Data Breaches Caused By Third-parties
2024 Data leaks
Data Leaks for 2024
Date
Company
Data Breached
Use of 3rd Party
3rd-party Company
Date
August
Company
Surgery Center of Mid Florida
Data Breached
Names, addresses, Social Security numbers, dates of birth, driver’s license/state identification card numbers, medical record numbers, treatment information, and health insurance information.
Use of 3rd Party
Healthcare Provider
3rd-party Company
Third-party vendor
Date
August
Data Breached
Sensitive files or data.
Use of 3rd Party
A third-party tech provider
3rd-party Company
C-Edge Technologies Ltd
Date
August
Company
13,000 students in Singapore
Data Breached
There is no evidence to suggest that the perpetrator had access to users’ data.
Use of 3rd Party
A digital classroom management provider
3rd-party Company
Mobile Guardian
Date
July
Company
Clear Spring Health
Data Breached
Contact information, health insurance information, health information, billing information, and personal information, including Social Security numbers, driver’s license numbers, state ID numbers, and passport numbers.
Use of 3rd Party
Call center operator and nurse triage service provider
3rd-party Company
Change Healthcare
Date
July
Company
Mobile Medical Response
Data Breached
Addresses, dates of birth, Social Security numbers, driver’s license/state identification numbers, financial account information, payment card information, patient record information, medical diagnosis/condition information, medical treatment information, and health insurance information were not impermissibly disclosed.
Use of 3rd Party
Medical transportation provider
3rd-party Company
CBM Services
Date
July
Company
Kairos Health Arizona
Data Breached
Not disclosed
Use of 3rd Party
Third-party vendor
3rd-party Company
A Third-party vendor
Date
July
Company
AutoNation
Data Breached
Not disclosed
Use of 3rd Party
A software company provider
3rd-party Company
CDK Global
Date
July
Company
AT&T
Data Breached
Telephone numbers of AT&T wireline customers and customers of other carriers,
Telephone numbers with which AT&T or MVNO wireless numbers interacted,
Count of interactions (e.g., the number of calls or texts),
Aggregate call duration for a day or month,
For a subset of records, one or more cell site identification numbers.
Use of 3rd Party
Cloud-based database provider
3rd-party Company
Snowflake
Date
July
Company
Gemini
Data Breached
Some customers’ banking information, including their full name, bank account number, and routing number.
Use of 3rd Party
Automated Clearing House (ACH) service provider
3rd-party Company
Not disclosed Automated Clearing House (ACH) service provider
Date
July
Company
300 small Indian banks
Data Breached
Not disclosed
Use of 3rd Party
Technology service provider
3rd-party Company
C-Edge Technologies Ltd
Date
July
Data Breached
Social Security numbers, driver’s license numbers, financial account information, and/or credit card information
Use of 3rd Party
Healthcare Provider
3rd-party Company
Disability Rights Wisconsin
Date
July
Company
Mobile Medical Response
Data Breached
Not disclosed
Use of 3rd Party
Medical transportation and ambulance services provider
3rd-party Company
CBM Services
Date
July
Company
Bilt
Data Breached
Names, Social Security Numbers (SSNs), bank account numbers, and contact information.
Use of 3rd Party
Financial services provider
3rd-party Company
Evolve Bank & Trust
Date
July
Company
Wise
Data Breached
Names, Social Security Numbers (SSNs), bank account numbers, and contact information.
Use of 3rd Party
Financial services provider
3rd-party Company
Evolve Bank & Trust
Date
July
Company
Roblox
Data Breached
Full names, email addresses, and IP addresses.
Use of 3rd Party
Software Provider
3rd-party Company
FNTech
Date
July
Company
Affirm
Data Breached
Names, Social Security Numbers (SSNs), bank account numbers, and contact information.
Use of 3rd Party
Financial services provider
3rd-party Company
Evolve Bank & Trust
Date
June
Company
Geisinger
Data Breached
Full name
Phone number
Date of birth
Address
Admit and discharge or transfer code
Medical record number
Race and gender
Facility name abbreviation
Use of 3rd Party
IT services provider
3rd-party Company
Nuance Communications
Date
June
Company
Neiman Marcus Group.
Data Breached
Name, contact information, date of birth, and Neiman Marcus or Bergdorf Goodman gift card number(s) (without gift card PINs).
Use of 3rd Party
Luxury retailer provider
3rd-party Company
Snowflake
Date
June
Data Breached
Social Security Number (SSN),
Date of birth
Medical treatment/record information,
Biometric data,
Email address and password
Username and password
Driver’s License number or state ID number
Financial account information
Payment card information
Passport number
Tribal ID number
U.S. military ID number
Use of 3rd Party
Financial services provider
3rd-party Company
Infosys McCamish Systems (IMS)
Date
June
Company
Aptihealth
Data Breached
Names, addresses, dates of birth, dates of service, doctors’ names, medical treatment and diagnosis information, health insurance company names, and health insurance identification numbers.
Use of 3rd Party
Healthcare Provider
3rd-party Company
Sisense
Date
June
Company
IACT Health
Data Breached
Patient names, dates of birth, government identification information, demographic information, contact information, home address, Social Security numbers, bank account numbers, health insurance information, and health information.
Use of 3rd Party
Healthcare Provider
3rd-party Company
Advarra
Date
June
Company
Adventist Health Tulare
Data Breached
First name, last name, medical record number, date of birth, provider name, and a single laboratory test result.
Use of 3rd Party
Medical provider
3rd-party Company
Signature Performance
Date
June
Company
Newton Centre Dental
Data Breached
Names, date of birth, Social Security number, tax identification number, IRS PIN number, passport number, driver’s license/state-issued identification number, military identification number, non-U.S. national identification number, account number, routing number, financial institution name, credit or debit card number and security code or PIN, access information (credentials, security questions/answers, and digital signatures), health information (diagnosis, treatment information, prescriptions, provider names, medical record number/patient identification number, hospital account record number), and health insurance information (Medicare/Medicaid number or health insurance subscriber number).
Use of 3rd Party
Medical provider
3rd-party Company
Affinity Dental Management
Date
June
Data Breached
Not disclosed
Use of 3rd Party
Large car-dealership providers
3rd-party Company
CDK Global
Date
June
Data Breached
Not disclosed
Use of 3rd Party
Pathology and diagnostic services provider
3rd-party Company
Synnovis
Date
June
Company
T-Mobile
Data Breached
Personal information of 37 million customers.
Use of 3rd Party
Third-party service provider
3rd-party Company
Third-party vendor
Date
June
Company
Los Angeles Unified
Data Breached
Student names, addresses, family names, demographics, financials, grades, performance scoring, disability information, discipline details, and parent information.
Use of 3rd Party
Cloud storage systems and services provider
3rd-party Company
Snowflake
Date
June
Company
Pure Storage
Data Breached
Customer names, usernames, and email addresses.
Use of 3rd Party
Cloud storage systems and services provider
3rd-party Company
Snowflake
Date
June
Data Breached
Patients’ health information was not leaked
Use of 3rd Party
Pathology and diagnostic services provider
3rd-party Company
Synnovis
Date
May
Company
MediSecure
Data Breached
Personal and health information
Use of 3rd Party
Electronic prescription provider
3rd-party Company
Third-party vendor
Date
May
Company
Advance Auto Parts
Data Breached
Automotive aftermarket parts provider
Use of 3rd Party
Cloud storage provider
3rd-party Company
Snowflake
Date
May
Company
QuoteWizard
Data Breached
Insurance providers
Use of 3rd Party
Cloud storage provider
3rd-party Company
Snowflake
Date
May
Company
Ticketmaster
Data Breached
Customer information
Use of 3rd Party
Cloud storage provider
3rd-party Company
Snowflake
Date
May
Company
Santander
Data Breached
Customer information
Use of 3rd Party
Cloud storage provider
3rd-party Company
Snowflake
Date
May
Data Breached
Personally identifiable information (PII)
Use of 3rd Party
Software provider
3rd-party Company
Tekrom Technology A.s. (T-Soft)
Date
May
Company
HSBC
Data Breached
Source codes, database files, compiled JAR files, certification files, SQL files, JSON configuration files, and email addresses
Use of 3rd Party
Financial services provider
3rd-party Company
Baton Systems
Date
May
Company
Barclays
Data Breached
Source codes, database files, compiled JAR files, certification files, SQL files, JSON configuration files, and email addresses
Use of 3rd Party
Financial services provider
3rd-party Company
Baton Systems
Date
May
Data Breached
Participant ID (keycoded identifier), study name, status, date of explicit consent, date of screen failure, random date, arm/cohort/startification, date of first dose, date of current dose, date of last dose, date of last visit, number of rescans , previous participant identification, age, gender, race, ethnicity, end of randomized period, reason for discontinuation of treatment, date of discontinuation of treatment, reason for discontinuation of study, date of discontinuation of study, study completed, date of study completion, date of death, SDVTier, participant identification, birth year, laboratory results, value within range, laboratory date, medications used, medical history information,
For responsible investigators (HCP), research center staff, and people assigned to the research study; field personnel information, UserOID, login name, screen name, full name, user role, country, corporate contact information (address, email, fax, phone, license number)
Use of 3rd Party
Medicine Provider
3rd-party Company
eClinical Solutions LLC
Date
May
Company
Gerber Life Insurance
Data Breached
Contact information, birthdate, date of death, Social Security number, and insurance information. WebTPA said financial information and health information were not compromised in the incident.
Use of 3rd Party
Health insurance and benefit plans provider
3rd-party Company
WebTPA
Date
May
Company
Transamerica
Data Breached
Contact information, birthdate, date of death, Social Security number, and insurance information. WebTPA said financial information and health information were not compromised in the incident.
Use of 3rd Party
Health insurance and benefit plans provider
3rd-party Company
WebTPA
Date
May
Company
The Hartford
Data Breached
Contact information, birthdate, date of death, Social Security number, and insurance information. WebTPA said financial information and health information were not compromised in the incident.
Use of 3rd Party
Health insurance and benefit plans provider
3rd-party Company
WebTPA
Date
May
Company
Acrotech Biopharma Inc.
Data Breached
Personally identifiable information (PII)
Use of 3rd Party
Patient support services provider
3rd-party Company
Cencora, Inc.
Date
May
Company
CareDx, Inc
Data Breached
Personally identifiable information (PII)
Use of 3rd Party
Patient support services provider
3rd-party Company
Cencora, Inc.
Date
May
Company
Continuum Health Alliance
Data Breached
Name, age, medical record and identification numbers, and medical information such as treatment information, dates of treatment, and test results.
Use of 3rd Party
Medicine Provider
3rd-party Company
Consensus Medical Group
Date
May
Data Breached
First names, last names, addresses, dates of birth, health diagnoses, and/or medications and prescriptions.
Use of 3rd Party
Healthcare providers
3rd-party Company
Cencora, Inc.
Date
April
Company
AMG Healthcare Management Services, Marshall Medical Center, South Coast ER Medical Group and more…
Data Breached
Names, addresses, dates of birth, health insurance information, dates of service, and Social Security numbers.
Use of 3rd Party
Healthcare Provider
3rd-party Company
Designed Receivable Solutions (DRS)
Date
April
Company
Catholic Medical Center (CMC)
Data Breached
First and last name, date of birth, home address, phone number(s), e-mail address, medical record number, client identification number, dates of service, and/or medical information (e.g., diagnosis/condition, treatment, test results, medications), and/or health plan information.
Use of 3rd Party
Healthcare Provider
3rd-party Company
Lamont Hanley & Associates
Date
April
Company
Department of Justice
Data Breached
Personal information such as; Social Security numbers and more were accessed
Use of 3rd Party
Consulting provider
3rd-party Company
Greylock McKinnon Associates
Date
April
Company
Heilbronn City Library
Data Breached
Not disclosed
Use of 3rd Party
Database provider
3rd-party Company
Genios
Date
April
Company
University of Giessen
Data Breached
Not disclosed
Use of 3rd Party
Database provider
3rd-party Company
Genios
Date
April
Data Breached
Personally identifiable information (PII)
Use of 3rd Party
Third-party technology provider
3rd-party Company
Tyler Technologies
Date
April
Company
Cisco Duo
Data Breached
Phone number, Carrier, Location data, Date, Time, Message type
Use of 3rd Party
Telephony Provider
3rd-party Company
Unknown Telephony Provider
Date
April
Company
Moffitt Cancer Center
Data Breached
Names, dates of birth, and Social Security numbers.
Use of 3rd Party
Healthcare Provider
3rd-party Company
Advarra.
Date
April
Company
Moffitt Cancer Center
Data Breached
Patient names, dates of birth, phone numbers, email addresses, medical records, Social Security numbers, copies of passports and driver’s licenses, health insurance information, and company data.
Use of 3rd Party
Healthcare Provider
3rd-party Company
Gunster Yoakley and Stewart PA
Date
April
Company
Multiple U.S. agencies
Data Breached
Not disclosed
Use of 3rd Party
Technology consulting provider
3rd-party Company
Acuity Consulting
Date
March
Company
Swiss Goverment
Data Breached
Documents containing confidential information
Use of 3rd Party
Technology and software solutions provider
3rd-party Company
Xplain
Date
March
Company
Fidelity
Data Breached
Names, Social Security numbers, states of residence, bank account and routing numbers, and dates of birth.
Use of 3rd Party
Financial services provider
3rd-party Company
Infosys McCamish Systems (IMS)
Date
March
Data Breached
First and last names, address, phone number, email address, date of birth, driver’s license number, government identification number, vehicle identification number, passport number, Social Security number, patient ID account number, medical information, health information and/or health insurance information.
Use of 3rd Party
Healthcare Provider
3rd-party Company
KMJ Health Solutions
Date
March
Company
Rancho Family Medical Group
Data Breached
First and last names, address, phone number, email address, date of birth, driver’s license number, government identification number, vehicle identification number, passport number, Social Security number, patient ID account number, medical information, health information and/or health insurance information.
Use of 3rd Party
Healthcare Provider
3rd-party Company
KMJ Health Solutions
Date
March
Company
Regional One Health
Data Breached
First and last names, address, phone number, email address, date of birth, driver’s license number, government identification number, vehicle identification number, passport number, Social Security number, patient ID account number, medical information, health information and/or health insurance information.
Use of 3rd Party
Healthcare Provider
3rd-party Company
KMJ Health Solutions
Date
March
Company
Saint Joseph’s Medical Center
Data Breached
First and last names, address, phone number, email address, date of birth, driver’s license number, government identification number, vehicle identification number, passport number, Social Security number, patient ID account number, medical information, health information and/or health insurance information.
Use of 3rd Party
Healthcare Provider
3rd-party Company
KMJ Health Solutions
Date
March
Company
Santa Clarita Community College
Data Breached
Names, addresses, dates of birth, Social Security numbers, medical record numbers, and medical treatment information exposed.
Use of 3rd Party
Healthcare Provider
3rd-party Company
Keenan & Associates
Date
March
Data Breached
A limited amount of personal information. Included names and Social Security numbers.
Use of 3rd Party
Insurance Provider
3rd-party Company
Employee Benefits Corporation of America and Benefit Design Group, Inc.
Date
March
Company
Custom Health Care, Inc.
Data Breached
A limited amount of personal information. Included names and Social Security numbers.
Use of 3rd Party
Healthcare Provider
3rd-party Company
Employee Benefits Corporation of America and Benefit Design Group, Inc.
Date
March
Company
Countryway Insurance Company
Data Breached
A limited amount of personal information. Included names and Social Security numbers.
Use of 3rd Party
Insurance Provider
3rd-party Company
Employee Benefits Corporation of America and Benefit Design Group, Inc.
Date
March
Data Breached
A limited amount of personal information. Included names and Social Security numbers.
Use of 3rd Party
Insurance Provider
3rd-party Company
Employee Benefits Corporation of America and Benefit Design Group, Inc.
Date
March
Company
Baylor College of Medicine
Data Breached
Names, dates of birth, Social Security numbers, addresses, telephone numbers, and medical record numbers.
Use of 3rd Party
Healthcare Provider
3rd-party Company
Advarra
Date
March
Data Breached
First and last names in combination with one or more of the following: address, phone number, email address, date of birth, driver’s license number, government identification number, vehicle identification number, passport number, Social Security number, patient ID account number, medical information, health information and/or health insurance information.
Use of 3rd Party
Healthcare Provider
3rd-party Company
Unkown third-party vendor
Date
March
Data Breached
Names, addresses, dates of birth, dates of service, and, for some individuals, the name of their primary care provider and/or Social Security number.
Use of 3rd Party
Healthcare Provider
3rd-party Company
Multiplan Inc.
Date
March
Company
Bay Area Anesthesia
Data Breached
Tax forms and Social Security numbers (SSNs).
Use of 3rd Party
Healthcare Provider
3rd-party Company
Bowden Barlow Law, P.A.
Date
March
Company
American Express
Data Breached
Card information
Use of 3rd Party
Service providers
3rd-party Company
A Merchant Processor
Date
March
Company
The Hanoi Stock Exchange (HNX)
Data Breached
No impact on customers’ assets or data.
Use of 3rd Party
Securities broker provider
3rd-party Company
VNDirect
Date
February
Company
Bay Area Heart Center
Data Breached
Names, social Security number, date of birth, driver’s license numbers, state identification numbers, passports, direct deposit bank information, medical information, and health insurance information.
Use of 3rd Party
Healthcare Provider
3rd-party Company
Bowden Barlow Law, P.A.
Date
February
Company
Prime Healthcare
Data Breached
Date of birth, Social Security number, passport number, driver’s license number, health insurance information, and general health information.
Use of 3rd Party
Brokerage provider
3rd-party Company
Keenan & Associates
Date
February
Company
100 Romanian hospitals
Data Breached
The system is down, files and databases are encrypted
Use of 3rd Party
Healthcare services provider
3rd-party Company
Hipocrate Information System (HIS)
Date
February
Company
Qualcomm Incorporated
Data Breached
PII
Use of 3rd Party
Semiconductor Provider
3rd-party Company
Unknown third-party vendor
Date
February
Company
Audiens
Data Breached
Beneficiary’s marital status, date of birth, social security number, name of health insurer, and guarantees open to third-party payment.
Use of 3rd Party
Healthcare services provider
3rd-party Company
Viamedis
Date
February
Company
Santéclair
Data Breached
Beneficiary’s marital status, date of birth, social security number, name of health insurer, and guarantees open to third-party payment.
Use of 3rd Party
Healthcare services provider
3rd-party Company
Viamedis
Date
February
Company
Rotech Healthcare
Data Breached
Names, contact information, dates of birth, Social Security numbers, location of services, clinical and/ or diagnosis information, and patient account and/or medical record numbers.
Use of 3rd Party
Healthcare Provider
3rd-party Company
Philips Respironics
Date
February
Company
Forward Healthcare
Data Breached
Names, dates of birth, medical information, and health insurance claims information. The exposed employee data included names, Social Security numbers, driver’s license numbers/ other government-issued IDs, financial account information, and/or insurance information.
Use of 3rd Party
Healthcare Provider
3rd-party Company
Philips Respironics
Date
February
Company
Nabholz Construction
Data Breached
Names, Social Security numbers, addresses, ZIP codes, driver’s license numbers, dates of birth, clinical information such as diagnosis/conditions, lab results, medications or other treatment information, claims information and insurance information.
Use of 3rd Party
Construction management Provider
3rd-party Company
Cadence Bank
Date
February
Company
Health Alliance
Data Breached
Names, Social Security numbers, addresses, ZIP codes, driver’s license numbers, dates of birth, clinical information such as diagnosis/conditions, lab results, medications or other treatment information, claims information and insurance information.
Use of 3rd Party
Healthcare Provider
3rd-party Company
OnTrak
Date
February
Company
Kalixia
Data Breached
Beneficiary’s marital status, date of birth, social security number, name of health insurer, and guarantees open to third-party payment.
Use of 3rd Party
Healthcare services provider
3rd-party Company
Viamedis
Date
February
Company
Itelis
Data Breached
Beneficiary’s marital status, date of birth, social security number, name of health insurer, and guarantees open to third-party payment.
Use of 3rd Party
Business to business Provider
3rd-party Company
Viamedis
Date
February
Company
Carte Blanche Partenaires
Data Breached
Beneficiary’s marital status, date of birth, social security number, name of health insurer, and guarantees open to third-party payment.
Use of 3rd Party
Healthcare services provider
3rd-party Company
Viamedis
Date
February
Data Breached
Names, dates of birth, health plan information, medical treatment information, medical record numbers, patient account numbers, case identification numbers, provider and doctor information, and health record information.
Use of 3rd Party
Business services provider
3rd-party Company
Navvis & Company
Date
February
Company
Dendreon Pharmaceuticals LLC
Data Breached
Full name, address, health diagnosis, medications, and prescriptions.
Use of 3rd Party
Pharmaceutical services provider
3rd-party Company
Cencora
Date
February
Company
Endo International
Data Breached
Full name, address, health diagnosis, medications, and prescriptions.
Use of 3rd Party
Pharmaceutical services provider
3rd-party Company
Cencora
Date
February
Company
GSK
Data Breached
Full name, address, health diagnosis, medications, and prescriptions.
Use of 3rd Party
Pharmaceutical services provider
3rd-party Company
Cencora
Date
February
Company
Acadia Pharmaceuticals Inc.
Data Breached
Full name, address, health diagnosis, medications, and prescriptions.
Use of 3rd Party
Pharmaceutical services provider
3rd-party Company
Cencora
Date
February
Company
Sumitomo Pharma America, Inc.
Data Breached
Full name, address, health diagnosis, medications, and prescriptions.
Use of 3rd Party
Pharmaceutical services provider
3rd-party Company
Cencora
Date
February
Company
Incyte Corporation
Data Breached
Full name, address, health diagnosis, medications, and prescriptions.
Use of 3rd Party
Pharmaceutical services provider
3rd-party Company
Cencora
Date
February
Company
Genentech, Inc.
Data Breached
Full name, address, health diagnosis, medications, and prescriptions.
Use of 3rd Party
Pharmaceutical services provider
3rd-party Company
Cencora
Date
February
Company
Regeneron Pharmaceuticals
Data Breached
Full name, address, health diagnosis, medications, and prescriptions.
Use of 3rd Party
Pharmaceutical services provider
3rd-party Company
Cencora
Date
February
Company
AbbVie
Data Breached
Full name, address, health diagnosis, medications, and prescriptions.
Use of 3rd Party
Pharmaceutical services provider
3rd-party Company
Cencora
Date
February
Company
Bayer
Data Breached
Full name, address, health diagnosis, medications, and prescriptions.
Use of 3rd Party
Pharmaceutical services provider
3rd-party Company
Cencora
Date
February
Data Breached
Full name, address, health diagnosis, medications, and prescriptions.
Use of 3rd Party
Pharmaceutical services provider
3rd-party Company
Cencora
Date
February
Company
Malakoff Humanis
Data Breached
Beneficiary’s marital status, date of birth, social security number, name of health insurer, and guarantees open to third-party payment.
Use of 3rd Party
Healthcare services provider
3rd-party Company
Viamedis
Date
February
Company
Bank of America
Data Breached
Names, addresses, social security numbers, dates of birth, and financial information, including account and credit card numbers
Use of 3rd Party
Financial services provider
3rd-party Company
Infosys McCamish Systems (IMS)
Date
February
Data Breached
Personally identifiable information on employees (including some people who worked there from 2007 to 2017)
Use of 3rd Party
IT services provider
3rd-party Company
CGI Federal
Date
January
Company
North Kansas City Hospital
Data Breached
Full names and one or more of the following data elements: date of birth, address, medical record number, hospital account number, admission diagnosis, and date(s) and time(s) of service.
Use of 3rd Party
Healthcare services provider
3rd-party Company
Perry Johnson & Associates, Inc., (PJ&A)
Date
January
Company
Concentra
Data Breached
Full names and one or more of the following data elements: date of birth, address, medical record number, hospital account number, admission diagnosis, and date(s) and time(s) of service.
Use of 3rd Party
Healthcare services provider
3rd-party Company
Perry Johnson & Associates, Inc., (PJ&A)
Date
January
Company
Family Healthcare
Data Breached
Name, date of birth, Social Security number, driver’s license/state ID number, passport number, military ID number, financial account number, credit/debit card number with and without expiration date and security code, health insurance information, and clinical information, such as diagnosis/conditions, lab results, and prescription information.
Use of 3rd Party
Healthcare services provider
3rd-party Company
Brady Martz & Associates
Date
January
Data Breached
Names, dates of birth, contact information, general health information, medical treatment information, Social Security numbers, and/or employment records.
Use of 3rd Party
Healthcare services provider
3rd-party Company
HMG Healthcare
Date
January
Data Breached
Name, address, date of birth, driver’s license or other state identification number, Social Security number, account access credentials, health insurance information, medical treatment and diagnosis information, medical treatment cost information, patient account number, Medicare or Medicaid number, healthcare provider information, and prescription information.
Use of 3rd Party
Healthcare services provider
3rd-party Company
ConsensioHealth
Date
January
Company
Dr. Linda Jingle
Data Breached
Name, address, date of birth, driver’s license or other state identification number, Social Security number, account access credentials, health insurance information, medical treatment and diagnosis information, medical treatment cost information, patient account number, Medicare or Medicaid number, healthcare provider information, and prescription information.
Use of 3rd Party
Healthcare services provider
3rd-party Company
ConsensioHealth
Date
January
Company
Fox Valley Emergency Medicine
Data Breached
Name, address, date of birth, driver’s license or other state identification number, Social Security number, account access credentials, health insurance information, medical treatment and diagnosis information, medical treatment cost information, patient account number, Medicare or Medicaid number, healthcare provider information, and prescription information.
Use of 3rd Party
Healthcare services provider
3rd-party Company
ConsensioHealth
Date
January
Company
Rusta
Data Breached
Sensitive personal data
Use of 3rd Party
Cloud hosting services provider
3rd-party Company
Tietoevry
Date
January
Company
Filmstaden
Data Breached
Sensitive personal data
Use of 3rd Party
Cloud hosting services provider
3rd-party Company
Tietoevry
Date
January
Company
Primula
Data Breached
Sensitive personal data
Use of 3rd Party
Cloud hosting services provider
3rd-party Company
Tietoevry
Date
January
Company
Kenosha Urgicare
Data Breached
Name, address, date of birth, driver’s license or other state identification number, Social Security number, account access credentials, health insurance information, medical treatment and diagnosis information, medical treatment cost information, patient account number, Medicare or Medicaid number, healthcare provider information, and prescription information.
Use of 3rd Party
Healthcare provider
3rd-party Company
ConsensioHealth
Date
January
Company
Wisconsin Urgent Care
Data Breached
Name, address, date of birth, driver’s license or other state identification number, Social Security number, account access credentials, health insurance information, medical treatment and diagnosis information, medical treatment cost information, patient account number, Medicare or Medicaid number, healthcare provider information, and prescription information.
Use of 3rd Party
Healthcare provider
3rd-party Company
ConsensioHealth
Date
January
Company
Ascension Wisconsin
Data Breached
Name, address, date of birth, driver’s license or other state identification number, Social Security number, account access credentials, health insurance information, medical treatment and diagnosis information, medical treatment cost information, patient account number, Medicare or Medicaid number, healthcare provider information, and prescription information.
Use of 3rd Party
Healthcare provider
3rd-party Company
ConsensioHealth
Date
January
Data Breached
Name, address, date of birth, driver’s license or other state identification number, Social Security number, account access credentials, health insurance information, medical treatment and diagnosis information, medical treatment cost information, patient account number, Medicare or Medicaid number, healthcare provider information, and prescription information.
Use of 3rd Party
Healthcare provider
3rd-party Company
ConsensioHealth
Date
January
Company
Framework Computer
Data Breached
Personally identifiable information
Use of 3rd Party
Accounting service provider
3rd-party Company
Keating Consulting Group
Date
January
Company
Uppsala County
Data Breached
Not disclosed
Use of 3rd Party
IT services and enterprise cloud hosting provider
3rd-party Company
TietoEVRY
Date
January
Company
Vellinge municipality
Data Breached
Not disclosed
Use of 3rd Party
IT services and enterprise cloud hosting provider
3rd-party Company
TietoEVRY
Date
January
Company
Statens service center
Data Breached
Not disclosed
Use of 3rd Party
IT services and enterprise cloud hosting provider
3rd-party Company
TietoEVRY
Date
January
Company
Malmö University
Data Breached
Not disclosed
Use of 3rd Party
IT services and enterprise cloud hosting provider
3rd-party Company
TietoEVRY
Date
January
Company
Lunds Universitet
Data Breached
Not disclosed
Use of 3rd Party
IT services and enterprise cloud hosting provider
3rd-party Company
TietoEVRY
Date
January
Company
Stockholm University
Data Breached
Not disclosed
Use of 3rd Party
IT services and enterprise cloud hosting provider
3rd-party Company
TietoEVRY
Date
January
Company
University West
Data Breached
Not disclosed
Use of 3rd Party
IT services and enterprise cloud hosting provider
3rd-party Company
TietoEVRY
Date
January
Company
SLU
Data Breached
Not disclosed
Use of 3rd Party
IT services and enterprise cloud hosting provider
3rd-party Company
TietoEVRY
Date
January
Company
Karolinska Institutet
Data Breached
Not disclosed
Use of 3rd Party
IT services and enterprise cloud hosting provider
3rd-party Company
TietoEVRY
Date
January
Company
Grangnården
Data Breached
Not disclosed
Use of 3rd Party
IT services and enterprise cloud hosting provider
3rd-party Company
TietoEVRY
Date
January
Company
Moelven
Data Breached
Not disclosed
Use of 3rd Party
IT services and enterprise cloud hosting provider
3rd-party Company
TietoEVRY
Date
January
Company
Rusta
Data Breached
Not disclosed
Use of 3rd Party
IT services and enterprise cloud hosting provider
3rd-party Company
TietoEVRY
Date
January
Company
Filmstaden
Data Breached
Not disclosed
Use of 3rd Party
IT services and enterprise cloud hosting provider
3rd-party Company
TietoEVRY
Date
January
Company
Meritas Health Corporation
Data Breached
Not disclosed
Use of 3rd Party
Health insurance and healthcare provider
3rd-party Company
Perry Johnson & Associates, Inc., (PJ&A)
Date
January
Company
North Kansas City Hospital
Data Breached
Not disclosed
Use of 3rd Party
Health insurance and healthcare provider
3rd-party Company
Perry Johnson & Associates, Inc., (PJ&A)
Date
January
Company
US Small Business Administration
Data Breached
Names, addresses, dates of birth, Social Security numbers, driver’s license or other government ID numbers, passport numbers, email addresses, financial account details, tax identification numbers, medical and health information, health insurance and healthcare provider details, online account credentials, and credit or debit card numbers.
Use of 3rd Party
Health insurance and healthcare provider
3rd-party Company
Orrick, Herrington & Sutcliffe
Date
January
Company
MultiPlan
Data Breached
Names, addresses, dates of birth, Social Security numbers, driver’s license or other government ID numbers, passport numbers, email addresses, financial account details, tax identification numbers, medical and health information, health insurance and healthcare provider details, online account credentials, and credit or debit card numbers.
Use of 3rd Party
Health insurance and healthcare provider
3rd-party Company
Orrick, Herrington & Sutcliffe
Date
January
Company
EyeMed Vision Care
Data Breached
Names, addresses, dates of birth, Social Security numbers, driver’s license or other government ID numbers, passport numbers, email addresses, financial account details, tax identification numbers, medical and health information, health insurance and healthcare provider details, online account credentials, and credit or debit card numbers.
Use of 3rd Party
Health insurance and healthcare provider
3rd-party Company
Orrick, Herrington & Sutcliffe
Date
January
Data Breached
Names, addresses, dates of birth, Social Security numbers, driver’s license or other government ID numbers, passport numbers, email addresses, financial account details, tax identification numbers, medical and health information, health insurance and healthcare provider details, online account credentials, and credit or debit card numbers.
Use of 3rd Party
Healthcare Provider
3rd-party Company
Orrick, Herrington & Sutcliffe
Date
January
Data Breached
Name
Address
Date of birth
Social Security number
Taxpayer Identification Number
Medical Record number
Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location)
Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification)
Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party
Healthcare Provider
3rd-party Company
HealthEC LLC
Date
January
Data Breached
Name
Address
Date of birth
Social Security number
Taxpayer Identification Number
Medical Record number
Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location)
Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification)
Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party
Healthcare Provider
3rd-party Company
HealthEC LLC
Date
January
Company
East Georgia Healthcare Center
Data Breached
Name
Address
Date of birth
Social Security number
Taxpayer Identification Number
Medical Record number
Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location)
Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification)
Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party
Healthcare Provider
3rd-party Company
HealthEC LLC
Date
January
Data Breached
Name
Address
Date of birth
Social Security number
Taxpayer Identification Number
Medical Record number
Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location)
Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification)
Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party
Healthcare Provider
3rd-party Company
HealthEC LLC
Date
January
Data Breached
Name
Address
Date of birth
Social Security number
Taxpayer Identification Number
Medical Record number
Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location)
Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification)
Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party
Healthcare Provider
3rd-party Company
HealthEC LLC
Date
January
Company
Long Island Select Healthcare
Data Breached
Name
Address
Date of birth
Social Security number
Taxpayer Identification Number
Medical Record number
Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location)
Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification)
Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party
Healthcare Provider
3rd-party Company
HealthEC LLC
Date
January
Data Breached
Name
Address
Date of birth
Social Security number
Taxpayer Identification Number
Medical Record number
Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location)
Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification)
Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party
Healthcare Provider
3rd-party Company
HealthEC LLC
Date
January
Company
Metro Community Health Centers
Data Breached
Name
Address
Date of birth
Social Security number
Taxpayer Identification Number
Medical Record number
Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location)
Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification)
Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party
Healthcare Provider
3rd-party Company
HealthEC LLC
Date
January
Company
Compassion Health Care
Data Breached
Name
Address
Date of birth
Social Security number
Taxpayer Identification Number
Medical Record number
Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location)
Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification)
Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party
Healthcare Provider
3rd-party Company
HealthEC LLC
Date
January
Data Breached
Name
Address
Date of birth
Social Security number
Taxpayer Identification Number
Medical Record number
Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location)
Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification)
Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party
Healthcare Provider
3rd-party Company
HealthEC LLC
Date
January
Company
KidneyLink
Data Breached
Name
Address
Date of birth
Social Security number
Taxpayer Identification Number
Medical Record number
Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location)
Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification)
Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party
Healthcare Provider
3rd-party Company
HealthEC LLC
Date
January
Company
Beaumont ACO
Data Breached
Name
Address
Date of birth
Social Security number
Taxpayer Identification Number
Medical Record number
Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location)
Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification)
Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party
Healthcare Provider
3rd-party Company
HealthEC LLC
Date
January
Data Breached
Name
Address
Date of birth
Social Security number
Taxpayer Identification Number
Medical Record number
Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location)
Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification)
Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party
Healthcare Provider
3rd-party Company
HealthEC LLC
Date
January
Company
Community Health Care Systems
Data Breached
Name
Address
Date of birth
Social Security number
Taxpayer Identification Number
Medical Record number
Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location)
Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification)
Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party
Healthcare Provider
3rd-party Company
HealthEC LLC
Date
January
Data Breached
Name
Address
Date of birth
Social Security number
Taxpayer Identification Number
Medical Record number
Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location)
Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification)
Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party
Healthcare Provider
3rd-party Company
HealthEC LLC
Date
January
Company
HonorHealth
Data Breached
Name
Address
Date of birth
Social Security number
Taxpayer Identification Number
Medical Record number
Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location)
Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification)
Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party
Healthcare Provider
3rd-party Company
HealthEC LLC
Date
January
Company
Corewell Health
Data Breached
Name
Address
Date of birth
Social Security number
Taxpayer Identification Number
Medical Record number
Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location)
Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification)
Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party
Healthcare Provider
3rd-party Company
HealthEC LLC
2023 Data leaks
Data Leaks for 2023
Date
Company
Data Breached
Use of 3rd Party
3rd-party Company
Date
December
Company
60 Credit Unions
Data Breached
Not disclosed for now
Use of 3rd Party
Nonprofit cooperative financial institution
3rd-party Company
Trellance
Date
December
Company
40 Healthcare Companies
Data Breached
Not disclosed for now
Use of 3rd Party
Medical Center
3rd-party Company
Asper Biogene
Date
December
Company
Mercy Medical Center (IA)
Data Breached
Name, date of birth, gender, phone number and address; health insurance information; and some clinical information. No Social Security numbers were compromised.
Use of 3rd Party
Medical Center
3rd-party Company
Perry Johnson & Associates, Inc., (PJ&A)
Date
December
Data Breached
Name, date of birth, gender, phone number and address; health insurance information; and some clinical information. No Social Security numbers were compromised.
Use of 3rd Party
Medical Center
3rd-party Company
Perry Johnson & Associates, Inc., (PJ&A)
Date
December
Company
Valley Health System
Data Breached
Full name
Dates of birth
Phone number
Patient account/medical record number
Injury type and date
Diagnosis information
Treatment type and date
Procedure information
Social Security Number (SSN)
Use of 3rd Party
Medical Center
3rd-party Company
ESO Solutions, Inc.
Date
December
Data Breached
Full name
Dates of birth
Phone number
Patient account/medical record number
Injury type and date
Diagnosis information
Treatment type and date
Procedure information
Social Security Number (SSN)
Use of 3rd Party
Medical Center
3rd-party Company
ESO Solutions, Inc.
Date
December
Company
Desert View Hospital
Data Breached
Full name
Dates of birth
Phone number
Patient account/medical record number
Injury type and date
Diagnosis information
Treatment type and date
Procedure information
Social Security Number (SSN)
Use of 3rd Party
Medical Center
3rd-party Company
ESO Solutions, Inc.
Date
December
Data Breached
Full name
Dates of birth
Phone number
Patient account/medical record number
Injury type and date
Diagnosis information
Treatment type and date
Procedure information
Social Security Number (SSN)
Use of 3rd Party
Medical Center
3rd-party Company
ESO Solutions, Inc.
Date
December
Company
Providence Alaska Medical Center
Data Breached
Full name
Dates of birth
Phone number
Patient account/medical record number
Injury type and date
Diagnosis information
Treatment type and date
Procedure information
Social Security Number (SSN)
Use of 3rd Party
Medical Center
3rd-party Company
ESO Solutions, Inc.
Date
December
Data Breached
Full name
Dates of birth
Phone number
Patient account/medical record number
Injury type and date
Diagnosis information
Treatment type and date
Procedure information
Social Security Number (SSN)
Use of 3rd Party
Medical Center
3rd-party Company
ESO Solutions, Inc.
Date
December
Data Breached
Full name
Dates of birth
Phone number
Patient account/medical record number
Injury type and date
Diagnosis information
Treatment type and date
Procedure information
Social Security Number (SSN)
Use of 3rd Party
Medical Center
3rd-party Company
ESO Solutions, Inc.
Date
December
Data Breached
Full name
Dates of birth
Phone number
Patient account/medical record number
Injury type and date
Diagnosis information
Treatment type and date
Procedure information
Social Security Number (SSN)
Use of 3rd Party
Medical Center
3rd-party Company
ESO Solutions, Inc.
Date
December
Data Breached
Full name
Dates of birth
Phone number
Patient account/medical record number
Injury type and date
Diagnosis information
Treatment type and date
Procedure information
Social Security Number (SSN)
Use of 3rd Party
Medical Center
3rd-party Company
ESO Solutions, Inc.
Date
December
Company
ESO EMS Agency
Data Breached
Full name
Dates of birth
Phone number
Patient account/medical record number
Injury type and date
Diagnosis information
Treatment type and date
Procedure information
Social Security Number (SSN)
Use of 3rd Party
Medical Center
3rd-party Company
ESO Solutions, Inc.
Date
December
Company
Merit Health River Oaks
Data Breached
Full name
Dates of birth
Phone number
Patient account/medical record number
Injury type and date
Diagnosis information
Treatment type and date
Procedure information
Social Security Number (SSN)
Use of 3rd Party
Medical Center
3rd-party Company
ESO Solutions, Inc.
Date
December
Data Breached
Full name
Dates of birth
Phone number
Patient account/medical record number
Injury type and date
Diagnosis information
Treatment type and date
Procedure information
Social Security Number (SSN)
Use of 3rd Party
Medical Center
3rd-party Company
ESO Solutions, Inc.
Date
December
Data Breached
Full name
Dates of birth
Phone number
Patient account/medical record number
Injury type and date
Diagnosis information
Treatment type and date
Procedure information
Social Security Number (SSN)
Use of 3rd Party
Medical Center
3rd-party Company
ESO Solutions, Inc.
Date
November
Company
Crouse Health in Syracuse
Data Breached
Insurance and clinical information from medical transcription files and some Social Security numbers.
Use of 3rd Party
Healthcare Company
3rd-party Company
Perry Johnson & Associates, Inc., (PJ&A)
Date
November
Company
Taylor Rose
Data Breached
Not disclosed for now
Use of 3rd Party
Independent firm of solicitors
3rd-party Company
CTS
Date
November
Company
Sutter Health
Data Breached
names, dates of birth, health insurance information, provider names, treatment cost information, and diagnoses/treatment information.
Use of 3rd Party
Healthcare center
3rd-party Company
Virgin Pulse
Date
November
Company
St. Bernards Healthcare, Inc.
Data Breached
names, dates of birth, health insurance information, provider names, treatment cost information, and diagnoses/treatment information.
Use of 3rd Party
Healthcare center
3rd-party Company
Welltok, a Virgin Pulse company
Date
November
Company
O’Neill Patient
Data Breached
Not disclosed for now
Use of 3rd Party
Law firm
3rd-party Company
CTS
Date
November
Company
Setfords
Data Breached
Not disclosed for now
Use of 3rd Party
Law firm
3rd-party Company
CTS
Date
November
Company
Talbots
Data Breached
Not disclosed for now
Use of 3rd Party
Fashion company
3rd-party Company
CTS
Date
November
Company
Gateley
Data Breached
Not disclosed for now
Use of 3rd Party
Commercial law firm
3rd-party Company
CTS
Date
November
Company
Dollar Tree
Data Breached
Names, dates of birth, and Social Security numbers (SSNs).
Use of 3rd Party
Discount store company
3rd-party Company
Zeroed-In Technologies
Date
November
Company
Family Dollar
Data Breached
Names, dates of birth, and Social Security numbers (SSNs).
Use of 3rd Party
Discount store company
3rd-party Company
Zeroed-In Technologies
Date
November
Data Breached
Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party
Healthcare Center
3rd-party Company
Welltok
Date
November
Data Breached
Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party
Healthcare Center
3rd-party Company
Welltok
Date
November
Data Breached
Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party
Healthcare Center
3rd-party Company
Welltok
Date
November
Data Breached
Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party
Healthcare Center
3rd-party Company
Welltok
Date
November
Company
Corewell Health
Data Breached
Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party
Healthcare Center
3rd-party Company
Welltok
Date
November
Company
Faith Regional Health Services
Data Breached
Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party
Healthcare Center
3rd-party Company
Welltok
Date
November
Data Breached
Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party
Healthcare Center
3rd-party Company
Welltok
Date
November
Company
Mass General Brigham Health Plan
Data Breached
Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party
Healthcare Center
3rd-party Company
Welltok
Date
November
Company
Westat, Inc.
Data Breached
Demographic, clinical, and financial information were present in the impacted files.
Use of 3rd Party
Management services company
3rd-party Company
Nuance Communications, Inc.
Date
November
Company
Priority Health
Data Breached
Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party
Healthcare Center
3rd-party Company
Welltok
Date
November
Company
St. Bernards Healthcare
Data Breached
Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party
Healthcare Center
3rd-party Company
Welltok
Date
November
Company
Sutter Health
Data Breached
Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party
Healthcare Center
3rd-party Company
Welltok
Date
November
Company
Trane Technologies Company LLC
Data Breached
Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party
Healthcare Center
3rd-party Company
Welltok
Date
November
Data Breached
Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party
Healthcare Center
3rd-party Company
Welltok
Date
November
Company
The Guthrie Clinic
Data Breached
Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party
Healthcare Center
3rd-party Company
Welltok
Date
November
Company
The Canadian Government
Data Breached
1.5TB of documents leaked + 3 full backups of CRM for branches
Use of 3rd Party
Government
3rd-party Company
Sirva Worldwide, Inc.
Date
November
Company
Samsung Electronics
Data Breached
No financial data
Use of 3rd Party
Appliance company
3rd-party Company
Unknown
Date
November
Company
Northwell Health
Data Breached
Names,
Social Security numbers,
Dates of birth,
Addresses,
Medical record numbers,
Hospital account numbers,
Admission diagnoses, and
Dates and times of service.
Use of 3rd Party
Nonprofit integrated healthcare company
3rd-party Company
Perry Johnson & Associates, Inc., (PJ&A)
Date
November
Data Breached
Not disclosed for now
Use of 3rd Party
Physicians’ Service
3rd-party Company
Medical Eye Services, Inc.
Date
November
Company
1Password
Data Breached
Employees’ full names, their social security numbers (SSNs), and Health or Medical Insurance plan numbers.
Use of 3rd Party
Software company
3rd-party Company
Okta
Date
November
Company
BeyondTrust
Data Breached
Employees’ full names, their social security numbers (SSNs), and Health or Medical Insurance plan numbers.
Use of 3rd Party
Identity management company
3rd-party Company
Okta
Date
November
Company
Okta
Data Breached
Not disclosed for now
Use of 3rd Party
IT service management company
3rd-party Company
Rightway Health
Date
November
Company
Cloudflare
Data Breached
Employees’ full names, their social security numbers (SSNs), and Health or Medical Insurance plan numbers.
Use of 3rd Party
IT service management company
3rd-party Company
Okta
Date
October
Company
Cook County Health
Data Breached
Date of birth, address, medical record number, encounter number, medical information, dates/times of service, and, in some cases, Social Security number.
Use of 3rd Party
Health company
3rd-party Company
Perry Johnson & Associates, Inc., (PJ&A)
Date
October
Data Breached
Personal information
Use of 3rd Party
Government department
3rd-party Company
Ipswitch, Inc.
Date
October
Company
SA Health
Data Breached
Health information (personal, medical and/or legal documents)
Use of 3rd Party
Local health networks
3rd-party Company
Personify Care
Date
October
Data Breached
PII
Use of 3rd Party
Health Plan
3rd-party Company
Maximus
Date
October
Data Breached
Date of birth, address, medical record number, encounter number, medical information, dates/times of service, and, in some cases, Social Security number.
Use of 3rd Party
Medical Transcription Firm
3rd-party Company
Nuance Communications
Date
October
Company
Super SA
Data Breached
Pll
Use of 3rd Party
State government office
3rd-party Company
Former external service provider
Date
October
Data Breached
PII
Use of 3rd Party
Health company
3rd-party Company
unknown
Date
October
Company
Humana Inc.
Data Breached
Names, addresses, dates of birth, Social Security numbers, and medical treatment information.
Use of 3rd Party
Health insurance company
3rd-party Company
PNC Bank
Date
October
Company
Chatham-Kent Health Alliance
Data Breached
Not disclosed for now
Use of 3rd Party
Health services provider
3rd-party Company
TransForm
Date
October
Company
Hospice of Windsor-Essex
Data Breached
Not disclosed for now
Use of 3rd Party
Health services provider
3rd-party Company
TransForm
Date
October
Company
Erie Shores Healthcare
Data Breached
Not disclosed for now
Use of 3rd Party
Health services provider
3rd-party Company
TransForm
Date
October
Company
Hotel Dieu Grace
Data Breached
Not disclosed for now
Use of 3rd Party
Health services provider
3rd-party Company
TransForm
Date
October
Company
Windsor Regional Hospital
Data Breached
Not disclosed for now
Use of 3rd Party
Health services provider
3rd-party Company
TransForm
Date
October
Company
NorthStar Anesthesia
Data Breached
Consumers’ names, dates of birth, driver’s license numbers, state identification card numbers, addresses, Social Security numbers and protected health information.
Use of 3rd Party
Corporate medical office
3rd-party Company
Arietis Health
Date
October
Company
Arietis Health
Data Breached
Patient data, including names, driver’s license numbers, Social Security numbers, dates of birth, medical record numbers, patient account numbers, diagnosis and treatment information, health insurance information, and prescription and provider information.
Use of 3rd Party
Medical billing service
3rd-party Company
Ipswitch, Inc.
Date
October
Company
Sony
Data Breached
Not disclosed for now
Use of 3rd Party
Japanese multinational conglomerate corporation
3rd-party Company
Ipswitch, Inc.
Date
October
Company
Flagstar Bank
Data Breached
Names and Social Security Numbers (SSNs)
Use of 3rd Party
Commercial banking company
3rd-party Company
Fiserv
Date
October
Company
Fiserv
Data Breached
Names and Social Security Numbers (SSNs)
Use of 3rd Party
Financial services company
3rd-party Company
Ipswitch, Inc.
Date
September
Data Breached
Employees’ first and last names, claimants first and last names, case numbers, employer CERT codes, provider name, provider city, claim number, date(s) of service, internal INEL codes, and amounts billed and paid.
Use of 3rd Party
Endoscopy Center
3rd-party Company
SightPath Medical
Date
September
Company
Sanford Health
Data Breached
Employees’ first and last names, claimants first and last names, case numbers, employer CERT codes, provider name, provider city, claim number, date(s) of service, internal INEL codes, and amounts billed and paid.
Use of 3rd Party
Rural health system
3rd-party Company
DMS Health Technologies
Date
September
Company
Delta Dental of California
Data Breached
Employees’ first and last names, claimants first and last names, case numbers, employer CERT codes, provider name, provider city, claim number, date(s) of service, internal INEL codes, and amounts billed and paid.
Use of 3rd Party
Emergency Services
3rd-party Company
Orrick, Herrington & Sutcliffe
Date
September
Company
Judiciary Branch
Data Breached
Not disclosed for now
Use of 3rd Party
Government ministry
3rd-party Company
IFX Networks Colombia
Date
September
Data Breached
Not disclosed for now
Use of 3rd Party
Government ministry
3rd-party Company
IFX Networks Colombia
Date
September
Data Breached
Not disclosed for now
Use of 3rd Party
Government ministry
3rd-party Company
IFX Networks Colombia
Date
September
Company
890 Schools
Data Breached
Names, dates of birth, contact information, Social Security numbers, student ID numbers, and some school-related records (e.g., enrollment records, degree records, and course-level data).
Use of 3rd Party
School
3rd-party Company
National Student Clearinghouse (NSC)
Date
September
Company
Amerita
Data Breached
Not disclosed for now
Use of 3rd Party
Complex pharmaceutical products and clinical services company
3rd-party Company
PharMerica
Date
September
Company
BORN Ontario
Data Breached
Full name,
Home address,
Postal code,
Date of birth,
Health card number,
Dates of service/care,
Lab test results,
Pregnancy risk factors,
Type of birth,
Procedures,
Pregnancy and birth outcomes
Use of 3rd Party
Healthcare provider
3rd-party Company
Ipswitch, Inc.
Date
September
Company
Airbus
Data Breached
Names, addresses, phone numbers and emails
Use of 3rd Party
Aerospace company
3rd-party Company
Turkish Airlines
Date
September
Company
FTX
Data Breached
Non-sensitive customer data
Use of 3rd Party
Crypto company
3rd-party Company
Kroll Inc.
Date
September
Company
Genesis Global Holdco
Data Breached
Non-sensitive customer data
Use of 3rd Party
Financial markets organizations company
3rd-party Company
Kroll Inc.
Date
September
Company
BlockFi
Data Breached
Non-sensitive customer data
Use of 3rd Party
Crypto company
3rd-party Company
Kroll Inc.
Date
September
Company
University of Sydney
Data Breached
PII
Use of 3rd Party
University
3rd-party Company
Unknown
Date
August
Company
Serco Inc. Group Health Plan
Data Breached
Not disclosed for now
Use of 3rd Party
Hhealth care services that support vital government programs
3rd-party Company
Ipswitch, Inc.
Date
August
Company
Indiana University Health
Data Breached
Not disclosed for now
Use of 3rd Party
University
3rd-party Company
Ipswitch, Inc.
Date
August
Company
Baesman Group, Inc.
Data Breached
Not disclosed for now
Use of 3rd Party
Media company
3rd-party Company
Ipswitch, Inc.
Date
August
Company
Premera Blue Cross
Data Breached
Not disclosed for now
Use of 3rd Party
Health insurance company
3rd-party Company
Ipswitch, Inc.
Date
August
Company
American National Group, LLC
Data Breached
Not disclosed for now
Use of 3rd Party
Personalized insurance coverage company
3rd-party Company
Ipswitch, Inc.
Date
August
Company
Unum Group SACE
Data Breached
Not disclosed for now
Use of 3rd Party
Financial insurance products company
3rd-party Company
Ipswitch, Inc.
Date
August
Data Breached
Not disclosed for now
Use of 3rd Party
Third-party billing agency
3rd-party Company
Ipswitch, Inc.
Date
August
Data Breached
Not disclosed for now
Use of 3rd Party
Medical school
3rd-party Company
Ipswitch, Inc.
Date
August
Company
Radius Global Solutions
Data Breached
Not disclosed for now
Use of 3rd Party
Operational and financial objectives company
3rd-party Company
Ipswitch, Inc.
Date
August
Company
Nuance Communications
Data Breached
Names, demographic information, names of relatives, dates of service, medical facility information, practition
Use of 3rd Party
Computer software company
3rd-party Company
Ipswitch, Inc.
Date
August
Company
Child Health Plan Plus (CHP+)
Data Breached
IUD numbers, birth dates, addresses and other contact information, demographic/income information, health insurance information and clinical and medical information, including diagnoses, conditions, lab results, medications, and other treatment information
Use of 3rd Party
Healthcare company
3rd-party Company
IBM
Date
August
Company
Eversource Energy
Data Breached
Personal information including Social Security numbers.
Use of 3rd Party
Electric services company
3rd-party Company
CLEAResult
Date
August
Company
Health First Colorado
Data Breached
IUD numbers, birth dates, addresses and other contact information, demographic/income information, health insurance information and clinical and medical information, including diagnoses, conditions, lab results, medications, and other treatment information
Use of 3rd Party
Healthcare company
3rd-party Company
IBM
Date
August
Company
Zillow
Data Breached
Not disclosed for now
Use of 3rd Party
San Francisco MLS entities
3rd-party Company
Rapattoni Corporation
Date
August
Company
San Francisco MLS entities
Data Breached
Not disclosed for now
Use of 3rd Party
San Francisco MLS entities
3rd-party Company
Rapattoni Corporation
Date
August
Company
Janssen Healthcare Platform
Data Breached
Names, contact information, dates of birth, health insurance data, and medical information
Use of 3rd Party
Healthcare company
3rd-party Company
IBM
Date
August
Data Breached
Not disclosed for now
Use of 3rd Party
Real Estate
3rd-party Company
Rapattoni Corporation
Date
August
Company
Cincy MLS
Data Breached
Not disclosed for now
Use of 3rd Party
Real Estate company
3rd-party Company
Rapattoni Corporation
Date
August
Data Breached
Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party
Government department
3rd-party Company
IBM
Date
August
Data Breached
Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party
Social Services Company
3rd-party Company
IBM
Date
August
Company
IBM
Data Breached
Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party
International Business Machines Corporation
3rd-party Company
Ipswitch, Inc.
Date
August
Data Breached
Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party
Healthcare company
3rd-party Company
Ipswitch, Inc.
Date
August
Company
MAXIMUS
Data Breached
Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party
Healthcare company
3rd-party Company
Ipswitch, Inc.
Date
August
Data Breached
Identity, communication, customer transactions, visual and audio records
Use of 3rd Party
Sportive Products Company
3rd-party Company
Vodatech IT
Date
August
Data Breached
Not disclosed for now
Use of 3rd Party
3rd-party Company
Vodatech IT
Date
August
Data Breached
Not disclosed for now
Use of 3rd Party
Car dealer
3rd-party Company
Vodatech IT
Date
August
Data Breached
Identity, communication, customer transactions, visual and audio records
Use of 3rd Party
Technology company
3rd-party Company
Vodatech IT
Date
August
Data Breached
Identity, communication, customer transactions, visual and audio records
Use of 3rd Party
Sportswear company
3rd-party Company
Vodatech IT
Date
August
Data Breached
Identity, communication, customer transactions, visual and audio records
Use of 3rd Party
Clothing company
3rd-party Company
Vodatech IT
Date
August
Data Breached
Identity, communication, customer transactions, visual and audio records
Use of 3rd Party
Rental Trade company
3rd-party Company
Vodatech IT
Date
August
Data Breached
Identity, communication, customer transactions, visual and audio records
Use of 3rd Party
Garment Marketing Company
3rd-party Company
Vodatech IT
Date
August
Company
AgeSALife and Retirement AS
Data Breached
Identity, communication, customer transactions, visual and audio records
Use of 3rd Party
Retirement Company
3rd-party Company
Vodatech IT
Date
August
Company
UPS Cargo
Data Breached
Identity, communication, customer transactions, visual and audio records
Use of 3rd Party
Transportation of containerized and palletized cargo company
3rd-party Company
Vodatech IT
Date
August
Company
Gulf insurance AS
Data Breached
Identity, communication, customer transactions, visual and audio records
Use of 3rd Party
Insurance company
3rd-party Company
Vodatech IT
Date
July
Company
Lenders Choice Escrow
Data Breached
Name, U.S. Social Security Number, date of birth, home mailing address, Serco and/or personal e-mail address, and selected health benefits
Use of 3rd Party
Escrow service
3rd-party Company
CashCall Inc.
Date
July
Company
Settle It, Inc.
Data Breached
Name, U.S. Social Security Number, date of birth, home mailing address, Serco and/or personal e-mail address, and selected health benefits
Use of 3rd Party
Financial institution
3rd-party Company
CashCall Inc.
Date
July
Company
The Loan Exchange
Data Breached
Name, U.S. Social Security Number, date of birth, home mailing address, Serco and/or personal e-mail address, and selected health benefits
Use of 3rd Party
Financial flexibility company
3rd-party Company
CashCall Inc.
Date
July
Data Breached
Names, addresses, Social Security numbers, dates of birth, health insurance information, and protected health information
Use of 3rd Party
Health Insurance
3rd-party Company
Cognizant Technology Solutions Corporation
Date
July
Company
Henrietta Johnson Medical Center
Data Breached
Names, dates of birth, addresses, Social Security numbers, driver’s license numbers, and clinical information, such as provider names, dates of service, and/or diagnoses
Use of 3rd Party
Medical center
3rd-party Company
Delaware Health Network
Date
July
Company
Ocean Breeze Ranch
Data Breached
Name, U.S. Social Security Number, date of birth, home mailing address, Serco and/or personal e-mail address, and selected health benefits
Use of 3rd Party
Farm
3rd-party Company
CashCall Inc.
Date
July
Company
Servicing Solutions
Data Breached
Name, U.S. Social Security Number, date of birth, home mailing address, Serco and/or personal e-mail address, and selected health benefits
Use of 3rd Party
Corporate deliver solutions firm
3rd-party Company
CashCall Inc.
Date
July
Company
Serco Group
Data Breached
Name, U.S. Social Security Number, date of birth, home mailing address, Serco and/or personal e-mail address, and selected health benefits
Use of 3rd Party
Management consulting company
3rd-party Company
CBIZ, Inc.
Date
July
Company
CBIZ, Inc.
Data Breached
Name, U.S. Social Security Number, date of birth, home mailing address, Serco and/or personal e-mail address, and selected health benefits
Use of 3rd Party
Software company
3rd-party Company
Ipswitch, Inc.
Date
July
Data Breached
Social ID Number, name, surname, e-mail and phone number
Use of 3rd Party
Company
3rd-party Company
Mivento IT Services
Date
July
Data Breached
Social ID Number, name, surname, e-mail and phone number
Use of 3rd Party
Company
3rd-party Company
Mivento IT Services
Date
July
Data Breached
Social ID Number, name, surname, e-mail and phone number
Use of 3rd Party
Manufacturing Company
3rd-party Company
Mivento IT Services
Date
July
Data Breached
Social ID Number, name, surname, e-mail and phone number
Use of 3rd Party
installation systems
3rd-party Company
Mivento IT Services
Date
July
Data Breached
Social ID Number, name, surname, e-mail and phone number
Use of 3rd Party
One of the longest-standing companies of Anadolu Group
3rd-party Company
Mivento IT Services
Date
July
Data Breached
Social ID Number, name, surname, e-mail and phone number
Use of 3rd Party
Isuzu dealer
3rd-party Company
Mivento IT Services
Date
July
Company
Vodafone Turkey
Data Breached
Social ID Number, name, surname, e-mail and phone number
Use of 3rd Party
Mobile telecommunication company
3rd-party Company
Mivento IT Services
Date
July
Company
Vestel
Data Breached
Social ID Number, name, surname, e-mail and phone number
Use of 3rd Party
Company
3rd-party Company
Mivento IT Services
Date
June
Company
Vecino Health Centers, TX
Data Breached
Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party
Health Insurance
3rd-party Company
Ipswitch, Inc.
Date
June
Company
Milliman Solutions
Data Breached
Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party
Insurance company
3rd-party Company
Ipswitch, Inc.
Date
July
Company
Postbank
Data Breached
PII
Use of 3rd Party
Deutsche Post’s financial institution
3rd-party Company
Majorel
Date
June
Company
Harris County Hospital District
Data Breached
Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party
Hospital District
3rd-party Company
Ipswitch, Inc.
Date
July
Company
ING
Data Breached
PII
Use of 3rd Party
Financial services corporation
3rd-party Company
Majorel
Date
June
Company
Pôle emploi
Data Breached
Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party
Government agency
3rd-party Company
Ipswitch, Inc.
Date
June
Data Breached
Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party
Insurance company
3rd-party Company
Ipswitch, Inc.
Date
June
Data Breached
Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party
Medical center
3rd-party Company
Ipswitch, Inc.
Date
July
Company
Comdirect
Data Breached
PII
Use of 3rd Party
Private banking company
3rd-party Company
Majorel
Date
July
Company
Deutsche Bank
Data Breached
PII
Use of 3rd Party
Investment banking company
3rd-party Company
Majorel
Date
June
Company
Majorel
Data Breached
Not disclosed for now
Use of 3rd Party
Call center
3rd-party Company
Ipswitch, Inc.
Date
June
Company
TJ Maxx
Data Breached
Protected health and personal information could include first and last names, Social Security numbers, dates of birth, home addresses, medical conditions and diagnoses, and disability codes.
Use of 3rd Party
Department store chain
3rd-party Company
Ipswitch, Inc.
Date
June
Data Breached
Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party
Healthcare company
3rd-party Company
Ipswitch, Inc.
Date
June
Data Breached
Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party
Healthcare company
3rd-party Company
Ipswitch, Inc.
Date
June
Company
Shutterfly
Data Breached
Protected health and personal information could include first and last names, Social Security numbers, dates of birth, home addresses, medical conditions and diagnoses, and disability codes.
Use of 3rd Party
Company
3rd-party Company
Ipswitch, Inc.
Date
June
Company
Allegheny County
Data Breached
Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party
County
3rd-party Company
Ipswitch, Inc.
Date
June
Data Breached
Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party
Healthcare company
3rd-party Company
Ipswitch, Inc.
Date
June
Company
VNS Health Plans, NY
Data Breached
Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party
Healthcare company
3rd-party Company
Ipswitch, Inc.
Date
June
Company
Sutter Senior Care
Data Breached
Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party
Adult day care center
3rd-party Company
Ipswitch, Inc.
Date
June
Company
Alogent
Data Breached
Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party
Document imaging company
3rd-party Company
Ipswitch, Inc.
Date
June
Data Breached
Protected health and personal information could include first and last names, Social Security numbers, dates of birth, home addresses, medical conditions and diagnoses, and disability codes.
Use of 3rd Party
County government
3rd-party Company
Ipswitch, Inc.
Date
June
Company
TomTom
Data Breached
Protected health and personal information could include first and last names, Social Security numbers, dates of birth, home addresses, medical conditions and diagnoses, and disability codes.
Use of 3rd Party
Technology company
3rd-party Company
Ipswitch, Inc.
Date
June
Company
Colorado State University
Data Breached
Protected health and personal information could include first and last names, Social Security numbers, dates of birth, home addresses, medical conditions and diagnoses, and disability codes.
Use of 3rd Party
Land-grant university
3rd-party Company
Ipswitch, Inc.
Date
June
Company
Dublin Airport
Data Breached
Not disclosed for now
Use of 3rd Party
Airport
3rd-party Company
Aon
Date
June
Company
PlainsCapital Bank
Data Breached
Protected health and personal information could include first and last names, Social Security numbers, dates of birth, home addresses, medical conditions and diagnoses, and disability codes.
Use of 3rd Party
Largest independent banks in Texas
3rd-party Company
Ipswitch, Inc.
Date
June
Company
Aon
Data Breached
Not disclosed for now
Use of 3rd Party
Management consulting company
3rd-party Company
Ipswitch, Inc.
Date
June
Company
Siemens Energy
Data Breached
Protected health and personal information could include first and last names, Social Security numbers, dates of birth, home addresses, medical conditions and diagnoses, and disability codes.
Use of 3rd Party
Company
3rd-party Company
Ipswitch, Inc.
Date
June
Data Breached
Name, Social Security number and other personal information.
Use of 3rd Party
Government agency
3rd-party Company
PBI Research Services (PBI)
Date
June
Company
Wilton Reassurance
Data Breached
Name, Social Security number and other personal information.
Use of 3rd Party
Insurance company
3rd-party Company
PBI Research Services (PBI)
Date
June
Company
Genworth Financial, Inc.
Data Breached
Name, Social Security number and other personal information.
Use of 3rd Party
Life insurance company
3rd-party Company
PBI Research Services (PBI)
Date
June
Company
PBI Research Services (PBI)
Data Breached
Full name,
Date of birth,
Social security number,
Zip code,
State of residence,
Policy number
Agent ID (for agents)
Use of 3rd Party
Information services
3rd-party Company
Ipswitch, Inc.
Date
June
Data Breached
Full name,
Date of birth,
Social security number,
Zip code,
State of residence,
Policy number
Agent ID (for agents)
Use of 3rd Party
Local department of social services
3rd-party Company
Ipswitch, Inc.
Date
June
Data Breached
Full name,
Date of birth,
Social security number,
Zip code,
State of residence,
Policy number
Agent ID (for agents)
Use of 3rd Party
Government agency
3rd-party Company
Ipswitch, Inc.
Date
June
Company
US Agriculture Department
Data Breached
Full name,
Date of birth,
Social security number,
Zip code,
State of residence,
Policy number
Agent ID (for agents)
Use of 3rd Party
Federal agency
3rd-party Company
Ipswitch, Inc.
Date
June
Company
Royal Canadian Mounted Police
Data Breached
Full name,
Date of birth,
Social security number,
Zip code,
State of residence,
Policy number
Agent ID (for agents)
Use of 3rd Party
Government department
3rd-party Company
Ipswitch, Inc.
Date
June
Data Breached
Full name,
Date of birth,
Social security number,
Zip code,
State of residence,
Policy number
Agent ID (for agents)
Use of 3rd Party
Government department
3rd-party Company
Ipswitch, Inc.
Date
June
Company
Metro Vancouver Transit Police
Data Breached
Full name,
Date of birth,
Social security number,
Zip code,
State of residence,
Policy number
Agent ID (for agents)
Use of 3rd Party
Police department
3rd-party Company
Ipswitch, Inc.
Date
June
Company
CoxHealth
Data Breached
Names, addresses, medical billing and insurance information, certain medical information and demographic information such as date of birth and Social Security numbers, UPMC said in a statement.
Use of 3rd Party
Not-for-profit health system
3rd-party Company
Intellihartx LLC
Date
June
Data Breached
Names, addresses, medical billing and insurance information, certain medical information and demographic information such as date of birth and Social Security numbers, UPMC said in a statement.
Use of 3rd Party
International health care leader
3rd-party Company
Intellihartx LLC
Date
June
Company
Intellihartx LLC
Data Breached
Name, address, medical billing and insurance information, certain medical information such as diagnoses and medication, and demographic information such as date of birth and Social Security number.
Use of 3rd Party
Call center
3rd-party Company
GoAnywhere MFT
Date
June
Company
Exeter Finance
Data Breached
Physical address, Social Security number, account number and account status
Use of 3rd Party
Premier auto finance company
3rd-party Company
NCB Management Services, Inc.
Date
June
Company
Pathward National Association
Data Breached
Physical address, Social Security number, account number and account status
Use of 3rd Party
Retail banking company
3rd-party Company
NCB Management Services, Inc.
Date
June
Company
IBank of America
Data Breached
Physical address, Social Security number, account number and account status
Use of 3rd Party
Investment bank
3rd-party Company
NCB Management Services, Inc.
Date
June
Company
Capital One
Data Breached
Physical address, Social Security number, account number and account status
Use of 3rd Party
Bank holding company
3rd-party Company
NCB Management Services, Inc.
Date
June
Data Breached
Social Security Numbers and employee ID numbers (not necessarily for all impacted individuals; for example, approximately 9,000 Social Security Numbers were included)
Use of 3rd Party
Government department
3rd-party Company
Ipswitch, Inc.
Date
June
Company
Southwest Airlines
Data Breached
Name and Social Security number, driver’s license number, passport number, date of birth, Airman Certificate number, and other government-issued identification number(s)
Use of 3rd Party
World’s largest low-cost carrier.
3rd-party Company
Pilot Credentials
Date
June
Company
American Airlines
Data Breached
Name and Social Security number, driver’s license number, passport number, date of birth, Airman Certificate number, and other government-issued identification number(s)
Use of 3rd Party
Major US-based airline headquartered
3rd-party Company
Pilot Credentials
Date
June
Data Breached
Not disclosed for now
Use of 3rd Party
Government agency
3rd-party Company
HWL Ebsworth Lawyers
Date
June
Data Breached
Names,
Address,
Social Security Number,
Birth date,
Height,
Eye Color,
Driver’s License Number,
Vehicle Registration Information,
Handicap Placard Information
Use of 3rd Party
Department of motor vehicles
3rd-party Company
Ipswitch, Inc.
Date
June
Data Breached
Names,
Address,
Social Security Number,
Birth date,
Height,
Eye Color,
Driver’s License Number,
Vehicle Registration Information,
Handicap Placard Information
Use of 3rd Party
Accessible information and services to OMV needs company.
3rd-party Company
Ipswitch, Inc.
Date
June
Company
DHL
Data Breached
Not disclosed for now
Use of 3rd Party
Logistics company providing courier, package delivery and express mail services
3rd-party Company
Ipswitch, Inc.
Date
June
Company
Transport for London
Data Breached
Not disclosed for now
Use of 3rd Party
Transport for London is a local government body responsible for most of the transport network
3rd-party Company
Ipswitch, Inc.
Date
June
Company
Ernst & Young (EY)
Data Breached
Not disclosed for now
Use of 3rd Party
Certified public accountant
3rd-party Company
Ipswitch, Inc.
Date
June
Company
Health Service Ireland (HSE)
Data Breached
Not disclosed for now
Use of 3rd Party
Advice Services
3rd-party Company
Ipswitch, Inc.
Date
June
Company
Extreme Networks
Data Breached
Not disclosed for now
Use of 3rd Party
American networking company
3rd-party Company
Ipswitch, Inc.
Date
June
Company
State of Missouri
Data Breached
Not disclosed for now
Use of 3rd Party
State
3rd-party Company
Ipswitch, Inc.
Date
June
Data Breached
Not disclosed for now
Use of 3rd Party
Education Department
3rd-party Company
Ipswitch, Inc.
Date
June
Company
The University of Rochester
Data Breached
Not disclosed for now
Use of 3rd Party
University
3rd-party Company
Ipswitch, Inc.
Date
June
Data Breached
Not disclosed for now
Use of 3rd Party
Thirteen provinces and territories
3rd-party Company
Ipswitch, Inc.
Date
June
Company
Boots
Data Breached
Not disclosed for now
Use of 3rd Party
UK Limited, trading as Boots
3rd-party Company
Ipswitch, Inc.
Date
June
Company
Aer Lingus
Data Breached
Not disclosed for now
Use of 3rd Party
Flag carrier
3rd-party Company
Ipswitch, Inc.
Date
June
Company
British Airways
Data Breached
Not disclosed for now
Use of 3rd Party
Flag carrier
3rd-party Company
Ipswitch, Inc.
Date
June
Company
BBC
Data Breached
Not disclosed for now
Use of 3rd Party
Broadcasting company
3rd-party Company
Ipswitch, Inc.
Date
June
Company
Ofcom
Data Breached
Not disclosed for now
Use of 3rd Party
Government office
3rd-party Company
Ipswitch, Inc.
Date
May
Company
Paramount Health Care
Data Breached
Names, addresses, and Social Security numbers.
Use of 3rd Party
Health company
3rd-party Company
NationsBenefits Holding, LLC
Date
May
Company
VCU Health System
Data Breached
Names, addresses, and Social Security numbers.
Use of 3rd Party
Academic medical center
3rd-party Company
Credit Control Corporation
Date
May
Company
Valley Health System
Data Breached
Names, addresses, and Social Security numbers.
Use of 3rd Party
Regional healthcare system
3rd-party Company
Credit Control Corporation
Date
May
Company
UVA Health System
Data Breached
Names, addresses, and Social Security numbers.
Use of 3rd Party
Hospital
3rd-party Company
Credit Control Corporation
Date
May
Data Breached
Names, addresses, and Social Security numbers.
Use of 3rd Party
Medical clinic
3rd-party Company
Credit Control Corporation
Date
May
Company
Sentara Health System
Data Breached
Names, addresses, and Social Security numbers.
Use of 3rd Party
Integrated, not-for-profit health network serving
3rd-party Company
Credit Control Corporation
Date
May
Company
Riverside Health System
Data Breached
Names, addresses, and Social Security numbers.
Use of 3rd Party
Integrated, not-for-profit health network serving
3rd-party Company
Credit Control Corporation
Date
May
Data Breached
Names, addresses, and Social Security numbers.
Use of 3rd Party
Dermatology Services
3rd-party Company
Credit Control Corporation
Date
May
Company
Medical Center Radiology
Data Breached
Names, addresses, and Social Security numbers.
Use of 3rd Party
Radiology Center
3rd-party Company
Credit Control Corporation
Date
May
Company
Mary Washington Healthcare
Data Breached
Names, addresses, and Social Security numbers.
Use of 3rd Party
Award-winning, non-profit healthcare system
3rd-party Company
Credit Control Corporation
Date
May
Data Breached
Names, addresses, and Social Security numbers.
Use of 3rd Party
Medical group
3rd-party Company
Credit Control Corporation
Date
May
Company
Dominion Pathology Laboratories
Data Breached
Names, addresses, and Social Security numbers.
Use of 3rd Party
Medical laboratory
3rd-party Company
Credit Control Corporation
Date
May
Company
Children’s Specialty Group
Data Breached
Names, addresses, and Social Security numbers.
Use of 3rd Party
Multispecialty pediatric physician practice
3rd-party Company
Credit Control Corporation
Date
May
Data Breached
Names, addresses, and Social Security numbers.
Use of 3rd Party
Free-standing children’s hospital
3rd-party Company
Credit Control Corporation
Date
May
Data Breached
Names, addresses, and Social Security numbers.
Use of 3rd Party
Medical services
3rd-party Company
Credit Control Corporation
Date
May
Company
Chesapeake Radiology
Data Breached
Names, addresses, and Social Security numbers.
Use of 3rd Party
Radiology services
3rd-party Company
Credit Control Corporation
Date
May
Company
Bayview Physicians Group
Data Breached
Names, addresses, and Social Security numbers.
Use of 3rd Party
Medical services
3rd-party Company
Credit Control Corporation
Date
May
Company
Atlantic Orthopaedic Specialists
Data Breached
Names, addresses, and Social Security numbers.
Use of 3rd Party
Orthopedic services
3rd-party Company
Credit Control Corporation
Date
May
Company
Discord
Data Breached
User email addresses, contents of customer service messages, and attachments
Use of 3rd Party
VoIP and instant messaging social platform.
3rd-party Company
Zendesk
Date
May
Company
Whitman College
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Liberal arts college
3rd-party Company
Brightline Health
Date
May
Company
Washington Trust Bank
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Bank
3rd-party Company
Brightline Health
Date
May
Company
Walla Walla University
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
University
3rd-party Company
Brightline Health
Date
May
Company
VERTEX
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Biotech company
3rd-party Company
Brightline Health
Date
May
Company
University of Alaska
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
University
3rd-party Company
Brightline Health
Date
May
Company
Undead Labs
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Video game developer
3rd-party Company
Brightline Health
Date
May
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
University
3rd-party Company
Brightline Health
Date
May
Company
Tanana Chiefs Conference
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Non-profit organization
3rd-party Company
Brightline Health
Date
May
Company
Symetra Life Insurance Company
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Insurance Company
3rd-party Company
Brightline Health
Date
May
Company
Spokane Teachers Credit Union
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Bank
3rd-party Company
Brightline Health
Date
May
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Landmark
3rd-party Company
Brightline Health
Date
May
Company
SOUTH SHORE HEALTH
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Independent non-profit health system
3rd-party Company
Brightline Health
Date
May
Company
SolstenXP, Inc.
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Engineering consultant
3rd-party Company
Brightline Health
Date
May
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Association
3rd-party Company
Brightline Health
Date
May
Company
Seagen Inc.
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Biotechnology company
3rd-party Company
Brightline Health
Date
May
Company
Rail Management Services
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Transportation service
3rd-party Company
Brightline Health
Date
May
Company
Pyrotek Inc
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Consulting services
3rd-party Company
Brightline Health
Date
May
Company
PND Engineers, Inc.
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Civil engineering company
3rd-party Company
Brightline Health
Date
May
Company
Oberto Snacks Inc.
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Manufacturing company
3rd-party Company
Brightline Health
Date
May
Company
Northwest Cascade, Inc.
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
General contractor
3rd-party Company
Brightline Health
Date
May
Company
Nintendo of America Inc.
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Computer game developer
3rd-party Company
Brightline Health
Date
May
Company
Municipality of Anchorage
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
City
3rd-party Company
Brightline Health
Date
May
Company
MIIA
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Internet Service Providers
3rd-party Company
Brightline Health
Date
May
Company
Manke Lumber Company Inc.
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Lumber store
3rd-party Company
Brightline Health
Date
May
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Mechanical contractor
3rd-party Company
Brightline Health
Date
May
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Food products supplier
3rd-party Company
Brightline Health
Date
May
Company
KPMG LLP
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
International Limited is a multinational professional services network
3rd-party Company
Brightline Health
Date
May
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
School district
3rd-party Company
Brightline Health
Date
May
Company
Keller Supply
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Plumbing supply store
3rd-party Company
Brightline Health
Date
May
Company
IUOE
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Trade union
3rd-party Company
Brightline Health
Date
May
Company
Insitu, Inc.
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Company that designs, develops and manufactures unmanned aerial systems.
3rd-party Company
Brightline Health
Date
May
Company
Intel
Data Breached
Source code
Use of 3rd Party
Semiconductor corporation
3rd-party Company
Micro Star International (MSI)
Date
May
Company
Kibble Equipment
Data Breached
Sensitive personal identifiable information
Use of 3rd Party
Commercial products
3rd-party Company
Razor Consulting Solutions
Date
May
Data Breached
Name, address, claim number, dates of service, the last four digits of their Medicare Beneficiary number, and service/procedure descriptions with billing codes.
Use of 3rd Party
Federal agency
3rd-party Company
Palmetto GBA
Date
May
Data Breached
Names, addresses, telephone numbers, email addresses, dates of birth and national insurance numbers.
Use of 3rd Party
Government district
3rd-party Company
Evide Impact Limited
Date
May
Company
Coles
Data Breached
Employee details
Use of 3rd Party
Supermarket company
3rd-party Company
Latitude Financial Services
Date
May
Company
Queensway Carleton Hospital
Data Breached
Name, gender, date of birth, marital status and mother tongue; home addresses, phone numbers, and email addresses; OHIP numbers; insurance policy numbers; health care providers; patient ID numbers; patient visit ID numbers; scheduled surgical dates; past medical history and procedure description.
Use of 3rd Party
Hospital
3rd-party Company
Aetonix Systems Inc.
Date
May
Company
Cornerstone Home Lending
Data Breached
Name, address, loan number, and bank account information.
Use of 3rd Party
Home lending
3rd-party Company
Unknown
Date
May
Company
Cornerstone Home Lending
Data Breached
Name, address, loan number, and bank account information.
Use of 3rd Party
Home lending
3rd-party Company
Unknown
Date
May
Company
Stanford University
Data Breached
Names, contact information, member IDs, dates of birth and coverage information.
Use of 3rd Party
University
3rd-party Company
Brightline Health
Date
May
Company
Stanford Medicine Partners
Data Breached
Names, contact information, member IDs, dates of birth and coverage information.
Use of 3rd Party
HealthCare Alliance
3rd-party Company
Brightline Health
Date
May
Data Breached
Names, contact information, member IDs, dates of birth and coverage information.
Use of 3rd Party
Children’s Health
3rd-party Company
Brightline Health
Date
May
Company
Stanford Health Care Tri-Valley
Data Breached
Names, contact information, member IDs, dates of birth and coverage information.
Use of 3rd Party
Hospital
3rd-party Company
Brightline Health
Date
May
Company
Razor Consulting Solutions
Data Breached
Sensitive information.
Use of 3rd Party
Consultant
3rd-party Company
Rackspace Cloud
Date
May
Data Breached
Names, addresses, dates of birth, Social Security numbers, insurance information, medical diagnosis and medications.
Use of 3rd Party
Medical
3rd-party Company
Community Health Systems
Date
May
Company
Medical Center Enterprise (Ala.)
Data Breached
Names, addresses, dates of birth, Social Security numbers, insurance information, medical diagnosis and medications.
Use of 3rd Party
Medical center
3rd-party Company
Community Health Systems
Date
May
Data Breached
Names, addresses, dates of birth, Social Security numbers, insurance information, medical diagnosis and medications.
Use of 3rd Party
Medical center
3rd-party Company
Community Health Systems
Date
May
Company
Flowers Hospital
Data Breached
Names, addresses, dates of birth, Social Security numbers, insurance information, medical diagnosis and medications.
Use of 3rd Party
Medical
3rd-party Company
Community Health Systems
Date
May
Company
Crestwood Medical Center
Data Breached
Names, addresses, dates of birth, Social Security numbers, insurance information, medical diagnosis and medications.
Use of 3rd Party
Medical center
3rd-party Company
Community Health Systems
Date
May
Company
Grandview Medical Center
Data Breached
Names, addresses, dates of birth, Social Security numbers, insurance information, medical diagnosis and medications.
Use of 3rd Party
Medical center
3rd-party Company
Community Health Systems
Date
May
Company
Webster Bank
Data Breached
Names, Social Security numbers and financial account information.
Use of 3rd Party
Commercial banking company
3rd-party Company
Guardian Analytics, Inc.
Date
May
Company
Iowa Medicaid
Data Breached
Names, addresses, diagnoses and treatment information, insurance carrier information, and insurance subscriber identification numbers.
Use of 3rd Party
Health and Human Services
3rd-party Company
Telligen, Inc.
Date
April
Company
Santa Clara Family Health Plan
Data Breached
Names, demographic information, health insurance numbers, Social Security numbers, dates of service, phone numbers, and provider names.
Use of 3rd Party
Health insurance agency
3rd-party Company
GoAnywhere MFT
Date
April
Company
NationsBenefits Holding, LLC
Data Breached
First and last name, address, phone number, date of birth, gender, health plan subscriber ID number, Social Security number, and/or Medicare number.
Use of 3rd Party
Supplemental benefits company
3rd-party Company
GoAnywhere MFT
Date
April
Company
Brightline Health
Data Breached
Consumers’ names, addresses, member IDs, dates of birth, phone numbers, employers’ names and group ID numbers, and coverage start/end dates. After confirming that consumer data
Use of 3rd Party
Technology-enabled behavioral health home
3rd-party Company
GoAnywhere MFT
Date
April
Company
Aerospace Asset Trading, LLC
Data Breached
Not disclosed for now
Use of 3rd Party
Aircraft supply store
3rd-party Company
100X, Inc
Date
April
Data Breached
Not disclosed for now
Use of 3rd Party
Low-cost insurance coverage for children and teens
3rd-party Company
Independent Living Systems
Date
April
Company
Aerocor Engine Group, LLC
Data Breached
Not disclosed for now
Use of 3rd Party
Aviation consultant
3rd-party Company
100X, Inc
Date
April
Company
Freedom Air Industries Inc
Data Breached
Not disclosed for now
Use of 3rd Party
Transportation service
3rd-party Company
100X, Inc
Date
April
Data Breached
Not disclosed for now
Use of 3rd Party
Composite and metal repairs services company
3rd-party Company
100X, Inc
Date
April
Company
AMP Aero Services
Data Breached
Not disclosed for now
Use of 3rd Party
Aircraft supply store
3rd-party Company
100X, Inc
Date
April
Company
Miami Aircraft Structures, Inc
Data Breached
Not disclosed for now
Use of 3rd Party
Aircraft maintenance company
3rd-party Company
100X, Inc
Date
April
Company
JetStream Capital, LLC
Data Breached
Not disclosed for now
Use of 3rd Party
Financial planner
3rd-party Company
100X, Inc
Date
April
Company
Sonic Aircraft Components, LLC
Data Breached
Not disclosed for now
Use of 3rd Party
Florida Limited Liability company
3rd-party Company
100X, Inc
Date
April
Company
Sal Aerospace Technologies, Inc
Data Breached
Not disclosed for now
Use of 3rd Party
Aviation engineering company
3rd-party Company
100X, Inc
Date
April
Company
NexGen Aero, LLC
Data Breached
Not disclosed for now
Use of 3rd Party
Aircraft supply store
3rd-party Company
100X, Inc
Date
April
Company
Encore Optical Laboratories LLC
Data Breached
Not disclosed for now
Use of 3rd Party
Eye care center
3rd-party Company
100X, Inc
Date
April
Company
Gearup Aviation Solutions, LLC
Data Breached
Not disclosed for now
Use of 3rd Party
Aviation asset trading company
3rd-party Company
100X, Inc
Date
April
Company
Brickell Asset Management
Data Breached
Not disclosed for now
Use of 3rd Party
Commercial company
3rd-party Company
100X, Inc
Date
April
Data Breached
Not disclosed for now
Use of 3rd Party
Airlines and Aviation company
3rd-party Company
100X, Inc
Date
March
Company
Blue Shield of California
Data Breached
Former employees data
Use of 3rd Party
Software vendor
3rd-party Company
GoAnywhere MFT
Date
March
Company
Saks Fifth Avenue
Data Breached
Former employees data
Use of 3rd Party
Software vendor
3rd-party Company
GoAnywhere MFT
Date
March
Company
Pension Protection Fund
Data Breached
Former employees data
Use of 3rd Party
Software vendor
3rd-party Company
GoAnywhere MFT
Date
March
Company
Virgin Group
Data Breached
Former employees data
Use of 3rd Party
Software vendor
3rd-party Company
GoAnywhere MFT
Date
March
Company
City of Toronto
Data Breached
Former employees data
Use of 3rd Party
Software vendor
3rd-party Company
GoAnywhere MFT
Date
March
Company
Tasmanian Government
Data Breached
Former employees data
Use of 3rd Party
Software vendor
3rd-party Company
GoAnywhere MFT
Date
March
Data Breached
Customer data
Use of 3rd Party
Software vendor
3rd-party Company
Nebu BV
Date
March
Company
De Nederlandse Spoorwegen
Data Breached
Customer data
Use of 3rd Party
Software vendor
3rd-party Company
Nebu BV
Date
March
Company
Ervoersbedrijf Trevvel
Data Breached
Customer data
Use of 3rd Party
Software vendor
3rd-party Company
Nebu BV
Date
March
Company
Health and safety body ArboNed
Data Breached
Customer data
Use of 3rd Party
Software vendor
3rd-party Company
Nebu BV
Date
March
Company
Nederlandse Golf Federatie
Data Breached
Customer data
Use of 3rd Party
Software vendor
3rd-party Company
Nebu BV
Date
March
Company
Marktonderzoeker USP
Data Breached
Customer data
Use of 3rd Party
Software vendor
3rd-party Company
Nebu BV
Date
March
Company
Health care provider CZ
Data Breached
Customer data
Use of 3rd Party
Software vendor
3rd-party Company
Nebu BV
Date
March
Company
Heineken
Data Breached
Customer data
Use of 3rd Party
Software vendor
3rd-party Company
Nebu BV
Date
March
Company
VodafoneZiggo
Data Breached
Customer data
Use of 3rd Party
Software vendor
3rd-party Company
Nebu BV
Date
March
Data Breached
Students’ credit and debit card information
Use of 3rd Party
Software vendor
3rd-party Company
AudienceView
Date
March
Company
Uber
Data Breached
Private driver data
Use of 3rd Party
Mid-size law firm
3rd-party Company
Genova Burns
Date
March
Company
Hatch Bank
Data Breached
Sensitive data
Use of 3rd Party
Software vendor
3rd-party Company
GoAnywhere MFT
Date
March
Company
Rubrik
Data Breached
Sensitive data
Use of 3rd Party
Software vendor
3rd-party Company
GoAnywhere MFT
Date
March
Company
Investissement Québec
Data Breached
Sensitive data
Use of 3rd Party
Software vendor
3rd-party Company
GoAnywhere MFT
Date
March
Company
Rio Tinto Group
Data Breached
Sensitive data
Use of 3rd Party
Software vendor
3rd-party Company
GoAnywhere MFT
Date
March
Company
Hitachi Energy
Data Breached
Sensitive data
Use of 3rd Party
Software vendor
3rd-party Company
GoAnywhere MFT
Date
March
Company
National Basketball Association
Data Breached
Names and email addresses
Use of 3rd Party
Email marketing vendor
3rd-party Company
Unknown
Date
March
Company
SpaceX
Data Breached
3,000 drawings
Use of 3rd Party
Laser cutting service
3rd-party Company
Maximum Industries
Date
March
Company
AT&T
Data Breached
Wireless accounts was exposed
Use of 3rd Party
Telecommunications company
3rd-party Company
Unknown
Date
February
Company
Community Health Systems
Data Breached
Customer data was not compromised
Use of 3rd Party
Software vendor
3rd-party Company
GoAnywhere MFT
Date
February
Company
Boost Mobile
Data Breached
Employees, customers, business, operations or financial information
Use of 3rd Party
Satellite television company
3rd-party Company
DISH Network Corporation
Date
February
Company
Sling TV
Data Breached
Employees, customers, business, operations or financial information
Use of 3rd Party
Satellite television company
3rd-party Company
DISH Network Corporation
Date
February
Company
Applied Materials
Data Breached
Names, email addresses, phone numbers, protected health information and insurance information
Use of 3rd Party
Media vendor
3rd-party Company
Rise Interactive
Date
February
Company
Edgepark Medical
Data Breached
Names, email addresses, phone numbers, protected health information and insurance information
Use of 3rd Party
Media vendor
3rd-party Company
Rise Interactive
Date
February
Company
Sharp HealthCare
Data Breached
Patient names, internal Sharp identification numbers and/or invoice numbers, payment amounts, and the names of the Sharp facilities receiving the payments.
Use of 3rd Party
Regional health care group
3rd-party Company
Unknown
Date
February
Company
Atlassian
Data Breached
Email addresses, phone numbers, names
Use of 3rd Party
Office functions vendor
3rd-party Company
Envoy
Date
February
Company
Community Health Systems
Data Breached
Personal and health information
Use of 3rd Party
Software vendor
3rd-party Company
GoAnywhere
Date
January
Data Breached
Names, Social Security numbers, financial account information, dates of birth, and protected health information
Use of 3rd Party
Software vendor
3rd-party Company
Diligent Corporation
Date
January
Company
Solana Foundation
Data Breached
Name, URL, address, and email address
Use of 3rd Party
Email marketing vendor
3rd-party Company
MailChimp
Date
January
Company
Yuga Labs
Data Breached
Name, URL, address, and email address
Use of 3rd Party
Email marketing vendor
3rd-party Company
MailChimp
Date
January
Company
WooCommerce
Data Breached
Name, URL, address, and email address
Use of 3rd Party
Email marketing vendor
3rd-party Company
MailChimp
Date
January
Company
FanDuels
Data Breached
Email addresses and names of customers, or potential customers, that are used to send marketing emails
Use of 3rd Party
Email marketing vendor
3rd-party Company
MailChimp
Date
January
Company
Nissan North America
Data Breached
Full names, dates of birth, and NMAC account numbers
Use of 3rd Party
Automotive industry company
3rd-party Company
Unknown
Date
January
Company
Datadog
Data Breached
Signing keys and its passphrase
Use of 3rd Party
Software vendor
3rd-party Company
CircleCI
Date
January
Company
KLM
Data Breached
Names, email addresses, phone numbers, latest transactions, and Flying Blue information
Use of 3rd Party
Loyalty program
3rd-party Company
Flying Blue
Date
January
Company
Air France
Data Breached
Names, email addresses, phone numbers, latest transactions, and Flying Blue information
Use of 3rd Party
Loyalty program
3rd-party Company
Flying Blue
2022 Data leaks
Data Leaks for 2022
Date
Company
Data Breached
Use of 3rd Party
3rd-party Company
Date
July
Company
Westchester Gardens
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Retirement community
3rd-party Company
Infinity Rehab
Date
July
Company
Village Health & Rehab
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Rehabilitation center
3rd-party Company
Infinity Rehab
Date
July
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Apartment building
3rd-party Company
Infinity Rehab
Date
July
Company
St Anthony Health Center
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Doctor in Newcastle
3rd-party Company
Infinity Rehab
Date
July
Company
Riverside Health & Rehab
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Nursing home
3rd-party Company
Infinity Rehab
Date
July
Company
Hillside Health & Rehab
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Nursing home
3rd-party Company
Infinity Rehab
Date
July
Company
Gardens at Terracina
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Rehabilitation center
3rd-party Company
Infinity Rehab
Date
July
Company
Discovery Care Center
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Adult day care center
3rd-party Company
Infinity Rehab
Date
July
Company
Able Palms Home Health
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Able Palms Home Health
3rd-party Company
Infinity Rehab
Date
July
Company
Prospera Sunset Drive
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Nursing home
3rd-party Company
Infinity Rehab
Date
July
Company
Prospera St Vincent’s
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Nursing home
3rd-party Company
Infinity Rehab
Date
July
Company
Prospera Miller Pointe
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Rehabilitation center
3rd-party Company
Infinity Rehab
Date
July
Company
Prospera Augusta Place
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Retirement community
3rd-party Company
Infinity Rehab
Date
July
Company
Fairlawn Good Samaritan
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Physical therapist
3rd-party Company
Infinity Rehab
Date
July
Company
Someren Glen
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Retirement home
3rd-party Company
Infinity Rehab
Date
July
Company
Holly Creek Retirement Community
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Retirement community
3rd-party Company
Infinity Rehab
Date
July
Company
Clermont Park
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Rehabilitation center
3rd-party Company
Infinity Rehab
Date
July
Company
Secora Rehab of Cascadia
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Nursing home
3rd-party Company
Infinity Rehab
Date
July
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Nursing home
3rd-party Company
Infinity Rehab
Date
July
Company
Brookfield Rehab of Cascadia
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Nursing home
3rd-party Company
Infinity Rehab
Date
July
Company
Bethany at Silver Lake
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Nursing home
3rd-party Company
Infinity Rehab
Date
July
Company
Bethany at Pacific
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Rehabilitation center
3rd-party Company
Infinity Rehab
Date
October
Data Breached
Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare IDs, and health information such as treatment and diagnosis information
Use of 3rd Party
Healthcare practice
3rd-party Company
Not disclosed
Date
September
Company
Anthem MaineHealth
Data Breached
Names, Social Security numbers, addresses, dates of birth, phone numbers, email addresses, Medicare ID numbers, Medicaid ID numbers and health plan carrier names.
Use of 3rd Party
Health insurance company
3rd-party Company
Alight.com (Choice Health prev)
Date
September
Company
Humana
Data Breached
Customers’ first and last names, Social Security numbers, Medicare beneficiary identification numbers, dates of birth, addresses, contact information and health insurance information
Use of 3rd Party
Health insurance company
3rd-party Company
Alight.com (Choice Health prev)
Date
August
Data Breached
Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party
Medical clinic
3rd-party Company
Not disclosed
Date
August
Data Breached
Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party
Medical clinic
3rd-party Company
Not disclosed
Date
August
Data Breached
Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party
Medical clinic
3rd-party Company
Not disclosed
Date
August
Company
Bronx Anesthesia Services PC
Data Breached
Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party
Medical clinic
3rd-party Company
Not disclosed
Date
August
Data Breached
Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party
Medical clinic
3rd-party Company
Not disclosed
Date
August
Data Breached
Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party
Medical clinic
3rd-party Company
Not disclosed
Date
August
Company
Hazleton Anesthesia Services PC
Data Breached
Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party
Medical clinic
3rd-party Company
Not disclosed
Date
August
Company
Lynbrook Anesthesia Services PC
Data Breached
Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party
Medical clinic
3rd-party Company
Not disclosed
Date
August
Data Breached
Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party
Medical clinic
3rd-party Company
Not disclosed
Date
August
Data Breached
Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party
Medical clinic
3rd-party Company
Not disclosed
Date
August
Data Breached
Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party
Medical clinic
3rd-party Company
Not disclosed
Date
August
Company
FMC Services, LLC
Data Breached
Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party
Medical clinic
3rd-party Company
Not disclosed
Date
August
Data Breached
Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party
Medical clinic
3rd-party Company
Not disclosed
Date
August
Data Breached
Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party
Medical clinic
3rd-party Company
Not disclosed
Date
August
Company
Upstate Anesthesia Services PC
Data Breached
Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party
Medical clinic
3rd-party Company
Not disclosed
Date
July
Data Breached
Names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, medical record numbers, Medicaid/Medicare IDs, and health information, including diagnosis and treatment information
Use of 3rd Party
Health care organization
3rd-party Company
Not disclosed
Date
July
Company
Somnia, Inc.
Data Breached
Names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, medical record numbers, Medicaid/Medicare IDs, and health information, including diagnosis and treatment information
Use of 3rd Party
Health care organization
3rd-party Company
Not disclosed
Date
July
Data Breached
Names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, medical record numbers, Medicaid/Medicare IDs, and health information, including diagnosis and treatment information
Use of 3rd Party
Health care organization
3rd-party Company
Not disclosed
Date
July
Data Breached
Names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, medical record numbers, Medicaid/Medicare IDs, and health information, including diagnosis and treatment information
Use of 3rd Party
Health care organization
3rd-party Company
Not disclosed
Date
July
Data Breached
Names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, medical record numbers, Medicaid/Medicare IDs, and health information, including diagnosis and treatment information
Use of 3rd Party
Health care organization
3rd-party Company
Not disclosed
Date
July
Data Breached
Names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, medical record numbers, Medicaid/Medicare IDs, and health information, including diagnosis and treatment information
Use of 3rd Party
Health care organization
3rd-party Company
Not disclosed
Date
July
Data Breached
Names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, medical record numbers, Medicaid/Medicare IDs, and health information, including diagnosis and treatment information
Use of 3rd Party
Health care organization
3rd-party Company
Not disclosed
Date
July
Company
Primary Anesthesia Services
Data Breached
Names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, medical record numbers, Medicaid/Medicare IDs, and health information, including diagnosis and treatment information
Use of 3rd Party
Health care organization
3rd-party Company
Not disclosed
Date
July
Company
Somnia Pain Mgt of Kentucky
Data Breached
Names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, medical record numbers, Medicaid/Medicare IDs, and health information, including diagnosis and treatment information
Use of 3rd Party
Health care organization
3rd-party Company
Not disclosed
Date
December
Company
St. Luke’s Health
Data Breached
Names, birthdates, addresses, Social Security numbers, Medicaid numbers, service dates, and medical record numbers, clinical details
Use of 3rd Party
Texas-based St. Luke’s Health provider
3rd-party Company
Adelanto Healthcare Ventures
Date
December
Company
Sobeys
Data Breached
Not disclosed for now
Use of 3rd Party
The second largest supermarket chain
3rd-party Company
Empire Co.
Date
September
Company
Magento
Data Breached
Not disclosed for now
Use of 3rd Party
Open-source eCommerce platform
3rd-party Company
FishPig
Date
August
Company
Oklahoma Student Loan Authority
Data Breached
2.5M Student Loan Records
Use of 3rd Party
Servicing system and web portal provider
3rd-party Company
Nelnet Servicing
Date
August
Company
KeyBank
Data Breached
Names, mortgage information, phone numbers, property information, home insurance information and Social Security numbers
Use of 3rd Party
Insurance services vendor
3rd-party Company
Overby-Seawell
Date
August
Data Breached
Names, email addresses, delivery addresses, phone numbers,
payment card numbers, LastPass technical information and source code
Use of 3rd Party
Phone number verification services provider
3rd-party Company
Twilio
Date
August
Data Breached
Not disclosed for now
Use of 3rd Party
Software vendor
3rd-party Company
Not disclosed
Date
August
Company
Sturm, Ruger & Company
Data Breached
Names, shipping addresses, email addresses, credit and debit card numbers and expiration dates, security codes, and billing addresses
Use of 3rd Party
Shopping cart and payment processing services provider
3rd-party Company
Freestyle Solutions
Date
August
Company
Kiplepay Sdn Bhd
Data Breached
Not disclosed for now
Use of 3rd Party
Third-party payment gateway provider
3rd-party Company
Not disclosed
Date
August
Data Breached
Patients’ names, home addresses, dates of treatment, health plan numbers, and medical record numbers
Use of 3rd Party
Healthcare management services provider
3rd-party Company
Practice Resources, LLC
Date
August
Company
Signal
Data Breached
Phone numbers
Use of 3rd Party
Phone number verification services provider
3rd-party Company
Twilio
Date
August
Data Breached
Email addresses
Use of 3rd Party
Email marketing service provider
3rd-party Company
MailChimp
Date
August
Company
NHS
Data Breached
Not disclosed for now
Use of 3rd Party
IT provider
3rd-party Company
Advanced
Date
August
Company
Orange Business Services
Data Breached
Names, Social Security numbers, and birthdates of employees
Use of 3rd Party
Telecommunications service provider
3rd-party Company
Orange Silicon Valley
Date
August
Data Breached
Names, addresses, Social Security numbers, driver’s license numbers, government IDs, and medical information, such as treatment, diagnosis, and medical history
Use of 3rd Party
Ambulance billing services vendor
3rd-party Company
Intermedix Corporation
Date
July
Data Breached
Names, home addresses, email addresses, phone numbers and Social Security numbers
Use of 3rd Party
Servicing system and customer website portal provider
3rd-party Company
Nelnet Servicing
Date
July
Company
Sound Health and Wellness Trust
Data Breached
Social Security numbers, names, addresses, and unique ID numbers
Use of 3rd Party
Third-party administrator
3rd-party Company
Zenith American Solutions
Date
July
Company
Boeing Employees’ Credit Union
Data Breached
Names, addresses, account numbers, credit scores, and Social Security numbers
Use of 3rd Party
Printing vendor
3rd-party Company
Not disclosed
Date
July
Company
Celsius
Data Breached
Customer emails
Use of 3rd Party
Email delivery vendor
3rd-party Company
Customer.io
Date
July
Company
Toronto Symphony Orchestra
Data Breached
Names, email addresses, TSO Patron ID and information about TSO accounts (e.g. donor level, credit on account status, gift certificate status), personal information, demographic information (age range, gender, ethnicity), and opinions on the TSO
Use of 3rd Party
Mailing list provider
3rd-party Company
WordFly
Date
July
Data Breached
Dates of birth, Social Security numbers, health insurance and medical treatment information
Use of 3rd Party
Accounts receivable management solutions provider
3rd-party Company
Professional Finance Company
Date
July
Company
Arlington Skin
Data Breached
Names, addresses, dates of birth, diagnostic and treatment information, health insurance information, and Social Security numbers
Use of 3rd Party
VPN service provider
3rd-party Company
Virtual Private Network Solutions
Date
June
Data Breached
Names, dates of birth, addresses, Social Security numbers, driver’s license numbers, medical and treatment information, health insurance information, and billing information
Use of 3rd Party
Provider of revenue cycle management and other administrative services
3rd-party Company
Conifer Revenue Cycle Solutions
Date
June
Data Breached
Names, Social Security numbers, addresses, and some pension benefit information
Use of 3rd Party
Provider of digital and in-person total wellbeing solutions
3rd-party Company
LifeWorks US
Date
June
Data Breached
Names, Social Security numbers, addresses, phone numbers, driver’s license numbers, email addresses, dates of birth, medical record numbers, and health insurance information
Use of 3rd Party
Eye care software provider
3rd-party Company
EyeCare Leaders
Date
June
Company
OpenSea
Data Breached
Email addresses
Use of 3rd Party
Email delivery vendor
3rd-party Company
Customer.io
Date
June
Company
Colorado Springs Utilities
Data Breached
Customer names, addresses, account numbers, phone numbers, and email addresses
Use of 3rd Party
Third-party subcontractor
3rd-party Company
Not disclosed
Date
June
Company
Priority Health
Data Breached
Names, pharmacy and claim information, drug names, and prescription dates from certain prescriptions filled in 2012
Use of 3rd Party
Legal services provider
3rd-party Company
Warner Norcross & Judd
Date
May
Company
St. Luke’s
Data Breached
Patient names, insured names, addresses, phone numbers, ID numbers, dates of birth, last five digits of Social Security numbers, descriptions of services, billing amounts, outstanding balances, payment due dates, and status of the accounts
Use of 3rd Party
Billing services vendor
3rd-party Company
Kaye-Smith
Date
May
Company
EvergreenHealth
Data Breached
Patient names, dates of birth, medical record numbers, and treatment information
Use of 3rd Party
EMR provider
3rd-party Company
MyCare
Date
May
Company
K12 Schools in NY
Data Breached
Students’ grades and private messages with parents
Use of 3rd Party
Education software provider
3rd-party Company
Illuminate Education
Date
May
Company
Hospitals in Northern California
Data Breached
Names, Social Security numbers, dates of birth, addresses
Use of 3rd Party
Medi-Cal managed service provider
3rd-party Company
Partnership HealthPlan of California
Date
May
Company
Mangatoon
Data Breached
Names, email addresses, genders, social media account identities, auth tokens from social logins and salted MD5 password hashes
Use of 3rd Party
Search-powered solutions provider
3rd-party Company
Elasticsearch
Date
April
Data Breached
Names, PII, addresses, dates of birth, date of service, description of service, diagnosis codes, information provided as part of a health assessment, and member ID
Use of 3rd Party
Mailing and printing services vendor
3rd-party Company
OneTouchPoint
Date
April
Company
Sunwing Airlines
Data Breached
Not disclosed
Use of 3rd Party
Provider of solutions to the aviation industry
3rd-party Company
Airline Choice
Date
April
Company
Dis-Chem
Data Breached
First names, surnames, email addresses and cellphone numbers
Use of 3rd Party
Third-party service provider
3rd-party Company
Not disclosed
Date
March
Company
Central Maine Medical Center
Data Breached
Names, Social Security numbers, dates of birth, and medical or treatment details
Use of 3rd Party
Imaging and ambulatory surgical services provider
3rd-party Company
Shields Health Care Group Inc.
Date
March
Data Breached
Names, addresses, phone numbers, gender, dates of birth, medical codes, and Social Security numbers
Use of 3rd Party
Healthcare software provider
3rd-party Company
MCG Health
Date
March
Company
Rennline
Data Breached
Names, credit or debit card numbers, expiration dates, card verification codes (CVV), billing addresses, and transaction details
Use of 3rd Party
Software vendor
3rd-party Company
Freestyle Solutions
Date
March
Company
Okta
Data Breached
Employee credentials
Use of 3rd Party
Customer service provider
3rd-party Company
Sykes Enterprises
Date
March
Company
Okta customers
Data Breached
User credentials
Use of 3rd Party
Access & authentication management vendor
3rd-party Company
Okta
Date
March
Company
Highmark
Data Breached
Not disclosed
Use of 3rd Party
Printing and mailing vendor
3rd-party Company
Quantum Group
Date
March
Company
DataHEALTH
Data Breached
Names, addresses, phone numbers, Medical information, insurance information, dates of birth, payment information, and Social Security numbers.
Use of 3rd Party
Hosting & software vendor
3rd-party Company
Not disclosed
Date
March
Data Breached
Names, addresses, dates of birth, ages, phone numbers, Social Security numbers, and some Medicaid information
Use of 3rd Party
Healtcare vendor
3rd-party Company
Liberty of Oklahoma
Date
March
Company
Acro
Data Breached
Cardholder names, payment card numbers, dates of expiry, and security codes
Use of 3rd Party
Payment processing vendor
3rd-party Company
Not disclosed
Date
March
Company
Samsung, Qualcomm
Data Breached
Source code
Use of 3rd Party
Hardware contractor
3rd-party Company
Nvidia
Date
February
Company
Not disclosed
Data Breached
Names, dates of birth and Social Security numbers
Use of 3rd Party
Healthcare provider
3rd-party Company
Comprehensive Health Services
Date
February
Company
Fortune 500 companies
Data Breached
Names, addresses, Social Security numbers, birthdates, client identification numbers, medical diagnostic and treatment information, and health insurance information
Use of 3rd Party
Business service provider
3rd-party Company
Morley Companies
Date
February
Company
Internet Society
Data Breached
Names, emails, mailing addresses, and logins
Use of 3rd Party
Third-party vendor
3rd-party Company
Not disclosed
Date
February
Company
Oklahoma City Police Department
Data Breached
Victims’ last names, addresses, and health-related information
Use of 3rd Party
DNA research contractor
3rd-party Company
DNA Solutions Inc.
Date
February
Company
Memorial Health System
Data Breached
First names, last names, dates of birth, Social Security numbers, driver’s licenses numbers, financial information, health insurance information and treatment information
Use of 3rd Party
Software vendor
3rd-party Company
Advent Health Partners
Date
January
Data Breached
Names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Provider in therapy services
3rd-party Company
Infinity Rehab
Date
January
Data Breached
Names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Healthcare provider
3rd-party Company
Avamere Health Services
Date
January
Company
Entira Family Clinics
Data Breached
Names, addresses, Social Security numbers and medical histories
Use of 3rd Party
Hosting provider
3rd-party Company
Netgain
Date
January
Company
Government of South Australia
Data Breached
Names, dates of birth, addresses and tax file numbers
Use of 3rd Party
Payroll provider
3rd-party Company
Frontier Software
Date
January
Data Breached
Patient names, dates of birth, dates of service, provider names, Social Security numbers, driver’s license numbers, treatment information, and health insurance information
Use of 3rd Party
Technology vendor
3rd-party Company
Ciox Health
Date
January
Company
Red Cross
Data Breached
Not disclosed
Use of 3rd Party
Hosting provider
3rd-party Company
Not disclosed
2021 Data Leaks
Data Leaks for 2021
Date
Company
Data Breached
Use of 3rd Party
3rd-party Company
Date
November
Company
QRS Clients
Data Breached
Names, birth dates, addresses, Social Security numbers, portal usernames, medical treatment and diagnosis information, and patient identification numbers.
Use of 3rd Party
EHRS vendor
3rd-party Company
QRS
Date
October
Company
Anthem, Humana
Data Breached
First and last names, birth dates, phone numbers, member ID numbers, clinical data pertaining to kidney care services, and addresses.
Use of 3rd Party
IT vendor
3rd-party Company
PracticeMax
Date
October
Company
Fullerton Health
Data Breached
Names, identification numbers, and contact details, bank account details in “a few cases” and “certain limited health-related information”
Use of 3rd Party
Software vendor
3rd-party Company
Agape Connecting People
Date
October
Company
Durham Regional Government
Data Breached
Medical reports, complaints about medical treatment, and potential evidence in a criminal case
Use of 3rd Party
Software provider
3rd-party Company
Not disclosed
Date
September
Company
NRS
Data Breached
PII and biometrics
Use of 3rd Party
Slot machine operator
3rd-party Company
Dotty’s
Date
August
Data Breached
Policy holder names, addresses, birthdates, policy numbers, and other health insurance information
Use of 3rd Party
Administrative service vendor
3rd-party Company
Secure Administrative Solutions LLC
Date
August
Company
First Horizon Bank
Data Breached
200 online customer bank accounts
Use of 3rd Party
Software
3rd-party Company
Not disclosed
Date
August
Data Breached
Names, COVID-19 contact tracing information, vaccination appointments, Social Security numbers, employee IDs, and email addresses.
Use of 3rd Party
Business app
3rd-party Company
Microsoft
Date
August
Company
Catholic Health
Data Breached
Patients’ health information
Use of 3rd Party
Software vendor
3rd-party Company
CaptureRx
Date
July
Company
Jefferson’s Kimmel Cancer Center
Data Breached
Patient names, birth dates, medical record numbers, and clinical information related to treatment at Jefferson Health such as treatment plan, diagnosis, or prescription information. For some patients, Social Security number was also included as well.
Use of 3rd Party
Cloud provider
3rd-party Company
Elekta
Date
July
Company
Memorial Health System
Data Breached
Names, birthdates, medical information
Use of 3rd Party
Billing vendor
3rd-party Company
Guidehouse
Date
July
Company
Saudi Aramco
Data Breached
**Employees: name, photo, passport copy, email, phone number, residence permit (Iqama card) number, job title, ID numbers, family information, etc.
**Project specification for systems related to/including electrical/power, architectural, engineering, civil, construction management, environmental, machinery, vessels, telecom, etc.
Internal analysis reports, agreements, letters, pricing sheets, etc.
**Network layout mapping out the IP addresses, **Scada points, Wi-Fi access points, IP cameras, and IoT devices.
**Location map and precise coordinates.
**List of Aramco’s clients, along with invoices and contracts
Use of 3rd Party
Third-party contractor
3rd-party Company
Not disclosed
Date
July
Company
Hospitals
Data Breached
Name, address, email address, date of birth, driver’s license number, Social Security number, diagnosis, laboratory and treatment information, patient identification number, medication information, health insurance identification and claims information, tax identification number, employee username with password, employee username with security questions and answers, and bank account and/or credit card/debit card information
Use of 3rd Party
Medical management services provider
3rd-party Company
PracticeFirst
Date
July
Company
Hospitals
Data Breached
Name, tax ID, social security number, date of birth, other government-issued ID, telephone number, healthcare account number and balance, date of service, ClearBalance loan number and balance, personal banking information, clinical information, health insurance information, and full-face photographic image
Use of 3rd Party
Medical loan provider
3rd-party Company
ClearBalance
Date
July
Company
SpreadGroup Customers
Data Breached
Financial data
Use of 3rd Party
Clothing and retail vendor
3rd-party Company
Spreadshirt, Spreadshop, and TeamShirts
Date
July
Company
Morgan Stanley
Data Breached
Stock plan participants’ names,
addresses,
dates of birth,
Social Security Numbers,
corporate company names
Use of 3rd Party
Account maintenance services
3rd-party Company
Guidehouse, Accellion
Date
July
Data Breached
Availability of systems
Use of 3rd Party
IT management software for MSP
3rd-party Company
Kaseya
Date
June
Company
Ohio Medicaid Program
Data Breached
Names, dates of birth, Social Security numbers, addresses
Use of 3rd Party
Medicaid contractor
3rd-party Company
Maximus
Date
June
Company
CVS Health
Data Breached
COVID-19 vaccines and medications
Use of 3rd Party
Hosting vendor
3rd-party Company
Not disclosed
Date
June
Data Breached
Availability of e-mail newsletters
Use of 3rd Party
E-mail newsletter
3rd-party Company
iConstituent
Date
June
Company
Mercedes-Benz USA
Data Breached
Credit card information, Social security numbers, and driver license numbers of under 1,000 Mercedes-Benz customers and potential buyers
Use of 3rd Party
Vendor
3rd-party Company
Not disclosed
Date
June
Data Breached
Names, Social Security numbers, addresses, birth dates, medical diagnosis and treatment details.
Use of 3rd Party
Cloud provider
3rd-party Company
Elekta
Date
June
Company
AmeriGas
Data Breached
Internal email with spreadsheet attachments containing 123 AmeriGas employees’ information, including Lab IDs, social security numbers, driver’s license numbers, and dates of birth
Use of 3rd Party
Regulatory compliance vendor
3rd-party Company
J. J. Keller
Date
June
Company
Volkswagen Group of America
Data Breached
First and last name, personal or business mailing address, email address, or phone number. For some instances, a vehicle purchased, leased, or inquired about, such as the Vehicle Identification Number (VIN), make, model, year, color, and trim packages.
Use of 3rd Party
Digital marketing vendor
3rd-party Company
Shift Digital
Date
June
Company
Harbor Regional Health
Data Breached
Healthcare data
Use of 3rd Party
Software vendor
3rd-party Company
CaptureRX
Date
June
Data Breached
Customer back up files (details not disclosed)
Use of 3rd Party
Software vendor
3rd-party Company
Logicgate
Date
May
Company
U.S. Government
Data Breached
Not disclosed
Use of 3rd Party
Security defense contractor
3rd-party Company
BlueForce
Date
May
Company
U.S. Department of Energy
Data Breached
Email addresses, communication information of employees, sensitive files
Use of 3rd Party
Physics lab
3rd-party Company
Fermilab
Date
May
Company
Fasttrack Customers
Data Breached
Full names,
Email addresses,
Home addresses,
Dates of birth,
Passport numbers,
Applicant photos,
Mobile phone numbers,
Social network URLs for some applicants.
Use of 3rd Party
Recruitment vendor
3rd-party Company
Fasttrack Recruitment
Date
May
Data Breached
At least 76,000 email addresses were exposed, including those belonging to individuals outside of the ministry
Use of 3rd Party
Software vendor
3rd-party Company
Fujitsu
Date
May
Company
Canada Post
Data Breached
Sender and receiver contact information, names, and mailing addresses
Use of 3rd Party
Software vendor
3rd-party Company
CommPort Communications
Date
May
Company
Ardagh Clients
Data Breached
Not disclosed
Use of 3rd Party
Glass and metal packaging manufacturer
3rd-party Company
Ardagh
Date
May
Data Breached
Source code
Use of 3rd Party
Software auditing company
3rd-party Company
CodeCov
Date
May
Data Breached
Availability of EHR
Use of 3rd Party
EHR vendor
3rd-party Company
APRIMA
Date
May
Data Breached
Personal data including SSN
Use of 3rd Party
Managed IT services
3rd-party Company
Netgain
Date
May
Company
Pennsylvania Health Department
Data Breached
Names of individuals who were potentially exposed to COVID-19, positive or negative test results, any experienced symptoms, household members, and some contact information
Use of 3rd Party
Contact tracing app vendor
3rd-party Company
Insights Global
Date
May
Company
University of Houston
Data Breached
Financial data of students
Use of 3rd Party
Cap/ Gown vendor
3rd-party Company
Herff Jones
Date
May
Data Breached
Healthcare data
Use of 3rd Party
Software vendor
3rd-party Company
CaptureRX
Date
April
Data Breached
Availability of customer reservation systems
Use of 3rd Party
Software Vendor
3rd-party Company
Radixx (subsidiary of Sabre Corporation)
Date
April
Data Breached
Not disclosed
Use of 3rd Party
File sharing appliance vendor
3rd-party Company
Soliton (FileZen application)
Date
April
Company
Click Studios Customers
Data Breached
Employee and local admin accounts
Use of 3rd Party
Password manager (Passwordstate)
3rd-party Company
Click Studios
Date
April
Company
Apple
Data Breached
Macbook blueprints
Use of 3rd Party
Macbook manufacturer
3rd-party Company
Quanta
Date
April
Data Breached
Shipping labels and customer receipts
Use of 3rd Party
B2B packaging vendor
3rd-party Company
Bizongo
Date
April
Data Breached
Contact details, dates of birth, insurance ID numbers, and health information, such as treatments and medical conditions.
Use of 3rd Party
File sharing application
3rd-party Company
Accellion
Date
April
Company
CallX Customers (possibly Lendingtree, Liberty Mutual Insurance and Vivint among the clients)
Data Breached
Audio recordings, transcripts of chats, full names, home addresses, phone numbers and more.
Use of 3rd Party
Telemarketing
3rd-party Company
CallX
Date
April
Company
Apple Valley Clinic
Data Breached
Names,
dates of birth,
Social security numbers,
bank account and routing numbers,
patient billing information,
medical information, such medical symptoms and diagnosis
Use of 3rd Party
IT services
3rd-party Company
Netgain
Date
April
Data Breached
Not disclosed
Use of 3rd Party
Software auditing company
3rd-party Company
CodeCov
Date
April
Data Breached
Subscriber ID,Social Security numbers, diagnoses, conditions, claims data, dates of services, medical procedure codes, insurance policy numbers, provider names, contact details, and dates of birth.
Use of 3rd Party
Revenue cycle service provider
3rd-party Company
MedData
Date
April
Data Breached
Variety of personally identifiable information, including federal tax documents, passports, addresses, birth dates, bank account information and Social Security numbers
Use of 3rd Party
File sharing app
3rd-party Company
Accellion
Date
April
Company
Wiener & Kennedy
Data Breached
Possibly employee sensitive information
Use of 3rd Party
Accounting firm
3rd-party Company
Perkins & Co, Netgain (4th party)
Date
April
Company
Doctors Medical Center
Data Breached
Patients’ names, addresses, procedure information
Use of 3rd Party
Virtual waiting room vendor
3rd-party Company
Medifie
Date
April
Company
Biotel Heart
Data Breached
Social Security numbers, medical records, contact information
Use of 3rd Party
Third-party vendor
3rd-party Company
Not disclosed
Date
April
Company
Upstox
Data Breached
Contact data and KYC details of customers
Use of 3rd Party
Third-party data warehouse systems
3rd-party Company
Not disclosed
Date
April
Company
Celcius
Data Breached
Customer emails
Use of 3rd Party
Email distribution vendor
3rd-party Company
Not disclosed
Date
April
Data Breached
Not disclosed
Use of 3rd Party
Cloud company
3rd-party Company
Route mobil
Date
April
Data Breached
Social Security numbers, financial information, medical records and more of patients, employees and dependents
Use of 3rd Party
Parent company
3rd-party Company
Personal Touch Holding Corp.
Date
April
Company
Ei2
Data Breached
Names, identification number, contact information, educational qualifications, and employment history
Use of 3rd Party
Contact centre solution provider
3rd-party Company
I-vic International
Date
April
Company
Park Mobile
Data Breached
Customer email addresses, dates of birth, phone numbers, license plate numbers, hashed passwords and mailing addresses
Use of 3rd Party
Third-party software
3rd-party Company
Not disclosed
Date
March
Company
Royal Dutch Shell
Data Breached
Personal data and data belonging to stakeholders
Use of 3rd Party
Third-party file transfer application
3rd-party Company
Accellion
Date
March
Data Breached
Contact information, insurance ID numbers, dates of birth, and health information, such as medical conditions and treatments.
Use of 3rd Party
Third-party file transfer application
3rd-party Company
Accellion
Date
March
Company
Israeli Likud Party
Data Breached
Full name, sex, home address, and, in many cases, cellphone number and responses to political polling for 6.5 million Israeli adults.
Use of 3rd Party
Polling app vendor
3rd-party Company
Elector Software
Date
March
Company
Piedmont Health Services
Data Breached
Patients’ name, date of birth, address, social security number and diagnosis codes.
Use of 3rd Party
Administrative services vendor
3rd-party Company
PeakTPA
Date
March
Company
Armed Forces Communications, Electronics Association and the US Geospatial Intelligence Foundation
Data Breached
Members’ names and addresses
Use of 3rd Party
Event management vendor
3rd-party Company
SPARGO
Date
March
Company
Poll County Schools
Data Breached
Students’ names, dates of birth, and student identification numbers.
Use of 3rd Party
Technology vendor (for school nutrition)
3rd-party Company
PCS Revenue Systems
Date
March
Company
Schools, jail cells, hospital ICUs, and major companies like Tesla, Nissan, Equinox, Cloudflare
Data Breached
Video footages
Use of 3rd Party
Security camera vendor
3rd-party Company
Verkada
Date
March
Company
Calviva Health
Data Breached
Patients’ data
Use of 3rd Party
Business associate
3rd-party Company
Health Net Community Solutions, Inc, Accellion
Date
March
Company
University of Miami Health
Data Breached
Patients’ health information
Use of 3rd Party
Third-party file transfer application
3rd-party Company
Accellion
Date
March
Data Breached
Patient names, addresses, LMC medical record numbers, Social Security numbers and health insurance details.
Use of 3rd Party
IT vendor
3rd-party Company
Healthgrades
Date
March
Company
Austin ISD
Data Breached
Students’ name, their identification number, and date of birth
Use of 3rd Party
Third-party vendor
3rd-party Company
not disclosed
Date
March
Company
Flagstar Bank
Data Breached
Social Security numbers and mailing addresses
Use of 3rd Party
Third-party file transfer application
3rd-party Company
Accellion
Date
March
Company
Multicare Health Services
Data Breached
Names, addresses, Social Security numbers, medical record numbers, bank account numbers and medical record disclosure logs
Use of 3rd Party
Technology vendor
3rd-party Company
Netgain
Date
March
Company
European Banking Authority
Data Breached
Emails
Use of 3rd Party
Email server
3rd-party Company
Microsoft
Date
March
Data Breached
Availability of the websites
Use of 3rd Party
Domain registrar
3rd-party Company
Atak Domain
Date
March
Data Breached
Membership number and tier status
Use of 3rd Party
IT vendor
3rd-party Company
SITA
Date
March
Company
Qualys
Data Breached
Customer data possibly including invoices, purchase orders, tax documents, and scan reports
Use of 3rd Party
Third-party file transfer application
3rd-party Company
Accellion
Date
February
Data Breached
Not disclosed
Use of 3rd Party
IT vendor
3rd-party Company
Centreon
Date
February
Company
Jamaican Government
Data Breached
Over 425,000 immigration documents, COVID-19 results
Use of 3rd Party
Software vendor
3rd-party Company
Amber Group
Date
February
Data Breached
Personal information include contain names, addresses, license plate numbers and vehicle identification numbers (VIN)
Use of 3rd Party
Payment processor
3rd-party Company
AFTS
Date
February
Company
Sitepoint, teespring
Data Breached
Email addresses
Use of 3rd Party
Web analytics
3rd-party Company
WayDev
Date
February
Company
Ubiquiti Networks
Data Breached
User accounts – including include names, email addresses, and salted and hashed passwords. Also home addresses and phone numbers for some users.
Use of 3rd Party
Cloud provider
3rd-party Company
Not disclosed
Date
February
Company
French Government
Data Breached
Customer accounts and source code of Stormshield Network Security (SNS)
Use of 3rd Party
Cybersecurity vendor
3rd-party Company
Stormshield
Date
February
Data Breached
Names, addresses, dates of birth, dates of service, telephone numbers, account numbers, health insurance information,medical information and possibly SSN
Use of 3rd Party
Managed IT services
3rd-party Company
Netgain
Date
February
Company
Beaumont Health
Data Breached
Unauthorized appointments
Use of 3rd Party
Appointment scheduling software
3rd-party Company
Epic Software
Date
February
Data Breached
Social Security numbers, passport and visa details, dates of birth and driver’s license numbers, as well as health information and financial account information
Use of 3rd Party
Embedded software vendor
3rd-party Company
Wind River Systems
Date
February
Data Breached
Full names, dates of birth, email addresses, phone numbers, physical addresses, social security numbers, secondary insurance information, familial relationships to the child in question, and financial details
Use of 3rd Party
Web hosting vendor
3rd-party Company
Jelly Bean Communications Design
Date
February
Data Breached
Contact details, dates of birth, MPI numbers, medical record information, health insurance data, financial account details, passport numbers, diagnoses, treatments, and Social Security numbers
Use of 3rd Party
Support vendor
3rd-party Company
USF
Date
February
Data Breached
Clients’ confidential information
Use of 3rd Party
Third-party file transfer application
3rd-party Company
Accellion
Date
February
Data Breached
Bank account numbers, routing information, names, addresses, billing amounts and utility account numbers of customers
Use of 3rd Party
Utility bill payment vendor
3rd-party Company
Automatic Funds Transfer Services
Date
February
Data Breached
Microsoft 365 email accounts
Use of 3rd Party
Certificate provider
3rd-party Company
Mimecast
Date
February
Data Breached
Social Security numbers and banking information
Use of 3rd Party
Third-party file transfer application
3rd-party Company
Accellion
Date
January
Company
SonicWall Customers
Data Breached
Unknown at this stage
Use of 3rd Party
Cybersecurity vendor
3rd-party Company
SonicWall
Date
January
Data Breached
Company emails
Use of 3rd Party
Defence tech service provider
3rd-party Company
ELCOM Innovations
Date
January
Data Breached
Full names, Social Security numbers, details of medical examinations, drug and alcohol testing reports, and scans of driver’s licenses
Use of 3rd Party
Occupational healthcare provider
3rd-party Company
Taylor Made Diagnostics (TMD)
Date
January
Company
Bonobos
Data Breached
Names and telephone numbers associated with 7 million customers or orders, 3.5 million records containing the last four digits of credit card numbers, and account information for 1.8 million customers, including encrypted passwords
Use of 3rd Party
Cloud service provider
3rd-party Company
Not disclosed
Date
January
Company
Saskatchewan HAL system
Data Breached
Customer name and HAL account identification number for about 33,000 email addresses.
Use of 3rd Party
Software company
3rd-party Company
Aspira
Date
January
Company
Supply chain for Audi, BMW, Mercedes, Porsche, Saab, Volkswagen and Volvo across North America
Data Breached
Full names, addresses, phone numbers, and exact working hours of at least 12 NameSouth employees, credit card statements
Use of 3rd Party
OEM company
3rd-party Company
NameSouth
Date
January
Data Breached
Unknown at this stage
Use of 3rd Party
Stock investment app
3rd-party Company
Not disclosed
Date
January
Company
Facebook, Instagram, LinkedIn
Data Breached
Personal data of 214 million social media users
Use of 3rd Party
Third-party app
3rd-party Company
SocialArk
Date
January
Company
OmniTRAX
Data Breached
Internal OmniTRAX documents, contents of employee computers
Use of 3rd Party
Parent company
3rd-party Company
Broe Group
Date
January
Data Breached
Commercially and personally sensitive information
Use of 3rd Party
Third-party file transfer application
3rd-party Company
Acellion Software
2020 Data Leaks
Data Leaks for 2020
Date
Company
Data Breached
Use of 3rd Party
3rd-party Company
Date
December
Company
Mongolian Government Agencies
Data Breached
HR chat messages
Use of 3rd Party
Software vendor for chatting app
3rd-party Company
Able Software
Date
December
Company
Microsoft
Data Breached
Credentials for Azure
Use of 3rd Party
Third-party reseller
3rd-party Company
Not disclosed
Date
Deecember
Company
Medical Facilities
Data Breached
Full names and dates of birth, postal and email addresses, phone numbers, passport details, credit card numbers, medical records and recent test results and diagnoses.
Use of 3rd Party
Software vendor
3rd-party Company
iSofH
Date
December
Company
Dental Practices
Data Breached
Patient names, contact details, dental diagnoses, treatment information, patient account numbers, billing details, dentists’ names, bank account numbers, and health insurance data.
Use of 3rd Party
Support vendor-accounting billing
3rd-party Company
Dental Care Alliance (DCA)
Date
December
Company
Now:Pensions
Data Breached
Names, postal and email addresses, birth dates and national insurance numbers of 30,000 customers
Use of 3rd Party
Third-party contractor
3rd-party Company
Not disclosed
Date
December
Data Breached
Digital certificate toolkit
Use of 3rd Party
Certificate authority
3rd-party Company
Vietnam Certification Authority
Date
December
Company
FireEye customers
Data Breached
Red-team tools
Use of 3rd Party
CyberSecurity firm
3rd-party Company
FireEye
Date
December
Data Breached
Customers’ email traffic
Use of 3rd Party
Network management software vendor
3rd-party Company
SolarWinds
Date
November
Company
Customers of Belden
Data Breached
Data of some current and former employees, as well as some company information
Use of 3rd Party
Networking equipment vendor
3rd-party Company
Belden
Date
November
Company
Great Heart Academies
Data Breached
Names and contact information
Use of 3rd Party
Cloud and CRM provider
3rd-party Company
Blackbaud
Date
November
Data Breached
Contact details, health insurance policy numbers, and appointment notes related to treatment, such as health conditions, procedures, and prescriptions, as well as other sensitive data, including the credit card information and Social Security information of some patients
Use of 3rd Party
Appointment app provider
3rd-party Company
Luxottica
Date
November
Data Breached
Driver’s license numbers, names, dates of birth, addresses and vehicle registration histories
Use of 3rd Party
Insurance software company
3rd-party Company
Vertafore
Date
November
Data Breached
Customer names, tax ID numbers, loan documents, business contracts, private emails, invoices, credentials for network shares, company confidential files
Use of 3rd Party
Banking software provider
3rd-party Company
ABS
Date
November
Company
WildWorks
Data Breached
7 million parent account email addresses, and 32 million usernames associated with the parent accounts, containing encrypted passwords, players’ birthdays and gender
Use of 3rd Party
Third-party server
3rd-party Company
Not disclosed
Date
November
Data Breached
Names, credit card details, ID numbers and reservation details
Use of 3rd Party
Channel manager
3rd-party Company
Prestige Software
Date
October
Data Breached
Not disclosed
Use of 3rd Party
Media-monitoring vendor
3rd-party Company
Isentia
Date
October
Company
Apple, Google, Amazon, Citibank
Data Breached
E-mail addresses,
full names,
bcrypt hashed passwords,
titles, company names,
IP addresses, and other system-related data
Use of 3rd Party
Software provider
3rd-party Company
NITRO
Date
October
Company
Google
Data Breached
Passports,
driver’s licenses,
ID cards (in Form I-9) of employees
Use of 3rd Party
Law firm
3rd-party Company
Fragomen, Del Rey, Bernsen & Loewy
Date
October
Company
JM Bullion
Data Breached
Names
addresses, payment card information
(the account number, expiration date, and security codes)
Use of 3rd Party
Third-party javacript
3rd-party Company
Not disclosed
Date
October
Company
Lazada RedMart App
Data Breached
Names, phone numbers, encrypted passwords, and partial credit card numbers of 1M accounts
Use of 3rd Party
Third-party database hosting provider
3rd-party Company
Not disclosed
Date
October
Company
Broadvoice Customers
Data Breached
Names,
phone numbers,
locations,
hundreds of thousands of voice mails,
medical and financial details
Use of 3rd Party
VoIP service provider
3rd-party Company
Broadvoice
Date
October
Company
Dickey’s Barbecue Pit
Data Breached
Names, credit card information of 3M customers
Use of 3rd Party
POS provider
3rd-party Company
Not disclosed
Date
October
Company
City of Odessa
Data Breached
Utility bill information, credit/debit card information
Use of 3rd Party
Third-party payment software provider
3rd-party Company
Click2Gov
Date
October
Company
Kylie Cosmetics
Data Breached
Names,
addresses,
emails,
product orders,
the last four digits of SS numbers
Use of 3rd Party
E-commerce platform
3rd-party Company
Shopify
Date
October
Data Breached
Patient names, addresses,
phone numbers ,
medical departments patients visited, dates of birth, treatment facilities, treating physicians, departments of service, room numbers, medical record numbers.
Use of 3rd Party
Data management software, cloud service provider
3rd-party Company
BlackBaud
Date
September
Company
Pell City Valley Bank
Data Breached
Utility payment information
Use of 3rd Party
Third-party service provider
3rd-party Company
Not disclosed
Date
September
Company
E-commerce stores
Data Breached
Customer payment information
Use of 3rd Party
E-commerce platform
3rd-party Company
Adobe Magento 1
Date
September
Company
Tribune Media, Times Media Grup
Data Breached
Full names, email and street addresses, phone numbers and ZIP codes of 38 million US citizens
Use of 3rd Party
Marketing company
3rd-party Company
View Media
Date
September
Data Breached
Names, medical service numbers and dates of service for patients and list of donors
Use of 3rd Party
Data management software vendor
3rd-party Company
BlackBaud
Date
September
Company
Phipps Conservatory
Data Breached
Members names, emails and physical addresses
Use of 3rd Party
Data management software vendor
3rd-party Company
BlackBaud
Date
August
Company
Department of Health
Data Breached
Infection status, dates of birth, addresses, names, and other PII of COVID-19 patients in South Dakota
Use of 3rd Party
Doftware vendor
3rd-party Company
not disclosed
Date
August
Company
Rochester YMCA
Data Breached
Names, addresses and gift history of donors
Use of 3rd Party
Software vendor
3rd-party Company
Not disclosed
Date
August
Company
FeedMore
Data Breached
Personal information of donors
Use of 3rd Party
Software vendor
3rd-party Company
BlackBaud
Date
August
Company
Jack Daniel’s
Data Breached
Corporate data
Use of 3rd Party
Wine and spirit maker
3rd-party Company
Brown-Forman
Date
July
Data Breached
Personal information of investors
Use of 3rd Party
Third-party software provider
3rd-party Company
M.J. Brunner
Date
July
Company
Citrix
Data Breached
E-mail IDs, phone numbers, last known location, phone type and login dates
Use of 3rd Party
Third-party vendor
3rd-party Company
Not disclosed
Date
July
Company
Promo.com
Data Breached
First name, last name, email address, IP address, approximated user location based on their IP address, and gender, as well as encrypted, hashed and salted passwords.
Use of 3rd Party
Third-party service provider
3rd-party Company
Not disclosed
Date
July
Data Breached
Name, date of birth, contact information, and some information about donations regarding alumni and donors
Use of 3rd Party
Cloud-computing service provider
3rd-party Company
BlackBaud
Date
July
Company
Digital Bank App, Dave
Data Breached
7.5 million users’ names, emails and physical addresses, birthdates, and phone numbers
Use of 3rd Party
Third-party service provider
3rd-party Company
WayDev
Date
June
Company
Police Departments
Data Breached
ACH routing numbers, IBANs and other financial data as well as PII
Use of 3rd Party
Web development firm
3rd-party Company
NetSentiel
Date
June
Data Breached
Names, addresses, birth dates, banking and IRS data
Use of 3rd Party
Web site design firm
3rd-party Company
10up Inc
Date
June
Company
MU Health
Data Breached
E-mail addresses & passwords of MU students
Use of 3rd Party
Third-party web site
3rd-party Company
Not disclosed
Date
June
Company
Keepnet
Data Breached
Breached email addresses, breached passwords
Use of 3rd Party
Third-party IT service provider
3rd-party Company
Not disclosed
Date
June
Company
Joomla
Data Breached
Full name,Business address, Business email address, Business phone number, Company URL, Nature of business,Encrypted password (hashed),IP address, Newsletter subscription preferences
Use of 3rd Party
Third-party company(CMS)
3rd-party Company
Open Source Matters
Date
May
Company
Bank of America
Data Breached
PPP applications, in particular business details, such as an address or tax identification number, or a business owner’s information, such as name, address, Social Security number, phone number, email and citizenship status
Use of 3rd Party
Third-party merchant
3rd-party Company
Not disclosed
Date
May
Company
BHIM wallet app
Data Breached
7 million Indians’ Aadhaar number, name, gender, date of birth, biometric details, Permanent Account Number (PAN), scanned copies of Caste and Religion certificates, user’s picture, residential details, professional degree certificates
Use of 3rd Party
Amazon Web Services S3 bucket of a third party
3rd-party Company
CSC e-Governance Services LTD
Date
May
Company
TrueCaller
Data Breached
Full names, email addresses, mobile numbers, Facebook IDs, age, city, gender, telecom service provider
Use of 3rd Party
Third-party merchant
3rd-party Company
Not disclosed
Date
May
Data Breached
Full names and Social Security numbers of some people who have applied for unemployment benefits
Use of 3rd Party
Third party
3rd-party Company
Not disclosed
Date
May
Company
MNS’ Healthcare Clients
Data Breached
Name, medical treatment information, diagnosis information/codes, medication information, dates of service, insurance provider, health insurance number, date of birth, and
Social Security number.
Use of 3rd Party
Network Services Provider
3rd-party Company
Management and Network Services – MNS
Date
April
Company
UseNeXt, Usenet.nl
Data Breached
First and last name, billing address and IBAN and account number
Use of 3rd Party
Third-party partner company
3rd-party Company
Not disclosed
Date
April
Company
RigUp’s energy sector clients
Data Breached
Human resource files from RigUp’s clients, contractors, job seekers
Use of 3rd Party
Labor and marketplace provider
3rd-party Company
RigUp
Date
April
Company
Mariott
Data Breached
5.2 million customers’ personal information incl. names, addresses, birthdays, emails, phone numbers and loyalty reward program numbers
Use of 3rd Party
Franchised hotel in Russia
3rd-party Company
Not disclosed
Date
April
Company
Cognizant’s clients
Data Breached
Not disclosed for now
Use of 3rd Party
IT-services vendor
3rd-party Company
Cognizant
Date
April
Company
Michigan State University
Data Breached
Names, phone numbers, addresses, credit card numbers, CVVs and expiration dates
Use of 3rd Party
E-commerce vendor
3rd-party Company
Volusion
Date
March
Company
T-Mobile
Data Breached
Customer names and addresses, phone numbers, account numbers, rate plans, and features, and billing information.
Use of 3rd Party
E-mail vendor
3rd-party Company
Not disclosed
Date
March
Company
Radio.com
Data Breached
Name, Social Security number, driver’s license number, listeners’ credentials
Use of 3rd Party
Cloud hosting service
3rd-party Company
Not disclosed
Date
March
Company
Chubb
Data Breached
Sensitive files
Use of 3rd Party
Third-party service provider
3rd-party Company
Not disclosed
Date
March
Company
General Electric
Data Breached
Direct deposit forms, driver’s licenses, passports, birth certificates, marriage certificates
Use of 3rd Party
Business service provider
3rd-party Company
Canon Business Services
Date
March
Data Breached
8 million sales records: customer names, email addresses, shipping addresses, purchases, last four digits of credit card numbers
Use of 3rd Party
Third-party app
3rd-party Company
Not disclosed
Date
March
Data Breached
Non-disclosure agreements, partial schematic for a missile antenna
Use of 3rd Party
Precision parts maker
3rd-party Company
Visser
Date
February
Company
Brunswick County Schools
Data Breached
First and Last Name, Last Four Digits of Social Security Number, Transaction Date and Amount, Plan Sponsor/Employer Name,
Address, Social Security Number, Email Address, Mailing Address,
Date of Birth
Use of 3rd Party
Administering services
3rd-party Company
Interactive Medical Systems Corporation
Date
February
Company
TQL carriers
Data Breached
Tax ID numbers, bank account numbers
Use of 3rd Party
Freight brokerage services
3rd-party Company
TQL
Date
February
Company
Community Care Physicians
Data Breached
Names, dates of birth, billing codes, insurance description, and medical record numbers
Use of 3rd Party
Accounting and tax services
3rd-party Company
BST
Date
February
Company
Health Share of Oregon
Data Breached
Names, addresses, phone numbers, dates of birth, Social Security numbers and Health Share identification numbers
Use of 3rd Party
Medical transportation
3rd-party Company
GridWorks
Date
February
Company
Rutters Store
Data Breached
Customers’ names, card numbers, expiration dates, and internal verification codes
Use of 3rd Party
POS device
3rd-party Company
Not disclosed
Date
February
Company
Carson City
Data Breached
Resident’s names, addresses, email addresses, payment card numbers, expiration dates, card security code (CVV) information, bank account numbers and routing numbers
Use of 3rd Party
Utility payment software
3rd-party Company
Click2Gov
Date
February
Company
Idaho Central Credit Union
Data Breached
Name, date of birth, Social Security number, financial account information, tax identification number, and information on borrowers, liability, assets, employment, and income
Use of 3rd Party
Mortgage portal
3rd-party Company
Not disclosed
Date
February
Company
Nedbank
Data Breached
1.7 million customers information(name, ID, contacts)
Use of 3rd Party
Marketing and promotional campaigns
3rd-party Company
Computer Facilities (Pty) Ltd
Date
January
Company
Instagram
Data Breached
Instagram usernames and passwords
Use of 3rd Party
Third-party app
3rd-party Company
Social Captain
Date
January
Company
State Governments of U.S.
Data Breached
Names, dates of birth, home addresses, email and phone numbers, names of family members, past addresses, the reason for application
Use of 3rd Party
Third-party service provider
3rd-party Company
Not disclosed
Date
January
Data Breached
Photo IDs, phone numbers and home addresses of marijuana users as well as cannabis variety and quantity purchased
Use of 3rd Party
Point-of-sale software company
3rd-party Company
THSuite
Date
January
Company
Regus
Data Breached
Employee names, emails and performance
Use of 3rd Party
Mystery shopping business
3rd-party Company
Applause
Date
January
Company
Mitsubishi
Data Breached
Company data, data of government organizations and private companies, names and addresses, previous employment history, birthdates, telephone numbers of 8,122 applicants, employees and retirees
Use of 3rd Party
An affiliated company in China
3rd-party Company
Not disclosed
Date
January
Company
Mercy Health Lorain
Data Breached
Names, street addresses and Social Security numbers
Use of 3rd Party
Revenue cycle management vendor
3rd-party Company
RCM Enterprise Services
Date
January
Company
Schools
Data Breached
Name, payment card expiration date and security code and Blue Bear account usernames and passwords
Use of 3rd Party
School software vendor
3rd-party Company
Active Network
Date
January
Company
Amazon Customers
Data Breached
E-mail addresses and phone numbers
Use of 3rd Party
Hosting
3rd-party Company
Amazon
Date
January
Company
The Australian P&N Bank
Data Breached
Name, address, email, phone number, customer number, age, account number and account balance
Use of 3rd Party
Third-party CRM hosting firm
3rd-party Company
Not disclosed
2019 Data Leaks
Data Leaks for 2019
Date
Company
Data Breached
Use of 3rd Party
3rd-party Company
Date
December
Company
Wyze customer
Data Breached
2.4 million customers
Use of 3rd Party
IoT vendor
3rd-party Company
Wyze
Date
December
Company
Singapore Armed Forces (SAF)
Data Breached
98,000 SAF servicemen information
Use of 3rd Party
healthcare training provider
3rd-party Company
HMI Institute of Health Sciences
Date
December
Data Breached
2,400 personal data including full names and NRIC numbers, and a combination of contact numbers, e-mail addresses or residential addresses
Use of 3rd Party
logistics services
3rd-party Company
ST Logistics
Date
December
Company
City of Sioux
Data Breached
3,500 customers utility and parking accounts
Use of 3rd Party
online parking ticket system and utility billing system portal
3rd-party Company
Click2Gov
Date
December
Company
City of Marietta
Data Breached
8,800 Marietta utility customers card information
Use of 3rd Party
online electric, water and sanitation payment software company
3rd-party Company
Click2Gov
Date
December
Company
NYPD Fingerprint Database
Data Breached
fingerprint database
Use of 3rd Party
not disclosed
3rd-party Company
not disclosed
Date
December
Data Breached
477,000 clients’ media contacts, business account information, 35,000 hashed user passwords, various documents, and admin credentials
Use of 3rd Party
PR company
3rd-party Company
iPR Software
Date
November
Company
Palo Alto Networks
Data Breached
seven current and former employees’ information includes names, dates of birth, and Social Security numbers
Use of 3rd Party
not disclosed
3rd-party Company
not disclosed
Date
November
Company
Facebook and Twitter
Data Breached
email addresses, usernames and recent tweets
Use of 3rd Party
SDK kit
3rd-party Company
One Audience
Date
November
Company
The city of Charlottesville
Data Breached
not disclosed
Use of 3rd Party
tax collections
3rd-party Company
not disclosed
Date
November
Company
TennCare
Data Breached
44,000 members information
Use of 3rd Party
pharmacy management vendor
3rd-party Company
Magellan Health System
Date
November
Company
Macy’s
Data Breached
first and last names, physical addresses, ZIP codes, email addresses, payment card numbers, card security codes, and expiration dates
Use of 3rd Party
Website Javascript
3rd-party Company
not disclosed
Date
November
Company
City of San Angelo
Data Breached
not disclosed
Use of 3rd Party
online water bill payments software company
3rd-party Company
Click2Gov
Date
November
Company
Pompano Beach City
Data Breached
4,000 residents’ data
Use of 3rd Party
online water bill payments software company
3rd-party Company
Click2Gov
Date
November
Company
Florida Blue
Data Breached
5 million members’ information
Use of 3rd Party
managed care company
3rd-party Company
Magellan Health Inc
Date
October
Company
UniCredit
Data Breached
400,000 Italian clients’ information
Use of 3rd Party
not disclosed
3rd-party Company
not disclosed
Date
October
Company
NordVPN
Data Breached
some of the browsing habits of customers
Use of 3rd Party
data center provider
3rd-party Company
not disclosed
Date
October
Company
Geisinger Health Plan
Data Breached
undisclosed number of patients’ information
Use of 3rd Party
manage radiology benefits
3rd-party Company
Magellan National Imaging Associates
Date
October
Company
The Clark County School District
Data Breached
560,000 students’ information
Use of 3rd Party
learning assessment platform
3rd-party Company
Pearson Clinical Assessment (AIMSweb)
Date
October
Company
CenturyLink
Data Breached
2.8 million CenturyLink customer information which including names, addresses, phone numbers, email addresses and CenturyLink account numbers
Use of 3rd Party
notification platform
3rd-party Company
not disclosed
Date
October
Company
GW community members
Data Breached
thousands of usernames, passwords and addresses
Use of 3rd Party
educational technology company
3rd-party Company
Chegg
Date
October
Company
Uber, Slack, and FCC
Data Breached
10,000 Zendesk Support and Chat accounts
Use of 3rd Party
customer service software provider
3rd-party Company
Zendesk
Date
September
Company
Ames parking ticket payments
Data Breached
1,498 individuals’ information includes encrypted credit or debit card numbers, first names, last names, addresses and email addresses
Use of 3rd Party
payment software system
3rd-party Company
Click2Gov
Date
September
Data Breached
not disclosed
Use of 3rd Party
payment software system
3rd-party Company
Click2Gov
Date
September
Company
DoorDash
Data Breached
4.9 million consumers, Dashers, and merchants
Use of 3rd Party
service provider
3rd-party Company
not disclosed
Date
September
Company
Malinda Air
Data Breached
Malinda’s passengers information
Use of 3rd Party
not disclosed
3rd-party Company
not disclosed
Date
September
Company
Yves Rocher
Data Breached
2.5 million Canadian customers’ personal data
Use of 3rd Party
Consulting services
3rd-party Company
Aliznet
Date
September
Company
GitHub And Bitbucket
Data Breached
usernames and email addresses associated with GitHub and Bitbucket and IP addresses and user agent strings & organisation name, repository URLs and names, branch names, and repository
Use of 3rd Party
Analytics company
3rd-party Company
CirclCI
Date
August
Company
Mastercard
Data Breached
90,000 customers’ names, addresses, and credit card numbers
Use of 3rd Party
loyalty program
3rd-party Company
not disclosed
Date
August
Company
Cable One
Data Breached
14 Cable One employee accounts may include addresses, Social Security numbers, government-issued identification numbers, financial account numbers, digital signatures or medical and health insurance information
Use of 3rd Party
not disclosed
3rd-party Company
not disclosed
Date
August
Data Breached
3,700 students information in District 203, 49,000 students information in District 204, 3,206 students information in District 303 and 8,000 students information in District 304
Use of 3rd Party
learning assessment platform
3rd-party Company
Pearson Clinical Assessment (AIMSweb)
Date
August
Data Breached
students’ and teachers’ information (names, surnames, birthdates)
Use of 3rd Party
learning assessment platform
3rd-party Company
Pearson Clinical Assessment (AIMSweb)
Date
July
Data Breached
534,500 patients information and 7,400 financial data of AEL, 412,000 patients information with 15,000 financial data of SML, 145,100 patients information with 3,800 financial data of CBLPath, 143,400 patients information with 4,200 financial data of LMC, 44,700 patients information with 1,800 financial data of APA, 14,900 patients information and 1,200 financial data of STD, 12,700 patients information with 600 financial data of PS, 4,000 patients information and 240 financial data of ADX, 9,200 patients information with 800 financial data of SP, 4,200 patients information with 350 financial data of WPC, 6,500 patients information with 500 financial data of AD, unknown number of Natera
Use of 3rd Party
collections vendor
3rd-party Company
American Medical Collection Agency
Date
July
Company
Clinical Pathology Laboratories
Data Breached
2.2 million patients information and 34,500 financial information
Use of 3rd Party
collections vendor
3rd-party Company
American Medical Collection Agency
Date
June
Company
Westpac Bank
Data Breached
Up to 100,000 Australians’ personal information
Use of 3rd Party
payments platform
3rd-party Company
PayID
Date
June
Company
Komodo
Data Breached
Komodo hacked its customers and unauthorisedly transferred nearly 8 million KMD and 96 Bitcoins from their cryptocurrency wallets to a new address owned by the company to protect its customers’ funds.
Use of 3rd Party
JavaScript library
3rd-party Company
not disclosed
Date
June
Company
Opko Health
Data Breached
422,600 patients information
Use of 3rd Party
collections vendor
3rd-party Company
American Medical Collection Agency
Date
June
Data Breached
12 million patients of Quest Diagnostics,7.7 million Laboratory Corporation of America (LabCorp) patients information
Use of 3rd Party
collections vendor
3rd-party Company
American Medical Collection Agency
Date
May
Data Breached
100.000 traveller photos and licence plate image
Use of 3rd Party
not disclosed
3rd-party Company
not disclosed
Date
May
Data Breached
312,570 files in 51,025 folders, over 516 Gb of data financial and private information on all clients
Use of 3rd Party
IT Company
3rd-party Company
CITYCOMP
Date
May
Company
Instagram
Data Breached
personal information including contact details
Use of 3rd Party
social media marketing firm
3rd-party Company
Chtrbox
Date
May
Company
Truecaller
Data Breached
140 million user names, phone numbers and email addresses
Use of 3rd Party
not disclosed
3rd-party Company
not disclosed
Date
May
Company
Bank, Axis, ICICI, IndusInd, RBL
Data Breached
50.000 credit card holders information
Use of 3rd Party
data management company
3rd-party Company
not disclosed
Date
May
Company
Webstorage users
Data Breached
not disclosed
Use of 3rd Party
to storage
3rd-party Company
ASUS Webstorage
Date
May
Company
4,600 websites
Data Breached
not disclosed
Use of 3rd Party
analytics service and open-source project
3rd-party Company
Picreel and Alpaca Forms
Date
May
Company
UNIQLO
Data Breached
460,000 online store accounts
Use of 3rd Party
not disclosed
3rd-party Company
not
disclosed
Date
May
Company
Forbes
Data Breached
credit card information
Use of 3rd Party
to build website
3rd-party Company
not disclosed
Date
April
Company
Freedom Mobile
Data Breached
15,000 customers information
Use of 3rd Party
service provider for customer support processes
3rd-party Company
Apptium Technologies
Date
April
Company
176 colleges and universities
Data Breached
201 online stores including payment card information
Use of 3rd Party
e-commerce platform
3rd-party Company
PrismRBS
Date
April
Company
Facebook
Data Breached
540 million records, including account names, Facebook ID, and user activity
Use of 3rd Party
to develop app
3rd-party Company
Cultura Colectiva
Date
March
Company
The Bank of Queensland
Data Breached
customer names, contact information (including phone numbers and email addresses) and other details related to property evaluations
Use of 3rd Party
fund management company and provider of property valuations
3rd-party Company
LandMark White Limited
Date
March
Data Breached
the personal and medical information of hundreds of thousands of people may have been compromised
Use of 3rd Party
contractor that provides mailing and other services for hospitals and healthcare companies
3rd-party Company
Wolverine Solutions Group
Date
March
Company
Rush System for Health
Data Breached
patient names, addresses, Social Security numbers, birth dates and health insurance information for 45,000 patients was exposed
Use of 3rd Party
claim processing
3rd-party Company
MiraMed
Date
February
Company
Equifax, Experian and TransUnion
Data Breached
personal information including Social Security numbers, names, dates of birth and home addresses may have been stolen
Use of 3rd Party
employee and background screening software
3rd-party Company
Image-I-Nation Technologies
Date
February
Company
Huddle House
Data Breached
credit card payment information since Aug. 2017
Use of 3rd Party
Point-of-sale systems
3rd-party Company
not disclosed
Date
February
Company
China Railway
Data Breached
millions of train passengers’ information
Use of 3rd Party
Ticketing
3rd-party Company
not disclosed
Date
February
Company
Houzz
Data Breached
user names, salted and hashed passwords, IP addresses and, for users who logged into Houzz using Facebook, their Facebook IDs
Use of 3rd Party
not disclosed
3rd-party Company
not disclosed
Date
January
Company
LocalBitcoins
Data Breached
theft of almost 8 bitcoins ($28,200) from five of the victims
Use of 3rd Party
Forum software
3rd-party Company
not disclosed
Date
January
Company
Ascension
Data Breached
24 million financial and banking documents, representing tens of thousands of loans and mortgages from some of the biggest banks in the US
Use of 3rd Party
OCR Services
3rd-party Company
OpticsML
Date
January
Data Breached
650 consumer data
Use of 3rd Party
Online payroll, benefits, tax compliance & HR services
3rd-party Company
BenefitMall
Date
January
Data Breached
the extent is unknown
Use of 3rd Party
open-source library
3rd-party Company
PHP PEAR
Date
January
Data Breached
flight information of passengers
Use of 3rd Party
online flight booking system
3rd-party Company
Amadeus
Date
January
Data Breached
credit card information of visitors
Use of 3rd Party
Javascript for advertising
3rd-party Company
Adverline
Date
January
Company
Hanover County
Data Breached
credit card information of citizens
Use of 3rd Party
online parking ticket payment system
3rd-party Company
Click2Gov
Date
January
Company
City of Saint John, NB
Data Breached
credit card information of 6,000 people
Use of 3rd Party
online parking ticket payment system
3rd-party Company
Click2Gov
Date
January
Company
Humana
Data Breached
name, address, date of birth, partial info of the SSN, and some info about policy type of unknown number of customers
Use of 3rd Party
Bankers Life
3rd-party Company
LCP Corp.
2018 Data Leaks
Data Leaks for 2018
Date
Company
Data Breached
Use of 3rd Party
3rd-party Company
Date
December
Data Breached
31,000 Patient Records
Use of 3rd Party
Transportation
3rd-party Company
LCP Corp.
Date
December
Company
BevMo
Data Breached
credit card data of nearly 15,000 customers
Use of 3rd Party
online payment system
3rd-party Company
NCR Corp.
Date
December
Company
City of Saint John
Data Breached
6,000 citizens’ payment information
Use of 3rd Party
online payment system
3rd-party Company
Click2Gov
Date
December
Company
Redwood Eye Center
Data Breached
16,000 patients’ health information including names, birth dates, insurance information and addresses
Use of 3rd Party
application-hosting service provider
3rd-party Company
IT Lighthouse
Date
December
Data Breached
approximately 47,000 patients or guarantors whose payment information, including partial credit card information
Use of 3rd Party
credit card processing system
3rd-party Company
not disclosed
Date
December
Data Breached
account and password data of almost 50,000 users
Use of 3rd Party
Programming software
3rd-party Company
Easy Programming Language
Date
November
Company
Marriott
Data Breached
personal information of as many as 500 million guests
Use of 3rd Party
Hotels (acquired)
3rd-party Company
Starwood
Date
November
Data Breached
unknown amount of data exposed
Use of 3rd Party
small and mid-tier suppliers
3rd-party Company
not disclosed
Date
November
Company
BitPay
Data Breached
users of CoPay mobile cryptocoin wallet were targeted for cryptocoin theft, but none stolen
Use of 3rd Party
JavaScript Library
3rd-party Company
Right9ctrl
Date
November
Company
Atrium Health
Data Breached
2.65 M patient records including names, addresses, dates of birth, invoice numbers, account balances, dates of service, insurance policy information and Social Security numbers
Use of 3rd Party
billing services
3rd-party Company
AccuDoc Solutions Inc.
Date
November
Company
City of York Council
Data Breached
potentially almost 6,000 individual’s personal info including name, address, postcode, email, phone, and encrypted password
Use of 3rd Party
mobile app for One Planet York program
3rd-party Company
Appware
Date
November
Company
Nordstrom
Data Breached
personal info of employees including names, SSNs and dates of birth, checking account and routing numbers, salaries, etc.
Use of 3rd Party
management of direct deposits of wages
3rd-party Company
Not Disclosed
Date
November
Company
City of Bakersfield
Data Breached
2,400 user accounts with payment information
Use of 3rd Party
Online Payment
3rd-party Company
Click2Gov
Date
November
Data Breached
Social Security numbers of thousands of individuals who applied for a job
Use of 3rd Party
online employment application services
3rd-party Company
Jobscience, Inc.
Date
November
Company
Huntsville Hospital in Alabama
Data Breached
Social Security numbers of thousands of individuals who applied for a job
Use of 3rd Party
online employment application services
3rd-party Company
Jobscience, Inc.
Date
November
Company
Ontario Cannabis Store
Data Breached
names and addresses of 4500 consumers
Use of 3rd Party
Online tracking tool
3rd-party Company
Canada Post
Date
November
Data Breached
potential theft of BTC from customers
Use of 3rd Party
Web Analytics
3rd-party Company
StatCounter
Date
October
Company
VestaCP
Data Breached
managed to launch DDoS attacks
Use of 3rd Party
not disclosed
3rd-party Company
not disclosed
Date
October
Company
Department of Defense (Pentagon)
Data Breached
personal and payment card info of 30K employees and service members
Use of 3rd Party
Maintenance of travel records
3rd-party Company
not disclosed
Date
October
Company
The Indio Water Authority
Data Breached
unknown amount of customers’ names and credit card numbers
Use of 3rd Party
Online Payment
3rd-party Company
Click2Gov
Date
October
Data Breached
unknown amount of payment card info (still in investigation)
Use of 3rd Party
3rd-party Javascript for customer rating
3rd-party Company
Shopper Approved
Date
October
Data Breached
Unknown amount of data
Use of 3rd Party
Microchip in servers and online portal for software update
3rd-party Company
Supermicro
Date
September
Data Breached
Accounts of more than 50 million users compromised
Use of 3rd Party
Social Media Connection
3rd-party Company
Facebook
Date
September
Company
The Conservative Party (UK)
Data Breached
Sensitive information about MPs, journalist and conference attendees, including personal mobile numbers
Use of 3rd Party
Conference App
3rd-party Company
CrowdComms
Date
September
Company
Perth Mint
Data Breached
Names, addresses, passport and bank account of 3200 customers
Use of 3rd Party
Online depository
3rd-party Company
Not disclosed
Date
September
Company
British Airways
Data Breached
Financial and personal details of 380,000 customers
Use of 3rd Party
Website Javascript
3rd-party Company
Still in investigation
Date
September
Company
Foosackly
Data Breached
Unauthorized access to 165K customers’ payment card information
Use of 3rd Party
Cash register system
3rd-party Company
Not disclosed
Date
September
Company
University of Lousville
Data Breached
Names, employee IDs, physician’s name of hundreds of employees and retirees
Use of 3rd Party
Fitness vendor
3rd-party Company
Health Fitness Corp
Date
September
Company
e-commerce sites of Feedify
Data Breached
payment card data from customers of hundreds of e-commerce websites may have been stolen due to the compromise of the cloud service firm Feedify
Use of 3rd Party
Cloud service provider
3rd-party Company
Feedify
Date
September
Data Breached
Teachers’ emails, usernames and passwords were exposed
Use of 3rd Party
Instructional tool
3rd-party Company
Edmodo
Date
September
Data Breached
Names, their BCBSRI ID numbers, service providers, types of service provided and costs of claims for 1.5K customers
Use of 3rd Party
Responsible for sending members’ benefits explanations
3rd-party Company
Not disclosed
Date
September
Company
Wegmans
Data Breached
cost the grocery chain over $900,000
Use of 3rd Party
Seafood supplier
3rd-party Company
Invermar
Date
August
Data Breached
7GB cache of data exposed with medical information for employees of 181 business locations and social security numbers for nearly 3000 individuals
Use of 3rd Party
Back-up pharmacy services
3rd-party Company
MedCall Healthcare Advisers
Date
August
Company
Mention
Data Breached
Data at risk of exposure includes names and email addresses, account profile info (plan value, # of alerts and mentions)
Use of 3rd Party
Marketing
3rd-party Company
Not disclosed
Date
August
Data Breached
The personal data of 2M patients was left exposed online
Use of 3rd Party
Telemedicine company
3rd-party Company
Hova Health
Date
August
Company
GoDaddy
Data Breached
Sensitive data on 31,000 GoDaddy servers exposed online
Use of 3rd Party
Cloud data storage
3rd-party Company
Amazon S3 Bucket
Date
August
Company
South Korean Organizations
Data Breached
Unknown amount of data
Use of 3rd Party
Remote support
3rd-party Company
Remote support solution provider
Date
August
Company
Air Canada
Data Breached
Profile data, including names, email addresses and phone numbers, passport info, NEXUS numbers, dates of birth,etc.
Use of 3rd Party
Mobile app
3rd-party Company
Not disclosed
Date
August
Data Breached
Customer’s email address, phone number and full bank account number and alert details
Use of 3rd Party
Website providers
3rd-party Company
Fiserv
Date
June
Company
TicketMaster
Data Breached
40K UK citizens’ info
Use of 3rd Party
Website application
3rd-party Company
Inbenta
Date
June
Company
Reddit
Data Breached
Access data: email addresses of current Reddit users and a 2007 database
Use of 3rd Party
SMS login system
3rd-party Company
Not disclosed
Date
June
Data Breached
Passwords, usernames, contact info of millions
Use of 3rd Party
Online Survey Tool
3rd-party Company
Typeform
Date
June
Company
More than a dozen US cities
Data Breached
Over 10K individuals’ names, credit card numbers, card expiration dates and security codes
Use of 3rd Party
Online payment system
3rd-party Company
Click2Gov
Date
June
Data Breached
Any data submitted in the course of recruitment
Use of 3rd Party
Online recruitment services
3rd-party Company
PageUp
Date
June
Company
Klook
Data Breached
Personal data and credit card info of undisclosed number of customers
Use of 3rd Party
Web-based analytics tool
3rd-party Company
SOCIAPlus
Date
June
Company
UC San Diego Health
Data Breached
Personal information of hundreds of patients
Use of 3rd Party
Transcription services
3rd-party Company
Nuance Communications
Date
June
Company
The Central Bank of the Bahamas
Data Breached
No indication that any personal information was been accessed or viewed
Use of 3rd Party
Website hosting
3rd-party Company
Not disclosed
Date
May
Company
Some Fortune 500 firms
Data Breached
5,6K customer info (PII)
Use of 3rd Party
Domain registiration, agent for service of process for clients
3rd-party Company
Corporation Service Company
Date
May
Company
Universal Music Group
Data Breached
Internal FTP credentials, AWS Secret Keys/Passwords, the internal and SQL root password
Use of 3rd Party
Cloud data storage contractor
3rd-party Company
Agilisium
Date
May
Company
Chili’s Grill & Bar
Data Breached
Credit card data belonging to an undisclosed number of customers
Use of 3rd Party
Point-of-sale system
3rd-party Company
Not disclosed
Date
April
Company
BestBuy, Sears, Kmart, Delta
Data Breached
Hundreds of thousands of customer data (per company)
Use of 3rd Party
Online chat application
3rd-party Company
Not disclosed
Date
February
Company
Orlando Orthopaedic Center
Data Breached
19K patients’ records
Use of 3rd Party
Transcription services
3rd-party Company
Not disclosed
Date
February
Company
Applebee’s
Data Breached
Credit card information from unknowing diners at more than 160 Applebee’s restaurants
Use of 3rd Party
Point-of-sale system
3rd-party Company
Not disclosed
Date
January
Company
Western Union
Data Breached
Undisclosed # of customers’ contact info, bank names, WU internal ID numbers, transaction amounts, times and ID numbers
Use of 3rd Party
Cloud-based or off-site backup storage provider
3rd-party Company
Not disclosed
Date
January
Company
Reddit
Data Breached
No access to Reddit’s systems or to any Redditors’ email accounts
Use of 3rd Party
Third-party software vendor to send account emails (e.g., reset password e-mails)
3rd-party Company
Mailgun
2017 Data Leaks
Data Leaks for 2017
Date
Company
Data Breached
Use of 3rd Party
3rd-party Company
Date
November
Company
Forever 21
Data Breached
Credit card data belonging to an undisclosed number of customers
Use of 3rd Party
Point-of-sale system
3rd-party Company
Not disclosed
Date
October
Company
Domino’s Australia
Data Breached
Thousands of customer names and e-mails
Use of 3rd Party
Management of an online rating system
3rd-party Company
A former supplier
Date
October
Company
Hyatt Hotels
Data Breached
Credit card data belonging to an undisclosed number of customers at 41 hotels
Use of 3rd Party
Point-of-sale system
3rd-party Company
Not disclosed
Date
October
Company
Uber
Data Breached
Confidential information of 57M Uber users (names, driver licence #, etc)
Use of 3rd Party
Coding site used by Uber engineers
3rd-party Company
GitHub
Date
September
Data Breached
Unknown
Use of 3rd Party
Computer cleaner/ad removal tool
3rd-party Company
CCleaner
Date
July
Company
Equifax
Data Breached
Personal info (SSNs, names, addresses) of 143M consumers
Use of 3rd Party
3rd party tool to build web applications
3rd-party Company
Not disclosed
Date
July
Company
Verizon
Data Breached
14M customer data including account and personal info
Use of 3rd Party
Providing customer service analytics
3rd-party Company
NICE Systems
Date
July
Company
Hard Rock Hotels & Casinos
Data Breached
Credit card data belonging to an undisclosed number of customers at 11 hotels
Use of 3rd Party
Travel services (reservation)
3rd-party Company
Sabre Corp. (SynXis)
Date
July
Data Breached
Unknown
Use of 3rd Party
Server management software
3rd-party Company
NetSarang
Date
June
Company
Republican National Committee
Data Breached
Personal info 200M voters
Use of 3rd Party
Marketing
3rd-party Company
Deep Root
Date
June
Data Breached
Unknown (lost of hundreds of million dollars to ransonware)
Use of 3rd Party
Accounting software
3rd-party Company
MeDoc
Date
May
Data Breached
Tens of thousands (possibly up to millions) of patient records
Use of 3rd Party
Management of record backups
3rd-party Company
iHealth Innovations
Date
May
Data Breached
Unknown
Use of 3rd Party
Open source video transcoder
3rd-party Company
Handbrake
Date
March
Company
Brand New Day
Data Breached
14K patient info
Use of 3rd Party
A vendor system used by a contracted provider
3rd-party Company
Not disclosed
Date
March
Data Breached
Unknown
Use of 3rd Party
Network Logs and Event-monitoring Tool
3rd-party Company
Altair Technologies
Date
February
Data Breached
14K patients’ sensitive info (name, address, SSNs, birth dates, medical info)
Use of 3rd Party
Server containing its electronic health records database
3rd-party Company
Not disclosed
2015 Data Leaks
Data Leaks for 2015
Date
Company
Data Breached
Use of 3rd Party
3rd-party Company
Date
September
Company
T-Mobile
Data Breached
15M customer records (SSNs, birth dates, driver licence #, etc)
Use of 3rd Party
Customer credit assessment
3rd-party Company
Experian
Date
September
Data Breached
Customers’ credit card and personal info
Use of 3rd Party
Online photo order and print
3rd-party Company
PNI Digital Media
2014 Data Leaks
Data Leaks for 2014
Date
Company
Data Breached
Use of 3rd Party
3rd-party Company
Date
October
Company
JPMorgan Chase & Co
Data Breached
Contact info for 76M households and 7M small business
Use of 3rd Party
Management of its Corporate Challenge Race Registration
3rd-party Company
Not disclosed
Date
July
Company
Lowe’s
Data Breached
Current and former drivers’ records (SSNs, birth dates, driver licence #, etc)
Use of 3rd Party
Online database to store driver info
3rd-party Company
SafetyFirst – E-Driver File
Date
April
Company
Boston Medical
Data Breached
Records about 15K patients posted withoout authentication
Use of 3rd Party
Transcription services
3rd-party Company
MDF Transcription Services
2013 Data Leaks
Data Leaks for 2013
Date
Company
Data Breached
Use of 3rd Party
3rd-party Company
Date
November
Company
Target
Data Breached
Data of 70M customers and 40M credit/debit card
Use of 3rd Party
Heating, ventilaion, and air conditioning (HVAC)
3rd-party Company
Fazio Mechanical Services
Date
July
Company
RT Jones Capital
Data Breached
Personal Info of 100K individuals and 1000s of clients
Use of 3rd Party
Web server hosting
3rd-party Company
Not disclosed