enrollment records, degree records, and course-level data).
Use of 3rd Party School
3rd-party Company National Student Clearinghouse (NSC)
Date September
Company Amerita
Data Breached Not disclosed for now
Use of 3rd Party Complex pharmaceutical products and clinical services company
3rd-party Company PharMerica
Date September
Company BORN Ontario
Data Breached Full name, Home address, Postal code, Date of birth, Health card number, Dates of service/care, Lab test results, Pregnancy risk factors, Type of birth, Procedures, Pregnancy and birth outcomes
Use of 3rd Party Healthcare provider
3rd-party Company Ipswitch, Inc.
Date September
Company Airbus
Data Breached Names, addresses, phone numbers and emails
Use of 3rd Party Aerospace company
3rd-party Company Turkish Airlines
Date September
Company FTX
Data Breached Non-sensitive customer data
Use of 3rd Party Crypto company
3rd-party Company Kroll Inc.
Date September
Company Genesis Global Holdco
Data Breached Non-sensitive customer data
Use of 3rd Party Financial markets organizations company
3rd-party Company Kroll Inc.
Date September
Company BlockFi
Data Breached Non-sensitive customer data
Use of 3rd Party Crypto company
3rd-party Company Kroll Inc.
Date September
Company University of Sydney
Data Breached PII
Use of 3rd Party University
3rd-party Company Unknown
Date August
Company Serco Inc. Group Health Plan
Data Breached Not disclosed for now
Use of 3rd Party Hhealth care services that support vital government programs
3rd-party Company Ipswitch, Inc.
Date August
Company Indiana University Health
Data Breached Not disclosed for now
Use of 3rd Party University
3rd-party Company Ipswitch, Inc.
Date August
Company Baesman Group, Inc.
Data Breached Not disclosed for now
Use of 3rd Party Media company
3rd-party Company Ipswitch, Inc.
Date August
Company Premera Blue Cross
Data Breached Not disclosed for now
Use of 3rd Party Health insurance company
3rd-party Company Ipswitch, Inc.
Date August
Company American National Group, LLC
Data Breached Not disclosed for now
Use of 3rd Party Personalized insurance coverage company
3rd-party Company Ipswitch, Inc.
Date August
Company Unum Group SACE
Data Breached Not disclosed for now
Use of 3rd Party Financial insurance products company
3rd-party Company Ipswitch, Inc.
Date August
Company EMS Management and Consultants Inc
Data Breached Not disclosed for now
Use of 3rd Party Third-party billing agency
3rd-party Company Ipswitch, Inc.
Date August
Company The University of Massachusetts Chan Medical School
Data Breached Not disclosed for now
Use of 3rd Party Medical school
3rd-party Company Ipswitch, Inc.
Date August
Company Radius Global Solutions
Data Breached Not disclosed for now
Use of 3rd Party Operational and financial objectives company
3rd-party Company Ipswitch, Inc.
Date August
Company Nuance Communications
Data Breached Names, demographic information, names of relatives, dates of service, medical facility information, practition
Use of 3rd Party Computer software company
3rd-party Company Ipswitch, Inc.
Date August
Company Child Health Plan Plus (CHP+)
Data Breached IUD numbers, birth dates, addresses and other contact information, demographic/income information, health insurance information and clinical and medical information, including diagnoses, conditions, lab results, medications, and other treatment information
Use of 3rd Party Healthcare company
3rd-party Company IBM
Date August
Company Eversource Energy
Data Breached Personal information including Social Security numbers.
Use of 3rd Party Electric services company
3rd-party Company CLEAResult
Date August
Company Health First Colorado
Data Breached IUD numbers, birth dates, addresses and other contact information, demographic/income information, health insurance information and clinical and medical information, including diagnoses, conditions, lab results, medications, and other treatment information
Use of 3rd Party Healthcare company
3rd-party Company IBM
Date August
Company Zillow
Data Breached Not disclosed for now
Use of 3rd Party San Francisco MLS entities
3rd-party Company Rapattoni Corporation
Date August
Company San Francisco MLS entities
Data Breached Not disclosed for now
Use of 3rd Party San Francisco MLS entities
3rd-party Company Rapattoni Corporation
Date August
Company Janssen Healthcare Platform
Data Breached Names, contact information, dates of birth, health insurance data, and medical information
Use of 3rd Party Healthcare company
3rd-party Company IBM
Date August
Company Bay Area Real Estate Information Service (BAREIS)
Data Breached Not disclosed for now
Use of 3rd Party Real Estate
3rd-party Company Rapattoni Corporation
Date August
Company Cincy MLS
Data Breached Not disclosed for now
Use of 3rd Party Real Estate company
3rd-party Company Rapattoni Corporation
Date August
Company The Colorado Department of Health Care Policy & Financing (HCPF)
Data Breached Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party Government department
3rd-party Company IBM
Date August
Company The Missouri Department of Social Services (DSS)
Data Breached Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party Social Services Company
3rd-party Company IBM
Date August
Company IBM
Data Breached Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party International Business Machines Corporation
3rd-party Company Ipswitch, Inc.
Date August
Company Oregon Health Plan – Performance Health Technology (PH Tech)
Data Breached Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party Healthcare company
3rd-party Company Ipswitch, Inc.
Date August
Company MAXIMUS
Data Breached Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party Healthcare company
3rd-party Company Ipswitch, Inc.
Date August
Company Beşiktaş Sportive Products Industry and Trade AS
Data Breached Identity, communication, customer transactions, visual and audio records
Use of 3rd Party Sportive Products Company
3rd-party Company Vodatech IT
Date August
Company Suzuki Motor Vehicles Marketing Inc.
Data Breached Not disclosed for now
Use of 3rd Party
3rd-party Company Vodatech IT
Date August
Company Doğan Trend Automotive Trade Service and Technology Joint Stock Company
Data Breached Not disclosed for now
Use of 3rd Party Car dealer
3rd-party Company Vodatech IT
Date August
Company YOYO Information Technologies and Tourism Trade AS
Data Breached Identity, communication, customer transactions, visual and audio records
Use of 3rd Party Technology company
3rd-party Company Vodatech IT
Date August
Company Puma Sportswear Industry and Trade
Data Breached Identity, communication, customer transactions, visual and audio records
Use of 3rd Party Sportswear company
3rd-party Company Vodatech IT
Date August
Company Dagi Clothing Industry and Trade As
Data Breached Identity, communication, customer transactions, visual and audio records
Use of 3rd Party Clothing company
3rd-party Company Vodatech IT
Date August
Company Automobile Plan Operational Vehicle Rental Trade
Data Breached Identity, communication, customer transactions, visual and audio records
Use of 3rd Party Rental Trade company
3rd-party Company Vodatech IT
Date August
Company Derimod Leather Garment Marketing Industry and Trade AS
Data Breached Identity, communication, customer transactions, visual and audio records
Use of 3rd Party Garment Marketing Company
3rd-party Company Vodatech IT
Date August
Company AgeSALife and Retirement AS
Data Breached Identity, communication, customer transactions, visual and audio records
Use of 3rd Party Retirement Company
3rd-party Company Vodatech IT
Date August
Company UPS Cargo
Data Breached Identity, communication, customer transactions, visual and audio records
Use of 3rd Party Transportation of containerized and palletized cargo company
3rd-party Company Vodatech IT
Date August
Company Gulf insurance AS
Data Breached Identity, communication, customer transactions, visual and audio records
Use of 3rd Party Insurance company
3rd-party Company Vodatech IT
Date July
Company Lenders Choice Escrow
Data Breached Name, U.S. Social Security Number, date of birth, home mailing address, Serco and/or personal e-mail address, and selected health benefits
Use of 3rd Party Escrow service
3rd-party Company CashCall Inc.
Date July
Company Settle It, Inc.
Data Breached Name, U.S. Social Security Number, date of birth, home mailing address, Serco and/or personal e-mail address, and selected health benefits
Use of 3rd Party Financial institution
3rd-party Company CashCall Inc.
Date July
Company The Loan Exchange
Data Breached Name, U.S. Social Security Number, date of birth, home mailing address, Serco and/or personal e-mail address, and selected health benefits
Use of 3rd Party Financial flexibility company
3rd-party Company CashCall Inc.
Date July
Company Blue Cross Blue Shield of Arizona (AZ Blue)
Data Breached Names, addresses, Social Security numbers, dates of birth, health insurance information, and protected health information
Use of 3rd Party Health Insurance
3rd-party Company Cognizant Technology Solutions Corporation
Date July
Company Henrietta Johnson Medical Center
Data Breached Names, dates of birth, addresses, Social Security numbers, driver’s license numbers, and clinical information, such as provider names, dates of service, and/or diagnoses
Use of 3rd Party Medical center
3rd-party Company Delaware Health Network
Date July
Company Ocean Breeze Ranch
Data Breached Name, U.S. Social Security Number, date of birth, home mailing address, Serco and/or personal e-mail address, and selected health benefits
Use of 3rd Party Farm
3rd-party Company CashCall Inc.
Date July
Company Servicing Solutions
Data Breached Name, U.S. Social Security Number, date of birth, home mailing address, Serco and/or personal e-mail address, and selected health benefits
Use of 3rd Party Corporate deliver solutions firm
3rd-party Company CashCall Inc.
Date July
Company Serco Group
Data Breached Name, U.S. Social Security Number, date of birth, home mailing address, Serco and/or personal e-mail address, and selected health benefits
Use of 3rd Party Management consulting company
3rd-party Company CBIZ, Inc.
Date July
Company CBIZ, Inc.
Data Breached Name, U.S. Social Security Number, date of birth, home mailing address, Serco and/or personal e-mail address, and selected health benefits
Use of 3rd Party Software company
3rd-party Company Ipswitch, Inc.
Date July
Company Toyota Turkey Marketing and Sales Joint Stock Company
Data Breached Social ID Number, name, surname, e-mail and phone number
Use of 3rd Party Company
3rd-party Company Mivento IT Services
Date July
Company Schneider Electric Industry and Trade Joint Stock Company
Data Breached Social ID Number, name, surname, e-mail and phone number
Use of 3rd Party Company
3rd-party Company Mivento IT Services
Date July
Company Mais Motor Vehicles Manufacturing and Sales Joint Stock Company
Data Breached Social ID Number, name, surname, e-mail and phone number
Use of 3rd Party Manufacturing Company
3rd-party Company Mivento IT Services
Date July
Company Geberit Installation Systems Trade Limited Company
Data Breached Social ID Number, name, surname, e-mail and phone number
Use of 3rd Party installation systems
3rd-party Company Mivento IT Services
Date July
Company Celik Motor Trade Joint Stock Company
Data Breached Social ID Number, name, surname, e-mail and phone number
Use of 3rd Party One of the longest-standing companies of Anadolu Group
3rd-party Company Mivento IT Services
Date July
Company Anadolu Isuzu Automotive Industry and Trade Inc.
Data Breached Social ID Number, name, surname, e-mail and phone number
Use of 3rd Party Isuzu dealer
3rd-party Company Mivento IT Services
Date July
Company Vodafone Turkey
Data Breached Social ID Number, name, surname, e-mail and phone number
Use of 3rd Party Mobile telecommunication company
3rd-party Company Mivento IT Services
Date July
Company Vestel
Data Breached Social ID Number, name, surname, e-mail and phone number
Use of 3rd Party Company
3rd-party Company Mivento IT Services
Date June
Company Vecino Health Centers, TX
Data Breached Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party Health Insurance
3rd-party Company Ipswitch, Inc.
Date June
Company Milliman Solutions
Data Breached Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party Insurance company
3rd-party Company Ipswitch, Inc.
Date July
Company Postbank
Data Breached PII
Use of 3rd Party Deutsche Post’s financial institution
3rd-party Company Majorel
Date June
Company Harris County Hospital District
Data Breached Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party Hospital District
3rd-party Company Ipswitch, Inc.
Date July
Company ING
Data Breached PII
Use of 3rd Party Financial services corporation
3rd-party Company Majorel
Date June
Company Pôle emploi
Data Breached Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party Government agency
3rd-party Company Ipswitch, Inc.
Date June
Company Teachers Insurance and Annuity Association of America
Data Breached Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party Insurance company
3rd-party Company Ipswitch, Inc.
Date June
Company UT Southwestern Medical Center (UTSW)
Data Breached Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party Medical center
3rd-party Company Ipswitch, Inc.
Date July
Company Comdirect
Data Breached PII
Use of 3rd Party Private banking company
3rd-party Company Majorel
Date July
Company Deutsche Bank
Data Breached PII
Use of 3rd Party Investment banking company
3rd-party Company Majorel
Date June
Company Majorel
Data Breached Not disclosed for now
Use of 3rd Party Call center
3rd-party Company Ipswitch, Inc.
Date June
Company TJ Maxx
Data Breached Protected health and personal information could include first and last names, Social Security numbers, dates of birth, home addresses, medical conditions and diagnoses, and disability codes.
Use of 3rd Party Department store chain
3rd-party Company Ipswitch, Inc.
Date June
Company The Harris Center for Mental Health and IDD
Data Breached Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party Healthcare company
3rd-party Company Ipswitch, Inc.
Date June
Company The Harris Center for Mental Health and IDD
Data Breached Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party Healthcare company
3rd-party Company Ipswitch, Inc.
Date June
Company Shutterfly
Data Breached Protected health and personal information could include first and last names, Social Security numbers, dates of birth, home addresses, medical conditions and diagnoses, and disability codes.
Use of 3rd Party Company
3rd-party Company Ipswitch, Inc.
Date June
Company Allegheny County
Data Breached Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party County
3rd-party Company Ipswitch, Inc.
Date June
Company United Healthcare Services, Inc., MN.
Data Breached Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party Healthcare company
3rd-party Company Ipswitch, Inc.
Date June
Company VNS Health Plans, NY
Data Breached Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party Healthcare company
3rd-party Company Ipswitch, Inc.
Date June
Company Sutter Senior Care
Data Breached Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party Adult day care center
3rd-party Company Ipswitch, Inc.
Date June
Company Alogent
Data Breached Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party Document imaging company
3rd-party Company Ipswitch, Inc.
Date June
Company The Florida government of Hillsborough County
Data Breached Protected health and personal information could include first and last names, Social Security numbers, dates of birth, home addresses, medical conditions and diagnoses, and disability codes.
Use of 3rd Party County government
3rd-party Company Ipswitch, Inc.
Date June
Company TomTom
Data Breached Protected health and personal information could include first and last names, Social Security numbers, dates of birth, home addresses, medical conditions and diagnoses, and disability codes.
Use of 3rd Party Technology company
3rd-party Company Ipswitch, Inc.
Date June
Company Colorado State University
Data Breached Protected health and personal information could include first and last names, Social Security numbers, dates of birth, home addresses, medical conditions and diagnoses, and disability codes.
Use of 3rd Party Land-grant university
3rd-party Company Ipswitch, Inc.
Date June
Company Dublin Airport
Data Breached Not disclosed for now
Use of 3rd Party Airport
3rd-party Company Aon
Date June
Company PlainsCapital Bank
Data Breached Protected health and personal information could include first and last names, Social Security numbers, dates of birth, home addresses, medical conditions and diagnoses, and disability codes.
Use of 3rd Party Largest independent banks in Texas
3rd-party Company Ipswitch, Inc.
Date June
Company Aon
Data Breached Not disclosed for now
Use of 3rd Party Management consulting company
3rd-party Company Ipswitch, Inc.
Date June
Company Siemens Energy
Data Breached Protected health and personal information could include first and last names, Social Security numbers, dates of birth, home addresses, medical conditions and diagnoses, and disability codes.
Use of 3rd Party Company
3rd-party Company Ipswitch, Inc.
Date June
Company CalPERS (California Public Employees’ Retirement System)
Data Breached Name, Social Security number and other personal information.
Use of 3rd Party Government agency
3rd-party Company PBI Research Services (PBI)
Date June
Company Wilton Reassurance
Data Breached Name, Social Security number and other personal information.
Use of 3rd Party Insurance company
3rd-party Company PBI Research Services (PBI)
Date June
Company Genworth Financial, Inc.
Data Breached Name, Social Security number and other personal information.
Use of 3rd Party Life insurance company
3rd-party Company PBI Research Services (PBI)
Date June
Company PBI Research Services (PBI)
Data Breached Full name, Date of birth, Social security number, Zip code, State of residence, Policy number Agent ID (for agents)
Use of 3rd Party Information services
3rd-party Company Ipswitch, Inc.
Date June
Company Maryland Department of Human Services
Data Breached Full name, Date of birth, Social security number, Zip code, State of residence, Policy number Agent ID (for agents)
Use of 3rd Party Local department of social services
3rd-party Company Ipswitch, Inc.
Date June
Company US Office of Personnel Management
Data Breached Full name, Date of birth, Social security number, Zip code, State of residence, Policy number Agent ID (for agents)
Use of 3rd Party Government agency
3rd-party Company Ipswitch, Inc.
Date June
Company US Agriculture Department
Data Breached Full name, Date of birth, Social security number, Zip code, State of residence, Policy number Agent ID (for agents)
Use of 3rd Party Federal agency
3rd-party Company Ipswitch, Inc.
Date June
Company Royal Canadian Mounted Police
Data Breached Full name, Date of birth, Social security number, Zip code, State of residence, Policy number Agent ID (for agents)
Use of 3rd Party Government department
3rd-party Company Ipswitch, Inc.
Date June
Company Department of Health Care Policy & Financing (HCPF)
Data Breached Full name, Date of birth, Social security number, Zip code, State of residence, Policy number Agent ID (for agents)
Use of 3rd Party Government department
3rd-party Company Ipswitch, Inc.
Date June
Company Metro Vancouver Transit Police
Data Breached Full name, Date of birth, Social security number, Zip code, State of residence, Policy number Agent ID (for agents)
Use of 3rd Party Police department
3rd-party Company Ipswitch, Inc.
Date June
Company CoxHealth
Data Breached Names, addresses, medical billing and insurance information, certain medical information and demographic information such as date of birth and Social Security numbers, UPMC said in a statement.
Use of 3rd Party Not-for-profit health system
3rd-party Company Intellihartx LLC
Date June
Company University of Pittsburg Medical Center (UPMC)
Data Breached Names, addresses, medical billing and insurance information, certain medical information and demographic information such as date of birth and Social Security numbers, UPMC said in a statement.
Use of 3rd Party International health care leader
3rd-party Company Intellihartx LLC
Date June
Company Intellihartx LLC
Data Breached Name, address, medical billing and insurance information, certain medical information such as diagnoses and medication, and demographic information such as date of birth and Social Security number.
Use of 3rd Party Call center
3rd-party Company GoAnywhere MFT
Date June
Company Exeter Finance
Data Breached Physical address, Social Security number, account number and account status
Use of 3rd Party Premier auto finance company
3rd-party Company NCB Management Services, Inc.
Date June
Company Pathward National Association
Data Breached Physical address, Social Security number, account number and account status
Use of 3rd Party Retail banking company
3rd-party Company NCB Management Services, Inc.
Date June
Company IBank of America
Data Breached Physical address, Social Security number, account number and account status
Use of 3rd Party Investment bank
3rd-party Company NCB Management Services, Inc.
Date June
Company Capital One
Data Breached Physical address, Social Security number, account number and account status
Use of 3rd Party Bank holding company
3rd-party Company NCB Management Services, Inc.
Date June
Company The New York City Department of Education (NYC DOE)
Data Breached Social Security Numbers and employee ID numbers (not necessarily for all impacted individuals; for example, approximately 9,000 Social Security Numbers were included)
Use of 3rd Party Government department
3rd-party Company Ipswitch, Inc.
Date June
Company Southwest Airlines
Data Breached Name and Social Security number, driver’s license number, passport number, date of birth, Airman Certificate number, and other government-issued identification number(s)
Use of 3rd Party World’s largest low-cost carrier.
3rd-party Company Pilot Credentials
Date June
Company American Airlines
Data Breached Name and Social Security number, driver’s license number, passport number, date of birth, Airman Certificate number, and other government-issued identification number(s)
Use of 3rd Party Major US-based airline headquartered
3rd-party Company Pilot Credentials
Date June
Company Australian Information Commissioner (OAIC)
Data Breached Not disclosed for now
Use of 3rd Party Government agency
3rd-party Company HWL Ebsworth Lawyers
Date June
Company Oregon Driver & Motor Vehicle Services
Data Breached Names, Address, Social Security Number, Birth date, Height, Eye Color, Driver’s License Number, Vehicle Registration Information, Handicap Placard Information
Use of 3rd Party Department of motor vehicles
3rd-party Company Ipswitch, Inc.
Date June
Company The Louisiana Office of Motor Vehicles (OMV)
Data Breached Names, Address, Social Security Number, Birth date, Height, Eye Color, Driver’s License Number, Vehicle Registration Information, Handicap Placard Information
Use of 3rd Party Accessible information and services to OMV needs company.
3rd-party Company Ipswitch, Inc.
Date June
Company DHL
Data Breached Not disclosed for now
Use of 3rd Party Logistics company providing courier, package delivery and express mail services
3rd-party Company Ipswitch, Inc.
Date June
Company Transport for London
Data Breached Not disclosed for now
Use of 3rd Party Transport for London is a local government body responsible for most of the transport network
3rd-party Company Ipswitch, Inc.
Date June
Company Ernst & Young (EY)
Data Breached Not disclosed for now
Use of 3rd Party Certified public accountant
3rd-party Company Ipswitch, Inc.
Date June
Company Health Service Ireland (HSE)
Data Breached Not disclosed for now
Use of 3rd Party Advice Services
3rd-party Company Ipswitch, Inc.
Date June
Company Extreme Networks
Data Breached Not disclosed for now
Use of 3rd Party American networking company
3rd-party Company Ipswitch, Inc.
Date June
Company State of Missouri
Data Breached Not disclosed for now
Use of 3rd Party State
3rd-party Company Ipswitch, Inc.
Date June
Company Minnesota Department of Education (MDE)
Data Breached Not disclosed for now
Use of 3rd Party Education Department
3rd-party Company Ipswitch, Inc.
Date June
Company The University of Rochester
Data Breached Not disclosed for now
Use of 3rd Party University
3rd-party Company Ipswitch, Inc.
Date June
Company The Canadian province of Nova Scotia
Data Breached Not disclosed for now
Use of 3rd Party Thirteen provinces and territories
3rd-party Company Ipswitch, Inc.
Date June
Company Boots
Data Breached Not disclosed for now
Use of 3rd Party UK Limited, trading as Boots
3rd-party Company Ipswitch, Inc.
Date June
Company Aer Lingus
Data Breached Not disclosed for now
Use of 3rd Party Flag carrier
3rd-party Company Ipswitch, Inc.
Date June
Company British Airways
Data Breached Not disclosed for now
Use of 3rd Party Flag carrier
3rd-party Company Ipswitch, Inc.
Date June
Company BBC
Data Breached Not disclosed for now
Use of 3rd Party Broadcasting company
3rd-party Company Ipswitch, Inc.
Date June
Company Ofcom
Data Breached Not disclosed for now
Use of 3rd Party Government office
3rd-party Company Ipswitch, Inc.
Date May
Company Paramount Health Care
Data Breached Names, addresses, and Social Security numbers.
Use of 3rd Party Health company
3rd-party Company NationsBenefits Holding, LLC
Date May
Company VCU Health System
Data Breached Names, addresses, and Social Security numbers.
Use of 3rd Party Academic medical center
3rd-party Company Credit Control Corporation
Date May
Company Valley Health System
Data Breached Names, addresses, and Social Security numbers.
Use of 3rd Party Regional healthcare system
3rd-party Company Credit Control Corporation
Date May
Company UVA Health System
Data Breached Names, addresses, and Social Security numbers.
Use of 3rd Party Hospital
3rd-party Company Credit Control Corporation
Date May
Company Tidewater Physicians Multispecialty Group
Data Breached Names, addresses, and Social Security numbers.
Use of 3rd Party Medical clinic
3rd-party Company Credit Control Corporation
Date May
Company Sentara Health System
Data Breached Names, addresses, and Social Security numbers.
Use of 3rd Party Integrated, not-for-profit health network serving
3rd-party Company Credit Control Corporation
Date May
Company Riverside Health System
Data Breached Names, addresses, and Social Security numbers.
Use of 3rd Party Integrated, not-for-profit health network serving
3rd-party Company Credit Control Corporation
Date May
Company Pariser Dermatology Specialists, Inc
Data Breached Names, addresses, and Social Security numbers.
Use of 3rd Party Dermatology Services
3rd-party Company Credit Control Corporation
Date May
Company Medical Center Radiology
Data Breached Names, addresses, and Social Security numbers.
Use of 3rd Party Radiology Center
3rd-party Company Credit Control Corporation
Date May
Company Mary Washington Healthcare
Data Breached Names, addresses, and Social Security numbers.
Use of 3rd Party Award-winning, non-profit healthcare system
3rd-party Company Credit Control Corporation
Date May
Company Emergency Physicians of Tidewater
Data Breached Names, addresses, and Social Security numbers.
Use of 3rd Party Medical group
3rd-party Company Credit Control Corporation
Date May
Company Dominion Pathology Laboratories
Data Breached Names, addresses, and Social Security numbers.
Use of 3rd Party Medical laboratory
3rd-party Company Credit Control Corporation
Date May
Company Children’s Specialty Group
Data Breached Names, addresses, and Social Security numbers.
Use of 3rd Party Multispecialty pediatric physician practice
3rd-party Company Credit Control Corporation
Date May
Company Children’s Hospital of the King’s Daughters Health System and its Affiliates
Data Breached Names, addresses, and Social Security numbers.
Use of 3rd Party Free-standing children’s hospital
3rd-party Company Credit Control Corporation
Date May
Company Chesapeake Regional Medical Center
Data Breached Names, addresses, and Social Security numbers.
Use of 3rd Party Medical services
3rd-party Company Credit Control Corporation
Date May
Company Chesapeake Radiology
Data Breached Names, addresses, and Social Security numbers.
Use of 3rd Party Radiology services
3rd-party Company Credit Control Corporation
Date May
Company Bayview Physicians Group
Data Breached Names, addresses, and Social Security numbers.
Use of 3rd Party Medical services
3rd-party Company Credit Control Corporation
Date May
Company Atlantic Orthopaedic Specialists
Data Breached Names, addresses, and Social Security numbers.
Use of 3rd Party Orthopedic services
3rd-party Company Credit Control Corporation
Date May
Company Discord
Data Breached User email addresses, contents of customer service messages, and attachments
Use of 3rd Party VoIP and instant messaging social platform.
3rd-party Company Zendesk
Date May
Company Whitman College
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Liberal arts college
3rd-party Company Brightline Health
Date May
Company Washington Trust Bank
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Bank
3rd-party Company Brightline Health
Date May
Company Walla Walla University
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party University
3rd-party Company Brightline Health
Date May
Company VERTEX
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Biotech company
3rd-party Company Brightline Health
Date May
Company University of Alaska
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party University
3rd-party Company Brightline Health
Date May
Company Undead Labs
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Video game developer
3rd-party Company Brightline Health
Date May
Company The Board of Directors of the Leland Stanford Junior University (Educated Choices)
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party University
3rd-party Company Brightline Health
Date May
Company Tanana Chiefs Conference
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Non-profit organization
3rd-party Company Brightline Health
Date May
Company Symetra Life Insurance Company
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Insurance Company
3rd-party Company Brightline Health
Date May
Company Spokane Teachers Credit Union
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Bank
3rd-party Company Brightline Health
Date May
Company Space Needle LLC & Center Art LLC
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Landmark
3rd-party Company Brightline Health
Date May
Company SOUTH SHORE HEALTH
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Independent non-profit health system
3rd-party Company Brightline Health
Date May
Company SolstenXP, Inc.
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Engineering consultant
3rd-party Company Brightline Health
Date May
Company Seward Association for the Advancement of Marine Science dba Alaska SeaLife Center
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Association
3rd-party Company Brightline Health
Date May
Company Seagen Inc.
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Biotechnology company
3rd-party Company Brightline Health
Date May
Company Rail Management Services
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Transportation service
3rd-party Company Brightline Health
Date May
Company Pyrotek Inc
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Consulting services
3rd-party Company Brightline Health
Date May
Company PND Engineers, Inc.
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Civil engineering company
3rd-party Company Brightline Health
Date May
Company Oberto Snacks Inc.
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Manufacturing company
3rd-party Company Brightline Health
Date May
Company Northwest Cascade, Inc.
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party General contractor
3rd-party Company Brightline Health
Date May
Company Nintendo of America Inc.
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Computer game developer
3rd-party Company Brightline Health
Date May
Company Municipality of Anchorage
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party City
3rd-party Company Brightline Health
Date May
Company MIIA
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Internet Service Providers
3rd-party Company Brightline Health
Date May
Company Manke Lumber Company Inc.
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Lumber store
3rd-party Company Brightline Health
Date May
Company MacDonald-Miller Facility Solutions, LLC
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Mechanical contractor
3rd-party Company Brightline Health
Date May
Company Legal Name: Continental Mills, Inc. Common Name: The Krusteaz Co
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Food products supplier
3rd-party Company Brightline Health
Date May
Company KPMG LLP
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party International Limited is a multinational professional services network
3rd-party Company Brightline Health
Date May
Company Kodiak Island Borough School District
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party School district
3rd-party Company Brightline Health
Date May
Company Keller Supply
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Plumbing supply store
3rd-party Company Brightline Health
Date May
Company IUOE
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Trade union
3rd-party Company Brightline Health
Date May
Company Insitu, Inc.
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Company that designs, develops and manufactures unmanned aerial systems.
3rd-party Company Brightline Health
Date May
Company Intel
Data Breached Source code
Use of 3rd Party Semiconductor corporation
3rd-party Company Micro Star International (MSI)
Date May
Company Kibble Equipment
Data Breached Sensitive personal identifiable information
Use of 3rd Party Commercial products
3rd-party Company Razor Consulting Solutions
Date May
Company Medicare & Medicaid Services (CMS)
Data Breached Name, address, claim number, dates of service, the last four digits of their Medicare Beneficiary number, and service/procedure descriptions with billing codes.
Use of 3rd Party Federal agency
3rd-party Company Palmetto GBA
Date May
Company Fermanagh and Omagh District Council
Data Breached Names, addresses, telephone numbers, email addresses, dates of birth and national insurance numbers.
Use of 3rd Party Government district
3rd-party Company Evide Impact Limited
Date May
Company Coles
Data Breached Employee details
Use of 3rd Party Supermarket company
3rd-party Company Latitude Financial Services
Date May
Company Queensway Carleton Hospital
Data Breached Name, gender, date of birth, marital status and mother tongue; home addresses, phone numbers, and email addresses; OHIP numbers; insurance policy numbers; health care providers; patient ID numbers; patient visit ID numbers; scheduled surgical dates; past medical history and procedure description.
Use of 3rd Party Hospital
3rd-party Company Aetonix Systems Inc.
Date May
Company Cornerstone Home Lending
Data Breached Name, address, loan number, and bank account information.
Use of 3rd Party Home lending
3rd-party Company Unknown
Date May
Company Cornerstone Home Lending
Data Breached Name, address, loan number, and bank account information.
Use of 3rd Party Home lending
3rd-party Company Unknown
Date May
Company Stanford University
Data Breached Names, contact information, member IDs, dates of birth and coverage information.
Use of 3rd Party University
3rd-party Company Brightline Health
Date May
Company Stanford Medicine Partners
Data Breached Names, contact information, member IDs, dates of birth and coverage information.
Use of 3rd Party HealthCare Alliance
3rd-party Company Brightline Health
Date May
Company Stanford Medicine Children’s Health
Data Breached Names, contact information, member IDs, dates of birth and coverage information.
Use of 3rd Party Children’s Health
3rd-party Company Brightline Health
Date May
Company Stanford Health Care Tri-Valley
Data Breached Names, contact information, member IDs, dates of birth and coverage information.
Use of 3rd Party Hospital
3rd-party Company Brightline Health
Date May
Company Razor Consulting Solutions
Data Breached Sensitive information.
Use of 3rd Party Consultant
3rd-party Company Rackspace Cloud
Date May
Company South Baldwin Regional Medical Center
Data Breached Names, addresses, dates of birth, Social Security numbers, insurance information, medical diagnosis and medications.
Use of 3rd Party Medical
3rd-party Company Community Health Systems
Date May
Company Medical Center Enterprise (Ala.)
Data Breached Names, addresses, dates of birth, Social Security numbers, insurance information, medical diagnosis and medications.
Use of 3rd Party Medical center
3rd-party Company Community Health Systems
Date May
Company Gadsden (Ala.) Regional Medical Center
Data Breached Names, addresses, dates of birth, Social Security numbers, insurance information, medical diagnosis and medications.
Use of 3rd Party Medical center
3rd-party Company Community Health Systems
Date May
Company Flowers Hospital
Data Breached Names, addresses, dates of birth, Social Security numbers, insurance information, medical diagnosis and medications.
Use of 3rd Party Medical
3rd-party Company Community Health Systems
Date May
Company Crestwood Medical Center
Data Breached Names, addresses, dates of birth, Social Security numbers, insurance information, medical diagnosis and medications.
Use of 3rd Party Medical center
3rd-party Company Community Health Systems
Date May
Company Grandview Medical Center
Data Breached Names, addresses, dates of birth, Social Security numbers, insurance information, medical diagnosis and medications.
Use of 3rd Party Medical center
3rd-party Company Community Health Systems
Date May
Company Webster Bank
Data Breached Names, Social Security numbers and financial account information.
Use of 3rd Party Commercial banking company
3rd-party Company Guardian Analytics, Inc.
Date May
Company Iowa Medicaid
Data Breached Names, addresses, diagnoses and treatment information, insurance carrier information, and insurance subscriber identification numbers.
Use of 3rd Party Health and Human Services
3rd-party Company Telligen, Inc.
Date April
Company Santa Clara Family Health Plan
Data Breached Names, demographic information, health insurance numbers, Social Security numbers, dates of service, phone numbers, and provider names.
Use of 3rd Party Health insurance agency
3rd-party Company GoAnywhere MFT
Date April
Company NationsBenefits Holding, LLC
Data Breached First and last name, address, phone number, date of birth, gender, health plan subscriber ID number, Social Security number, and/or Medicare number.
Use of 3rd Party Supplemental benefits company
3rd-party Company GoAnywhere MFT
Date April
Company Brightline Health
Data Breached Consumers’ names, addresses, member IDs, dates of birth, phone numbers, employers’ names and group ID numbers, and coverage start/end dates. After confirming that consumer data
Use of 3rd Party Technology-enabled behavioral health home
3rd-party Company GoAnywhere MFT
Date April
Company Aerospace Asset Trading, LLC
Data Breached Not disclosed for now
Use of 3rd Party Aircraft supply store
3rd-party Company 100X, Inc
Date April
Company Iowa Department of Health and Human Services – Iowa Medicaid Enterprise (Iowa HHS-IME)
Data Breached Not disclosed for now
Use of 3rd Party Low-cost insurance coverage for children and teens
3rd-party Company Independent Living Systems
Date April
Company Aerocor Engine Group, LLC
Data Breached Not disclosed for now
Use of 3rd Party Aviation consultant
3rd-party Company 100X, Inc
Date April
Company Freedom Air Industries Inc
Data Breached Not disclosed for now
Use of 3rd Party Transportation service
3rd-party Company 100X, Inc
Date April
Company Preferred Composite Services, Inc
Data Breached Not disclosed for now
Use of 3rd Party Composite and metal repairs services company
3rd-party Company 100X, Inc
Date April
Company AMP Aero Services
Data Breached Not disclosed for now
Use of 3rd Party Aircraft supply store
3rd-party Company 100X, Inc
Date April
Company Miami Aircraft Structures, Inc
Data Breached Not disclosed for now
Use of 3rd Party Aircraft maintenance company
3rd-party Company 100X, Inc
Date April
Company JetStream Capital, LLC
Data Breached Not disclosed for now
Use of 3rd Party Financial planner
3rd-party Company 100X, Inc
Date April
Company Sonic Aircraft Components, LLC
Data Breached Not disclosed for now
Use of 3rd Party Florida Limited Liability company
3rd-party Company 100X, Inc
Date April
Company Sal Aerospace Technologies, Inc
Data Breached Not disclosed for now
Use of 3rd Party Aviation engineering company
3rd-party Company 100X, Inc
Date April
Company NexGen Aero, LLC
Data Breached Not disclosed for now
Use of 3rd Party Aircraft supply store
3rd-party Company 100X, Inc
Date April
Company Encore Optical Laboratories LLC
Data Breached Not disclosed for now
Use of 3rd Party Eye care center
3rd-party Company 100X, Inc
Date April
Company Gearup Aviation Solutions, LLC
Data Breached Not disclosed for now
Use of 3rd Party Aviation asset trading company
3rd-party Company 100X, Inc
Date April
Company Brickell Asset Management
Data Breached Not disclosed for now
Use of 3rd Party Commercial company
3rd-party Company 100X, Inc
Date April
Company Affinity Aeronautical Solutions LLC
Data Breached Not disclosed for now
Use of 3rd Party Airlines and Aviation company
3rd-party Company 100X, Inc
Date March
Company Blue Shield of California
Data Breached Former employees data
Use of 3rd Party Software vendor
3rd-party Company GoAnywhere MFT
Date March
Company Saks Fifth Avenue
Data Breached Former employees data
Use of 3rd Party Software vendor
3rd-party Company GoAnywhere MFT
Date March
Company Pension Protection Fund
Data Breached Former employees data
Use of 3rd Party Software vendor
3rd-party Company GoAnywhere MFT
Date March
Company Virgin Group
Data Breached Former employees data
Use of 3rd Party Software vendor
3rd-party Company GoAnywhere MFT
Date March
Company City of Toronto
Data Breached Former employees data
Use of 3rd Party Software vendor
3rd-party Company GoAnywhere MFT
Date March
Company Tasmanian Government
Data Breached Former employees data
Use of 3rd Party Software vendor
3rd-party Company GoAnywhere MFT
Date March
Company Netherlands enterprise agency RVO
Data Breached Customer data
Use of 3rd Party Software vendor
3rd-party Company Nebu BV
Date March
Company De Nederlandse Spoorwegen
Data Breached Customer data
Use of 3rd Party Software vendor
3rd-party Company Nebu BV
Date March
Company Ervoersbedrijf Trevvel
Data Breached Customer data
Use of 3rd Party Software vendor
3rd-party Company Nebu BV
Date March
Company Health and safety body ArboNed
Data Breached Customer data
Use of 3rd Party Software vendor
3rd-party Company Nebu BV
Date March
Company Nederlandse Golf Federatie
Data Breached Customer data
Use of 3rd Party Software vendor
3rd-party Company Nebu BV
Date March
Company Marktonderzoeker USP
Data Breached Customer data
Use of 3rd Party Software vendor
3rd-party Company Nebu BV
Date March
Company Health care provider CZ
Data Breached Customer data
Use of 3rd Party Software vendor
3rd-party Company Nebu BV
Date March
Company Heineken
Data Breached Customer data
Use of 3rd Party Software vendor
3rd-party Company Nebu BV
Date March
Company VodafoneZiggo
Data Breached Customer data
Use of 3rd Party Software vendor
3rd-party Company Nebu BV
Date March
Company Cornell University, Ithaca College, Virginia Tech University, SUNY Oswego, Colorado State University, Loyola University Chicago and McMaster University
Data Breached Students’ credit and debit card information
Use of 3rd Party Software vendor
3rd-party Company AudienceView
Date March
Company Uber
Data Breached Private driver data
Use of 3rd Party Mid-size law firm
3rd-party Company Genova Burns
Date March
Company Hatch Bank
Data Breached Sensitive data
Use of 3rd Party Software vendor
3rd-party Company GoAnywhere MFT
Date March
Company Rubrik
Data Breached Sensitive data
Use of 3rd Party Software vendor
3rd-party Company GoAnywhere MFT
Date March
Company Investissement Québec
Data Breached Sensitive data
Use of 3rd Party Software vendor
3rd-party Company GoAnywhere MFT
Date March
Company Rio Tinto Group
Data Breached Sensitive data
Use of 3rd Party Software vendor
3rd-party Company GoAnywhere MFT
Date March
Company Hitachi Energy
Data Breached Sensitive data
Use of 3rd Party Software vendor
3rd-party Company GoAnywhere MFT
Date March
Company National Basketball Association
Data Breached Names and email addresses
Use of 3rd Party Email marketing vendor
3rd-party Company Unknown
Date March
Company SpaceX
Data Breached 3,000 drawings
Use of 3rd Party Laser cutting service
3rd-party Company Maximum Industries
Date March
Company AT&T
Data Breached Wireless accounts was exposed
Use of 3rd Party Telecommunications company
3rd-party Company Unknown
Date February
Company Community Health Systems
Data Breached Customer data was not compromised
Use of 3rd Party Software vendor
3rd-party Company GoAnywhere MFT
Date February
Company Boost Mobile
Data Breached Employees, customers, business, operations or financial information
Use of 3rd Party Satellite television company
3rd-party Company DISH Network Corporation
Date February
Company Sling TV
Data Breached Employees, customers, business, operations or financial information
Use of 3rd Party Satellite television company
3rd-party Company DISH Network Corporation
Date February
Company Applied Materials
Data Breached Names, email addresses, phone numbers, protected health information and insurance information
Use of 3rd Party Media vendor
3rd-party Company Rise Interactive
Date February
Company Edgepark Medical
Data Breached Names, email addresses, phone numbers, protected health information and insurance information
Use of 3rd Party Media vendor
3rd-party Company Rise Interactive
Date February
Company Sharp HealthCare
Data Breached Patient names, internal Sharp identification numbers and/or invoice numbers, payment amounts, and the names of the Sharp facilities receiving the payments.
Use of 3rd Party Regional health care group
3rd-party Company Unknown
Date February
Company Atlassian
Data Breached Email addresses, phone numbers, names
Use of 3rd Party Office functions vendor
3rd-party Company Envoy
Date February
Company Community Health Systems
Data Breached Personal and health information
Use of 3rd Party Software vendor
3rd-party Company GoAnywhere
Date January
Company University of Colorado Hospital Authority
Data Breached Names, Social Security numbers, financial account information, dates of birth, and protected health information
Use of 3rd Party Software vendor
3rd-party Company Diligent Corporation
Date January
Company Solana Foundation
Data Breached Name, URL, address, and email address
Use of 3rd Party Email marketing vendor
3rd-party Company MailChimp
Date January
Company Yuga Labs
Data Breached Name, URL, address, and email address
Use of 3rd Party Email marketing vendor
3rd-party Company MailChimp
Date January
Company WooCommerce
Data Breached Name, URL, address, and email address
Use of 3rd Party Email marketing vendor
3rd-party Company MailChimp
Date January
Company FanDuels
Data Breached Email addresses and names of customers, or potential customers, that are used to send marketing emails
Use of 3rd Party Email marketing vendor
3rd-party Company MailChimp
Date January
Company Nissan North America
Data Breached Full names, dates of birth, and NMAC account numbers
Use of 3rd Party Automotive industry company
3rd-party Company Unknown
Date January
Company Datadog
Data Breached Signing keys and its passphrase
Use of 3rd Party Software vendor
3rd-party Company CircleCI
Date January
Company KLM
Data Breached Names, email addresses, phone numbers, latest transactions, and Flying Blue information
Use of 3rd Party Loyalty program
3rd-party Company Flying Blue
Date January
Company Air France
Data Breached Names, email addresses, phone numbers, latest transactions, and Flying Blue information
Use of 3rd Party Loyalty program
3rd-party Company Flying Blue

2022 Data leaks

Data Leaks for 2022
Date
Company
Data Breached
Use of 3rd Party
3rd-party Company
Date July
Company Westchester Gardens
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Retirement community
3rd-party Company Infinity Rehab
Date July
Company Village Health & Rehab
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Rehabilitation center
3rd-party Company Infinity Rehab
Date July
Company Valley View Estates Health & Rehab
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Apartment building
3rd-party Company Infinity Rehab
Date July
Company St Anthony Health Center
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Doctor in Newcastle
3rd-party Company Infinity Rehab
Date July
Company Riverside Health & Rehab
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Nursing home
3rd-party Company Infinity Rehab
Date July
Company Hillside Health & Rehab
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Nursing home
3rd-party Company Infinity Rehab
Date July
Company Gardens at Terracina
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Rehabilitation center
3rd-party Company Infinity Rehab
Date July
Company Discovery Care Center
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Adult day care center
3rd-party Company Infinity Rehab
Date July
Company Able Palms Home Health
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Able Palms Home Health
3rd-party Company Infinity Rehab
Date July
Company Prospera Sunset Drive
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Nursing home
3rd-party Company Infinity Rehab
Date July
Company Prospera St Vincent’s
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Nursing home
3rd-party Company Infinity Rehab
Date July
Company Prospera Miller Pointe
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Rehabilitation center
3rd-party Company Infinity Rehab
Date July
Company Prospera Augusta Place
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Retirement community
3rd-party Company Infinity Rehab
Date July
Company Fairlawn Good Samaritan
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Physical therapist
3rd-party Company Infinity Rehab
Date July
Company Someren Glen
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Retirement home
3rd-party Company Infinity Rehab
Date July
Company Holly Creek Retirement Community
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Retirement community
3rd-party Company Infinity Rehab
Date July
Company Clermont Park
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Rehabilitation center
3rd-party Company Infinity Rehab
Date July
Company Secora Rehab of Cascadia
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Nursing home
3rd-party Company Infinity Rehab
Date July
Company Clearwater Health & Rehab of Cascadia
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Nursing home
3rd-party Company Infinity Rehab
Date July
Company Brookfield Rehab of Cascadia
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Nursing home
3rd-party Company Infinity Rehab
Date July
Company Bethany at Silver Lake
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Nursing home
3rd-party Company Infinity Rehab
Date July
Company Bethany at Pacific
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Rehabilitation center
3rd-party Company Infinity Rehab
Date October
Company Somnia Pain Management of Kentucky
Data Breached Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare IDs, and health information such as treatment and diagnosis information
Use of 3rd Party Healthcare practice
3rd-party Company Not disclosed
Date September
Company Anthem MaineHealth
Data Breached Names, Social Security numbers, addresses, dates of birth, phone numbers, email addresses, Medicare ID numbers, Medicaid ID numbers and health plan carrier names.
Use of 3rd Party Health insurance company
3rd-party Company Alight.com (Choice Health prev)
Date September
Company Humana
Data Breached Customers’ first and last names, Social Security numbers, Medicare beneficiary identification numbers, dates of birth, addresses, contact information and health insurance information
Use of 3rd Party Health insurance company
3rd-party Company Alight.com (Choice Health prev)
Date August
Company Anesthesia Associates of El Paso PA
Data Breached Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party Medical clinic
3rd-party Company Not disclosed
Date August
Company Anesthesia Associates of Maryland LLC
Data Breached Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party Medical clinic
3rd-party Company Not disclosed
Date August
Company Anesthesia Services of San Joaquin PC
Data Breached Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party Medical clinic
3rd-party Company Not disclosed
Date August
Company Bronx Anesthesia Services PC
Data Breached Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party Medical clinic
3rd-party Company Not disclosed
Date August
Company Fredericksburg Anesthesia Services LLC
Data Breached Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party Medical clinic
3rd-party Company Not disclosed
Date August
Company Grayling Anesthesia Associates PC
Data Breached Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party Medical clinic
3rd-party Company Not disclosed
Date August
Company Hazleton Anesthesia Services PC
Data Breached Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party Medical clinic
3rd-party Company Not disclosed
Date August
Company Lynbrook Anesthesia Services PC
Data Breached Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party Medical clinic
3rd-party Company Not disclosed
Date August
Company Palm Springs Anesthesia Services PC
Data Breached Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party Medical clinic
3rd-party Company Not disclosed
Date August
Company Providence WA Anesthesia Services PC
Data Breached Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party Medical clinic
3rd-party Company Not disclosed
Date August
Company Resource Anesthesiology Associates of CA A Medical Corporation
Data Breached Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party Medical clinic
3rd-party Company Not disclosed
Date August
Company FMC Services, LLC
Data Breached Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party Medical clinic
3rd-party Company Not disclosed
Date August
Company Resource Anesthesiology Associates of IL PC
Data Breached Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party Medical clinic
3rd-party Company Not disclosed
Date August
Company Resource Anesthesiology Associates PC
Data Breached Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party Medical clinic
3rd-party Company Not disclosed
Date August
Company Upstate Anesthesia Services PC
Data Breached Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party Medical clinic
3rd-party Company Not disclosed
Date July
Company Mid-Westchester Anesthesia Services
Data Breached Names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, medical record numbers, Medicaid/Medicare IDs, and health information, including diagnosis and treatment information
Use of 3rd Party Health care organization
3rd-party Company Not disclosed
Date July
Company Somnia, Inc.
Data Breached Names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, medical record numbers, Medicaid/Medicare IDs, and health information, including diagnosis and treatment information
Use of 3rd Party Health care organization
3rd-party Company Not disclosed
Date July
Company Resource Anesthesiology Associates of CT PC
Data Breached Names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, medical record numbers, Medicaid/Medicare IDs, and health information, including diagnosis and treatment information
Use of 3rd Party Health care organization
3rd-party Company Not disclosed
Date July
Company Resource Anesthesiology Associates of VA LLC
Data Breached Names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, medical record numbers, Medicaid/Medicare IDs, and health information, including diagnosis and treatment information
Use of 3rd Party Health care organization
3rd-party Company Not disclosed
Date July
Company Resource Anesthesiology Associates of NM Inc
Data Breached Names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, medical record numbers, Medicaid/Medicare IDs, and health information, including diagnosis and treatment information
Use of 3rd Party Health care organization
3rd-party Company Not disclosed
Date July
Company Resource Anesthesiology Associates Of KY PSC
Data Breached Names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, medical record numbers, Medicaid/Medicare IDs, and health information, including diagnosis and treatment information
Use of 3rd Party Health care organization
3rd-party Company Not disclosed
Date July
Company Saddlebrook Anesthesia Services PC
Data Breached Names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, medical record numbers, Medicaid/Medicare IDs, and health information, including diagnosis and treatment information
Use of 3rd Party Health care organization
3rd-party Company Not disclosed
Date July
Company Primary Anesthesia Services
Data Breached Names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, medical record numbers, Medicaid/Medicare IDs, and health information, including diagnosis and treatment information
Use of 3rd Party Health care organization
3rd-party Company Not disclosed
Date July
Company Somnia Pain Mgt of Kentucky
Data Breached Names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, medical record numbers, Medicaid/Medicare IDs, and health information, including diagnosis and treatment information
Use of 3rd Party Health care organization
3rd-party Company Not disclosed
Date December
Company St. Luke’s Health
Data Breached Names, birthdates, addresses, Social Security numbers, Medicaid numbers, service dates, and medical record numbers, clinical details
Use of 3rd Party Texas-based St. Luke’s Health provider
3rd-party Company Adelanto Healthcare Ventures
Date December
Company Sobeys
Data Breached Not disclosed for now
Use of 3rd Party The second largest supermarket chain
3rd-party Company Empire Co.
Date September
Company Magento
Data Breached Not disclosed for now
Use of 3rd Party Open-source eCommerce platform
3rd-party Company FishPig
Date August
Company Oklahoma Student Loan Authority
Data Breached 2.5M Student Loan Records
Use of 3rd Party Servicing system and web portal provider
3rd-party Company Nelnet Servicing
Date August
Company KeyBank
Data Breached Names, mortgage information, phone numbers, property information, home insurance information and Social Security numbers
Use of 3rd Party Insurance services vendor
3rd-party Company Overby-Seawell
Date August
Company LastPass, DoorDash, Okta and Authy
Data Breached Names, email addresses, delivery addresses, phone numbers, payment card numbers, LastPass technical information and source code
Use of 3rd Party Phone number verification services provider
3rd-party Company Twilio
Date August
Company Municipalities of Eijsden-Margraten, Gulpen-Wittem, Kerkrade, Meerssen and Vaals
Data Breached Not disclosed for now
Use of 3rd Party Software vendor
3rd-party Company Not disclosed
Date August
Company Sturm, Ruger & Company
Data Breached Names, shipping addresses, email addresses, credit and debit card numbers and expiration dates, security codes, and billing addresses
Use of 3rd Party Shopping cart and payment processing services provider
3rd-party Company Freestyle Solutions
Date August
Company Kiplepay Sdn Bhd
Data Breached Not disclosed for now
Use of 3rd Party Third-party payment gateway provider
3rd-party Company Not disclosed
Date August
Company Syracuse Pediatrics, Tully Physical Therapy, St. Joseph’s Medical, Salvation Army, and 24 organizations
Data Breached Patients’ names, home addresses, dates of treatment, health plan numbers, and medical record numbers
Use of 3rd Party Healthcare management services provider
3rd-party Company Practice Resources, LLC
Date August
Company Signal
Data Breached Phone numbers
Use of 3rd Party Phone number verification services provider
3rd-party Company Twilio
Date August
Company DigitalOcean, Edge, Messari, Decrypt
Data Breached Email addresses
Use of 3rd Party Email marketing service provider
3rd-party Company MailChimp
Date August
Company NHS
Data Breached Not disclosed for now
Use of 3rd Party IT provider
3rd-party Company Advanced
Date August
Company Orange Business Services
Data Breached Names, Social Security numbers, and birthdates of employees
Use of 3rd Party Telecommunications service provider
3rd-party Company Orange Silicon Valley
Date August
Company Lee County Emergency Medical Services
Data Breached Names, addresses, Social Security numbers, driver’s license numbers, government IDs, and medical information, such as treatment, diagnosis, and medical history
Use of 3rd Party Ambulance billing services vendor
3rd-party Company Intermedix Corporation
Date July
Company EdFinancial and Oklahoma Student Loan Authority
Data Breached Names, home addresses, email addresses, phone numbers and Social Security numbers
Use of 3rd Party Servicing system and customer website portal provider
3rd-party Company Nelnet Servicing
Date July
Company Sound Health and Wellness Trust
Data Breached Social Security numbers, names, addresses, and unique ID numbers
Use of 3rd Party Third-party administrator
3rd-party Company Zenith American Solutions
Date July
Company Boeing Employees’ Credit Union
Data Breached Names, addresses, account numbers, credit scores, and Social Security numbers
Use of 3rd Party Printing vendor
3rd-party Company Not disclosed
Date July
Company Celsius
Data Breached Customer emails
Use of 3rd Party Email delivery vendor
3rd-party Company Customer.io
Date July
Company Toronto Symphony Orchestra
Data Breached Names, email addresses, TSO Patron ID and information about TSO accounts (e.g. donor level, credit on account status, gift certificate status), personal information, demographic information (age range, gender, ethnicity), and opinions on the TSO
Use of 3rd Party Mailing list provider
3rd-party Company WordFly
Date July
Company American Health Imaging, Banner Medical Group, Belle Point Dental, Duck Creek Family Dental, Partners In Periodontics, and 652 organizations
Data Breached Dates of birth, Social Security numbers, health insurance and medical treatment information
Use of 3rd Party Accounts receivable management solutions provider
3rd-party Company Professional Finance Company
Date July
Company Arlington Skin
Data Breached Names, addresses, dates of birth, diagnostic and treatment information, health insurance information, and Social Security numbers
Use of 3rd Party VPN service provider
3rd-party Company Virtual Private Network Solutions
Date June
Company Baptist Health System, Resolute Health Hospital, The Hospitals of Providence Memorial Campus, Valley Baptist Medical Center – Brownsville, Valley Baptist Medical Center – Harlingen
Data Breached Names, dates of birth, addresses, Social Security numbers, driver’s license numbers, medical and treatment information, health insurance information, and billing information
Use of 3rd Party Provider of revenue cycle management and other administrative services
3rd-party Company Conifer Revenue Cycle Solutions
Date June
Company Blue Cross and Blue Shield of Massachusetts
Data Breached Names, Social Security numbers, addresses, and some pension benefit information
Use of 3rd Party Provider of digital and in-person total wellbeing solutions
3rd-party Company LifeWorks US
Date June
Company Burman & Zuckerbrod Ophthalmology Associates, Fishman Vision
Data Breached Names, Social Security numbers, addresses, phone numbers, driver’s license numbers, email addresses, dates of birth, medical record numbers, and health insurance information
Use of 3rd Party Eye care software provider
3rd-party Company EyeCare Leaders
Date June
Company OpenSea
Data Breached Email addresses
Use of 3rd Party Email delivery vendor
3rd-party Company Customer.io
Date June
Company Colorado Springs Utilities
Data Breached Customer names, addresses, account numbers, phone numbers, and email addresses
Use of 3rd Party Third-party subcontractor
3rd-party Company Not disclosed
Date June
Company Priority Health
Data Breached Names, pharmacy and claim information, drug names, and prescription dates from certain prescriptions filled in 2012
Use of 3rd Party Legal services provider
3rd-party Company Warner Norcross & Judd
Date May
Company St. Luke’s
Data Breached Patient names, insured names, addresses, phone numbers, ID numbers, dates of birth, last five digits of Social Security numbers, descriptions of services, billing amounts, outstanding balances, payment due dates, and status of the accounts
Use of 3rd Party Billing services vendor
3rd-party Company Kaye-Smith
Date May
Company EvergreenHealth
Data Breached Patient names, dates of birth, medical record numbers, and treatment information
Use of 3rd Party EMR provider
3rd-party Company MyCare
Date May
Company K12 Schools in NY
Data Breached Students’ grades and private messages with parents
Use of 3rd Party Education software provider
3rd-party Company Illuminate Education
Date May
Company Hospitals in Northern California
Data Breached Names, Social Security numbers, dates of birth, addresses
Use of 3rd Party Medi-Cal managed service provider
3rd-party Company Partnership HealthPlan of California
Date May
Company Mangatoon
Data Breached Names, email addresses, genders, social media account identities, auth tokens from social logins and salted MD5 password hashes
Use of 3rd Party Search-powered solutions provider
3rd-party Company Elasticsearch
Date April
Company Blue Cross Blue Shield of Arizona, Clover Health, Kaiser Permanente, Point32Health, UPMC Health Plan, and 33 healthcare organizations
Data Breached Names, PII, addresses, dates of birth, date of service, description of service, diagnosis codes, information provided as part of a health assessment, and member ID
Use of 3rd Party Mailing and printing services vendor
3rd-party Company OneTouchPoint
Date April
Company Sunwing Airlines
Data Breached Not disclosed
Use of 3rd Party Provider of solutions to the aviation industry
3rd-party Company Airline Choice
Date April
Company Dis-Chem
Data Breached First names, surnames, email addresses and cellphone numbers
Use of 3rd Party Third-party service provider
3rd-party Company Not disclosed
Date March
Company Central Maine Medical Center
Data Breached Names, Social Security numbers, dates of birth, and medical or treatment details
Use of 3rd Party Imaging and ambulatory surgical services provider
3rd-party Company Shields Health Care Group Inc.
Date March
Company UNC Lenoir Health Care, Avera Health, CHI Health, Phelps Health, and 4 organizations
Data Breached Names, addresses, phone numbers, gender, dates of birth, medical codes, and Social Security numbers
Use of 3rd Party Healthcare software provider
3rd-party Company MCG Health
Date March
Company Rennline
Data Breached Names, credit or debit card numbers, expiration dates, card verification codes (CVV), billing addresses, and transaction details
Use of 3rd Party Software vendor
3rd-party Company Freestyle Solutions
Date March
Company Okta
Data Breached Employee credentials
Use of 3rd Party Customer service provider
3rd-party Company Sykes Enterprises
Date March
Company Okta customers
Data Breached User credentials
Use of 3rd Party Access & authentication management vendor
3rd-party Company Okta
Date March
Company Highmark
Data Breached Not disclosed
Use of 3rd Party Printing and mailing vendor
3rd-party Company Quantum Group
Date March
Company DataHEALTH
Data Breached Names, addresses, phone numbers, Medical information, insurance information, dates of birth, payment information, and Social Security numbers.
Use of 3rd Party Hosting & software vendor
3rd-party Company Not disclosed
Date March
Company Oklahoma’s Department of Human Services (OKDHS)
Data Breached Names, addresses, dates of birth, ages, phone numbers, Social Security numbers, and some Medicaid information
Use of 3rd Party Healtcare vendor
3rd-party Company Liberty of Oklahoma
Date March
Company Acro
Data Breached Cardholder names, payment card numbers, dates of expiry, and security codes
Use of 3rd Party Payment processing vendor
3rd-party Company Not disclosed
Date March
Company Samsung, Qualcomm
Data Breached Source code
Use of 3rd Party Hardware contractor
3rd-party Company Nvidia
Date February
Company Not disclosed
Data Breached Names, dates of birth and Social Security numbers
Use of 3rd Party Healthcare provider
3rd-party Company Comprehensive Health Services
Date February
Company Fortune 500 companies
Data Breached Names, addresses, Social Security numbers, birthdates, client identification numbers, medical diagnostic and treatment information, and health insurance information
Use of 3rd Party Business service provider
3rd-party Company Morley Companies
Date February
Company Internet Society
Data Breached Names, emails, mailing addresses, and logins
Use of 3rd Party Third-party vendor
3rd-party Company Not disclosed
Date February
Company Oklahoma City Police Department
Data Breached Victims’ last names, addresses, and health-related information
Use of 3rd Party DNA research contractor
3rd-party Company DNA Solutions Inc.
Date February
Company Memorial Health System
Data Breached First names, last names, dates of birth, Social Security numbers, driver’s licenses numbers, financial information, health insurance information and treatment information
Use of 3rd Party Software vendor
3rd-party Company Advent Health Partners
Date January
Company Good Samaritan Society, Mission Healthcare at Renton, Prestige Care, Rockwood South Hill, Kin On Health Care Center, and 63 organizations
Data Breached Names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Provider in therapy services
3rd-party Company Infinity Rehab
Date January
Company A-One Home Health Services, Bend Transitional Care, Infinity Rehab, Salem Transitional Care, The Arbor at Avamere Court, and 75 organizations
Data Breached Names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Healthcare provider
3rd-party Company Avamere Health Services
Date January
Company Entira Family Clinics
Data Breached Names, addresses, Social Security numbers and medical histories
Use of 3rd Party Hosting provider
3rd-party Company Netgain
Date January
Company Government of South Australia
Data Breached Names, dates of birth, addresses and tax file numbers
Use of 3rd Party Payroll provider
3rd-party Company Frontier Software
Date January
Company Baptist Memorial Health Care, Butler Health Systems, Children’s Healthcare of Atlanta, Hoag Health System, and 28 organizations
Data Breached Patient names, dates of birth, dates of service, provider names, Social Security numbers, driver’s license numbers, treatment information, and health insurance information
Use of 3rd Party Technology vendor
3rd-party Company Ciox Health
Date January
Company Red Cross
Data Breached Not disclosed
Use of 3rd Party Hosting provider
3rd-party Company Not disclosed

2021 Data Leaks

Data Leaks for 2021
Date
Company
Data Breached
Use of 3rd Party
3rd-party Company
Date November
Company QRS Clients
Data Breached Names, birth dates, addresses, Social Security numbers, portal usernames, medical treatment and diagnosis information, and patient identification numbers.
Use of 3rd Party EHRS vendor
3rd-party Company QRS
Date October
Company Anthem, Humana
Data Breached First and last names, birth dates, phone numbers, member ID numbers, clinical data pertaining to kidney care services, and addresses.
Use of 3rd Party IT vendor
3rd-party Company PracticeMax
Date October
Company Fullerton Health
Data Breached Names, identification numbers, and contact details, bank account details in “a few cases” and “certain limited health-related information”
Use of 3rd Party Software vendor
3rd-party Company Agape Connecting People
Date October
Company Durham Regional Government
Data Breached Medical reports, complaints about medical treatment, and potential evidence in a criminal case
Use of 3rd Party Software provider
3rd-party Company Not disclosed
Date September
Company NRS
Data Breached PII and biometrics
Use of 3rd Party Slot machine operator
3rd-party Company Dotty’s
Date August
Company Renaissance Life & Health Insurance
Data Breached Policy holder names, addresses, birthdates, policy numbers, and other health insurance information
Use of 3rd Party Administrative service vendor
3rd-party Company Secure Administrative Solutions LLC
Date August
Company First Horizon Bank
Data Breached 200 online customer bank accounts
Use of 3rd Party Software
3rd-party Company Not disclosed
Date August
Company American Airlines, Ford, Maryland Department of Health, New York City Municipal Transportation Authority, and the state of Indiana.
Data Breached Names, COVID-19 contact tracing information, vaccination appointments, Social Security numbers, employee IDs, and email addresses.
Use of 3rd Party Business app
3rd-party Company Microsoft
Date August
Company Catholic Health
Data Breached Patients’ health information
Use of 3rd Party Software vendor
3rd-party Company CaptureRx
Date July
Company Jefferson’s Kimmel Cancer Center
Data Breached Patient names, birth dates, medical record numbers, and clinical information related to treatment at Jefferson Health such as treatment plan, diagnosis, or prescription information. For some patients, Social Security number was also included as well.
Use of 3rd Party Cloud provider
3rd-party Company Elekta
Date July
Company Memorial Health System
Data Breached Names, birthdates, medical information
Use of 3rd Party Billing vendor
3rd-party Company Guidehouse
Date July
Company Saudi Aramco
Data Breached **Employees: name, photo, passport copy, email, phone number, residence permit (Iqama card) number, job title, ID numbers, family information, etc. **Project specification for systems related to/including electrical/power, architectural, engineering, civil, construction management, environmental, machinery, vessels, telecom, etc. Internal analysis reports, agreements, letters, pricing sheets, etc. **Network layout mapping out the IP addresses, **Scada points, Wi-Fi access points, IP cameras, and IoT devices. **Location map and precise coordinates. **List of Aramco’s clients, along with invoices and contracts
Use of 3rd Party Third-party contractor
3rd-party Company Not disclosed
Date July
Company Hospitals
Data Breached Name, address, email address, date of birth, driver’s license number, Social Security number, diagnosis, laboratory and treatment information, patient identification number, medication information, health insurance identification and claims information, tax identification number, employee username with password, employee username with security questions and answers, and bank account and/or credit card/debit card information
Use of 3rd Party Medical management services provider
3rd-party Company PracticeFirst
Date July
Company Hospitals
Data Breached Name, tax ID, social security number, date of birth, other government-issued ID, telephone number, healthcare account number and balance, date of service, ClearBalance loan number and balance, personal banking information, clinical information, health insurance information, and full-face photographic image
Use of 3rd Party Medical loan provider
3rd-party Company ClearBalance
Date July
Company SpreadGroup Customers
Data Breached Financial data
Use of 3rd Party Clothing and retail vendor
3rd-party Company Spreadshirt, Spreadshop, and TeamShirts
Date July
Company Morgan Stanley
Data Breached Stock plan participants’ names, addresses, dates of birth, Social Security Numbers, corporate company names
Use of 3rd Party Account maintenance services
3rd-party Company Guidehouse, Accellion
Date July
Company MSPs and Clients including Visma EssCom, Coop, SoCal Computers
Data Breached Availability of systems
Use of 3rd Party IT management software for MSP
3rd-party Company Kaseya
Date June
Company Ohio Medicaid Program
Data Breached Names, dates of birth, Social Security numbers, addresses
Use of 3rd Party Medicaid contractor
3rd-party Company Maximus
Date June
Company CVS Health
Data Breached COVID-19 vaccines and medications
Use of 3rd Party Hosting vendor
3rd-party Company Not disclosed
Date June
Company U.S. Lawmakers (House legislators)
Data Breached Availability of e-mail newsletters
Use of 3rd Party E-mail newsletter
3rd-party Company iConstituent
Date June
Company Mercedes-Benz USA
Data Breached Credit card information, Social security numbers, and driver license numbers of under 1,000 Mercedes-Benz customers and potential buyers
Use of 3rd Party Vendor
3rd-party Company Not disclosed
Date June
Company Cancer Centers of Southwest Oklahoma inc. Renown Health, Northwestern Memorial HealthCare
Data Breached Names, Social Security numbers, addresses, birth dates, medical diagnosis and treatment details.
Use of 3rd Party Cloud provider
3rd-party Company Elekta
Date June
Company AmeriGas
Data Breached Internal email with spreadsheet attachments containing 123 AmeriGas employees’ information, including Lab IDs, social security numbers, driver’s license numbers, and dates of birth
Use of 3rd Party Regulatory compliance vendor
3rd-party Company J. J. Keller
Date June
Company Volkswagen Group of America
Data Breached First and last name, personal or business mailing address, email address, or phone number. For some instances, a vehicle purchased, leased, or inquired about, such as the Vehicle Identification Number (VIN), make, model, year, color, and trim packages.
Use of 3rd Party Digital marketing vendor
3rd-party Company Shift Digital
Date June
Company Harbor Regional Health
Data Breached Healthcare data
Use of 3rd Party Software vendor
3rd-party Company CaptureRX
Date June
Company Blue Cross Blue Shield of Kansas City
Data Breached Customer back up files (details not disclosed)
Use of 3rd Party Software vendor
3rd-party Company Logicgate
Date May
Company U.S. Government
Data Breached Not disclosed
Use of 3rd Party Security defense contractor
3rd-party Company BlueForce
Date May
Company U.S. Department of Energy
Data Breached Email addresses, communication information of employees, sensitive files
Use of 3rd Party Physics lab
3rd-party Company Fermilab
Date May
Company Fasttrack Customers
Data Breached Full names, Email addresses, Home addresses, Dates of birth, Passport numbers, Applicant photos, Mobile phone numbers, Social network URLs for some applicants.
Use of 3rd Party Recruitment vendor
3rd-party Company Fasttrack Recruitment
Date May
Company Japanese Government, The Ministry of Land, Infrastructure, Transport, and Tourism
Data Breached At least 76,000 email addresses were exposed, including those belonging to individuals outside of the ministry
Use of 3rd Party Software vendor
3rd-party Company Fujitsu
Date May
Company Canada Post
Data Breached Sender and receiver contact information, names, and mailing addresses
Use of 3rd Party Software vendor
3rd-party Company CommPort Communications
Date May
Company Ardagh Clients
Data Breached Not disclosed
Use of 3rd Party Glass and metal packaging manufacturer
3rd-party Company Ardagh
Date May
Company Monday.com, Rapid7, Twilio, Mercari
Data Breached Source code
Use of 3rd Party Software auditing company
3rd-party Company CodeCov
Date May
Company Fox’s clinic, the Alpine Center for Diabetes, Endocrinology and Metabolism
Data Breached Availability of EHR
Use of 3rd Party EHR vendor
3rd-party Company APRIMA
Date May
Company AC Health Systems and San Diego Family Care (SDFC), CareSouth Carolina, Health Center Partners of Southern California
Data Breached Personal data including SSN
Use of 3rd Party Managed IT services
3rd-party Company Netgain
Date May
Company Pennsylvania Health Department
Data Breached Names of individuals who were potentially exposed to COVID-19, positive or negative test results, any experienced symptoms, household members, and some contact information
Use of 3rd Party Contact tracing app vendor
3rd-party Company Insights Global
Date May
Company University of Houston
Data Breached Financial data of students
Use of 3rd Party Cap/ Gown vendor
3rd-party Company Herff Jones
Date May
Company UPMC Cole, Hidalgo Medical Services, Trinity Health Twin City Hospital, HopeHealth, Massena Hospital, Penobscot Community Health Care,and UPMC Wellsboro, Lourdes Hospital, Faxton St. Luke’s Healthcare, Gifford Health Care, Thrifty Drug Stores(possibly)
Data Breached Healthcare data
Use of 3rd Party Software vendor
3rd-party Company CaptureRX
Date April
Company Peach Aviation, ZIPAIR Tokyo, Air Belgium, Sky Airlines, Air Transat, Vietravel, Aero K Airlines, Salam Air, FlySafair, Air India Express, Wingo
Data Breached Availability of customer reservation systems
Use of 3rd Party Software Vendor
3rd-party Company Radixx (subsidiary of Sabre Corporation)
Date April
Company Japanese Prime Minister’s Cabinet Office
Data Breached Not disclosed
Use of 3rd Party File sharing appliance vendor
3rd-party Company Soliton (FileZen application)
Date April
Company Click Studios Customers
Data Breached Employee and local admin accounts
Use of 3rd Party Password manager (Passwordstate)
3rd-party Company Click Studios
Date April
Company Apple
Data Breached Macbook blueprints
Use of 3rd Party Macbook manufacturer
3rd-party Company Quanta
Date April
Company Amazon, Flipkart, Myntra, Swiggy, and Zomato
Data Breached Shipping labels and customer receipts
Use of 3rd Party B2B packaging vendor
3rd-party Company Bizongo
Date April
Company Centene Subsidiaries (HealthNet, CHW)
Data Breached Contact details, dates of birth, insurance ID numbers, and health information, such as treatments and medical conditions.
Use of 3rd Party File sharing application
3rd-party Company Accellion
Date April
Company CallX Customers (possibly Lendingtree, Liberty Mutual Insurance and Vivint among the clients)
Data Breached Audio recordings, transcripts of chats, full names, home addresses, phone numbers and more.
Use of 3rd Party Telemarketing
3rd-party Company CallX
Date April
Company Apple Valley Clinic
Data Breached Names, dates of birth, Social security numbers, bank account and routing numbers, patient billing information, medical information, such medical symptoms and diagnosis
Use of 3rd Party IT services
3rd-party Company Netgain
Date April
Company Atlassian, Procter & Gamble, GoDaddy, The Washington Post
Data Breached Not disclosed
Use of 3rd Party Software auditing company
3rd-party Company CodeCov
Date April
Company Department of Health and Human Services,UChicago, King’s Daughters’ Health System, OSF HealthCare, Aspirus, UChicago Medicine, and Memorial Hermann Health System.
Data Breached Subscriber ID,Social Security numbers, diagnoses, conditions, claims data, dates of services, medical procedure codes, insurance policy numbers, provider names, contact details, and dates of birth.
Use of 3rd Party Revenue cycle service provider
3rd-party Company MedData
Date April
Company Stanford University, the University of Maryland, Baltimore, and the University of California at Berkeley
Data Breached Variety of personally identifiable information, including federal tax documents, passports, addresses, birth dates, bank account information and Social Security numbers
Use of 3rd Party File sharing app
3rd-party Company Accellion
Date April
Company Wiener & Kennedy
Data Breached Possibly employee sensitive information
Use of 3rd Party Accounting firm
3rd-party Company Perkins & Co, Netgain (4th party)
Date April
Company Doctors Medical Center
Data Breached Patients’ names, addresses, procedure information
Use of 3rd Party Virtual waiting room vendor
3rd-party Company Medifie
Date April
Company Biotel Heart
Data Breached Social Security numbers, medical records, contact information
Use of 3rd Party Third-party vendor
3rd-party Company Not disclosed
Date April
Company Upstox
Data Breached Contact data and KYC details of customers
Use of 3rd Party Third-party data warehouse systems
3rd-party Company Not disclosed
Date April
Company Celcius
Data Breached Customer emails
Use of 3rd Party Email distribution vendor
3rd-party Company Not disclosed
Date April
Company Tata Communications, Bharti Airtel and DBS Bank
Data Breached Not disclosed
Use of 3rd Party Cloud company
3rd-party Company Route mobil
Date April
Company Subsidiaries of Personal Touch, Personal Touch Retirement Solutions, Personal Touch Mortgage Administration Services
Data Breached Social Security numbers, financial information, medical records and more of patients, employees and dependents
Use of 3rd Party Parent company
3rd-party Company Personal Touch Holding Corp.
Date April
Company Ei2
Data Breached Names, identification number, contact information, educational qualifications, and employment history
Use of 3rd Party Contact centre solution provider
3rd-party Company I-vic International
Date April
Company Park Mobile
Data Breached Customer email addresses, dates of birth, phone numbers, license plate numbers, hashed passwords and mailing addresses
Use of 3rd Party Third-party software
3rd-party Company Not disclosed
Date March
Company Royal Dutch Shell
Data Breached Personal data and data belonging to stakeholders
Use of 3rd Party Third-party file transfer application
3rd-party Company Accellion
Date March
Company Trillium Community Health Plan, Southern Illinois University School of Medicine
Data Breached Contact information, insurance ID numbers, dates of birth, and health information, such as medical conditions and treatments.
Use of 3rd Party Third-party file transfer application
3rd-party Company Accellion
Date March
Company Israeli Likud Party
Data Breached Full name, sex, home address, and, in many cases, cellphone number and responses to political polling for 6.5 million Israeli adults.
Use of 3rd Party Polling app vendor
3rd-party Company Elector Software
Date March
Company Piedmont Health Services
Data Breached Patients’ name, date of birth, address, social security number and diagnosis codes.
Use of 3rd Party Administrative services vendor
3rd-party Company PeakTPA
Date March
Company Armed Forces Communications, Electronics Association and the US Geospatial Intelligence Foundation
Data Breached Members’ names and addresses
Use of 3rd Party Event management vendor
3rd-party Company SPARGO
Date March
Company Poll County Schools
Data Breached Students’ names, dates of birth, and student identification numbers.
Use of 3rd Party Technology vendor (for school nutrition)
3rd-party Company PCS Revenue Systems
Date March
Company Schools, jail cells, hospital ICUs, and major companies like Tesla, Nissan, Equinox, Cloudflare
Data Breached Video footages
Use of 3rd Party Security camera vendor
3rd-party Company Verkada
Date March
Company Calviva Health
Data Breached Patients’ data
Use of 3rd Party Business associate
3rd-party Company Health Net Community Solutions, Inc, Accellion
Date March
Company University of Miami Health
Data Breached Patients’ health information
Use of 3rd Party Third-party file transfer application
3rd-party Company Accellion
Date March
Company Wake Forest Baptist Health, Lexington Medical Center
Data Breached Patient names, addresses, LMC medical record numbers, Social Security numbers and health insurance details.
Use of 3rd Party IT vendor
3rd-party Company Healthgrades
Date March
Company Austin ISD
Data Breached Students’ name, their identification number, and date of birth
Use of 3rd Party Third-party vendor
3rd-party Company not disclosed
Date March
Company Flagstar Bank
Data Breached Social Security numbers and mailing addresses
Use of 3rd Party Third-party file transfer application
3rd-party Company Accellion
Date March
Company Multicare Health Services
Data Breached Names, addresses, Social Security numbers, medical record numbers, bank account numbers and medical record disclosure logs
Use of 3rd Party Technology vendor
3rd-party Company Netgain
Date March
Company European Banking Authority
Data Breached Emails
Use of 3rd Party Email server
3rd-party Company Microsoft
Date March
Company Halkbank, Ziraat Bankasi, Pegasus Airllines
Data Breached Availability of the websites
Use of 3rd Party Domain registrar
3rd-party Company Atak Domain
Date March
Company Singapore Airlines, Air New Zealand, British Airways, American Airlines, Lufthansa, Malaysia Airlines, Finnair, Japan Airlines, United Airlines, SAS, Cathay Pacific, and South Korean airline Juju Air. Star Alliance
Data Breached Membership number and tier status
Use of 3rd Party IT vendor
3rd-party Company SITA
Date March
Company Qualys
Data Breached Customer data possibly including invoices, purchase orders, tax documents, and scan reports
Use of 3rd Party Third-party file transfer application
3rd-party Company Accellion
Date February
Company Airbus, Air Caraïbes, ArcelorMittal, BT, Luxottica, Kuehne + Nagel, Ministère de la Justice français, New Zealand Police, PWC Russia, Salomon, Sanofi, and Sephora (possibly)
Data Breached Not disclosed
Use of 3rd Party IT vendor
3rd-party Company Centreon
Date February
Company Jamaican Government
Data Breached Over 425,000 immigration documents, COVID-19 results
Use of 3rd Party Software vendor
3rd-party Company Amber Group
Date February
Company City of Kirkland, Monroe, Redmonde, Seattle, Lakewood Water District,
Data Breached Personal information include contain names, addresses, license plate numbers and vehicle identification numbers (VIN)
Use of 3rd Party Payment processor
3rd-party Company AFTS
Date February
Company Sitepoint, teespring
Data Breached Email addresses
Use of 3rd Party Web analytics
3rd-party Company WayDev
Date February
Company Ubiquiti Networks
Data Breached User accounts – including include names, email addresses, and salted and hashed passwords. Also home addresses and phone numbers for some users.
Use of 3rd Party Cloud provider
3rd-party Company Not disclosed
Date February
Company French Government
Data Breached Customer accounts and source code of Stormshield Network Security (SNS)
Use of 3rd Party Cybersecurity vendor
3rd-party Company Stormshield
Date February
Company Ramsey County, (Minnesota) Family Health Division
Data Breached Names, addresses, dates of birth, dates of service, telephone numbers, account numbers, health insurance information,medical information and possibly SSN
Use of 3rd Party Managed IT services
3rd-party Company Netgain
Date February
Company Beaumont Health
Data Breached Unauthorized appointments
Use of 3rd Party Appointment scheduling software
3rd-party Company Epic Software
Date February
Company Defense Industry & Wind River Customers
Data Breached Social Security numbers, passport and visa details, dates of birth and driver’s license numbers, as well as health information and financial account information
Use of 3rd Party Embedded software vendor
3rd-party Company Wind River Systems
Date February
Company Florida Healthy Kids Corporation (FHKC)
Data Breached Full names, dates of birth, email addresses, phone numbers, physical addresses, social security numbers, secondary insurance information, familial relationships to the child in question, and financial details
Use of 3rd Party Web hosting vendor
3rd-party Company Jelly Bean Communications Design
Date February
Company Fertility Clinics incl. Shady Grove Fertility, Reproductive Science Center San Francisco, IVF Florida, and Fertility Center of Illinois
Data Breached Contact details, dates of birth, MPI numbers, medical record information, health insurance data, financial account details, passport numbers, diagnoses, treatments, and Social Security numbers
Use of 3rd Party Support vendor
3rd-party Company USF
Date February
Company Goodwin Procter, QIMR Berghofer Medical Research Institute, Allens, Jones Day
Data Breached Clients’ confidential information
Use of 3rd Party Third-party file transfer application
3rd-party Company Accellion
Date February
Company City of Monroe, Kirkland, Redmond
Data Breached Bank account numbers, routing information, names, addresses, billing amounts and utility account numbers of customers
Use of 3rd Party Utility bill payment vendor
3rd-party Company Automatic Funds Transfer Services
Date February
Company Microsoft 365 exchange infrastructure
Data Breached Microsoft 365 email accounts
Use of 3rd Party Certificate provider
3rd-party Company Mimecast
Date February
Company Washington State Auditor, SingTel, University of Colorado, Bombardier
Data Breached Social Security numbers and banking information
Use of 3rd Party Third-party file transfer application
3rd-party Company Accellion
Date January
Company SonicWall Customers
Data Breached Unknown at this stage
Use of 3rd Party Cybersecurity vendor
3rd-party Company SonicWall
Date January
Company Defence Forces, Para Military Forces and Intelligence Agencies of India
Data Breached Company emails
Use of 3rd Party Defence tech service provider
3rd-party Company ELCOM Innovations
Date January
Company United Parcel Service (UPS) and Norfolk Southern Railroad
Data Breached Full names, Social Security numbers, details of medical examinations, drug and alcohol testing reports, and scans of driver’s licenses
Use of 3rd Party Occupational healthcare provider
3rd-party Company Taylor Made Diagnostics (TMD)
Date January
Company Bonobos
Data Breached Names and telephone numbers associated with 7 million customers or orders, 3.5 million records containing the last four digits of credit card numbers, and account information for 1.8 million customers, including encrypted passwords
Use of 3rd Party Cloud service provider
3rd-party Company Not disclosed
Date January
Company Saskatchewan HAL system
Data Breached Customer name and HAL account identification number for about 33,000 email addresses.
Use of 3rd Party Software company
3rd-party Company Aspira
Date January
Company Supply chain for Audi, BMW, Mercedes, Porsche, Saab, Volkswagen and Volvo across North America
Data Breached Full names, addresses, phone numbers, and exact working hours of at least 12 NameSouth employees, credit card statements
Use of 3rd Party OEM company
3rd-party Company NameSouth
Date January
Company North Korean Stock Investment Firms
Data Breached Unknown at this stage
Use of 3rd Party Stock investment app
3rd-party Company Not disclosed
Date January
Company Facebook, Instagram, LinkedIn
Data Breached Personal data of 214 million social media users
Use of 3rd Party Third-party app
3rd-party Company SocialArk
Date January
Company OmniTRAX
Data Breached Internal OmniTRAX documents, contents of employee computers
Use of 3rd Party Parent company
3rd-party Company Broe Group
Date January
Company New Zeland Reserve Bank, Australian Securities and Investments Commission (ASIC)
Data Breached Commercially and personally sensitive information
Use of 3rd Party Third-party file transfer application
3rd-party Company Acellion Software

2020 Data Leaks

Data Leaks for 2020
Date
Company
Data Breached
Use of 3rd Party
3rd-party Company
Date December
Company Mongolian Government Agencies
Data Breached HR chat messages
Use of 3rd Party Software vendor for chatting app
3rd-party Company Able Software
Date December
Company Microsoft
Data Breached Credentials for Azure
Use of 3rd Party Third-party reseller
3rd-party Company Not disclosed
Date Deecember
Company Medical Facilities
Data Breached Full names and dates of birth, postal and email addresses, phone numbers, passport details, credit card numbers, medical records and recent test results and diagnoses.
Use of 3rd Party Software vendor
3rd-party Company iSofH
Date December
Company Dental Practices
Data Breached Patient names, contact details, dental diagnoses, treatment information, patient account numbers, billing details, dentists’ names, bank account numbers, and health insurance data.
Use of 3rd Party Support vendor-accounting billing
3rd-party Company Dental Care Alliance (DCA)
Date December
Company Now:Pensions
Data Breached Names, postal and email addresses, birth dates and national insurance numbers of 30,000 customers
Use of 3rd Party Third-party contractor
3rd-party Company Not disclosed
Date December
Company Private and Government Organizations in Vietnam
Data Breached Digital certificate toolkit
Use of 3rd Party Certificate authority
3rd-party Company Vietnam Certification Authority
Date December
Company FireEye customers
Data Breached Red-team tools
Use of 3rd Party CyberSecurity firm
3rd-party Company FireEye
Date December
Company Department of Treasury and Commerce, Cisco, SAP, Intel, Cox Communications, Deloitte, Fujitsu, Rakuten, Check Point
Data Breached Customers’ email traffic
Use of 3rd Party Network management software vendor
3rd-party Company SolarWinds
Date November
Company Customers of Belden
Data Breached Data of some current and former employees, as well as some company information
Use of 3rd Party Networking equipment vendor
3rd-party Company Belden
Date November
Company Great Heart Academies
Data Breached Names and contact information
Use of 3rd Party Cloud and CRM provider
3rd-party Company Blackbaud
Date November
Company LensCrafters, Target Optical, EyeMed, and other eye care practices
Data Breached Contact details, health insurance policy numbers, and appointment notes related to treatment, such as health conditions, procedures, and prescriptions, as well as other sensitive data, including the credit card information and Social Security information of some patients
Use of 3rd Party Appointment app provider
3rd-party Company Luxottica
Date November
Company Insurance Carriers in Texas, Colarodo
Data Breached Driver’s license numbers, names, dates of birth, addresses and vehicle registration histories
Use of 3rd Party Insurance software company
3rd-party Company Vertafore
Date November
Company First Federal Community Bank, Rio Bank, Citizens Bank of Swainsboro, First Bank & Trust
Data Breached Customer names, tax ID numbers, loan documents, business contracts, private emails, invoices, credentials for network shares, company confidential files
Use of 3rd Party Banking software provider
3rd-party Company ABS
Date November
Company WildWorks
Data Breached 7 million parent account email addresses, and 32 million usernames associated with the parent accounts, containing encrypted passwords, players’ birthdays and gender
Use of 3rd Party Third-party server
3rd-party Company Not disclosed
Date November
Company Hotels ( customers of Prestige Software)
Data Breached Names, credit card details, ID numbers and reservation details
Use of 3rd Party Channel manager
3rd-party Company Prestige Software
Date October
Company Government Departments and the Australian Stock Exchange
Data Breached Not disclosed
Use of 3rd Party Media-monitoring vendor
3rd-party Company Isentia
Date October
Company Apple, Google, Amazon, Citibank
Data Breached E-mail addresses, full names, bcrypt hashed passwords, titles, company names, IP addresses, and other system-related data
Use of 3rd Party Software provider
3rd-party Company NITRO
Date October
Company Google
Data Breached Passports, driver’s licenses, ID cards (in Form I-9) of employees
Use of 3rd Party Law firm
3rd-party Company Fragomen, Del Rey, Bernsen & Loewy
Date October
Company JM Bullion
Data Breached Names addresses, payment card information (the account number, expiration date, and security codes)
Use of 3rd Party Third-party javacript
3rd-party Company Not disclosed
Date October
Company Lazada RedMart App
Data Breached Names, phone numbers, encrypted passwords, and partial credit card numbers of 1M accounts
Use of 3rd Party Third-party database hosting provider
3rd-party Company Not disclosed
Date October
Company Broadvoice Customers
Data Breached Names, phone numbers, locations, hundreds of thousands of voice mails, medical and financial details
Use of 3rd Party VoIP service provider
3rd-party Company Broadvoice
Date October
Company Dickey’s Barbecue Pit
Data Breached Names, credit card information of 3M customers
Use of 3rd Party POS provider
3rd-party Company Not disclosed
Date October
Company City of Odessa
Data Breached Utility bill information, credit/debit card information
Use of 3rd Party Third-party payment software provider
3rd-party Company Click2Gov
Date October
Company Kylie Cosmetics
Data Breached Names, addresses, emails, product orders, the last four digits of SS numbers
Use of 3rd Party E-commerce platform
3rd-party Company Shopify
Date October
Company Rady Children Hospital, Sonoma Valley Hospital, Innova Health, OSF
Data Breached Patient names, addresses, phone numbers , medical departments patients visited, dates of birth, treatment facilities, treating physicians, departments of service, room numbers, medical record numbers.
Use of 3rd Party Data management software, cloud service provider
3rd-party Company BlackBaud
Date September
Company Pell City Valley Bank
Data Breached Utility payment information
Use of 3rd Party Third-party service provider
3rd-party Company Not disclosed
Date September
Company E-commerce stores
Data Breached Customer payment information
Use of 3rd Party E-commerce platform
3rd-party Company Adobe Magento 1
Date September
Company Tribune Media, Times Media Grup
Data Breached Full names, email and street addresses, phone numbers and ZIP codes of 38 million US citizens
Use of 3rd Party Marketing company
3rd-party Company View Media
Date September
Company Buffalo N.Y. Area Hospitals, Innova Health, NorthShore University Health System
Data Breached Names, medical service numbers and dates of service for patients and list of donors
Use of 3rd Party Data management software vendor
3rd-party Company BlackBaud
Date September
Company Phipps Conservatory
Data Breached Members names, emails and physical addresses
Use of 3rd Party Data management software vendor
3rd-party Company BlackBaud
Date August
Company Department of Health
Data Breached Infection status, dates of birth, addresses, names, and other PII of COVID-19 patients in South Dakota
Use of 3rd Party Doftware vendor
3rd-party Company not disclosed
Date August
Company Rochester YMCA
Data Breached Names, addresses and gift history of donors
Use of 3rd Party Software vendor
3rd-party Company Not disclosed
Date August
Company FeedMore
Data Breached Personal information of donors
Use of 3rd Party Software vendor
3rd-party Company BlackBaud
Date August
Company Jack Daniel’s
Data Breached Corporate data
Use of 3rd Party Wine and spirit maker
3rd-party Company Brown-Forman
Date July
Company Angelo Gordon & Co., Graham Capital Management, Fortress Investment Group LLC, Centerbridge Partners and Pacific Investment Management Co.
Data Breached Personal information of investors
Use of 3rd Party Third-party software provider
3rd-party Company M.J. Brunner
Date July
Company Citrix
Data Breached E-mail IDs, phone numbers, last known location, phone type and login dates
Use of 3rd Party Third-party vendor
3rd-party Company Not disclosed
Date July
Company Promo.com
Data Breached First name, last name, email address, IP address, approximated user location based on their IP address, and gender, as well as encrypted, hashed and salted passwords.
Use of 3rd Party Third-party service provider
3rd-party Company Not disclosed
Date July
Company University of Manitoba, University of Strathclyde, St Aloysuis’ College, Aberdeen University and Robert Gordon University
Data Breached Name, date of birth, contact information, and some information about donations regarding alumni and donors
Use of 3rd Party Cloud-computing service provider
3rd-party Company BlackBaud
Date July
Company Digital Bank App, Dave
Data Breached 7.5 million users’ names, emails and physical addresses, birthdates, and phone numbers
Use of 3rd Party Third-party service provider
3rd-party Company WayDev
Date June
Company Police Departments
Data Breached ACH routing numbers, IBANs and other financial data as well as PII
Use of 3rd Party Web development firm
3rd-party Company NetSentiel
Date June
Company San Francisco Employees’ Retirement System (SFERS)
Data Breached Names, addresses, birth dates, banking and IRS data
Use of 3rd Party Web site design firm
3rd-party Company 10up Inc
Date June
Company MU Health
Data Breached E-mail addresses & passwords of MU students
Use of 3rd Party Third-party web site
3rd-party Company Not disclosed
Date June
Company Keepnet
Data Breached Breached email addresses, breached passwords
Use of 3rd Party Third-party IT service provider
3rd-party Company Not disclosed
Date June
Company Joomla
Data Breached Full name,Business address, Business email address, Business phone number, Company URL, Nature of business,Encrypted password (hashed),IP address, Newsletter subscription preferences
Use of 3rd Party Third-party company(CMS)
3rd-party Company Open Source Matters
Date May
Company Bank of America
Data Breached PPP applications, in particular business details, such as an address or tax identification number, or a business owner’s information, such as name, address, Social Security number, phone number, email and citizenship status
Use of 3rd Party Third-party merchant
3rd-party Company Not disclosed
Date May
Company BHIM wallet app
Data Breached 7 million Indians’ Aadhaar number, name, gender, date of birth, biometric details, Permanent Account Number (PAN), scanned copies of Caste and Religion certificates, user’s picture, residential details, professional degree certificates
Use of 3rd Party Amazon Web Services S3 bucket of a third party
3rd-party Company CSC e-Governance Services LTD
Date May
Company TrueCaller
Data Breached Full names, email addresses, mobile numbers, Facebook IDs, age, city, gender, telecom service provider
Use of 3rd Party Third-party merchant
3rd-party Company Not disclosed
Date May
Company Florida Department of Economic Opportunity
Data Breached Full names and Social Security numbers of some people who have applied for unemployment benefits
Use of 3rd Party Third party
3rd-party Company Not disclosed
Date May
Company MNS’ Healthcare Clients
Data Breached Name, medical treatment information, diagnosis information/codes, medication information, dates of service, insurance provider, health insurance number, date of birth, and Social Security number.
Use of 3rd Party Network Services Provider
3rd-party Company Management and Network Services – MNS
Date April
Company UseNeXt, Usenet.nl
Data Breached First and last name, billing address and IBAN and account number
Use of 3rd Party Third-party partner company
3rd-party Company Not disclosed
Date April
Company RigUp’s energy sector clients
Data Breached Human resource files from RigUp’s clients, contractors, job seekers
Use of 3rd Party Labor and marketplace provider
3rd-party Company RigUp
Date April
Company Mariott
Data Breached 5.2 million customers’ personal information incl. names, addresses, birthdays, emails, phone numbers and loyalty reward program numbers
Use of 3rd Party Franchised hotel in Russia
3rd-party Company Not disclosed
Date April
Company Cognizant’s clients
Data Breached Not disclosed for now
Use of 3rd Party IT-services vendor
3rd-party Company Cognizant
Date April
Company Michigan State University
Data Breached Names, phone numbers, addresses, credit card numbers, CVVs and expiration dates
Use of 3rd Party E-commerce vendor
3rd-party Company Volusion
Date March
Company T-Mobile
Data Breached Customer names and addresses, phone numbers, account numbers, rate plans, and features, and billing information.
Use of 3rd Party E-mail vendor
3rd-party Company Not disclosed
Date March
Company Radio.com
Data Breached Name, Social Security number, driver’s license number, listeners’ credentials
Use of 3rd Party Cloud hosting service
3rd-party Company Not disclosed
Date March
Company Chubb
Data Breached Sensitive files
Use of 3rd Party Third-party service provider
3rd-party Company Not disclosed
Date March
Company General Electric
Data Breached Direct deposit forms, driver’s licenses, passports, birth certificates, marriage certificates
Use of 3rd Party Business service provider
3rd-party Company Canon Business Services
Date March
Company Amazon, Ebay, Shopify, Stripe, PayPal
Data Breached 8 million sales records: customer names, email addresses, shipping addresses, purchases, last four digits of credit card numbers
Use of 3rd Party Third-party app
3rd-party Company Not disclosed
Date March
Company SpaceX, Tesla, Boeing, Lockheed Martin
Data Breached Non-disclosure agreements, partial schematic for a missile antenna
Use of 3rd Party Precision parts maker
3rd-party Company Visser
Date February
Company Brunswick County Schools
Data Breached First and Last Name, Last Four Digits of Social Security Number, Transaction Date and Amount, Plan Sponsor/Employer Name, Address, Social Security Number, Email Address, Mailing Address, Date of Birth
Use of 3rd Party Administering services
3rd-party Company Interactive Medical Systems Corporation
Date February
Company TQL carriers
Data Breached Tax ID numbers, bank account numbers
Use of 3rd Party Freight brokerage services
3rd-party Company TQL
Date February
Company Community Care Physicians
Data Breached Names, dates of birth, billing codes, insurance description, and medical record numbers
Use of 3rd Party Accounting and tax services
3rd-party Company BST
Date February
Company Health Share of Oregon
Data Breached Names, addresses, phone numbers, dates of birth, Social Security numbers and Health Share identification numbers
Use of 3rd Party Medical transportation
3rd-party Company GridWorks
Date February
Company Rutters Store
Data Breached Customers’ names, card numbers, expiration dates, and internal verification codes
Use of 3rd Party POS device
3rd-party Company Not disclosed
Date February
Company Carson City
Data Breached Resident’s names, addresses, email addresses, payment card numbers, expiration dates, card security code (CVV) information, bank account numbers and routing numbers
Use of 3rd Party Utility payment software
3rd-party Company Click2Gov
Date February
Company Idaho Central Credit Union
Data Breached Name, date of birth, Social Security number, financial account information, tax identification number, and information on borrowers, liability, assets, employment, and income
Use of 3rd Party Mortgage portal
3rd-party Company Not disclosed
Date February
Company Nedbank
Data Breached 1.7 million customers information(name, ID, contacts)
Use of 3rd Party Marketing and promotional campaigns
3rd-party Company Computer Facilities (Pty) Ltd
Date January
Company Instagram
Data Breached Instagram usernames and passwords
Use of 3rd Party Third-party app
3rd-party Company Social Captain
Date January
Company State Governments of U.S.
Data Breached Names, dates of birth, home addresses, email and phone numbers, names of family members, past addresses, the reason for application
Use of 3rd Party Third-party service provider
3rd-party Company Not disclosed
Date January
Company marijuana dispensaries: Amedicanna Dispensary, Bloom Medicinals and Colorado Grow Company
Data Breached Photo IDs, phone numbers and home addresses of marijuana users as well as cannabis variety and quantity purchased
Use of 3rd Party Point-of-sale software company
3rd-party Company THSuite
Date January
Company Regus
Data Breached Employee names, emails and performance
Use of 3rd Party Mystery shopping business
3rd-party Company Applause
Date January
Company Mitsubishi
Data Breached Company data, data of government organizations and private companies, names and addresses, previous employment history, birthdates, telephone numbers of 8,122 applicants, employees and retirees
Use of 3rd Party An affiliated company in China
3rd-party Company Not disclosed
Date January
Company Mercy Health Lorain
Data Breached Names, street addresses and Social Security numbers
Use of 3rd Party Revenue cycle management vendor
3rd-party Company RCM Enterprise Services
Date January
Company Schools
Data Breached Name, payment card expiration date and security code and Blue Bear account usernames and passwords
Use of 3rd Party School software vendor
3rd-party Company Active Network
Date January
Company Amazon Customers
Data Breached E-mail addresses and phone numbers
Use of 3rd Party Hosting
3rd-party Company Amazon
Date January
Company The Australian P&N Bank
Data Breached Name, address, email, phone number, customer number, age, account number and account balance
Use of 3rd Party Third-party CRM hosting firm
3rd-party Company Not disclosed

2019 Data Leaks

Data Leaks for 2019
Date
Company
Data Breached
Use of 3rd Party
3rd-party Company
Date December
Company Wyze customer
Data Breached 2.4 million customers
Use of 3rd Party IoT vendor
3rd-party Company Wyze
Date December
Company Singapore Armed Forces (SAF)
Data Breached 98,000 SAF servicemen information
Use of 3rd Party healthcare training provider
3rd-party Company HMI Institute of Health Sciences
Date December
Company Defence (Mindef) and Singapore Armed Forces (SAF)
Data Breached 2,400 personal data including full names and NRIC numbers, and a combination of contact numbers, e-mail addresses or residential addresses
Use of 3rd Party logistics services
3rd-party Company ST Logistics
Date December
Company City of Sioux
Data Breached 3,500 customers utility and parking accounts
Use of 3rd Party online parking ticket system and utility billing system portal
3rd-party Company Click2Gov
Date December
Company City of Marietta
Data Breached 8,800 Marietta utility customers card information
Use of 3rd Party online electric, water and sanitation payment software company
3rd-party Company Click2Gov
Date December
Company NYPD Fingerprint Database
Data Breached fingerprint database
Use of 3rd Party not disclosed
3rd-party Company not disclosed
Date December
Company Xerox, CenturyLink, Nasdaq, General Electric, Forever21, and Dunkin Donuts
Data Breached 477,000 clients’ media contacts, business account information, 35,000 hashed user passwords, various documents, and admin credentials
Use of 3rd Party PR company
3rd-party Company iPR Software
Date November
Company Palo Alto Networks
Data Breached seven current and former employees’ information includes names, dates of birth, and Social Security numbers
Use of 3rd Party not disclosed
3rd-party Company not disclosed
Date November
Company Facebook and Twitter
Data Breached email addresses, usernames and recent tweets
Use of 3rd Party SDK kit
3rd-party Company One Audience
Date November
Company The city of Charlottesville
Data Breached not disclosed
Use of 3rd Party tax collections
3rd-party Company not disclosed
Date November
Company TennCare
Data Breached 44,000 members information
Use of 3rd Party pharmacy management vendor
3rd-party Company Magellan Health System
Date November
Company Macy’s
Data Breached first and last names, physical addresses, ZIP codes, email addresses, payment card numbers, card security codes, and expiration dates
Use of 3rd Party Website Javascript
3rd-party Company not disclosed
Date November
Company City of San Angelo
Data Breached not disclosed
Use of 3rd Party online water bill payments software company
3rd-party Company Click2Gov
Date November
Company Pompano Beach City
Data Breached 4,000 residents’ data
Use of 3rd Party online water bill payments software company
3rd-party Company Click2Gov
Date November
Company Florida Blue
Data Breached 5 million members’ information
Use of 3rd Party managed care company
3rd-party Company Magellan Health Inc
Date October
Company UniCredit
Data Breached 400,000 Italian clients’ information
Use of 3rd Party not disclosed
3rd-party Company not disclosed
Date October
Company NordVPN
Data Breached some of the browsing habits of customers
Use of 3rd Party data center provider
3rd-party Company not disclosed
Date October
Company Geisinger Health Plan
Data Breached undisclosed number of patients’ information
Use of 3rd Party manage radiology benefits
3rd-party Company Magellan National Imaging Associates
Date October
Company The Clark County School District
Data Breached 560,000 students’ information
Use of 3rd Party learning assessment platform
3rd-party Company Pearson Clinical Assessment (AIMSweb)
Date October
Company CenturyLink
Data Breached 2.8 million CenturyLink customer information which including names, addresses, phone numbers, email addresses and CenturyLink account numbers
Use of 3rd Party notification platform
3rd-party Company not disclosed
Date October
Company GW community members
Data Breached thousands of usernames, passwords and addresses
Use of 3rd Party educational technology company
3rd-party Company Chegg
Date October
Company Uber, Slack, and FCC
Data Breached 10,000 Zendesk Support and Chat accounts
Use of 3rd Party customer service software provider
3rd-party Company Zendesk
Date September
Company Ames parking ticket payments
Data Breached 1,498 individuals’ information includes encrypted credit or debit card numbers, first names, last names, addresses and email addresses
Use of 3rd Party payment software system
3rd-party Company Click2Gov
Date September
Company City of Broken Arrow, Deerfield Beach, Palm Bay, Milton, Bakersfield, Coral Springs, Pocatello, Ames online payment system
Data Breached not disclosed
Use of 3rd Party payment software system
3rd-party Company Click2Gov
Date September
Company DoorDash
Data Breached 4.9 million consumers, Dashers, and merchants
Use of 3rd Party service provider
3rd-party Company not disclosed
Date September
Company Malinda Air
Data Breached Malinda’s passengers information
Use of 3rd Party not disclosed
3rd-party Company not disclosed
Date September
Company Yves Rocher
Data Breached 2.5 million Canadian customers’ personal data
Use of 3rd Party Consulting services
3rd-party Company Aliznet
Date September
Company GitHub And Bitbucket
Data Breached usernames and email addresses associated with GitHub and Bitbucket and IP addresses and user agent strings & organisation name, repository URLs and names, branch names, and repository
Use of 3rd Party Analytics company
3rd-party Company CirclCI
Date August
Company Mastercard
Data Breached 90,000 customers’ names, addresses, and credit card numbers
Use of 3rd Party loyalty program
3rd-party Company not disclosed
Date August
Company Cable One
Data Breached 14 Cable One employee accounts may include addresses, Social Security numbers, government-issued identification numbers, financial account numbers, digital signatures or medical and health insurance information
Use of 3rd Party not disclosed
3rd-party Company not disclosed
Date August
Company Naperville Unit District 203, Indian Prairie Unit District 204, St. Charles Unit District 303 and Geneva Unit District 304
Data Breached 3,700 students information in District 203, 49,000 students information in District 204, 3,206 students information in District 303 and 8,000 students information in District 304
Use of 3rd Party learning assessment platform
3rd-party Company Pearson Clinical Assessment (AIMSweb)
Date August
Company DeKalb School District 428, Wilmette Public Schools District 39,The School District of Clayton,Brighton, Brockport, East Irondequoit, Fairport, East Rochester, Greece, Pittsford, Rochester, Spencerport, Victor, Webster and West Irondequoit school districts
Data Breached students’ and teachers’ information (names, surnames, birthdates)
Use of 3rd Party learning assessment platform
3rd-party Company Pearson Clinical Assessment (AIMSweb)
Date July
Company American Esoteric Laboratories, Sunrise Medical Laboratories, CBLPath, Laboratory Medicine Consultants, Austin Pathology Associates, South Texas Dermatopathology, Pathology Solutions, Laboratory of Dermatopathology ADX, Seacoast Pathology, Western Pathology Consultants, Arizona Dermatopathology, Natera
Data Breached 534,500 patients information and 7,400 financial data of AEL, 412,000 patients information with 15,000 financial data of SML, 145,100 patients information with 3,800 financial data of CBLPath, 143,400 patients information with 4,200 financial data of LMC, 44,700 patients information with 1,800 financial data of APA, 14,900 patients information and 1,200 financial data of STD, 12,700 patients information with 600 financial data of PS, 4,000 patients information and 240 financial data of ADX, 9,200 patients information with 800 financial data of SP, 4,200 patients information with 350 financial data of WPC, 6,500 patients information with 500 financial data of AD, unknown number of Natera
Use of 3rd Party collections vendor
3rd-party Company American Medical Collection Agency
Date July
Company Clinical Pathology Laboratories
Data Breached 2.2 million patients information and 34,500 financial information
Use of 3rd Party collections vendor
3rd-party Company American Medical Collection Agency
Date June
Company Westpac Bank
Data Breached Up to 100,000 Australians’ personal information
Use of 3rd Party payments platform
3rd-party Company PayID
Date June
Company Komodo
Data Breached Komodo hacked its customers and unauthorisedly transferred nearly 8 million KMD and 96 Bitcoins from their cryptocurrency wallets to a new address owned by the company to protect its customers’ funds.
Use of 3rd Party JavaScript library
3rd-party Company not disclosed
Date June
Company Opko Health
Data Breached 422,600 patients information
Use of 3rd Party collections vendor
3rd-party Company American Medical Collection Agency
Date June
Company Quest Diagnostics, Laboratory Corporation of America (LabCorp)
Data Breached 12 million patients of Quest Diagnostics,7.7 million Laboratory Corporation of America (LabCorp) patients information
Use of 3rd Party collections vendor
3rd-party Company American Medical Collection Agency
Date May
Company U.S. Customs and Border Protection
Data Breached 100.000 traveller photos and licence plate image
Use of 3rd Party not disclosed
3rd-party Company not disclosed
Date May
Company VAG, Ericsson, Leica, MAN, Toshiba, UniCredit, and British Telecom (BT)
Data Breached 312,570 files in 51,025 folders, over 516 Gb of data financial and private information on all clients
Use of 3rd Party IT Company
3rd-party Company CITYCOMP
Date May
Company Instagram
Data Breached personal information including contact details
Use of 3rd Party social media marketing firm
3rd-party Company Chtrbox
Date May
Company Truecaller
Data Breached 140 million user names, phone numbers and email addresses
Use of 3rd Party not disclosed
3rd-party Company not disclosed
Date May
Company Bank, Axis, ICICI, IndusInd, RBL
Data Breached 50.000 credit card holders information
Use of 3rd Party data management company
3rd-party Company not disclosed
Date May
Company Webstorage users
Data Breached not disclosed
Use of 3rd Party to storage
3rd-party Company ASUS Webstorage
Date May
Company 4,600 websites
Data Breached not disclosed
Use of 3rd Party analytics service and open-source project
3rd-party Company Picreel and Alpaca Forms
Date May
Company UNIQLO
Data Breached 460,000 online store accounts
Use of 3rd Party not disclosed
3rd-party Company not disclosed
Date May
Company Forbes
Data Breached credit card information
Use of 3rd Party to build website
3rd-party Company not disclosed
Date April
Company Freedom Mobile
Data Breached 15,000 customers information
Use of 3rd Party service provider for customer support processes
3rd-party Company Apptium Technologies
Date April
Company 176 colleges and universities
Data Breached 201 online stores including payment card information
Use of 3rd Party e-commerce platform
3rd-party Company PrismRBS
Date April
Company Facebook
Data Breached 540 million records, including account names, Facebook ID, and user activity
Use of 3rd Party to develop app
3rd-party Company Cultura Colectiva
Date March
Company The Bank of Queensland
Data Breached customer names, contact information (including phone numbers and email addresses) and other details related to property evaluations
Use of 3rd Party fund management company and provider of property valuations
3rd-party Company LandMark White Limited
Date March
Company Healthcare institutions including Blue Cross Blue Shield of Michigan, Health Alliance Plan, McLaren Health Care, and others
Data Breached the personal and medical information of hundreds of thousands of people may have been compromised
Use of 3rd Party contractor that provides mailing and other services for hospitals and healthcare companies
3rd-party Company Wolverine Solutions Group
Date March
Company Rush System for Health
Data Breached patient names, addresses, Social Security numbers, birth dates and health insurance information for 45,000 patients was exposed
Use of 3rd Party claim processing
3rd-party Company MiraMed
Date February
Company Equifax, Experian and TransUnion
Data Breached personal information including Social Security numbers, names, dates of birth and home addresses may have been stolen
Use of 3rd Party employee and background screening software
3rd-party Company Image-I-Nation Technologies
Date February
Company Huddle House
Data Breached credit card payment information since Aug. 2017
Use of 3rd Party Point-of-sale systems
3rd-party Company not disclosed
Date February
Company China Railway
Data Breached millions of train passengers’ information
Use of 3rd Party Ticketing
3rd-party Company not disclosed
Date February
Company Houzz
Data Breached user names, salted and hashed passwords, IP addresses and, for users who logged into Houzz using Facebook, their Facebook IDs
Use of 3rd Party not disclosed
3rd-party Company not disclosed
Date January
Company LocalBitcoins
Data Breached theft of almost 8 bitcoins ($28,200) from five of the victims
Use of 3rd Party Forum software
3rd-party Company not disclosed
Date January
Company Ascension
Data Breached 24 million financial and banking documents, representing tens of thousands of loans and mortgages from some of the biggest banks in the US
Use of 3rd Party OCR Services
3rd-party Company OpticsML
Date January
Company Highmark BCBS, Aetna, Emblem Health, Humana, and UnitedHealth
Data Breached 650 consumer data
Use of 3rd Party Online payroll, benefits, tax compliance & HR services
3rd-party Company BenefitMall
Date January
Company all sites that use PHP PEAR and downloaded PHP PEAR package manager from its official website in past 6 months
Data Breached the extent is unknown
Use of 3rd Party open-source library
3rd-party Company PHP PEAR
Date January
Company 141 airlines that partner with Amadeus
Data Breached flight information of passengers
Use of 3rd Party online flight booking system
3rd-party Company Amadeus
Date January
Company e-commerce sites that partner with Adverline
Data Breached credit card information of visitors
Use of 3rd Party Javascript for advertising
3rd-party Company Adverline
Date January
Company Hanover County
Data Breached credit card information of citizens
Use of 3rd Party online parking ticket payment system
3rd-party Company Click2Gov
Date January
Company City of Saint John, NB
Data Breached credit card information of 6,000 people
Use of 3rd Party online parking ticket payment system
3rd-party Company Click2Gov
Date January
Company Humana
Data Breached name, address, date of birth, partial info of the SSN, and some info about policy type of unknown number of customers
Use of 3rd Party Bankers Life
3rd-party Company LCP Corp.

2018 Data Leaks

Data Leaks for 2018
Date
Company
Data Breached
Use of 3rd Party
3rd-party Company
Date December
Company Managed Health Services of Indiana
Data Breached 31,000 Patient Records
Use of 3rd Party Transportation
3rd-party Company LCP Corp.
Date December
Company BevMo
Data Breached credit card data of nearly 15,000 customers
Use of 3rd Party online payment system
3rd-party Company NCR Corp.
Date December
Company City of Saint John
Data Breached 6,000 citizens’ payment information
Use of 3rd Party online payment system
3rd-party Company Click2Gov
Date December
Company Redwood Eye Center
Data Breached 16,000 patients’ health information including names, birth dates, insurance information and addresses
Use of 3rd Party application-hosting service provider
3rd-party Company IT Lighthouse
Date December
Company Baylor Scott & White Medical Center – Frisco
Data Breached approximately 47,000 patients or guarantors whose payment information, including partial credit card information
Use of 3rd Party credit card processing system
3rd-party Company not disclosed
Date December
Company Taobao, Tmall, Alipay, Baidu Cloud, 163 email service, and JD.com
Data Breached account and password data of almost 50,000 users
Use of 3rd Party Programming software
3rd-party Company Easy Programming Language
Date November
Company Marriott
Data Breached personal information of as many as 500 million guests
Use of 3rd Party Hotels (acquired)
3rd-party Company Starwood
Date November
Company The Australian Defence Department
Data Breached unknown amount of data exposed
Use of 3rd Party small and mid-tier suppliers
3rd-party Company not disclosed
Date November
Company BitPay
Data Breached users of CoPay mobile cryptocoin wallet were targeted for cryptocoin theft, but none stolen
Use of 3rd Party JavaScript Library
3rd-party Company Right9ctrl
Date November
Company Atrium Health
Data Breached 2.65 M patient records including names, addresses, dates of birth, invoice numbers, account balances, dates of service, insurance policy information and Social Security numbers
Use of 3rd Party billing services
3rd-party Company AccuDoc Solutions Inc.
Date November
Company City of York Council
Data Breached potentially almost 6,000 individual’s personal info including name, address, postcode, email, phone, and encrypted password
Use of 3rd Party mobile app for One Planet York program
3rd-party Company Appware
Date November
Company Nordstrom
Data Breached personal info of employees including names, SSNs and dates of birth, checking account and routing numbers, salaries, etc.
Use of 3rd Party management of direct deposits of wages
3rd-party Company Not Disclosed
Date November
Company City of Bakersfield
Data Breached 2,400 user accounts with payment information
Use of 3rd Party Online Payment
3rd-party Company Click2Gov
Date November
Company El Centro Regional Medical Center
Data Breached Social Security numbers of thousands of individuals who applied for a job
Use of 3rd Party online employment application services
3rd-party Company Jobscience, Inc.
Date November
Company Huntsville Hospital in Alabama
Data Breached Social Security numbers of thousands of individuals who applied for a job
Use of 3rd Party online employment application services
3rd-party Company Jobscience, Inc.
Date November
Company Ontario Cannabis Store
Data Breached names and addresses of 4500 consumers
Use of 3rd Party Online tracking tool
3rd-party Company Canada Post
Date November
Company gate.io (cryptocurrency exchange)
Data Breached potential theft of BTC from customers
Use of 3rd Party Web Analytics
3rd-party Company StatCounter
Date October
Company VestaCP
Data Breached managed to launch DDoS attacks
Use of 3rd Party not disclosed
3rd-party Company not disclosed
Date October
Company Department of Defense (Pentagon)
Data Breached personal and payment card info of 30K employees and service members
Use of 3rd Party Maintenance of travel records
3rd-party Company not disclosed
Date October
Company The Indio Water Authority
Data Breached unknown amount of customers’ names and credit card numbers
Use of 3rd Party Online Payment
3rd-party Company Click2Gov
Date October
Company A few e-commerce sites customers of Shopper Approved
Data Breached unknown amount of payment card info (still in investigation)
Use of 3rd Party 3rd-party Javascript for customer rating
3rd-party Company Shopper Approved
Date October
Company Many major companies including Amazon, Apple, etc.
Data Breached Unknown amount of data
Use of 3rd Party Microchip in servers and online portal for software update
3rd-party Company Supermicro
Date September
Company All Platfroms that use Facebook Login
Data Breached Accounts of more than 50 million users compromised
Use of 3rd Party Social Media Connection
3rd-party Company Facebook
Date September
Company The Conservative Party (UK)
Data Breached Sensitive information about MPs, journalist and conference attendees, including personal mobile numbers
Use of 3rd Party Conference App
3rd-party Company CrowdComms
Date September
Company Perth Mint
Data Breached Names, addresses, passport and bank account of 3200 customers
Use of 3rd Party Online depository
3rd-party Company Not disclosed
Date September
Company British Airways
Data Breached Financial and personal details of 380,000 customers
Use of 3rd Party Website Javascript
3rd-party Company Still in investigation
Date September
Company Foosackly
Data Breached Unauthorized access to 165K customers’ payment card information
Use of 3rd Party Cash register system
3rd-party Company Not disclosed
Date September
Company University of Lousville
Data Breached Names, employee IDs, physician’s name of hundreds of employees and retirees
Use of 3rd Party Fitness vendor
3rd-party Company Health Fitness Corp
Date September
Company e-commerce sites of Feedify
Data Breached payment card data from customers of hundreds of e-commerce websites may have been stolen due to the compromise of the cloud service firm Feedify
Use of 3rd Party Cloud service provider
3rd-party Company Feedify
Date September
Company The Washoe County School District
Data Breached Teachers’ emails, usernames and passwords were exposed
Use of 3rd Party Instructional tool
3rd-party Company Edmodo
Date September
Company Blue Cross Blue Shield of Rhode Island
Data Breached Names, their BCBSRI ID numbers, service providers, types of service provided and costs of claims for 1.5K customers
Use of 3rd Party Responsible for sending members’ benefits explanations
3rd-party Company Not disclosed
Date September
Company Wegmans
Data Breached cost the grocery chain over $900,000
Use of 3rd Party Seafood supplier
3rd-party Company Invermar
Date August
Company 150 businesses including those in transport, local government and large franchise chains like Piggly Wiggly, KFC, and Hampton Inn.
Data Breached 7GB cache of data exposed with medical information for employees of 181 business locations and social security numbers for nearly 3000 individuals
Use of 3rd Party Back-up pharmacy services
3rd-party Company MedCall Healthcare Advisers
Date August
Company Mention
Data Breached Data at risk of exposure includes names and email addresses, account profile info (plan value, # of alerts and mentions)
Use of 3rd Party Marketing
3rd-party Company Not disclosed
Date August
Company A (probably) Mexican government healt agency
Data Breached The personal data of 2M patients was left exposed online
Use of 3rd Party Telemedicine company
3rd-party Company Hova Health
Date August
Company GoDaddy
Data Breached Sensitive data on 31,000 GoDaddy servers exposed online
Use of 3rd Party Cloud data storage
3rd-party Company Amazon S3 Bucket
Date August
Company South Korean Organizations
Data Breached Unknown amount of data
Use of 3rd Party Remote support
3rd-party Company Remote support solution provider
Date August
Company Air Canada
Data Breached Profile data, including names, email addresses and phone numbers, passport info, NEXUS numbers, dates of birth,etc.
Use of 3rd Party Mobile app
3rd-party Company Not disclosed
Date August
Company Fiserv-affiliated financial institutions
Data Breached Customer’s email address, phone number and full bank account number and alert details
Use of 3rd Party Website providers
3rd-party Company Fiserv
Date June
Company TicketMaster
Data Breached 40K UK citizens’ info
Use of 3rd Party Website application
3rd-party Company Inbenta
Date June
Company Reddit
Data Breached Access data: email addresses of current Reddit users and a 2007 database
Use of 3rd Party SMS login system
3rd-party Company Not disclosed
Date June
Company Monzo, Adidas, TicketMaster, Harvey Norman, Fortnum & Mason, Research4Me
Data Breached Passwords, usernames, contact info of millions
Use of 3rd Party Online Survey Tool
3rd-party Company Typeform
Date June
Company More than a dozen US cities
Data Breached Over 10K individuals’ names, credit card numbers, card expiration dates and security codes
Use of 3rd Party Online payment system
3rd-party Company Click2Gov
Date June
Company Whitbread (Costa Coffee, Premier Inn)
Data Breached Any data submitted in the course of recruitment
Use of 3rd Party Online recruitment services
3rd-party Company PageUp
Date June
Company Klook
Data Breached Personal data and credit card info of undisclosed number of customers
Use of 3rd Party Web-based analytics tool
3rd-party Company SOCIAPlus
Date June
Company UC San Diego Health
Data Breached Personal information of hundreds of patients
Use of 3rd Party Transcription services
3rd-party Company Nuance Communications
Date June
Company The Central Bank of the Bahamas
Data Breached No indication that any personal information was been accessed or viewed
Use of 3rd Party Website hosting
3rd-party Company Not disclosed
Date May
Company Some Fortune 500 firms
Data Breached 5,6K customer info (PII)
Use of 3rd Party Domain registiration, agent for service of process for clients
3rd-party Company Corporation Service Company
Date May
Company Universal Music Group
Data Breached Internal FTP credentials, AWS Secret Keys/Passwords, the internal and SQL root password
Use of 3rd Party Cloud data storage contractor
3rd-party Company Agilisium
Date May
Company Chili’s Grill & Bar
Data Breached Credit card data belonging to an undisclosed number of customers
Use of 3rd Party Point-of-sale system
3rd-party Company Not disclosed
Date April
Company BestBuy, Sears, Kmart, Delta
Data Breached Hundreds of thousands of customer data (per company)
Use of 3rd Party Online chat application
3rd-party Company Not disclosed
Date February
Company Orlando Orthopaedic Center
Data Breached 19K patients’ records
Use of 3rd Party Transcription services
3rd-party Company Not disclosed
Date February
Company Applebee’s
Data Breached Credit card information from unknowing diners at more than 160 Applebee’s restaurants
Use of 3rd Party Point-of-sale system
3rd-party Company Not disclosed
Date January
Company Western Union
Data Breached Undisclosed # of customers’ contact info, bank names, WU internal ID numbers, transaction amounts, times and ID numbers
Use of 3rd Party Cloud-based or off-site backup storage provider
3rd-party Company Not disclosed
Date January
Company Reddit
Data Breached No access to Reddit’s systems or to any Redditors’ email accounts
Use of 3rd Party Third-party software vendor to send account emails (e.g., reset password e-mails)
3rd-party Company Mailgun

2017 Data Leaks

Data Leaks for 2017
Date
Company
Data Breached
Use of 3rd Party
3rd-party Company
Date November
Company Forever 21
Data Breached Credit card data belonging to an undisclosed number of customers
Use of 3rd Party Point-of-sale system
3rd-party Company Not disclosed
Date October
Company Domino’s Australia
Data Breached Thousands of customer names and e-mails
Use of 3rd Party Management of an online rating system
3rd-party Company A former supplier
Date October
Company Hyatt Hotels
Data Breached Credit card data belonging to an undisclosed number of customers at 41 hotels
Use of 3rd Party Point-of-sale system
3rd-party Company Not disclosed
Date October
Company Uber
Data Breached Confidential information of 57M Uber users (names, driver licence #, etc)
Use of 3rd Party Coding site used by Uber engineers
3rd-party Company GitHub
Date September
Company Samsung, Sony, Asus, Intel, VMWare, O2, Singtel, Gauselmann, Dyn, Chunghwa and Fujitsu, and many others
Data Breached Unknown
Use of 3rd Party Computer cleaner/ad removal tool
3rd-party Company CCleaner
Date July
Company Equifax
Data Breached Personal info (SSNs, names, addresses) of 143M consumers
Use of 3rd Party 3rd party tool to build web applications
3rd-party Company Not disclosed
Date July
Company Verizon
Data Breached 14M customer data including account and personal info
Use of 3rd Party Providing customer service analytics
3rd-party Company NICE Systems
Date July
Company Hard Rock Hotels & Casinos
Data Breached Credit card data belonging to an undisclosed number of customers at 11 hotels
Use of 3rd Party Travel services (reservation)
3rd-party Company Sabre Corp. (SynXis)
Date July
Company Hundreds of Large Companies around the World
Data Breached Unknown
Use of 3rd Party Server management software
3rd-party Company NetSarang
Date June
Company Republican National Committee
Data Breached Personal info 200M voters
Use of 3rd Party Marketing
3rd-party Company Deep Root
Date June
Company Many Ukrainen companies and everal global corporations were also infected – including shipping giant Maersk, advertising firm WPP, pharmaceutical outfit Merck, and FedEx’s TNT Express division.
Data Breached Unknown (lost of hundreds of million dollars to ransonware)
Use of 3rd Party Accounting software
3rd-party Company MeDoc
Date May
Company Bronx-Lebanon Hospital Center in New York City
Data Breached Tens of thousands (possibly up to millions) of patient records
Use of 3rd Party Management of record backups
3rd-party Company iHealth Innovations
Date May
Company Companies with Mac-user employees who use Handbrake tool
Data Breached Unknown
Use of 3rd Party Open source video transcoder
3rd-party Company Handbrake
Date March
Company Brand New Day
Data Breached 14K patient info
Use of 3rd Party A vendor system used by a contracted provider
3rd-party Company Not disclosed
Date March
Company Four major telecommunications providers, 10+ western military organizations, 24+ Fortune 500 companies., 5 major defense contractors, 36+ major IT product manufacturers or solutions providers, 24+ western government organizations, 24+ banks and financial institutions, 45+ higher educational institutions.
Data Breached Unknown
Use of 3rd Party Network Logs and Event-monitoring Tool
3rd-party Company Altair Technologies
Date February
Company New Jersey Diamond Institute for Fertility and Menopause
Data Breached 14K patients’ sensitive info (name, address, SSNs, birth dates, medical info)
Use of 3rd Party Server containing its electronic health records database
3rd-party Company Not disclosed

2015 Data Leaks

Data Leaks for 2015
Date
Company
Data Breached
Use of 3rd Party
3rd-party Company
Date September
Company T-Mobile
Data Breached 15M customer records (SSNs, birth dates, driver licence #, etc)
Use of 3rd Party Customer credit assessment
3rd-party Company Experian
Date September
Company Sam’s Club, Costco, CVS, RiteAid, Walmart Canada, Tesco
Data Breached Customers’ credit card and personal info
Use of 3rd Party Online photo order and print
3rd-party Company PNI Digital Media

2014 Data Leaks

Data Leaks for 2014
Date
Company
Data Breached
Use of 3rd Party
3rd-party Company
Date October
Company JPMorgan Chase & Co
Data Breached Contact info for 76M households and 7M small business
Use of 3rd Party Management of its Corporate Challenge Race Registration
3rd-party Company Not disclosed
Date July
Company Lowe’s
Data Breached Current and former drivers’ records (SSNs, birth dates, driver licence #, etc)
Use of 3rd Party Online database to store driver info
3rd-party Company SafetyFirst – E-Driver File
Date April
Company Boston Medical
Data Breached Records about 15K patients posted withoout authentication
Use of 3rd Party Transcription services
3rd-party Company MDF Transcription Services

2013 Data Leaks

Data Leaks for 2013
Date
Company
Data Breached
Use of 3rd Party
3rd-party Company
Date November
Company Target
Data Breached Data of 70M customers and 40M credit/debit card
Use of 3rd Party Heating, ventilaion, and air conditioning (HVAC)
3rd-party Company Fazio Mechanical Services
Date July
Company RT Jones Capital
Data Breached Personal Info of 100K individuals and 1000s of clients
Use of 3rd Party Web server hosting
3rd-party Company Not disclosed