Data Breaches Caused By Third-parties
2024 Data leaks
Data Leaks for 2024
Date
Company
Data Breached
Use of 3rd Party
3rd-party Company
Date
December
Company
RIBridges system
Data Breached
Personal Information
Use of 3rd Party
Consulting, financial advisory, risk management, and tax services provider
3rd-party Company
Deloitte
Date
December
Company
Whittier Hospital
Data Breached
Patient names, addresses, dates of birth, Social Security numbers, driver’s license numbers, clinical and treatment information, and insurance and claim information.
Use of 3rd Party
Healthcare provider
3rd-party Company
PIH Health
Date
December
Company
Good Samaritan Hospital
Data Breached
Patient names, addresses, dates of birth, Social Security numbers, driver’s license numbers, clinical and treatment information, and insurance and claim information.
Use of 3rd Party
Healthcare provider
3rd-party Company
PIH Health
Date
December
Company
Downey Hospital
Data Breached
Patient names, addresses, dates of birth, Social Security numbers, driver’s license numbers, clinical and treatment information, and insurance and claim information.
Use of 3rd Party
Healthcare provider
3rd-party Company
PIH Health
Date
December
Company
Pavilion of Bridgeview
Data Breached
Names, birth dates, passport numbers, driver’s license numbers, and Social Security numbers.
Use of 3rd Party
Cloud-based healthcare software provider
3rd-party Company
PointClickCare
Date
December
Company
Veterans Health Administration
Data Breached
Names, addresses, ZIP codes, dates of birth, Social Security numbers, driver’s license numbers, and/or similar identifiers, Clinical information such as diagnoses/conditions, lab results, medications, and/or other treatment information, Insurance or claims information, and information related to guarantors who paid bills for others.
Use of 3rd Party
Medical transcription service provider
3rd-party Company
DBP, Inc.
Date
December
Company
Monument Health
Data Breached
Names, contact information, Social Security numbers, driver’s license numbers, health information, insurance information, and billing information.
Use of 3rd Party
Healthcare provider
3rd-party Company
Change Healthcare
Date
November
Company
Sainsbury’s
Data Breached
Not disclosed
Use of 3rd Party
Supply chain management provider
3rd-party Company
Blue Yonder
Date
November
Data Breached
Name, address, date of birth, demographic and/or health-related information, and other information commonly found in medical / billing records. A limited number of Social Security numbers
Use of 3rd Party
Primary care provider
3rd-party Company
Third-party vendor
Date
November
Company
Morrisons
Data Breached
Not disclosed
Use of 3rd Party
Supply chain management provider
3rd-party Company
Blue Yonder
Date
November
Company
Starbucks
Data Breached
Not disclosed
Use of 3rd Party
Supply chain management provider
3rd-party Company
Blue Yonder
Date
November
Company
Presbyterian Healthcare Services
Data Breached
Limited patient data was exposed, such as names and lab data.
Use of 3rd Party
Economical solutions provider
3rd-party Company
Thompson Coburn
Date
November
Data Breached
Address, date of birth, gender, insurance member ID, clinical information (healthcare provider’s name, health insurance provider, information regarding clinical care and payment responsibilities for that care such as co-pay amounts)
Use of 3rd Party
Management Services Provider
3rd-party Company
Third-party vendor
Date
November
Data Breached
Full names, dates of birth, nationality, email and postal addresses, and phone numbers.
Use of 3rd Party
Service provider
3rd-party Company
Third-party vendor
Date
November
Company
Nokia
Data Breached
SSH keys, source code, RSA keys, BitBucket logins, SMTP accounts, webhooks, and hardcoded credentials.
Use of 3rd Party
Telecommunications provider
3rd-party Company
Third-party vendor
Date
November
Company
Schneider Electric
Data Breached
75,000 unique email addresses and full names for Schneider Electric employees and customers.
Use of 3rd Party
Manufactures energy and automation products provider
3rd-party Company
Atlassian’s JIRA server
Date
October
Company
Rackspace
Data Breached
Limited customer monitoring data, including customer account names and numbers, customer usernames, device IDs, device name and information, IP addresses, and device agent credentials.
Use of 3rd Party
Cloud hosting provider
3rd-party Company
ScienceLogic
Date
October
Data Breached
Names, addresses, medical billing and insurance information, medical information such as diagnoses, and demographic information such as dates of birth, Social Security numbers, and financial information.
Use of 3rd Party
IT Services Provider
3rd-party Company
Axispoint Technology Solutions Group (ATSG)
Date
October
Company
Smile Design Management
Data Breached
Names, addresses, telephone numbers, dates of birth, Social Security numbers, benefit identification numbers, health information, and prescription information.
Use of 3rd Party
Community Services Provider
3rd-party Company
Third-party vendor
Date
October
Company
ADT
Data Breached
Credentials
Use of 3rd Party
Home and small business security provider
3rd-party Company
Third-party business partner
Date
October
Company
CF Medical
Data Breached
Names, addresses, Social Security numbers, dates of birth, and Comcast account numbers and ID numbers.
Use of 3rd Party
Debt collection services provider
3rd-party Company
Financial Business and Consumer Solutions (FBCS)
Date
October
Company
Truist Bank
Data Breached
Names, addresses, Social Security numbers, dates of birth, and Comcast account numbers and ID numbers.
Use of 3rd Party
Debt collection services provider
3rd-party Company
Financial Business and Consumer Solutions (FBCS)
Date
October
Company
Comcast
Data Breached
Names, addresses, Social Security numbers, dates of birth, and Comcast account numbers and ID numbers.
Use of 3rd Party
Debt collection services provider
3rd-party Company
Financial Business and Consumer Solutions (FBCS)
Date
September
Company
NHS England
Data Breached
Names, dates of birth, NHS numbers, and in some cases personal contact details, alongside pathology and histology forms that are used to share patient details between medical departments and institutions.
Use of 3rd Party
Pathology service provider
3rd-party Company
Synnovis
Date
September
Company
T-Mobile
Data Breached
Including Database, Source code, Private Keys, Credentials, API Keys, Projects, Employee Data, T-Mobile’s VM logs, and more.
Use of 3rd Party
Information technology provider
3rd-party Company
Capgemini
Date
September
Company
Cultura
Data Breached
Names, addresses, phone numbers, emails, and notes.
Use of 3rd Party
Third-party vendor
3rd-party Company
Third-party vendor
Date
September
Company
Boulanger
Data Breached
Names, addresses, phone numbers, emails, and notes.
Use of 3rd Party
Third-party vendor
3rd-party Company
Third-party vendor
Date
September
Data Breached
Name, Social, Security Number or Individual Taxpayer Identification Number, Date of Birth, Mailing Address, Gender
Hospital Account Number,
Dates of Service
Medicare Beneficiary Identifier (MBI) and/or Health Insurance Claim Number.
Use of 3rd Party
Medicare administrative services provider
3rd-party Company
Wisconsin Physicians Service Insurance Corporation (WPS)
Date
August
Company
Surgery Center of Mid Florida
Data Breached
Names, addresses, Social Security numbers, dates of birth, driver’s license/state identification card numbers, medical record numbers, treatment information, and health insurance information.
Use of 3rd Party
Healthcare Provider
3rd-party Company
Third-party vendor
Date
August
Company
HealthEquity
Data Breached
Employee ID, employer, address, telephone number, Social Security number, general contact information of dependents, and payment card information, but not payment card number/HealthEquity debit card information.
Use of 3rd Party
Healthcare provider
3rd-party Company
Third-party vendor
Date
August
Company
Toyota
Data Breached
240GB of files with information on Toyota employees and customers, as well as contracts and financial information.
Use of 3rd Party
Third-party vendor
3rd-party Company
Third-party vendor
Date
August
Company
Surgery Center of Mid Florida
Data Breached
Names, addresses, Social Security numbers, dates of birth, driver’s license/state identification card numbers, medical record numbers, treatment information, and health insurance information.
Use of 3rd Party
Healthcare provider
3rd-party Company
Third-party vendor
Date
August
Company
HAH Group Holding Company
Data Breached
Names, dates of birth, Social Security numbers, financial account numbers, usernames and passwords, and/or certain medical, health insurance, and/or treatment information.
Use of 3rd Party
Home healthcare provider
3rd-party Company
Third-party vendor
Date
August
Company
Blue Shield of California
Data Breached
Name, birthdate, Social Security number and insurance policy and claim information.
Use of 3rd Party
Software Provider
3rd-party Company
Young Consulting
Date
August
Data Breached
Sensitive files or data.
Use of 3rd Party
A third-party tech provider
3rd-party Company
C-Edge Technologies Ltd
Date
August
Company
13,000 students in Singapore
Data Breached
There is no evidence to suggest that the perpetrator had access to users’ data.
Use of 3rd Party
A digital classroom management provider
3rd-party Company
Mobile Guardian
Date
July
Company
Clear Spring Health
Data Breached
Contact information, health insurance information, health information, billing information, and personal information, including Social Security numbers, driver’s license numbers, state ID numbers, and passport numbers.
Use of 3rd Party
Call center operator and nurse triage service provider
3rd-party Company
Change Healthcare
Date
July
Company
Mobile Medical Response
Data Breached
Addresses, dates of birth, Social Security numbers, driver’s license/state identification numbers, financial account information, payment card information, patient record information, medical diagnosis/condition information, medical treatment information, and health insurance information were not impermissibly disclosed.
Use of 3rd Party
Medical transportation provider
3rd-party Company
CBM Services
Date
July
Company
Kairos Health Arizona
Data Breached
Not disclosed
Use of 3rd Party
Third-party vendor
3rd-party Company
A Third-party vendor
Date
July
Company
AutoNation
Data Breached
Not disclosed
Use of 3rd Party
A software company provider
3rd-party Company
CDK Global
Date
July
Company
AT&T
Data Breached
Telephone numbers of AT&T wireline customers and customers of other carriers,
Telephone numbers with which AT&T or MVNO wireless numbers interacted,
Count of interactions (e.g., the number of calls or texts),
Aggregate call duration for a day or month,
For a subset of records, one or more cell site identification numbers.
Use of 3rd Party
Cloud-based database provider
3rd-party Company
Snowflake
Date
July
Company
Gemini
Data Breached
Some customers’ banking information, including their full name, bank account number, and routing number.
Use of 3rd Party
Automated Clearing House (ACH) service provider
3rd-party Company
Not disclosed Automated Clearing House (ACH) service provider
Date
July
Company
300 small Indian banks
Data Breached
Not disclosed
Use of 3rd Party
Technology service provider
3rd-party Company
C-Edge Technologies Ltd
Date
July
Data Breached
Social Security numbers, driver’s license numbers, financial account information, and/or credit card information
Use of 3rd Party
Healthcare Provider
3rd-party Company
Disability Rights Wisconsin
Date
July
Company
Bilt
Data Breached
Names, Social Security Numbers (SSNs), bank account numbers, and contact information.
Use of 3rd Party
Financial services provider
3rd-party Company
Evolve Bank & Trust
Date
July
Company
Wise
Data Breached
Names, Social Security Numbers (SSNs), bank account numbers, and contact information.
Use of 3rd Party
Financial services provider
3rd-party Company
Evolve Bank & Trust
Date
July
Company
Roblox
Data Breached
Full names, email addresses, and IP addresses.
Use of 3rd Party
Software Provider
3rd-party Company
FNTech
Date
July
Company
Affirm
Data Breached
Names, Social Security Numbers (SSNs), bank account numbers, and contact information.
Use of 3rd Party
Financial services provider
3rd-party Company
Evolve Bank & Trust
Date
June
Company
Geisinger
Data Breached
Full name
Phone number
Date of birth
Address
Admit and discharge or transfer code
Medical record number
Race and gender
Facility name abbreviation
Use of 3rd Party
IT services provider
3rd-party Company
Nuance Communications
Date
June
Company
Neiman Marcus Group.
Data Breached
Name, contact information, date of birth, and Neiman Marcus or Bergdorf Goodman gift card number(s) (without gift card PINs).
Use of 3rd Party
Luxury retailer provider
3rd-party Company
Snowflake
Date
June
Data Breached
Social Security Number (SSN),
Date of birth
Medical treatment/record information,
Biometric data,
Email address and password
Username and password
Driver’s License number or state ID number
Financial account information
Payment card information
Passport number
Tribal ID number
U.S. military ID number
Use of 3rd Party
Financial services provider
3rd-party Company
Infosys McCamish Systems (IMS)
Date
June
Company
Aptihealth
Data Breached
Names, addresses, dates of birth, dates of service, doctors’ names, medical treatment and diagnosis information, health insurance company names, and health insurance identification numbers.
Use of 3rd Party
Healthcare Provider
3rd-party Company
Sisense
Date
June
Company
IACT Health
Data Breached
Patient names, dates of birth, government identification information, demographic information, contact information, home address, Social Security numbers, bank account numbers, health insurance information, and health information.
Use of 3rd Party
Healthcare Provider
3rd-party Company
Advarra
Date
June
Company
Adventist Health Tulare
Data Breached
First name, last name, medical record number, date of birth, provider name, and a single laboratory test result.
Use of 3rd Party
Medical provider
3rd-party Company
Signature Performance
Date
June
Company
Newton Centre Dental
Data Breached
Names, date of birth, Social Security number, tax identification number, IRS PIN number, passport number, driver’s license/state-issued identification number, military identification number, non-U.S. national identification number, account number, routing number, financial institution name, credit or debit card number and security code or PIN, access information (credentials, security questions/answers, and digital signatures), health information (diagnosis, treatment information, prescriptions, provider names, medical record number/patient identification number, hospital account record number), and health insurance information (Medicare/Medicaid number or health insurance subscriber number).
Use of 3rd Party
Medical provider
3rd-party Company
Affinity Dental Management
Date
June
Data Breached
Not disclosed
Use of 3rd Party
Large car-dealership providers
3rd-party Company
CDK Global
Date
June
Data Breached
Not disclosed
Use of 3rd Party
Pathology and diagnostic services provider
3rd-party Company
Synnovis
Date
June
Company
T-Mobile
Data Breached
Personal information of 37 million customers.
Use of 3rd Party
Third-party service provider
3rd-party Company
Third-party vendor
Date
June
Company
Los Angeles Unified
Data Breached
Student names, addresses, family names, demographics, financials, grades, performance scoring, disability information, discipline details, and parent information.
Use of 3rd Party
Cloud storage systems and services provider
3rd-party Company
Snowflake
Date
June
Company
Pure Storage
Data Breached
Customer names, usernames, and email addresses.
Use of 3rd Party
Cloud storage systems and services provider
3rd-party Company
Snowflake
Date
June
Data Breached
Patients’ health information was not leaked
Use of 3rd Party
Pathology and diagnostic services provider
3rd-party Company
Synnovis
Date
May
Company
MediSecure
Data Breached
Personal and health information
Use of 3rd Party
Electronic prescription provider
3rd-party Company
Third-party vendor
Date
May
Company
Advance Auto Parts
Data Breached
Automotive aftermarket parts provider
Use of 3rd Party
Cloud storage provider
3rd-party Company
Snowflake
Date
May
Company
QuoteWizard
Data Breached
Insurance providers
Use of 3rd Party
Cloud storage provider
3rd-party Company
Snowflake
Date
May
Company
Ticketmaster
Data Breached
Customer information
Use of 3rd Party
Cloud storage provider
3rd-party Company
Snowflake
Date
May
Company
Santander
Data Breached
Customer information
Use of 3rd Party
Cloud storage provider
3rd-party Company
Snowflake
Date
May
Data Breached
Personally identifiable information (PII)
Use of 3rd Party
Software provider
3rd-party Company
Tekrom Technology A.s. (T-Soft)
Date
May
Company
HSBC
Data Breached
Source codes, database files, compiled JAR files, certification files, SQL files, JSON configuration files, and email addresses
Use of 3rd Party
Financial services provider
3rd-party Company
Baton Systems
Date
May
Data Breached
Protected Health Information (PHI) and Personally Identifiable Information (PII)
Use of 3rd Party
Healthcare providers
3rd-party Company
Ascension Health
Date
May
Company
Barclays
Data Breached
Source codes, database files, compiled JAR files, certification files, SQL files, JSON configuration files, and email addresses
Use of 3rd Party
Financial services provider
3rd-party Company
Baton Systems
Date
May
Data Breached
Participant ID (keycoded identifier), study name, status, date of explicit consent, date of screen failure, random date, arm/cohort/startification, date of first dose, date of current dose, date of last dose, date of last visit, number of rescans , previous participant identification, age, gender, race, ethnicity, end of randomized period, reason for discontinuation of treatment, date of discontinuation of treatment, reason for discontinuation of study, date of discontinuation of study, study completed, date of study completion, date of death, SDVTier, participant identification, birth year, laboratory results, value within range, laboratory date, medications used, medical history information,
For responsible investigators (HCP), research center staff, and people assigned to the research study; field personnel information, UserOID, login name, screen name, full name, user role, country, corporate contact information (address, email, fax, phone, license number)
Use of 3rd Party
Medicine Provider
3rd-party Company
eClinical Solutions LLC
Date
May
Company
Gerber Life Insurance
Data Breached
Contact information, birthdate, date of death, Social Security number, and insurance information. WebTPA said financial information and health information were not compromised in the incident.
Use of 3rd Party
Health insurance and benefit plans provider
3rd-party Company
WebTPA
Date
May
Company
Transamerica
Data Breached
Contact information, birthdate, date of death, Social Security number, and insurance information. WebTPA said financial information and health information were not compromised in the incident.
Use of 3rd Party
Health insurance and benefit plans provider
3rd-party Company
WebTPA
Date
May
Company
The Hartford
Data Breached
Contact information, birthdate, date of death, Social Security number, and insurance information. WebTPA said financial information and health information were not compromised in the incident.
Use of 3rd Party
Health insurance and benefit plans provider
3rd-party Company
WebTPA
Date
May
Company
Acrotech Biopharma Inc.
Data Breached
Personally identifiable information (PII)
Use of 3rd Party
Patient support services provider
3rd-party Company
Cencora, Inc.
Date
May
Company
CareDx, Inc
Data Breached
Personally identifiable information (PII)
Use of 3rd Party
Patient support services provider
3rd-party Company
Cencora, Inc.
Date
May
Company
Continuum Health Alliance
Data Breached
Name, age, medical record and identification numbers, and medical information such as treatment information, dates of treatment, and test results.
Use of 3rd Party
Medicine Provider
3rd-party Company
Consensus Medical Group
Date
May
Data Breached
First names, last names, addresses, dates of birth, health diagnoses, and/or medications and prescriptions.
Use of 3rd Party
Healthcare providers
3rd-party Company
Cencora, Inc.
Date
April
Company
AMG Healthcare Management Services, Marshall Medical Center, South Coast ER Medical Group and more…
Data Breached
Names, addresses, dates of birth, health insurance information, dates of service, and Social Security numbers.
Use of 3rd Party
Healthcare Provider
3rd-party Company
Designed Receivable Solutions (DRS)
Date
April
Company
Catholic Medical Center (CMC)
Data Breached
First and last name, date of birth, home address, phone number(s), e-mail address, medical record number, client identification number, dates of service, and/or medical information (e.g., diagnosis/condition, treatment, test results, medications), and/or health plan information.
Use of 3rd Party
Healthcare Provider
3rd-party Company
Lamont Hanley & Associates
Date
April
Company
Department of Justice
Data Breached
Personal information such as; Social Security numbers and more were accessed
Use of 3rd Party
Consulting provider
3rd-party Company
Greylock McKinnon Associates
Date
April
Company
Heilbronn City Library
Data Breached
Not disclosed
Use of 3rd Party
Database provider
3rd-party Company
Genios
Date
April
Company
University of Giessen
Data Breached
Not disclosed
Use of 3rd Party
Database provider
3rd-party Company
Genios
Date
April
Data Breached
Personally identifiable information (PII)
Use of 3rd Party
Third-party technology provider
3rd-party Company
Tyler Technologies
Date
April
Company
Cisco Duo
Data Breached
Phone number, Carrier, Location data, Date, Time, Message type
Use of 3rd Party
Telephony Provider
3rd-party Company
Unknown Telephony Provider
Date
April
Company
Moffitt Cancer Center
Data Breached
Names, dates of birth, and Social Security numbers.
Use of 3rd Party
Healthcare Provider
3rd-party Company
Advarra.
Date
April
Company
Moffitt Cancer Center
Data Breached
Patient names, dates of birth, phone numbers, email addresses, medical records, Social Security numbers, copies of passports and driver’s licenses, health insurance information, and company data.
Use of 3rd Party
Healthcare Provider
3rd-party Company
Gunster Yoakley and Stewart PA
Date
April
Company
Multiple U.S. agencies
Data Breached
Not disclosed
Use of 3rd Party
Technology consulting provider
3rd-party Company
Acuity Consulting
Date
March
Company
Swiss Goverment
Data Breached
Documents containing confidential information
Use of 3rd Party
Technology and software solutions provider
3rd-party Company
Xplain
Date
March
Company
Fidelity
Data Breached
Names, Social Security numbers, states of residence, bank account and routing numbers, and dates of birth.
Use of 3rd Party
Financial services provider
3rd-party Company
Infosys McCamish Systems (IMS)
Date
March
Data Breached
First and last names, address, phone number, email address, date of birth, driver’s license number, government identification number, vehicle identification number, passport number, Social Security number, patient ID account number, medical information, health information and/or health insurance information.
Use of 3rd Party
Healthcare Provider
3rd-party Company
KMJ Health Solutions
Date
March
Company
Rancho Family Medical Group
Data Breached
First and last names, address, phone number, email address, date of birth, driver’s license number, government identification number, vehicle identification number, passport number, Social Security number, patient ID account number, medical information, health information and/or health insurance information.
Use of 3rd Party
Healthcare Provider
3rd-party Company
KMJ Health Solutions
Date
March
Company
Regional One Health
Data Breached
First and last names, address, phone number, email address, date of birth, driver’s license number, government identification number, vehicle identification number, passport number, Social Security number, patient ID account number, medical information, health information and/or health insurance information.
Use of 3rd Party
Healthcare Provider
3rd-party Company
KMJ Health Solutions
Date
March
Company
Saint Joseph’s Medical Center
Data Breached
First and last names, address, phone number, email address, date of birth, driver’s license number, government identification number, vehicle identification number, passport number, Social Security number, patient ID account number, medical information, health information and/or health insurance information.
Use of 3rd Party
Healthcare Provider
3rd-party Company
KMJ Health Solutions
Date
March
Company
Santa Clarita Community College
Data Breached
Names, addresses, dates of birth, Social Security numbers, medical record numbers, and medical treatment information exposed.
Use of 3rd Party
Healthcare Provider
3rd-party Company
Keenan & Associates
Date
March
Data Breached
A limited amount of personal information. Included names and Social Security numbers.
Use of 3rd Party
Insurance Provider
3rd-party Company
Employee Benefits Corporation of America and Benefit Design Group, Inc.
Date
March
Company
Custom Health Care, Inc.
Data Breached
A limited amount of personal information. Included names and Social Security numbers.
Use of 3rd Party
Healthcare Provider
3rd-party Company
Employee Benefits Corporation of America and Benefit Design Group, Inc.
Date
March
Company
Countryway Insurance Company
Data Breached
A limited amount of personal information. Included names and Social Security numbers.
Use of 3rd Party
Insurance Provider
3rd-party Company
Employee Benefits Corporation of America and Benefit Design Group, Inc.
Date
March
Data Breached
A limited amount of personal information. Included names and Social Security numbers.
Use of 3rd Party
Insurance Provider
3rd-party Company
Employee Benefits Corporation of America and Benefit Design Group, Inc.
Date
March
Company
Baylor College of Medicine
Data Breached
Names, dates of birth, Social Security numbers, addresses, telephone numbers, and medical record numbers.
Use of 3rd Party
Healthcare Provider
3rd-party Company
Advarra
Date
March
Data Breached
First and last names in combination with one or more of the following: address, phone number, email address, date of birth, driver’s license number, government identification number, vehicle identification number, passport number, Social Security number, patient ID account number, medical information, health information and/or health insurance information.
Use of 3rd Party
Healthcare Provider
3rd-party Company
Unkown third-party vendor
Date
March
Data Breached
Names, addresses, dates of birth, dates of service, and, for some individuals, the name of their primary care provider and/or Social Security number.
Use of 3rd Party
Healthcare Provider
3rd-party Company
Multiplan Inc.
Date
March
Company
Bay Area Anesthesia
Data Breached
Tax forms and Social Security numbers (SSNs).
Use of 3rd Party
Healthcare Provider
3rd-party Company
Bowden Barlow Law, P.A.
Date
March
Company
American Express
Data Breached
Card information
Use of 3rd Party
Service providers
3rd-party Company
A Merchant Processor
Date
March
Company
The Hanoi Stock Exchange (HNX)
Data Breached
No impact on customers’ assets or data.
Use of 3rd Party
Securities broker provider
3rd-party Company
VNDirect
Date
February
Company
Bay Area Heart Center
Data Breached
Names, social Security number, date of birth, driver’s license numbers, state identification numbers, passports, direct deposit bank information, medical information, and health insurance information.
Use of 3rd Party
Healthcare Provider
3rd-party Company
Bowden Barlow Law, P.A.
Date
February
Company
Prime Healthcare
Data Breached
Date of birth, Social Security number, passport number, driver’s license number, health insurance information, and general health information.
Use of 3rd Party
Brokerage provider
3rd-party Company
Keenan & Associates
Date
February
Company
100 Romanian hospitals
Data Breached
The system is down, files and databases are encrypted
Use of 3rd Party
Healthcare services provider
3rd-party Company
Hipocrate Information System (HIS)
Date
February
Company
Qualcomm Incorporated
Data Breached
PII
Use of 3rd Party
Semiconductor Provider
3rd-party Company
Unknown third-party vendor
Date
February
Company
Audiens
Data Breached
Beneficiary’s marital status, date of birth, social security number, name of health insurer, and guarantees open to third-party payment.
Use of 3rd Party
Healthcare services provider
3rd-party Company
Viamedis
Date
February
Company
Santéclair
Data Breached
Beneficiary’s marital status, date of birth, social security number, name of health insurer, and guarantees open to third-party payment.
Use of 3rd Party
Healthcare services provider
3rd-party Company
Viamedis
Date
February
Company
Rotech Healthcare
Data Breached
Names, contact information, dates of birth, Social Security numbers, location of services, clinical and/ or diagnosis information, and patient account and/or medical record numbers.
Use of 3rd Party
Healthcare Provider
3rd-party Company
Philips Respironics
Date
February
Company
Forward Healthcare
Data Breached
Names, dates of birth, medical information, and health insurance claims information. The exposed employee data included names, Social Security numbers, driver’s license numbers/ other government-issued IDs, financial account information, and/or insurance information.
Use of 3rd Party
Healthcare Provider
3rd-party Company
Philips Respironics
Date
February
Company
Nabholz Construction
Data Breached
Names, Social Security numbers, addresses, ZIP codes, driver’s license numbers, dates of birth, clinical information such as diagnosis/conditions, lab results, medications or other treatment information, claims information and insurance information.
Use of 3rd Party
Construction management Provider
3rd-party Company
Cadence Bank
Date
February
Company
Health Alliance
Data Breached
Names, Social Security numbers, addresses, ZIP codes, driver’s license numbers, dates of birth, clinical information such as diagnosis/conditions, lab results, medications or other treatment information, claims information and insurance information.
Use of 3rd Party
Healthcare Provider
3rd-party Company
OnTrak
Date
February
Company
Kalixia
Data Breached
Beneficiary’s marital status, date of birth, social security number, name of health insurer, and guarantees open to third-party payment.
Use of 3rd Party
Healthcare services provider
3rd-party Company
Viamedis
Date
February
Company
Itelis
Data Breached
Beneficiary’s marital status, date of birth, social security number, name of health insurer, and guarantees open to third-party payment.
Use of 3rd Party
Business to business Provider
3rd-party Company
Viamedis
Date
February
Company
Carte Blanche Partenaires
Data Breached
Beneficiary’s marital status, date of birth, social security number, name of health insurer, and guarantees open to third-party payment.
Use of 3rd Party
Healthcare services provider
3rd-party Company
Viamedis
Date
February
Data Breached
Names, dates of birth, health plan information, medical treatment information, medical record numbers, patient account numbers, case identification numbers, provider and doctor information, and health record information.
Use of 3rd Party
Business services provider
3rd-party Company
Navvis & Company
Date
February
Company
Dendreon Pharmaceuticals LLC
Data Breached
Full name, address, health diagnosis, medications, and prescriptions.
Use of 3rd Party
Pharmaceutical services provider
3rd-party Company
Cencora
Date
February
Company
Endo International
Data Breached
Full name, address, health diagnosis, medications, and prescriptions.
Use of 3rd Party
Pharmaceutical services provider
3rd-party Company
Cencora
Date
February
Company
GSK
Data Breached
Full name, address, health diagnosis, medications, and prescriptions.
Use of 3rd Party
Pharmaceutical services provider
3rd-party Company
Cencora
Date
February
Company
Acadia Pharmaceuticals Inc.
Data Breached
Full name, address, health diagnosis, medications, and prescriptions.
Use of 3rd Party
Pharmaceutical services provider
3rd-party Company
Cencora
Date
February
Company
Sumitomo Pharma America, Inc.
Data Breached
Full name, address, health diagnosis, medications, and prescriptions.
Use of 3rd Party
Pharmaceutical services provider
3rd-party Company
Cencora
Date
February
Company
Incyte Corporation
Data Breached
Full name, address, health diagnosis, medications, and prescriptions.
Use of 3rd Party
Pharmaceutical services provider
3rd-party Company
Cencora
Date
February
Company
Genentech, Inc.
Data Breached
Full name, address, health diagnosis, medications, and prescriptions.
Use of 3rd Party
Pharmaceutical services provider
3rd-party Company
Cencora
Date
February
Company
Regeneron Pharmaceuticals
Data Breached
Full name, address, health diagnosis, medications, and prescriptions.
Use of 3rd Party
Pharmaceutical services provider
3rd-party Company
Cencora
Date
February
Company
AbbVie
Data Breached
Full name, address, health diagnosis, medications, and prescriptions.
Use of 3rd Party
Pharmaceutical services provider
3rd-party Company
Cencora
Date
February
Company
Bayer
Data Breached
Full name, address, health diagnosis, medications, and prescriptions.
Use of 3rd Party
Pharmaceutical services provider
3rd-party Company
Cencora
Date
February
Data Breached
Full name, address, health diagnosis, medications, and prescriptions.
Use of 3rd Party
Pharmaceutical services provider
3rd-party Company
Cencora
Date
February
Company
Malakoff Humanis
Data Breached
Beneficiary’s marital status, date of birth, social security number, name of health insurer, and guarantees open to third-party payment.
Use of 3rd Party
Healthcare services provider
3rd-party Company
Viamedis
Date
February
Company
Bank of America
Data Breached
Names, addresses, social security numbers, dates of birth, and financial information, including account and credit card numbers
Use of 3rd Party
Financial services provider
3rd-party Company
Infosys McCamish Systems (IMS)
Date
February
Data Breached
Personally identifiable information on employees (including some people who worked there from 2007 to 2017)
Use of 3rd Party
IT services provider
3rd-party Company
CGI Federal
Date
January
Company
North Kansas City Hospital
Data Breached
Full names and one or more of the following data elements: date of birth, address, medical record number, hospital account number, admission diagnosis, and date(s) and time(s) of service.
Use of 3rd Party
Healthcare services provider
3rd-party Company
Perry Johnson & Associates, Inc., (PJ&A)
Date
January
Company
Concentra
Data Breached
Full names and one or more of the following data elements: date of birth, address, medical record number, hospital account number, admission diagnosis, and date(s) and time(s) of service.
Use of 3rd Party
Healthcare services provider
3rd-party Company
Perry Johnson & Associates, Inc., (PJ&A)
Date
January
Company
Family Healthcare
Data Breached
Name, date of birth, Social Security number, driver’s license/state ID number, passport number, military ID number, financial account number, credit/debit card number with and without expiration date and security code, health insurance information, and clinical information, such as diagnosis/conditions, lab results, and prescription information.
Use of 3rd Party
Healthcare services provider
3rd-party Company
Brady Martz & Associates
Date
January
Data Breached
Names, dates of birth, contact information, general health information, medical treatment information, Social Security numbers, and/or employment records.
Use of 3rd Party
Healthcare services provider
3rd-party Company
HMG Healthcare
Date
January
Data Breached
Name, address, date of birth, driver’s license or other state identification number, Social Security number, account access credentials, health insurance information, medical treatment and diagnosis information, medical treatment cost information, patient account number, Medicare or Medicaid number, healthcare provider information, and prescription information.
Use of 3rd Party
Healthcare services provider
3rd-party Company
ConsensioHealth
Date
January
Company
Dr. Linda Jingle
Data Breached
Name, address, date of birth, driver’s license or other state identification number, Social Security number, account access credentials, health insurance information, medical treatment and diagnosis information, medical treatment cost information, patient account number, Medicare or Medicaid number, healthcare provider information, and prescription information.
Use of 3rd Party
Healthcare services provider
3rd-party Company
ConsensioHealth
Date
January
Company
Fox Valley Emergency Medicine
Data Breached
Name, address, date of birth, driver’s license or other state identification number, Social Security number, account access credentials, health insurance information, medical treatment and diagnosis information, medical treatment cost information, patient account number, Medicare or Medicaid number, healthcare provider information, and prescription information.
Use of 3rd Party
Healthcare services provider
3rd-party Company
ConsensioHealth
Date
January
Company
Primula
Data Breached
Sensitive personal data
Use of 3rd Party
Cloud hosting services provider
3rd-party Company
Tietoevry
Date
January
Company
Kenosha Urgicare
Data Breached
Name, address, date of birth, driver’s license or other state identification number, Social Security number, account access credentials, health insurance information, medical treatment and diagnosis information, medical treatment cost information, patient account number, Medicare or Medicaid number, healthcare provider information, and prescription information.
Use of 3rd Party
Healthcare provider
3rd-party Company
ConsensioHealth
Date
January
Company
Wisconsin Urgent Care
Data Breached
Name, address, date of birth, driver’s license or other state identification number, Social Security number, account access credentials, health insurance information, medical treatment and diagnosis information, medical treatment cost information, patient account number, Medicare or Medicaid number, healthcare provider information, and prescription information.
Use of 3rd Party
Healthcare provider
3rd-party Company
ConsensioHealth
Date
January
Company
Ascension Wisconsin
Data Breached
Name, address, date of birth, driver’s license or other state identification number, Social Security number, account access credentials, health insurance information, medical treatment and diagnosis information, medical treatment cost information, patient account number, Medicare or Medicaid number, healthcare provider information, and prescription information.
Use of 3rd Party
Healthcare provider
3rd-party Company
ConsensioHealth
Date
January
Data Breached
Name, address, date of birth, driver’s license or other state identification number, Social Security number, account access credentials, health insurance information, medical treatment and diagnosis information, medical treatment cost information, patient account number, Medicare or Medicaid number, healthcare provider information, and prescription information.
Use of 3rd Party
Healthcare provider
3rd-party Company
ConsensioHealth
Date
January
Company
Framework Computer
Data Breached
Personally identifiable information
Use of 3rd Party
Accounting service provider
3rd-party Company
Keating Consulting Group
Date
January
Company
Uppsala County
Data Breached
Not disclosed
Use of 3rd Party
IT services and enterprise cloud hosting provider
3rd-party Company
TietoEVRY
Date
January
Company
Vellinge municipality
Data Breached
Not disclosed
Use of 3rd Party
IT services and enterprise cloud hosting provider
3rd-party Company
TietoEVRY
Date
January
Company
Statens service center
Data Breached
Not disclosed
Use of 3rd Party
IT services and enterprise cloud hosting provider
3rd-party Company
TietoEVRY
Date
January
Company
Malmö University
Data Breached
Not disclosed
Use of 3rd Party
IT services and enterprise cloud hosting provider
3rd-party Company
TietoEVRY
Date
January
Company
Lunds Universitet
Data Breached
Not disclosed
Use of 3rd Party
IT services and enterprise cloud hosting provider
3rd-party Company
TietoEVRY
Date
January
Company
Stockholm University
Data Breached
Not disclosed
Use of 3rd Party
IT services and enterprise cloud hosting provider
3rd-party Company
TietoEVRY
Date
January
Company
University West
Data Breached
Not disclosed
Use of 3rd Party
IT services and enterprise cloud hosting provider
3rd-party Company
TietoEVRY
Date
January
Company
SLU
Data Breached
Not disclosed
Use of 3rd Party
IT services and enterprise cloud hosting provider
3rd-party Company
TietoEVRY
Date
January
Company
Karolinska Institutet
Data Breached
Not disclosed
Use of 3rd Party
IT services and enterprise cloud hosting provider
3rd-party Company
TietoEVRY
Date
January
Company
Grangnården
Data Breached
Not disclosed
Use of 3rd Party
IT services and enterprise cloud hosting provider
3rd-party Company
TietoEVRY
Date
January
Company
Moelven
Data Breached
Not disclosed
Use of 3rd Party
IT services and enterprise cloud hosting provider
3rd-party Company
TietoEVRY
Date
January
Company
Rusta
Data Breached
Not disclosed
Use of 3rd Party
IT services and enterprise cloud hosting provider
3rd-party Company
TietoEVRY
Date
January
Company
Filmstaden
Data Breached
Not disclosed
Use of 3rd Party
IT services and enterprise cloud hosting provider
3rd-party Company
TietoEVRY
Date
January
Company
Meritas Health Corporation
Data Breached
Not disclosed
Use of 3rd Party
Health insurance and healthcare provider
3rd-party Company
Perry Johnson & Associates, Inc., (PJ&A)
Date
January
Company
North Kansas City Hospital
Data Breached
Not disclosed
Use of 3rd Party
Health insurance and healthcare provider
3rd-party Company
Perry Johnson & Associates, Inc., (PJ&A)
Date
January
Company
US Small Business Administration
Data Breached
Names, addresses, dates of birth, Social Security numbers, driver’s license or other government ID numbers, passport numbers, email addresses, financial account details, tax identification numbers, medical and health information, health insurance and healthcare provider details, online account credentials, and credit or debit card numbers.
Use of 3rd Party
Health insurance and healthcare provider
3rd-party Company
Orrick, Herrington & Sutcliffe
Date
January
Company
MultiPlan
Data Breached
Names, addresses, dates of birth, Social Security numbers, driver’s license or other government ID numbers, passport numbers, email addresses, financial account details, tax identification numbers, medical and health information, health insurance and healthcare provider details, online account credentials, and credit or debit card numbers.
Use of 3rd Party
Health insurance and healthcare provider
3rd-party Company
Orrick, Herrington & Sutcliffe
Date
January
Company
EyeMed Vision Care
Data Breached
Names, addresses, dates of birth, Social Security numbers, driver’s license or other government ID numbers, passport numbers, email addresses, financial account details, tax identification numbers, medical and health information, health insurance and healthcare provider details, online account credentials, and credit or debit card numbers.
Use of 3rd Party
Health insurance and healthcare provider
3rd-party Company
Orrick, Herrington & Sutcliffe
Date
January
Data Breached
Names, addresses, dates of birth, Social Security numbers, driver’s license or other government ID numbers, passport numbers, email addresses, financial account details, tax identification numbers, medical and health information, health insurance and healthcare provider details, online account credentials, and credit or debit card numbers.
Use of 3rd Party
Healthcare Provider
3rd-party Company
Orrick, Herrington & Sutcliffe
Date
January
Data Breached
Name
Address
Date of birth
Social Security number
Taxpayer Identification Number
Medical Record number
Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location)
Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification)
Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party
Healthcare Provider
3rd-party Company
HealthEC LLC
Date
January
Data Breached
Name
Address
Date of birth
Social Security number
Taxpayer Identification Number
Medical Record number
Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location)
Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification)
Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party
Healthcare Provider
3rd-party Company
HealthEC LLC
Date
January
Company
East Georgia Healthcare Center
Data Breached
Name
Address
Date of birth
Social Security number
Taxpayer Identification Number
Medical Record number
Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location)
Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification)
Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party
Healthcare Provider
3rd-party Company
HealthEC LLC
Date
January
Data Breached
Name
Address
Date of birth
Social Security number
Taxpayer Identification Number
Medical Record number
Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location)
Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification)
Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party
Healthcare Provider
3rd-party Company
HealthEC LLC
Date
January
Data Breached
Name
Address
Date of birth
Social Security number
Taxpayer Identification Number
Medical Record number
Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location)
Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification)
Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party
Healthcare Provider
3rd-party Company
HealthEC LLC
Date
January
Company
Long Island Select Healthcare
Data Breached
Name
Address
Date of birth
Social Security number
Taxpayer Identification Number
Medical Record number
Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location)
Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification)
Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party
Healthcare Provider
3rd-party Company
HealthEC LLC
Date
January
Data Breached
Name
Address
Date of birth
Social Security number
Taxpayer Identification Number
Medical Record number
Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location)
Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification)
Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party
Healthcare Provider
3rd-party Company
HealthEC LLC
Date
January
Company
Metro Community Health Centers
Data Breached
Name
Address
Date of birth
Social Security number
Taxpayer Identification Number
Medical Record number
Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location)
Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification)
Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party
Healthcare Provider
3rd-party Company
HealthEC LLC
Date
January
Company
Compassion Health Care
Data Breached
Name
Address
Date of birth
Social Security number
Taxpayer Identification Number
Medical Record number
Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location)
Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification)
Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party
Healthcare Provider
3rd-party Company
HealthEC LLC
Date
January
Data Breached
Name
Address
Date of birth
Social Security number
Taxpayer Identification Number
Medical Record number
Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location)
Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification)
Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party
Healthcare Provider
3rd-party Company
HealthEC LLC
Date
January
Company
KidneyLink
Data Breached
Name
Address
Date of birth
Social Security number
Taxpayer Identification Number
Medical Record number
Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location)
Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification)
Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party
Healthcare Provider
3rd-party Company
HealthEC LLC
Date
January
Company
Beaumont ACO
Data Breached
Name
Address
Date of birth
Social Security number
Taxpayer Identification Number
Medical Record number
Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location)
Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification)
Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party
Healthcare Provider
3rd-party Company
HealthEC LLC
Date
January
Data Breached
Name
Address
Date of birth
Social Security number
Taxpayer Identification Number
Medical Record number
Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location)
Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification)
Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party
Healthcare Provider
3rd-party Company
HealthEC LLC
Date
January
Company
Community Health Care Systems
Data Breached
Name
Address
Date of birth
Social Security number
Taxpayer Identification Number
Medical Record number
Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location)
Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification)
Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party
Healthcare Provider
3rd-party Company
HealthEC LLC
Date
January
Data Breached
Name
Address
Date of birth
Social Security number
Taxpayer Identification Number
Medical Record number
Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location)
Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification)
Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party
Healthcare Provider
3rd-party Company
HealthEC LLC
Date
January
Company
HonorHealth
Data Breached
Name
Address
Date of birth
Social Security number
Taxpayer Identification Number
Medical Record number
Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location)
Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification)
Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party
Healthcare Provider
3rd-party Company
HealthEC LLC
Date
January
Company
Corewell Health
Data Breached
Name
Address
Date of birth
Social Security number
Taxpayer Identification Number
Medical Record number
Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location)
Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification)
Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party
Healthcare Provider
3rd-party Company
HealthEC LLC
2023 Data leaks
Data Leaks for 2023
Date
Company
Data Breached
Use of 3rd Party
3rd-party Company
Date
December
Company
60 Credit Unions
Data Breached
Not disclosed for now
Use of 3rd Party
Nonprofit cooperative financial institution
3rd-party Company
Trellance
Date
December
Company
40 Healthcare Companies
Data Breached
Not disclosed for now
Use of 3rd Party
Medical Center
3rd-party Company
Asper Biogene
Date
December
Company
Mercy Medical Center (IA)
Data Breached
Name, date of birth, gender, phone number and address; health insurance information; and some clinical information. No Social Security numbers were compromised.
Use of 3rd Party
Medical Center
3rd-party Company
Perry Johnson & Associates, Inc., (PJ&A)
Date
December
Data Breached
Name, date of birth, gender, phone number and address; health insurance information; and some clinical information. No Social Security numbers were compromised.
Use of 3rd Party
Medical Center
3rd-party Company
Perry Johnson & Associates, Inc., (PJ&A)
Date
December
Company
Valley Health System
Data Breached
Full name
Dates of birth
Phone number
Patient account/medical record number
Injury type and date
Diagnosis information
Treatment type and date
Procedure information
Social Security Number (SSN)
Use of 3rd Party
Medical Center
3rd-party Company
ESO Solutions, Inc.
Date
December
Data Breached
Full name
Dates of birth
Phone number
Patient account/medical record number
Injury type and date
Diagnosis information
Treatment type and date
Procedure information
Social Security Number (SSN)
Use of 3rd Party
Medical Center
3rd-party Company
ESO Solutions, Inc.
Date
December
Company
Desert View Hospital
Data Breached
Full name
Dates of birth
Phone number
Patient account/medical record number
Injury type and date
Diagnosis information
Treatment type and date
Procedure information
Social Security Number (SSN)
Use of 3rd Party
Medical Center
3rd-party Company
ESO Solutions, Inc.
Date
December
Data Breached
Full name
Dates of birth
Phone number
Patient account/medical record number
Injury type and date
Diagnosis information
Treatment type and date
Procedure information
Social Security Number (SSN)
Use of 3rd Party
Medical Center
3rd-party Company
ESO Solutions, Inc.
Date
December
Company
Providence Alaska Medical Center
Data Breached
Full name
Dates of birth
Phone number
Patient account/medical record number
Injury type and date
Diagnosis information
Treatment type and date
Procedure information
Social Security Number (SSN)
Use of 3rd Party
Medical Center
3rd-party Company
ESO Solutions, Inc.
Date
December
Data Breached
Full name
Dates of birth
Phone number
Patient account/medical record number
Injury type and date
Diagnosis information
Treatment type and date
Procedure information
Social Security Number (SSN)
Use of 3rd Party
Medical Center
3rd-party Company
ESO Solutions, Inc.
Date
December
Data Breached
Full name
Dates of birth
Phone number
Patient account/medical record number
Injury type and date
Diagnosis information
Treatment type and date
Procedure information
Social Security Number (SSN)
Use of 3rd Party
Medical Center
3rd-party Company
ESO Solutions, Inc.
Date
December
Data Breached
Full name
Dates of birth
Phone number
Patient account/medical record number
Injury type and date
Diagnosis information
Treatment type and date
Procedure information
Social Security Number (SSN)
Use of 3rd Party
Medical Center
3rd-party Company
ESO Solutions, Inc.
Date
December
Data Breached
Full name
Dates of birth
Phone number
Patient account/medical record number
Injury type and date
Diagnosis information
Treatment type and date
Procedure information
Social Security Number (SSN)
Use of 3rd Party
Medical Center
3rd-party Company
ESO Solutions, Inc.
Date
December
Company
ESO EMS Agency
Data Breached
Full name
Dates of birth
Phone number
Patient account/medical record number
Injury type and date
Diagnosis information
Treatment type and date
Procedure information
Social Security Number (SSN)
Use of 3rd Party
Medical Center
3rd-party Company
ESO Solutions, Inc.
Date
December
Company
Merit Health River Oaks
Data Breached
Full name
Dates of birth
Phone number
Patient account/medical record number
Injury type and date
Diagnosis information
Treatment type and date
Procedure information
Social Security Number (SSN)
Use of 3rd Party
Medical Center
3rd-party Company
ESO Solutions, Inc.
Date
December
Data Breached
Full name
Dates of birth
Phone number
Patient account/medical record number
Injury type and date
Diagnosis information
Treatment type and date
Procedure information
Social Security Number (SSN)
Use of 3rd Party
Medical Center
3rd-party Company
ESO Solutions, Inc.
Date
December
Data Breached
Full name
Dates of birth
Phone number
Patient account/medical record number
Injury type and date
Diagnosis information
Treatment type and date
Procedure information
Social Security Number (SSN)
Use of 3rd Party
Medical Center
3rd-party Company
ESO Solutions, Inc.
Date
November
Company
Crouse Health in Syracuse
Data Breached
Insurance and clinical information from medical transcription files and some Social Security numbers.
Use of 3rd Party
Healthcare Company
3rd-party Company
Perry Johnson & Associates, Inc., (PJ&A)
Date
November
Company
Taylor Rose
Data Breached
Not disclosed for now
Use of 3rd Party
Independent firm of solicitors
3rd-party Company
CTS
Date
November
Company
Sutter Health
Data Breached
names, dates of birth, health insurance information, provider names, treatment cost information, and diagnoses/treatment information.
Use of 3rd Party
Healthcare center
3rd-party Company
Virgin Pulse
Date
November
Company
St. Bernards Healthcare, Inc.
Data Breached
names, dates of birth, health insurance information, provider names, treatment cost information, and diagnoses/treatment information.
Use of 3rd Party
Healthcare center
3rd-party Company
Welltok, a Virgin Pulse company
Date
November
Company
O’Neill Patient
Data Breached
Not disclosed for now
Use of 3rd Party
Law firm
3rd-party Company
CTS
Date
November
Company
Setfords
Data Breached
Not disclosed for now
Use of 3rd Party
Law firm
3rd-party Company
CTS
Date
November
Company
Talbots
Data Breached
Not disclosed for now
Use of 3rd Party
Fashion company
3rd-party Company
CTS
Date
November
Company
Gateley
Data Breached
Not disclosed for now
Use of 3rd Party
Commercial law firm
3rd-party Company
CTS
Date
November
Company
Dollar Tree
Data Breached
Names, dates of birth, and Social Security numbers (SSNs).
Use of 3rd Party
Discount store company
3rd-party Company
Zeroed-In Technologies
Date
November
Company
Family Dollar
Data Breached
Names, dates of birth, and Social Security numbers (SSNs).
Use of 3rd Party
Discount store company
3rd-party Company
Zeroed-In Technologies
Date
November
Data Breached
Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party
Healthcare Center
3rd-party Company
Welltok
Date
November
Data Breached
Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party
Healthcare Center
3rd-party Company
Welltok
Date
November
Data Breached
Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party
Healthcare Center
3rd-party Company
Welltok
Date
November
Data Breached
Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party
Healthcare Center
3rd-party Company
Welltok
Date
November
Company
Corewell Health
Data Breached
Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party
Healthcare Center
3rd-party Company
Welltok
Date
November
Company
Faith Regional Health Services
Data Breached
Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party
Healthcare Center
3rd-party Company
Welltok
Date
November
Data Breached
Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party
Healthcare Center
3rd-party Company
Welltok
Date
November
Company
Mass General Brigham Health Plan
Data Breached
Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party
Healthcare Center
3rd-party Company
Welltok
Date
November
Company
Westat, Inc.
Data Breached
Demographic, clinical, and financial information were present in the impacted files.
Use of 3rd Party
Management services company
3rd-party Company
Nuance Communications, Inc.
Date
November
Company
Priority Health
Data Breached
Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party
Healthcare Center
3rd-party Company
Welltok
Date
November
Company
St. Bernards Healthcare
Data Breached
Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party
Healthcare Center
3rd-party Company
Welltok
Date
November
Company
Sutter Health
Data Breached
Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party
Healthcare Center
3rd-party Company
Welltok
Date
November
Company
Trane Technologies Company LLC
Data Breached
Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party
Healthcare Center
3rd-party Company
Welltok
Date
November
Data Breached
Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party
Healthcare Center
3rd-party Company
Welltok
Date
November
Company
The Guthrie Clinic
Data Breached
Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party
Healthcare Center
3rd-party Company
Welltok
Date
November
Company
The Canadian Government
Data Breached
1.5TB of documents leaked + 3 full backups of CRM for branches
Use of 3rd Party
Government
3rd-party Company
Sirva Worldwide, Inc.
Date
November
Company
Samsung Electronics
Data Breached
No financial data
Use of 3rd Party
Appliance company
3rd-party Company
Unknown
Date
November
Company
Northwell Health
Data Breached
Names,
Social Security numbers,
Dates of birth,
Addresses,
Medical record numbers,
Hospital account numbers,
Admission diagnoses, and
Dates and times of service.
Use of 3rd Party
Nonprofit integrated healthcare company
3rd-party Company
Perry Johnson & Associates, Inc., (PJ&A)
Date
November
Data Breached
Not disclosed for now
Use of 3rd Party
Physicians’ Service
3rd-party Company
Medical Eye Services, Inc.
Date
November
Company
1Password
Data Breached
Employees’ full names, their social security numbers (SSNs), and Health or Medical Insurance plan numbers.
Use of 3rd Party
Software company
3rd-party Company
Okta
Date
November
Company
BeyondTrust
Data Breached
Employees’ full names, their social security numbers (SSNs), and Health or Medical Insurance plan numbers.
Use of 3rd Party
Identity management company
3rd-party Company
Okta
Date
November
Company
Okta
Data Breached
Not disclosed for now
Use of 3rd Party
IT service management company
3rd-party Company
Rightway Health
Date
November
Company
Cloudflare
Data Breached
Employees’ full names, their social security numbers (SSNs), and Health or Medical Insurance plan numbers.
Use of 3rd Party
IT service management company
3rd-party Company
Okta
Date
October
Company
Cook County Health
Data Breached
Date of birth, address, medical record number, encounter number, medical information, dates/times of service, and, in some cases, Social Security number.
Use of 3rd Party
Health company
3rd-party Company
Perry Johnson & Associates, Inc., (PJ&A)
Date
October
Data Breached
Personal information
Use of 3rd Party
Government department
3rd-party Company
Ipswitch, Inc.
Date
October
Company
SA Health
Data Breached
Health information (personal, medical and/or legal documents)
Use of 3rd Party
Local health networks
3rd-party Company
Personify Care
Date
October
Data Breached
PII
Use of 3rd Party
Health Plan
3rd-party Company
Maximus
Date
October
Data Breached
Date of birth, address, medical record number, encounter number, medical information, dates/times of service, and, in some cases, Social Security number.
Use of 3rd Party
Medical Transcription Firm
3rd-party Company
Nuance Communications
Date
October
Company
Super SA
Data Breached
Pll
Use of 3rd Party
State government office
3rd-party Company
Former external service provider
Date
October
Data Breached
PII
Use of 3rd Party
Health company
3rd-party Company
unknown
Date
October
Company
Humana Inc.
Data Breached
Names, addresses, dates of birth, Social Security numbers, and medical treatment information.
Use of 3rd Party
Health insurance company
3rd-party Company
PNC Bank
Date
October
Company
Chatham-Kent Health Alliance
Data Breached
Not disclosed for now
Use of 3rd Party
Health services provider
3rd-party Company
TransForm
Date
October
Company
Hospice of Windsor-Essex
Data Breached
Not disclosed for now
Use of 3rd Party
Health services provider
3rd-party Company
TransForm
Date
October
Company
Erie Shores Healthcare
Data Breached
Not disclosed for now
Use of 3rd Party
Health services provider
3rd-party Company
TransForm
Date
October
Company
Hotel Dieu Grace
Data Breached
Not disclosed for now
Use of 3rd Party
Health services provider
3rd-party Company
TransForm
Date
October
Company
Windsor Regional Hospital
Data Breached
Not disclosed for now
Use of 3rd Party
Health services provider
3rd-party Company
TransForm
Date
October
Company
NorthStar Anesthesia
Data Breached
Consumers’ names, dates of birth, driver’s license numbers, state identification card numbers, addresses, Social Security numbers and protected health information.
Use of 3rd Party
Corporate medical office
3rd-party Company
Arietis Health
Date
October
Company
Arietis Health
Data Breached
Patient data, including names, driver’s license numbers, Social Security numbers, dates of birth, medical record numbers, patient account numbers, diagnosis and treatment information, health insurance information, and prescription and provider information.
Use of 3rd Party
Medical billing service
3rd-party Company
Ipswitch, Inc.
Date
October
Company
Sony
Data Breached
Not disclosed for now
Use of 3rd Party
Japanese multinational conglomerate corporation
3rd-party Company
Ipswitch, Inc.
Date
October
Company
Flagstar Bank
Data Breached
Names and Social Security Numbers (SSNs)
Use of 3rd Party
Commercial banking company
3rd-party Company
Fiserv
Date
October
Company
Fiserv
Data Breached
Names and Social Security Numbers (SSNs)
Use of 3rd Party
Financial services company
3rd-party Company
Ipswitch, Inc.
Date
September
Data Breached
Employees’ first and last names, claimants first and last names, case numbers, employer CERT codes, provider name, provider city, claim number, date(s) of service, internal INEL codes, and amounts billed and paid.
Use of 3rd Party
Endoscopy Center
3rd-party Company
SightPath Medical
Date
September
Company
Sanford Health
Data Breached
Employees’ first and last names, claimants first and last names, case numbers, employer CERT codes, provider name, provider city, claim number, date(s) of service, internal INEL codes, and amounts billed and paid.
Use of 3rd Party
Rural health system
3rd-party Company
DMS Health Technologies
Date
September
Company
Delta Dental of California
Data Breached
Employees’ first and last names, claimants first and last names, case numbers, employer CERT codes, provider name, provider city, claim number, date(s) of service, internal INEL codes, and amounts billed and paid.
Use of 3rd Party
Emergency Services
3rd-party Company
Orrick, Herrington & Sutcliffe
Date
September
Company
Judiciary Branch
Data Breached
Not disclosed for now
Use of 3rd Party
Government ministry
3rd-party Company
IFX Networks Colombia
Date
September
Data Breached
Not disclosed for now
Use of 3rd Party
Government ministry
3rd-party Company
IFX Networks Colombia
Date
September
Data Breached
Not disclosed for now
Use of 3rd Party
Government ministry
3rd-party Company
IFX Networks Colombia
Date
September
Company
890 Schools
Data Breached
Names, dates of birth, contact information, Social Security numbers, student ID numbers, and some school-related records (e.g., enrollment records, degree records, and course-level data).
Use of 3rd Party
School
3rd-party Company
National Student Clearinghouse (NSC)
Date
September
Company
Amerita
Data Breached
Not disclosed for now
Use of 3rd Party
Complex pharmaceutical products and clinical services company
3rd-party Company
PharMerica
Date
September
Company
BORN Ontario
Data Breached
Full name,
Home address,
Postal code,
Date of birth,
Health card number,
Dates of service/care,
Lab test results,
Pregnancy risk factors,
Type of birth,
Procedures,
Pregnancy and birth outcomes
Use of 3rd Party
Healthcare provider
3rd-party Company
Ipswitch, Inc.
Date
September
Company
Airbus
Data Breached
Names, addresses, phone numbers and emails
Use of 3rd Party
Aerospace company
3rd-party Company
Turkish Airlines
Date
September
Company
FTX
Data Breached
Non-sensitive customer data
Use of 3rd Party
Crypto company
3rd-party Company
Kroll Inc.
Date
September
Company
Genesis Global Holdco
Data Breached
Non-sensitive customer data
Use of 3rd Party
Financial markets organizations company
3rd-party Company
Kroll Inc.
Date
September
Company
BlockFi
Data Breached
Non-sensitive customer data
Use of 3rd Party
Crypto company
3rd-party Company
Kroll Inc.
Date
September
Company
University of Sydney
Data Breached
PII
Use of 3rd Party
University
3rd-party Company
Unknown
Date
August
Company
Serco Inc. Group Health Plan
Data Breached
Not disclosed for now
Use of 3rd Party
Hhealth care services that support vital government programs
3rd-party Company
Ipswitch, Inc.
Date
August
Company
Indiana University Health
Data Breached
Not disclosed for now
Use of 3rd Party
University
3rd-party Company
Ipswitch, Inc.
Date
August
Company
Baesman Group, Inc.
Data Breached
Not disclosed for now
Use of 3rd Party
Media company
3rd-party Company
Ipswitch, Inc.
Date
August
Company
Premera Blue Cross
Data Breached
Not disclosed for now
Use of 3rd Party
Health insurance company
3rd-party Company
Ipswitch, Inc.
Date
August
Company
American National Group, LLC
Data Breached
Not disclosed for now
Use of 3rd Party
Personalized insurance coverage company
3rd-party Company
Ipswitch, Inc.
Date
August
Company
Unum Group SACE
Data Breached
Not disclosed for now
Use of 3rd Party
Financial insurance products company
3rd-party Company
Ipswitch, Inc.
Date
August
Data Breached
Not disclosed for now
Use of 3rd Party
Third-party billing agency
3rd-party Company
Ipswitch, Inc.
Date
August
Data Breached
Not disclosed for now
Use of 3rd Party
Medical school
3rd-party Company
Ipswitch, Inc.
Date
August
Company
Radius Global Solutions
Data Breached
Not disclosed for now
Use of 3rd Party
Operational and financial objectives company
3rd-party Company
Ipswitch, Inc.
Date
August
Company
Nuance Communications
Data Breached
Names, demographic information, names of relatives, dates of service, medical facility information, practition
Use of 3rd Party
Computer software company
3rd-party Company
Ipswitch, Inc.
Date
August
Company
Child Health Plan Plus (CHP+)
Data Breached
IUD numbers, birth dates, addresses and other contact information, demographic/income information, health insurance information and clinical and medical information, including diagnoses, conditions, lab results, medications, and other treatment information
Use of 3rd Party
Healthcare company
3rd-party Company
IBM
Date
August
Company
Eversource Energy
Data Breached
Personal information including Social Security numbers.
Use of 3rd Party
Electric services company
3rd-party Company
CLEAResult
Date
August
Company
Health First Colorado
Data Breached
IUD numbers, birth dates, addresses and other contact information, demographic/income information, health insurance information and clinical and medical information, including diagnoses, conditions, lab results, medications, and other treatment information
Use of 3rd Party
Healthcare company
3rd-party Company
IBM
Date
August
Company
Zillow
Data Breached
Not disclosed for now
Use of 3rd Party
San Francisco MLS entities
3rd-party Company
Rapattoni Corporation
Date
August
Company
San Francisco MLS entities
Data Breached
Not disclosed for now
Use of 3rd Party
San Francisco MLS entities
3rd-party Company
Rapattoni Corporation
Date
August
Company
Janssen Healthcare Platform
Data Breached
Names, contact information, dates of birth, health insurance data, and medical information
Use of 3rd Party
Healthcare company
3rd-party Company
IBM
Date
August
Data Breached
Not disclosed for now
Use of 3rd Party
Real Estate
3rd-party Company
Rapattoni Corporation
Date
August
Company
Cincy MLS
Data Breached
Not disclosed for now
Use of 3rd Party
Real Estate company
3rd-party Company
Rapattoni Corporation
Date
August
Data Breached
Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party
Government department
3rd-party Company
IBM
Date
August
Data Breached
Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party
Social Services Company
3rd-party Company
IBM
Date
August
Company
IBM
Data Breached
Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party
International Business Machines Corporation
3rd-party Company
Ipswitch, Inc.
Date
August
Data Breached
Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party
Healthcare company
3rd-party Company
Ipswitch, Inc.
Date
August
Company
MAXIMUS
Data Breached
Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party
Healthcare company
3rd-party Company
Ipswitch, Inc.
Date
August
Data Breached
Identity, communication, customer transactions, visual and audio records
Use of 3rd Party
Sportive Products Company
3rd-party Company
Vodatech IT
Date
August
Data Breached
Not disclosed for now
Use of 3rd Party
3rd-party Company
Vodatech IT
Date
August
Data Breached
Not disclosed for now
Use of 3rd Party
Car dealer
3rd-party Company
Vodatech IT
Date
August
Data Breached
Identity, communication, customer transactions, visual and audio records
Use of 3rd Party
Technology company
3rd-party Company
Vodatech IT
Date
August
Data Breached
Identity, communication, customer transactions, visual and audio records
Use of 3rd Party
Sportswear company
3rd-party Company
Vodatech IT
Date
August
Data Breached
Identity, communication, customer transactions, visual and audio records
Use of 3rd Party
Clothing company
3rd-party Company
Vodatech IT
Date
August
Data Breached
Identity, communication, customer transactions, visual and audio records
Use of 3rd Party
Rental Trade company
3rd-party Company
Vodatech IT
Date
August
Data Breached
Identity, communication, customer transactions, visual and audio records
Use of 3rd Party
Garment Marketing Company
3rd-party Company
Vodatech IT
Date
August
Company
AgeSALife and Retirement AS
Data Breached
Identity, communication, customer transactions, visual and audio records
Use of 3rd Party
Retirement Company
3rd-party Company
Vodatech IT
Date
August
Company
UPS Cargo
Data Breached
Identity, communication, customer transactions, visual and audio records
Use of 3rd Party
Transportation of containerized and palletized cargo company
3rd-party Company
Vodatech IT
Date
August
Company
Gulf insurance AS
Data Breached
Identity, communication, customer transactions, visual and audio records
Use of 3rd Party
Insurance company
3rd-party Company
Vodatech IT
Date
July
Company
Lenders Choice Escrow
Data Breached
Name, U.S. Social Security Number, date of birth, home mailing address, Serco and/or personal e-mail address, and selected health benefits
Use of 3rd Party
Escrow service
3rd-party Company
CashCall Inc.
Date
July
Company
Settle It, Inc.
Data Breached
Name, U.S. Social Security Number, date of birth, home mailing address, Serco and/or personal e-mail address, and selected health benefits
Use of 3rd Party
Financial institution
3rd-party Company
CashCall Inc.
Date
July
Company
The Loan Exchange
Data Breached
Name, U.S. Social Security Number, date of birth, home mailing address, Serco and/or personal e-mail address, and selected health benefits
Use of 3rd Party
Financial flexibility company
3rd-party Company
CashCall Inc.
Date
July
Data Breached
Names, addresses, Social Security numbers, dates of birth, health insurance information, and protected health information
Use of 3rd Party
Health Insurance
3rd-party Company
Cognizant Technology Solutions Corporation
Date
July
Company
Henrietta Johnson Medical Center
Data Breached
Names, dates of birth, addresses, Social Security numbers, driver’s license numbers, and clinical information, such as provider names, dates of service, and/or diagnoses
Use of 3rd Party
Medical center
3rd-party Company
Delaware Health Network
Date
July
Company
Ocean Breeze Ranch
Data Breached
Name, U.S. Social Security Number, date of birth, home mailing address, Serco and/or personal e-mail address, and selected health benefits
Use of 3rd Party
Farm
3rd-party Company
CashCall Inc.
Date
July
Company
Servicing Solutions
Data Breached
Name, U.S. Social Security Number, date of birth, home mailing address, Serco and/or personal e-mail address, and selected health benefits
Use of 3rd Party
Corporate deliver solutions firm
3rd-party Company
CashCall Inc.
Date
July
Company
Serco Group
Data Breached
Name, U.S. Social Security Number, date of birth, home mailing address, Serco and/or personal e-mail address, and selected health benefits
Use of 3rd Party
Management consulting company
3rd-party Company
CBIZ, Inc.
Date
July
Company
CBIZ, Inc.
Data Breached
Name, U.S. Social Security Number, date of birth, home mailing address, Serco and/or personal e-mail address, and selected health benefits
Use of 3rd Party
Software company
3rd-party Company
Ipswitch, Inc.
Date
July
Data Breached
Social ID Number, name, surname, e-mail and phone number
Use of 3rd Party
Company
3rd-party Company
Mivento IT Services
Date
July
Data Breached
Social ID Number, name, surname, e-mail and phone number
Use of 3rd Party
Company
3rd-party Company
Mivento IT Services
Date
July
Data Breached
Social ID Number, name, surname, e-mail and phone number
Use of 3rd Party
Manufacturing Company
3rd-party Company
Mivento IT Services
Date
July
Data Breached
Social ID Number, name, surname, e-mail and phone number
Use of 3rd Party
installation systems
3rd-party Company
Mivento IT Services
Date
July
Data Breached
Social ID Number, name, surname, e-mail and phone number
Use of 3rd Party
One of the longest-standing companies of Anadolu Group
3rd-party Company
Mivento IT Services
Date
July
Data Breached
Social ID Number, name, surname, e-mail and phone number
Use of 3rd Party
Isuzu dealer
3rd-party Company
Mivento IT Services
Date
July
Company
Vodafone Turkey
Data Breached
Social ID Number, name, surname, e-mail and phone number
Use of 3rd Party
Mobile telecommunication company
3rd-party Company
Mivento IT Services
Date
July
Company
Vestel
Data Breached
Social ID Number, name, surname, e-mail and phone number
Use of 3rd Party
Company
3rd-party Company
Mivento IT Services
Date
June
Company
Vecino Health Centers, TX
Data Breached
Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party
Health Insurance
3rd-party Company
Ipswitch, Inc.
Date
June
Company
Milliman Solutions
Data Breached
Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party
Insurance company
3rd-party Company
Ipswitch, Inc.
Date
July
Company
Postbank
Data Breached
PII
Use of 3rd Party
Deutsche Post’s financial institution
3rd-party Company
Majorel
Date
June
Company
Harris County Hospital District
Data Breached
Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party
Hospital District
3rd-party Company
Ipswitch, Inc.
Date
July
Company
ING
Data Breached
PII
Use of 3rd Party
Financial services corporation
3rd-party Company
Majorel
Date
June
Company
Pôle emploi
Data Breached
Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party
Government agency
3rd-party Company
Ipswitch, Inc.
Date
June
Data Breached
Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party
Insurance company
3rd-party Company
Ipswitch, Inc.
Date
June
Data Breached
Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party
Medical center
3rd-party Company
Ipswitch, Inc.
Date
July
Company
Comdirect
Data Breached
PII
Use of 3rd Party
Private banking company
3rd-party Company
Majorel
Date
July
Company
Deutsche Bank
Data Breached
PII
Use of 3rd Party
Investment banking company
3rd-party Company
Majorel
Date
June
Company
Majorel
Data Breached
Not disclosed for now
Use of 3rd Party
Call center
3rd-party Company
Ipswitch, Inc.
Date
June
Company
TJ Maxx
Data Breached
Protected health and personal information could include first and last names, Social Security numbers, dates of birth, home addresses, medical conditions and diagnoses, and disability codes.
Use of 3rd Party
Department store chain
3rd-party Company
Ipswitch, Inc.
Date
June
Data Breached
Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party
Healthcare company
3rd-party Company
Ipswitch, Inc.
Date
June
Data Breached
Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party
Healthcare company
3rd-party Company
Ipswitch, Inc.
Date
June
Company
Shutterfly
Data Breached
Protected health and personal information could include first and last names, Social Security numbers, dates of birth, home addresses, medical conditions and diagnoses, and disability codes.
Use of 3rd Party
Company
3rd-party Company
Ipswitch, Inc.
Date
June
Company
Allegheny County
Data Breached
Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party
County
3rd-party Company
Ipswitch, Inc.
Date
June
Data Breached
Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party
Healthcare company
3rd-party Company
Ipswitch, Inc.
Date
June
Company
VNS Health Plans, NY
Data Breached
Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party
Healthcare company
3rd-party Company
Ipswitch, Inc.
Date
June
Company
Sutter Senior Care
Data Breached
Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party
Adult day care center
3rd-party Company
Ipswitch, Inc.
Date
June
Company
Alogent
Data Breached
Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party
Document imaging company
3rd-party Company
Ipswitch, Inc.
Date
June
Data Breached
Protected health and personal information could include first and last names, Social Security numbers, dates of birth, home addresses, medical conditions and diagnoses, and disability codes.
Use of 3rd Party
County government
3rd-party Company
Ipswitch, Inc.
Date
June
Company
TomTom
Data Breached
Protected health and personal information could include first and last names, Social Security numbers, dates of birth, home addresses, medical conditions and diagnoses, and disability codes.
Use of 3rd Party
Technology company
3rd-party Company
Ipswitch, Inc.
Date
June
Company
Colorado State University
Data Breached
Protected health and personal information could include first and last names, Social Security numbers, dates of birth, home addresses, medical conditions and diagnoses, and disability codes.
Use of 3rd Party
Land-grant university
3rd-party Company
Ipswitch, Inc.
Date
June
Company
Dublin Airport
Data Breached
Not disclosed for now
Use of 3rd Party
Airport
3rd-party Company
Aon
Date
June
Company
PlainsCapital Bank
Data Breached
Protected health and personal information could include first and last names, Social Security numbers, dates of birth, home addresses, medical conditions and diagnoses, and disability codes.
Use of 3rd Party
Largest independent banks in Texas
3rd-party Company
Ipswitch, Inc.
Date
June
Company
Aon
Data Breached
Not disclosed for now
Use of 3rd Party
Management consulting company
3rd-party Company
Ipswitch, Inc.
Date
June
Company
Siemens Energy
Data Breached
Protected health and personal information could include first and last names, Social Security numbers, dates of birth, home addresses, medical conditions and diagnoses, and disability codes.
Use of 3rd Party
Company
3rd-party Company
Ipswitch, Inc.
Date
June
Data Breached
Name, Social Security number and other personal information.
Use of 3rd Party
Government agency
3rd-party Company
PBI Research Services (PBI)
Date
June
Company
Wilton Reassurance
Data Breached
Name, Social Security number and other personal information.
Use of 3rd Party
Insurance company
3rd-party Company
PBI Research Services (PBI)
Date
June
Company
Genworth Financial, Inc.
Data Breached
Name, Social Security number and other personal information.
Use of 3rd Party
Life insurance company
3rd-party Company
PBI Research Services (PBI)
Date
June
Company
PBI Research Services (PBI)
Data Breached
Full name,
Date of birth,
Social security number,
Zip code,
State of residence,
Policy number
Agent ID (for agents)
Use of 3rd Party
Information services
3rd-party Company
Ipswitch, Inc.
Date
June
Data Breached
Full name,
Date of birth,
Social security number,
Zip code,
State of residence,
Policy number
Agent ID (for agents)
Use of 3rd Party
Local department of social services
3rd-party Company
Ipswitch, Inc.
Date
June
Data Breached
Full name,
Date of birth,
Social security number,
Zip code,
State of residence,
Policy number
Agent ID (for agents)
Use of 3rd Party
Government agency
3rd-party Company
Ipswitch, Inc.
Date
June
Company
US Agriculture Department
Data Breached
Full name,
Date of birth,
Social security number,
Zip code,
State of residence,
Policy number
Agent ID (for agents)
Use of 3rd Party
Federal agency
3rd-party Company
Ipswitch, Inc.
Date
June
Company
Royal Canadian Mounted Police
Data Breached
Full name,
Date of birth,
Social security number,
Zip code,
State of residence,
Policy number
Agent ID (for agents)
Use of 3rd Party
Government department
3rd-party Company
Ipswitch, Inc.
Date
June
Data Breached
Full name,
Date of birth,
Social security number,
Zip code,
State of residence,
Policy number
Agent ID (for agents)
Use of 3rd Party
Government department
3rd-party Company
Ipswitch, Inc.
Date
June
Company
Metro Vancouver Transit Police
Data Breached
Full name,
Date of birth,
Social security number,
Zip code,
State of residence,
Policy number
Agent ID (for agents)
Use of 3rd Party
Police department
3rd-party Company
Ipswitch, Inc.
Date
June
Company
CoxHealth
Data Breached
Names, addresses, medical billing and insurance information, certain medical information and demographic information such as date of birth and Social Security numbers, UPMC said in a statement.
Use of 3rd Party
Not-for-profit health system
3rd-party Company
Intellihartx LLC
Date
June
Data Breached
Names, addresses, medical billing and insurance information, certain medical information and demographic information such as date of birth and Social Security numbers, UPMC said in a statement.
Use of 3rd Party
International health care leader
3rd-party Company
Intellihartx LLC
Date
June
Company
Intellihartx LLC
Data Breached
Name, address, medical billing and insurance information, certain medical information such as diagnoses and medication, and demographic information such as date of birth and Social Security number.
Use of 3rd Party
Call center
3rd-party Company
GoAnywhere MFT
Date
June
Company
Exeter Finance
Data Breached
Physical address, Social Security number, account number and account status
Use of 3rd Party
Premier auto finance company
3rd-party Company
NCB Management Services, Inc.
Date
June
Company
Pathward National Association
Data Breached
Physical address, Social Security number, account number and account status
Use of 3rd Party
Retail banking company
3rd-party Company
NCB Management Services, Inc.
Date
June
Company
IBank of America
Data Breached
Physical address, Social Security number, account number and account status
Use of 3rd Party
Investment bank
3rd-party Company
NCB Management Services, Inc.
Date
June
Company
Capital One
Data Breached
Physical address, Social Security number, account number and account status
Use of 3rd Party
Bank holding company
3rd-party Company
NCB Management Services, Inc.
Date
June
Data Breached
Social Security Numbers and employee ID numbers (not necessarily for all impacted individuals; for example, approximately 9,000 Social Security Numbers were included)
Use of 3rd Party
Government department
3rd-party Company
Ipswitch, Inc.
Date
June
Company
Southwest Airlines
Data Breached
Name and Social Security number, driver’s license number, passport number, date of birth, Airman Certificate number, and other government-issued identification number(s)
Use of 3rd Party
World’s largest low-cost carrier.
3rd-party Company
Pilot Credentials
Date
June
Company
American Airlines
Data Breached
Name and Social Security number, driver’s license number, passport number, date of birth, Airman Certificate number, and other government-issued identification number(s)
Use of 3rd Party
Major US-based airline headquartered
3rd-party Company
Pilot Credentials
Date
June
Data Breached
Not disclosed for now
Use of 3rd Party
Government agency
3rd-party Company
HWL Ebsworth Lawyers
Date
June
Data Breached
Names,
Address,
Social Security Number,
Birth date,
Height,
Eye Color,
Driver’s License Number,
Vehicle Registration Information,
Handicap Placard Information
Use of 3rd Party
Department of motor vehicles
3rd-party Company
Ipswitch, Inc.
Date
June
Data Breached
Names,
Address,
Social Security Number,
Birth date,
Height,
Eye Color,
Driver’s License Number,
Vehicle Registration Information,
Handicap Placard Information
Use of 3rd Party
Accessible information and services to OMV needs company.
3rd-party Company
Ipswitch, Inc.
Date
June
Company
DHL
Data Breached
Not disclosed for now
Use of 3rd Party
Logistics company providing courier, package delivery and express mail services
3rd-party Company
Ipswitch, Inc.
Date
June
Company
Transport for London
Data Breached
Not disclosed for now
Use of 3rd Party
Transport for London is a local government body responsible for most of the transport network
3rd-party Company
Ipswitch, Inc.
Date
June
Company
Ernst & Young (EY)
Data Breached
Not disclosed for now
Use of 3rd Party
Certified public accountant
3rd-party Company
Ipswitch, Inc.
Date
June
Company
Health Service Ireland (HSE)
Data Breached
Not disclosed for now
Use of 3rd Party
Advice Services
3rd-party Company
Ipswitch, Inc.
Date
June
Company
Extreme Networks
Data Breached
Not disclosed for now
Use of 3rd Party
American networking company
3rd-party Company
Ipswitch, Inc.
Date
June
Company
State of Missouri
Data Breached
Not disclosed for now
Use of 3rd Party
State
3rd-party Company
Ipswitch, Inc.
Date
June
Data Breached
Not disclosed for now
Use of 3rd Party
Education Department
3rd-party Company
Ipswitch, Inc.
Date
June
Company
The University of Rochester
Data Breached
Not disclosed for now
Use of 3rd Party
University
3rd-party Company
Ipswitch, Inc.
Date
June
Data Breached
Not disclosed for now
Use of 3rd Party
Thirteen provinces and territories
3rd-party Company
Ipswitch, Inc.
Date
June
Company
Boots
Data Breached
Not disclosed for now
Use of 3rd Party
UK Limited, trading as Boots
3rd-party Company
Ipswitch, Inc.
Date
June
Company
Aer Lingus
Data Breached
Not disclosed for now
Use of 3rd Party
Flag carrier
3rd-party Company
Ipswitch, Inc.
Date
June
Company
British Airways
Data Breached
Not disclosed for now
Use of 3rd Party
Flag carrier
3rd-party Company
Ipswitch, Inc.
Date
June
Company
BBC
Data Breached
Not disclosed for now
Use of 3rd Party
Broadcasting company
3rd-party Company
Ipswitch, Inc.
Date
June
Company
Ofcom
Data Breached
Not disclosed for now
Use of 3rd Party
Government office
3rd-party Company
Ipswitch, Inc.
Date
May
Company
Paramount Health Care
Data Breached
Names, addresses, and Social Security numbers.
Use of 3rd Party
Health company
3rd-party Company
NationsBenefits Holding, LLC
Date
May
Company
VCU Health System
Data Breached
Names, addresses, and Social Security numbers.
Use of 3rd Party
Academic medical center
3rd-party Company
Credit Control Corporation
Date
May
Company
Valley Health System
Data Breached
Names, addresses, and Social Security numbers.
Use of 3rd Party
Regional healthcare system
3rd-party Company
Credit Control Corporation
Date
May
Company
UVA Health System
Data Breached
Names, addresses, and Social Security numbers.
Use of 3rd Party
Hospital
3rd-party Company
Credit Control Corporation
Date
May
Data Breached
Names, addresses, and Social Security numbers.
Use of 3rd Party
Medical clinic
3rd-party Company
Credit Control Corporation
Date
May
Company
Sentara Health System
Data Breached
Names, addresses, and Social Security numbers.
Use of 3rd Party
Integrated, not-for-profit health network serving
3rd-party Company
Credit Control Corporation
Date
May
Company
Riverside Health System
Data Breached
Names, addresses, and Social Security numbers.
Use of 3rd Party
Integrated, not-for-profit health network serving
3rd-party Company
Credit Control Corporation
Date
May
Data Breached
Names, addresses, and Social Security numbers.
Use of 3rd Party
Dermatology Services
3rd-party Company
Credit Control Corporation
Date
May
Company
Medical Center Radiology
Data Breached
Names, addresses, and Social Security numbers.
Use of 3rd Party
Radiology Center
3rd-party Company
Credit Control Corporation
Date
May
Company
Mary Washington Healthcare
Data Breached
Names, addresses, and Social Security numbers.
Use of 3rd Party
Award-winning, non-profit healthcare system
3rd-party Company
Credit Control Corporation
Date
May
Data Breached
Names, addresses, and Social Security numbers.
Use of 3rd Party
Medical group
3rd-party Company
Credit Control Corporation
Date
May
Company
Dominion Pathology Laboratories
Data Breached
Names, addresses, and Social Security numbers.
Use of 3rd Party
Medical laboratory
3rd-party Company
Credit Control Corporation
Date
May
Company
Children’s Specialty Group
Data Breached
Names, addresses, and Social Security numbers.
Use of 3rd Party
Multispecialty pediatric physician practice
3rd-party Company
Credit Control Corporation
Date
May
Data Breached
Names, addresses, and Social Security numbers.
Use of 3rd Party
Free-standing children’s hospital
3rd-party Company
Credit Control Corporation
Date
May
Data Breached
Names, addresses, and Social Security numbers.
Use of 3rd Party
Medical services
3rd-party Company
Credit Control Corporation
Date
May
Company
Chesapeake Radiology
Data Breached
Names, addresses, and Social Security numbers.
Use of 3rd Party
Radiology services
3rd-party Company
Credit Control Corporation
Date
May
Company
Bayview Physicians Group
Data Breached
Names, addresses, and Social Security numbers.
Use of 3rd Party
Medical services
3rd-party Company
Credit Control Corporation
Date
May
Company
Atlantic Orthopaedic Specialists
Data Breached
Names, addresses, and Social Security numbers.
Use of 3rd Party
Orthopedic services
3rd-party Company
Credit Control Corporation
Date
May
Company
Discord
Data Breached
User email addresses, contents of customer service messages, and attachments
Use of 3rd Party
VoIP and instant messaging social platform.
3rd-party Company
Zendesk
Date
May
Company
Whitman College
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Liberal arts college
3rd-party Company
Brightline Health
Date
May
Company
Washington Trust Bank
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Bank
3rd-party Company
Brightline Health
Date
May
Company
Walla Walla University
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
University
3rd-party Company
Brightline Health
Date
May
Company
VERTEX
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Biotech company
3rd-party Company
Brightline Health
Date
May
Company
University of Alaska
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
University
3rd-party Company
Brightline Health
Date
May
Company
Undead Labs
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Video game developer
3rd-party Company
Brightline Health
Date
May
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
University
3rd-party Company
Brightline Health
Date
May
Company
Tanana Chiefs Conference
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Non-profit organization
3rd-party Company
Brightline Health
Date
May
Company
Symetra Life Insurance Company
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Insurance Company
3rd-party Company
Brightline Health
Date
May
Company
Spokane Teachers Credit Union
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Bank
3rd-party Company
Brightline Health
Date
May
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Landmark
3rd-party Company
Brightline Health
Date
May
Company
SOUTH SHORE HEALTH
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Independent non-profit health system
3rd-party Company
Brightline Health
Date
May
Company
SolstenXP, Inc.
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Engineering consultant
3rd-party Company
Brightline Health
Date
May
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Association
3rd-party Company
Brightline Health
Date
May
Company
Seagen Inc.
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Biotechnology company
3rd-party Company
Brightline Health
Date
May
Company
Rail Management Services
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Transportation service
3rd-party Company
Brightline Health
Date
May
Company
Pyrotek Inc
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Consulting services
3rd-party Company
Brightline Health
Date
May
Company
PND Engineers, Inc.
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Civil engineering company
3rd-party Company
Brightline Health
Date
May
Company
Oberto Snacks Inc.
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Manufacturing company
3rd-party Company
Brightline Health
Date
May
Company
Northwest Cascade, Inc.
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
General contractor
3rd-party Company
Brightline Health
Date
May
Company
Nintendo of America Inc.
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Computer game developer
3rd-party Company
Brightline Health
Date
May
Company
Municipality of Anchorage
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
City
3rd-party Company
Brightline Health
Date
May
Company
MIIA
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Internet Service Providers
3rd-party Company
Brightline Health
Date
May
Company
Manke Lumber Company Inc.
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Lumber store
3rd-party Company
Brightline Health
Date
May
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Mechanical contractor
3rd-party Company
Brightline Health
Date
May
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Food products supplier
3rd-party Company
Brightline Health
Date
May
Company
KPMG LLP
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
International Limited is a multinational professional services network
3rd-party Company
Brightline Health
Date
May
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
School district
3rd-party Company
Brightline Health
Date
May
Company
Keller Supply
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Plumbing supply store
3rd-party Company
Brightline Health
Date
May
Company
IUOE
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Trade union
3rd-party Company
Brightline Health
Date
May
Company
Insitu, Inc.
Data Breached
Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party
Company that designs, develops and manufactures unmanned aerial systems.
3rd-party Company
Brightline Health
Date
May
Company
Intel
Data Breached
Source code
Use of 3rd Party
Semiconductor corporation
3rd-party Company
Micro Star International (MSI)
Date
May
Company
Kibble Equipment
Data Breached
Sensitive personal identifiable information
Use of 3rd Party
Commercial products
3rd-party Company
Razor Consulting Solutions
Date
May
Data Breached
Name, address, claim number, dates of service, the last four digits of their Medicare Beneficiary number, and service/procedure descriptions with billing codes.
Use of 3rd Party
Federal agency
3rd-party Company
Palmetto GBA
Date
May
Data Breached
Names, addresses, telephone numbers, email addresses, dates of birth and national insurance numbers.
Use of 3rd Party
Government district
3rd-party Company
Evide Impact Limited
Date
May
Company
Coles
Data Breached
Employee details
Use of 3rd Party
Supermarket company
3rd-party Company
Latitude Financial Services
Date
May
Company
Queensway Carleton Hospital
Data Breached
Name, gender, date of birth, marital status and mother tongue; home addresses, phone numbers, and email addresses; OHIP numbers; insurance policy numbers; health care providers; patient ID numbers; patient visit ID numbers; scheduled surgical dates; past medical history and procedure description.
Use of 3rd Party
Hospital
3rd-party Company
Aetonix Systems Inc.
Date
May
Company
Cornerstone Home Lending
Data Breached
Name, address, loan number, and bank account information.
Use of 3rd Party
Home lending
3rd-party Company
Unknown
Date
May
Company
Cornerstone Home Lending
Data Breached
Name, address, loan number, and bank account information.
Use of 3rd Party
Home lending
3rd-party Company
Unknown
Date
May
Company
Stanford University
Data Breached
Names, contact information, member IDs, dates of birth and coverage information.
Use of 3rd Party
University
3rd-party Company
Brightline Health
Date
May
Company
Stanford Medicine Partners
Data Breached
Names, contact information, member IDs, dates of birth and coverage information.
Use of 3rd Party
HealthCare Alliance
3rd-party Company
Brightline Health
Date
May
Data Breached
Names, contact information, member IDs, dates of birth and coverage information.
Use of 3rd Party
Children’s Health
3rd-party Company
Brightline Health
Date
May
Company
Stanford Health Care Tri-Valley
Data Breached
Names, contact information, member IDs, dates of birth and coverage information.
Use of 3rd Party
Hospital
3rd-party Company
Brightline Health
Date
May
Company
Razor Consulting Solutions
Data Breached
Sensitive information.
Use of 3rd Party
Consultant
3rd-party Company
Rackspace Cloud
Date
May
Data Breached
Names, addresses, dates of birth, Social Security numbers, insurance information, medical diagnosis and medications.
Use of 3rd Party
Medical
3rd-party Company
Community Health Systems
Date
May
Company
Medical Center Enterprise (Ala.)
Data Breached
Names, addresses, dates of birth, Social Security numbers, insurance information, medical diagnosis and medications.
Use of 3rd Party
Medical center
3rd-party Company
Community Health Systems
Date
May
Data Breached
Names, addresses, dates of birth, Social Security numbers, insurance information, medical diagnosis and medications.
Use of 3rd Party
Medical center
3rd-party Company
Community Health Systems
Date
May
Company
Flowers Hospital
Data Breached
Names, addresses, dates of birth, Social Security numbers, insurance information, medical diagnosis and medications.
Use of 3rd Party
Medical
3rd-party Company
Community Health Systems
Date
May
Company
Crestwood Medical Center
Data Breached
Names, addresses, dates of birth, Social Security numbers, insurance information, medical diagnosis and medications.
Use of 3rd Party
Medical center
3rd-party Company
Community Health Systems
Date
May
Company
Grandview Medical Center
Data Breached
Names, addresses, dates of birth, Social Security numbers, insurance information, medical diagnosis and medications.
Use of 3rd Party
Medical center
3rd-party Company
Community Health Systems
Date
May
Company
Webster Bank
Data Breached
Names, Social Security numbers and financial account information.
Use of 3rd Party
Commercial banking company
3rd-party Company
Guardian Analytics, Inc.
Date
May
Company
Iowa Medicaid
Data Breached
Names, addresses, diagnoses and treatment information, insurance carrier information, and insurance subscriber identification numbers.
Use of 3rd Party
Health and Human Services
3rd-party Company
Telligen, Inc.
Date
April
Company
Santa Clara Family Health Plan
Data Breached
Names, demographic information, health insurance numbers, Social Security numbers, dates of service, phone numbers, and provider names.
Use of 3rd Party
Health insurance agency
3rd-party Company
GoAnywhere MFT
Date
April
Company
NationsBenefits Holding, LLC
Data Breached
First and last name, address, phone number, date of birth, gender, health plan subscriber ID number, Social Security number, and/or Medicare number.
Use of 3rd Party
Supplemental benefits company
3rd-party Company
GoAnywhere MFT
Date
April
Company
Brightline Health
Data Breached
Consumers’ names, addresses, member IDs, dates of birth, phone numbers, employers’ names and group ID numbers, and coverage start/end dates. After confirming that consumer data
Use of 3rd Party
Technology-enabled behavioral health home
3rd-party Company
GoAnywhere MFT
Date
April
Company
Aerospace Asset Trading, LLC
Data Breached
Not disclosed for now
Use of 3rd Party
Aircraft supply store
3rd-party Company
100X, Inc
Date
April
Data Breached
Not disclosed for now
Use of 3rd Party
Low-cost insurance coverage for children and teens
3rd-party Company
Independent Living Systems
Date
April
Company
Aerocor Engine Group, LLC
Data Breached
Not disclosed for now
Use of 3rd Party
Aviation consultant
3rd-party Company
100X, Inc
Date
April
Company
Freedom Air Industries Inc
Data Breached
Not disclosed for now
Use of 3rd Party
Transportation service
3rd-party Company
100X, Inc
Date
April
Data Breached
Not disclosed for now
Use of 3rd Party
Composite and metal repairs services company
3rd-party Company
100X, Inc
Date
April
Company
AMP Aero Services
Data Breached
Not disclosed for now
Use of 3rd Party
Aircraft supply store
3rd-party Company
100X, Inc
Date
April
Company
Miami Aircraft Structures, Inc
Data Breached
Not disclosed for now
Use of 3rd Party
Aircraft maintenance company
3rd-party Company
100X, Inc
Date
April
Company
JetStream Capital, LLC
Data Breached
Not disclosed for now
Use of 3rd Party
Financial planner
3rd-party Company
100X, Inc
Date
April
Company
Sonic Aircraft Components, LLC
Data Breached
Not disclosed for now
Use of 3rd Party
Florida Limited Liability company
3rd-party Company
100X, Inc
Date
April
Company
Sal Aerospace Technologies, Inc
Data Breached
Not disclosed for now
Use of 3rd Party
Aviation engineering company
3rd-party Company
100X, Inc
Date
April
Company
NexGen Aero, LLC
Data Breached
Not disclosed for now
Use of 3rd Party
Aircraft supply store
3rd-party Company
100X, Inc
Date
April
Company
Encore Optical Laboratories LLC
Data Breached
Not disclosed for now
Use of 3rd Party
Eye care center
3rd-party Company
100X, Inc
Date
April
Company
Gearup Aviation Solutions, LLC
Data Breached
Not disclosed for now
Use of 3rd Party
Aviation asset trading company
3rd-party Company
100X, Inc
Date
April
Company
Brickell Asset Management
Data Breached
Not disclosed for now
Use of 3rd Party
Commercial company
3rd-party Company
100X, Inc
Date
April
Data Breached
Not disclosed for now
Use of 3rd Party
Airlines and Aviation company
3rd-party Company
100X, Inc
Date
March
Company
Blue Shield of California
Data Breached
Former employees data
Use of 3rd Party
Software vendor
3rd-party Company
GoAnywhere MFT
Date
March
Company
Saks Fifth Avenue
Data Breached
Former employees data
Use of 3rd Party
Software vendor
3rd-party Company
GoAnywhere MFT
Date
March
Company
Pension Protection Fund
Data Breached
Former employees data
Use of 3rd Party
Software vendor
3rd-party Company
GoAnywhere MFT
Date
March
Company
Virgin Group
Data Breached
Former employees data
Use of 3rd Party
Software vendor
3rd-party Company
GoAnywhere MFT
Date
March
Company
City of Toronto
Data Breached
Former employees data
Use of 3rd Party
Software vendor
3rd-party Company
GoAnywhere MFT
Date
March
Company
Tasmanian Government
Data Breached
Former employees data
Use of 3rd Party
Software vendor
3rd-party Company
GoAnywhere MFT
Date
March
Data Breached
Customer data
Use of 3rd Party
Software vendor
3rd-party Company
Nebu BV
Date
March
Company
De Nederlandse Spoorwegen
Data Breached
Customer data
Use of 3rd Party
Software vendor
3rd-party Company
Nebu BV
Date
March
Company
Ervoersbedrijf Trevvel
Data Breached
Customer data
Use of 3rd Party
Software vendor
3rd-party Company
Nebu BV
Date
March
Company
Health and safety body ArboNed
Data Breached
Customer data
Use of 3rd Party
Software vendor
3rd-party Company
Nebu BV
Date
March
Company
Nederlandse Golf Federatie
Data Breached
Customer data
Use of 3rd Party
Software vendor
3rd-party Company
Nebu BV
Date
March
Company
Marktonderzoeker USP
Data Breached
Customer data
Use of 3rd Party
Software vendor
3rd-party Company
Nebu BV
Date
March
Company
Health care provider CZ
Data Breached
Customer data
Use of 3rd Party
Software vendor
3rd-party Company
Nebu BV
Date
March
Company
Heineken
Data Breached
Customer data
Use of 3rd Party
Software vendor
3rd-party Company
Nebu BV
Date
March
Company
VodafoneZiggo
Data Breached
Customer data
Use of 3rd Party
Software vendor
3rd-party Company
Nebu BV
Date
March
Data Breached
Students’ credit and debit card information
Use of 3rd Party
Software vendor
3rd-party Company
AudienceView
Date
March
Company
Uber
Data Breached
Private driver data
Use of 3rd Party
Mid-size law firm
3rd-party Company
Genova Burns
Date
March
Company
Hatch Bank
Data Breached
Sensitive data
Use of 3rd Party
Software vendor
3rd-party Company
GoAnywhere MFT
Date
March
Company
Rubrik
Data Breached
Sensitive data
Use of 3rd Party
Software vendor
3rd-party Company
GoAnywhere MFT
Date
March
Company
Investissement Québec
Data Breached
Sensitive data
Use of 3rd Party
Software vendor
3rd-party Company
GoAnywhere MFT
Date
March
Company
Rio Tinto Group
Data Breached
Sensitive data
Use of 3rd Party
Software vendor
3rd-party Company
GoAnywhere MFT
Date
March
Company
Hitachi Energy
Data Breached
Sensitive data
Use of 3rd Party
Software vendor
3rd-party Company
GoAnywhere MFT
Date
March
Company
National Basketball Association
Data Breached
Names and email addresses
Use of 3rd Party
Email marketing vendor
3rd-party Company
Unknown
Date
March
Company
SpaceX
Data Breached
3,000 drawings
Use of 3rd Party
Laser cutting service
3rd-party Company
Maximum Industries
Date
March
Company
AT&T
Data Breached
Wireless accounts was exposed
Use of 3rd Party
Telecommunications company
3rd-party Company
Unknown
Date
February
Company
Community Health Systems
Data Breached
Customer data was not compromised
Use of 3rd Party
Software vendor
3rd-party Company
GoAnywhere MFT
Date
February
Company
Boost Mobile
Data Breached
Employees, customers, business, operations or financial information
Use of 3rd Party
Satellite television company
3rd-party Company
DISH Network Corporation
Date
February
Company
Sling TV
Data Breached
Employees, customers, business, operations or financial information
Use of 3rd Party
Satellite television company
3rd-party Company
DISH Network Corporation
Date
February
Company
Applied Materials
Data Breached
Names, email addresses, phone numbers, protected health information and insurance information
Use of 3rd Party
Media vendor
3rd-party Company
Rise Interactive
Date
February
Company
Edgepark Medical
Data Breached
Names, email addresses, phone numbers, protected health information and insurance information
Use of 3rd Party
Media vendor
3rd-party Company
Rise Interactive
Date
February
Company
Sharp HealthCare
Data Breached
Patient names, internal Sharp identification numbers and/or invoice numbers, payment amounts, and the names of the Sharp facilities receiving the payments.
Use of 3rd Party
Regional health care group
3rd-party Company
Unknown
Date
February
Company
Atlassian
Data Breached
Email addresses, phone numbers, names
Use of 3rd Party
Office functions vendor
3rd-party Company
Envoy
Date
February
Company
Community Health Systems
Data Breached
Personal and health information
Use of 3rd Party
Software vendor
3rd-party Company
GoAnywhere
Date
January
Data Breached
Names, Social Security numbers, financial account information, dates of birth, and protected health information
Use of 3rd Party
Software vendor
3rd-party Company
Diligent Corporation
Date
January
Company
Solana Foundation
Data Breached
Name, URL, address, and email address
Use of 3rd Party
Email marketing vendor
3rd-party Company
MailChimp
Date
January
Company
Yuga Labs
Data Breached
Name, URL, address, and email address
Use of 3rd Party
Email marketing vendor
3rd-party Company
MailChimp
Date
January
Company
WooCommerce
Data Breached
Name, URL, address, and email address
Use of 3rd Party
Email marketing vendor
3rd-party Company
MailChimp
Date
January
Company
FanDuels
Data Breached
Email addresses and names of customers, or potential customers, that are used to send marketing emails
Use of 3rd Party
Email marketing vendor
3rd-party Company
MailChimp
Date
January
Company
Nissan North America
Data Breached
Full names, dates of birth, and NMAC account numbers
Use of 3rd Party
Automotive industry company
3rd-party Company
Unknown
Date
January
Company
Datadog
Data Breached
Signing keys and its passphrase
Use of 3rd Party
Software vendor
3rd-party Company
CircleCI
Date
January
Company
KLM
Data Breached
Names, email addresses, phone numbers, latest transactions, and Flying Blue information
Use of 3rd Party
Loyalty program
3rd-party Company
Flying Blue
Date
January
Company
Air France
Data Breached
Names, email addresses, phone numbers, latest transactions, and Flying Blue information
Use of 3rd Party
Loyalty program
3rd-party Company
Flying Blue
2022 Data leaks
Data Leaks for 2022
Date
Company
Data Breached
Use of 3rd Party
3rd-party Company
Date
July
Company
Westchester Gardens
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Retirement community
3rd-party Company
Infinity Rehab
Date
July
Company
Village Health & Rehab
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Rehabilitation center
3rd-party Company
Infinity Rehab
Date
July
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Apartment building
3rd-party Company
Infinity Rehab
Date
July
Company
St Anthony Health Center
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Doctor in Newcastle
3rd-party Company
Infinity Rehab
Date
July
Company
Riverside Health & Rehab
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Nursing home
3rd-party Company
Infinity Rehab
Date
July
Company
Hillside Health & Rehab
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Nursing home
3rd-party Company
Infinity Rehab
Date
July
Company
Gardens at Terracina
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Rehabilitation center
3rd-party Company
Infinity Rehab
Date
July
Company
Discovery Care Center
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Adult day care center
3rd-party Company
Infinity Rehab
Date
July
Company
Able Palms Home Health
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Able Palms Home Health
3rd-party Company
Infinity Rehab
Date
July
Company
Prospera Sunset Drive
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Nursing home
3rd-party Company
Infinity Rehab
Date
July
Company
Prospera St Vincent’s
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Nursing home
3rd-party Company
Infinity Rehab
Date
July
Company
Prospera Miller Pointe
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Rehabilitation center
3rd-party Company
Infinity Rehab
Date
July
Company
Prospera Augusta Place
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Retirement community
3rd-party Company
Infinity Rehab
Date
July
Company
Fairlawn Good Samaritan
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Physical therapist
3rd-party Company
Infinity Rehab
Date
July
Company
Someren Glen
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Retirement home
3rd-party Company
Infinity Rehab
Date
July
Company
Holly Creek Retirement Community
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Retirement community
3rd-party Company
Infinity Rehab
Date
July
Company
Clermont Park
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Rehabilitation center
3rd-party Company
Infinity Rehab
Date
July
Company
Secora Rehab of Cascadia
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Nursing home
3rd-party Company
Infinity Rehab
Date
July
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Nursing home
3rd-party Company
Infinity Rehab
Date
July
Company
Brookfield Rehab of Cascadia
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Nursing home
3rd-party Company
Infinity Rehab
Date
July
Company
Bethany at Silver Lake
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Nursing home
3rd-party Company
Infinity Rehab
Date
July
Company
Bethany at Pacific
Data Breached
Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Rehabilitation center
3rd-party Company
Infinity Rehab
Date
October
Data Breached
Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare IDs, and health information such as treatment and diagnosis information
Use of 3rd Party
Healthcare practice
3rd-party Company
Not disclosed
Date
September
Company
Anthem MaineHealth
Data Breached
Names, Social Security numbers, addresses, dates of birth, phone numbers, email addresses, Medicare ID numbers, Medicaid ID numbers and health plan carrier names.
Use of 3rd Party
Health insurance company
3rd-party Company
Alight.com (Choice Health prev)
Date
September
Company
Humana
Data Breached
Customers’ first and last names, Social Security numbers, Medicare beneficiary identification numbers, dates of birth, addresses, contact information and health insurance information
Use of 3rd Party
Health insurance company
3rd-party Company
Alight.com (Choice Health prev)
Date
August
Data Breached
Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party
Medical clinic
3rd-party Company
Not disclosed
Date
August
Data Breached
Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party
Medical clinic
3rd-party Company
Not disclosed
Date
August
Data Breached
Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party
Medical clinic
3rd-party Company
Not disclosed
Date
August
Company
Bronx Anesthesia Services PC
Data Breached
Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party
Medical clinic
3rd-party Company
Not disclosed
Date
August
Data Breached
Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party
Medical clinic
3rd-party Company
Not disclosed
Date
August
Data Breached
Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party
Medical clinic
3rd-party Company
Not disclosed
Date
August
Company
Hazleton Anesthesia Services PC
Data Breached
Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party
Medical clinic
3rd-party Company
Not disclosed
Date
August
Company
Lynbrook Anesthesia Services PC
Data Breached
Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party
Medical clinic
3rd-party Company
Not disclosed
Date
August
Data Breached
Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party
Medical clinic
3rd-party Company
Not disclosed
Date
August
Data Breached
Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party
Medical clinic
3rd-party Company
Not disclosed
Date
August
Data Breached
Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party
Medical clinic
3rd-party Company
Not disclosed
Date
August
Company
FMC Services, LLC
Data Breached
Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party
Medical clinic
3rd-party Company
Not disclosed
Date
August
Data Breached
Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party
Medical clinic
3rd-party Company
Not disclosed
Date
August
Data Breached
Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party
Medical clinic
3rd-party Company
Not disclosed
Date
August
Company
Upstate Anesthesia Services PC
Data Breached
Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party
Medical clinic
3rd-party Company
Not disclosed
Date
July
Data Breached
Names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, medical record numbers, Medicaid/Medicare IDs, and health information, including diagnosis and treatment information
Use of 3rd Party
Health care organization
3rd-party Company
Not disclosed
Date
July
Company
Somnia, Inc.
Data Breached
Names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, medical record numbers, Medicaid/Medicare IDs, and health information, including diagnosis and treatment information
Use of 3rd Party
Health care organization
3rd-party Company
Not disclosed
Date
July
Data Breached
Names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, medical record numbers, Medicaid/Medicare IDs, and health information, including diagnosis and treatment information
Use of 3rd Party
Health care organization
3rd-party Company
Not disclosed
Date
July
Data Breached
Names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, medical record numbers, Medicaid/Medicare IDs, and health information, including diagnosis and treatment information
Use of 3rd Party
Health care organization
3rd-party Company
Not disclosed
Date
July
Data Breached
Names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, medical record numbers, Medicaid/Medicare IDs, and health information, including diagnosis and treatment information
Use of 3rd Party
Health care organization
3rd-party Company
Not disclosed
Date
July
Data Breached
Names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, medical record numbers, Medicaid/Medicare IDs, and health information, including diagnosis and treatment information
Use of 3rd Party
Health care organization
3rd-party Company
Not disclosed
Date
July
Data Breached
Names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, medical record numbers, Medicaid/Medicare IDs, and health information, including diagnosis and treatment information
Use of 3rd Party
Health care organization
3rd-party Company
Not disclosed
Date
July
Company
Primary Anesthesia Services
Data Breached
Names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, medical record numbers, Medicaid/Medicare IDs, and health information, including diagnosis and treatment information
Use of 3rd Party
Health care organization
3rd-party Company
Not disclosed
Date
July
Company
Somnia Pain Mgt of Kentucky
Data Breached
Names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, medical record numbers, Medicaid/Medicare IDs, and health information, including diagnosis and treatment information
Use of 3rd Party
Health care organization
3rd-party Company
Not disclosed
Date
December
Company
St. Luke’s Health
Data Breached
Names, birthdates, addresses, Social Security numbers, Medicaid numbers, service dates, and medical record numbers, clinical details
Use of 3rd Party
Texas-based St. Luke’s Health provider
3rd-party Company
Adelanto Healthcare Ventures
Date
December
Company
Sobeys
Data Breached
Not disclosed for now
Use of 3rd Party
The second largest supermarket chain
3rd-party Company
Empire Co.
Date
September
Company
Magento
Data Breached
Not disclosed for now
Use of 3rd Party
Open-source eCommerce platform
3rd-party Company
FishPig
Date
August
Company
Oklahoma Student Loan Authority
Data Breached
2.5M Student Loan Records
Use of 3rd Party
Servicing system and web portal provider
3rd-party Company
Nelnet Servicing
Date
August
Company
KeyBank
Data Breached
Names, mortgage information, phone numbers, property information, home insurance information and Social Security numbers
Use of 3rd Party
Insurance services vendor
3rd-party Company
Overby-Seawell
Date
August
Data Breached
Names, email addresses, delivery addresses, phone numbers,
payment card numbers, LastPass technical information and source code
Use of 3rd Party
Phone number verification services provider
3rd-party Company
Twilio
Date
August
Data Breached
Not disclosed for now
Use of 3rd Party
Software vendor
3rd-party Company
Not disclosed
Date
August
Company
Sturm, Ruger & Company
Data Breached
Names, shipping addresses, email addresses, credit and debit card numbers and expiration dates, security codes, and billing addresses
Use of 3rd Party
Shopping cart and payment processing services provider
3rd-party Company
Freestyle Solutions
Date
August
Company
Kiplepay Sdn Bhd
Data Breached
Not disclosed for now
Use of 3rd Party
Third-party payment gateway provider
3rd-party Company
Not disclosed
Date
August
Data Breached
Patients’ names, home addresses, dates of treatment, health plan numbers, and medical record numbers
Use of 3rd Party
Healthcare management services provider
3rd-party Company
Practice Resources, LLC
Date
August
Company
Signal
Data Breached
Phone numbers
Use of 3rd Party
Phone number verification services provider
3rd-party Company
Twilio
Date
August
Data Breached
Email addresses
Use of 3rd Party
Email marketing service provider
3rd-party Company
MailChimp
Date
August
Company
NHS
Data Breached
Not disclosed for now
Use of 3rd Party
IT provider
3rd-party Company
Advanced
Date
August
Company
Orange Business Services
Data Breached
Names, Social Security numbers, and birthdates of employees
Use of 3rd Party
Telecommunications service provider
3rd-party Company
Orange Silicon Valley
Date
August
Data Breached
Names, addresses, Social Security numbers, driver’s license numbers, government IDs, and medical information, such as treatment, diagnosis, and medical history
Use of 3rd Party
Ambulance billing services vendor
3rd-party Company
Intermedix Corporation
Date
July
Data Breached
Names, home addresses, email addresses, phone numbers and Social Security numbers
Use of 3rd Party
Servicing system and customer website portal provider
3rd-party Company
Nelnet Servicing
Date
July
Company
Sound Health and Wellness Trust
Data Breached
Social Security numbers, names, addresses, and unique ID numbers
Use of 3rd Party
Third-party administrator
3rd-party Company
Zenith American Solutions
Date
July
Company
Boeing Employees’ Credit Union
Data Breached
Names, addresses, account numbers, credit scores, and Social Security numbers
Use of 3rd Party
Printing vendor
3rd-party Company
Not disclosed
Date
July
Company
Celsius
Data Breached
Customer emails
Use of 3rd Party
Email delivery vendor
3rd-party Company
Customer.io
Date
July
Company
Toronto Symphony Orchestra
Data Breached
Names, email addresses, TSO Patron ID and information about TSO accounts (e.g. donor level, credit on account status, gift certificate status), personal information, demographic information (age range, gender, ethnicity), and opinions on the TSO
Use of 3rd Party
Mailing list provider
3rd-party Company
WordFly
Date
July
Data Breached
Dates of birth, Social Security numbers, health insurance and medical treatment information
Use of 3rd Party
Accounts receivable management solutions provider
3rd-party Company
Professional Finance Company
Date
July
Company
Arlington Skin
Data Breached
Names, addresses, dates of birth, diagnostic and treatment information, health insurance information, and Social Security numbers
Use of 3rd Party
VPN service provider
3rd-party Company
Virtual Private Network Solutions
Date
June
Data Breached
Names, dates of birth, addresses, Social Security numbers, driver’s license numbers, medical and treatment information, health insurance information, and billing information
Use of 3rd Party
Provider of revenue cycle management and other administrative services
3rd-party Company
Conifer Revenue Cycle Solutions
Date
June
Data Breached
Names, Social Security numbers, addresses, and some pension benefit information
Use of 3rd Party
Provider of digital and in-person total wellbeing solutions
3rd-party Company
LifeWorks US
Date
June
Data Breached
Names, Social Security numbers, addresses, phone numbers, driver’s license numbers, email addresses, dates of birth, medical record numbers, and health insurance information
Use of 3rd Party
Eye care software provider
3rd-party Company
EyeCare Leaders
Date
June
Company
OpenSea
Data Breached
Email addresses
Use of 3rd Party
Email delivery vendor
3rd-party Company
Customer.io
Date
June
Company
Colorado Springs Utilities
Data Breached
Customer names, addresses, account numbers, phone numbers, and email addresses
Use of 3rd Party
Third-party subcontractor
3rd-party Company
Not disclosed
Date
June
Company
Priority Health
Data Breached
Names, pharmacy and claim information, drug names, and prescription dates from certain prescriptions filled in 2012
Use of 3rd Party
Legal services provider
3rd-party Company
Warner Norcross & Judd
Date
May
Company
St. Luke’s
Data Breached
Patient names, insured names, addresses, phone numbers, ID numbers, dates of birth, last five digits of Social Security numbers, descriptions of services, billing amounts, outstanding balances, payment due dates, and status of the accounts
Use of 3rd Party
Billing services vendor
3rd-party Company
Kaye-Smith
Date
May
Company
EvergreenHealth
Data Breached
Patient names, dates of birth, medical record numbers, and treatment information
Use of 3rd Party
EMR provider
3rd-party Company
MyCare
Date
May
Company
K12 Schools in NY
Data Breached
Students’ grades and private messages with parents
Use of 3rd Party
Education software provider
3rd-party Company
Illuminate Education
Date
May
Company
Hospitals in Northern California
Data Breached
Names, Social Security numbers, dates of birth, addresses
Use of 3rd Party
Medi-Cal managed service provider
3rd-party Company
Partnership HealthPlan of California
Date
May
Company
Mangatoon
Data Breached
Names, email addresses, genders, social media account identities, auth tokens from social logins and salted MD5 password hashes
Use of 3rd Party
Search-powered solutions provider
3rd-party Company
Elasticsearch
Date
April
Data Breached
Names, PII, addresses, dates of birth, date of service, description of service, diagnosis codes, information provided as part of a health assessment, and member ID
Use of 3rd Party
Mailing and printing services vendor
3rd-party Company
OneTouchPoint
Date
April
Company
Sunwing Airlines
Data Breached
Not disclosed
Use of 3rd Party
Provider of solutions to the aviation industry
3rd-party Company
Airline Choice
Date
April
Company
Dis-Chem
Data Breached
First names, surnames, email addresses and cellphone numbers
Use of 3rd Party
Third-party service provider
3rd-party Company
Not disclosed
Date
March
Company
Central Maine Medical Center
Data Breached
Names, Social Security numbers, dates of birth, and medical or treatment details
Use of 3rd Party
Imaging and ambulatory surgical services provider
3rd-party Company
Shields Health Care Group Inc.
Date
March
Data Breached
Names, addresses, phone numbers, gender, dates of birth, medical codes, and Social Security numbers
Use of 3rd Party
Healthcare software provider
3rd-party Company
MCG Health
Date
March
Company
Rennline
Data Breached
Names, credit or debit card numbers, expiration dates, card verification codes (CVV), billing addresses, and transaction details
Use of 3rd Party
Software vendor
3rd-party Company
Freestyle Solutions
Date
March
Company
Okta
Data Breached
Employee credentials
Use of 3rd Party
Customer service provider
3rd-party Company
Sykes Enterprises
Date
March
Company
Okta customers
Data Breached
User credentials
Use of 3rd Party
Access & authentication management vendor
3rd-party Company
Okta
Date
March
Company
Highmark
Data Breached
Not disclosed
Use of 3rd Party
Printing and mailing vendor
3rd-party Company
Quantum Group
Date
March
Company
DataHEALTH
Data Breached
Names, addresses, phone numbers, Medical information, insurance information, dates of birth, payment information, and Social Security numbers.
Use of 3rd Party
Hosting & software vendor
3rd-party Company
Not disclosed
Date
March
Data Breached
Names, addresses, dates of birth, ages, phone numbers, Social Security numbers, and some Medicaid information
Use of 3rd Party
Healtcare vendor
3rd-party Company
Liberty of Oklahoma
Date
March
Company
Acro
Data Breached
Cardholder names, payment card numbers, dates of expiry, and security codes
Use of 3rd Party
Payment processing vendor
3rd-party Company
Not disclosed
Date
March
Company
Samsung, Qualcomm
Data Breached
Source code
Use of 3rd Party
Hardware contractor
3rd-party Company
Nvidia
Date
February
Company
Not disclosed
Data Breached
Names, dates of birth and Social Security numbers
Use of 3rd Party
Healthcare provider
3rd-party Company
Comprehensive Health Services
Date
February
Company
Fortune 500 companies
Data Breached
Names, addresses, Social Security numbers, birthdates, client identification numbers, medical diagnostic and treatment information, and health insurance information
Use of 3rd Party
Business service provider
3rd-party Company
Morley Companies
Date
February
Company
Internet Society
Data Breached
Names, emails, mailing addresses, and logins
Use of 3rd Party
Third-party vendor
3rd-party Company
Not disclosed
Date
February
Company
Oklahoma City Police Department
Data Breached
Victims’ last names, addresses, and health-related information
Use of 3rd Party
DNA research contractor
3rd-party Company
DNA Solutions Inc.
Date
February
Company
Memorial Health System
Data Breached
First names, last names, dates of birth, Social Security numbers, driver’s licenses numbers, financial information, health insurance information and treatment information
Use of 3rd Party
Software vendor
3rd-party Company
Advent Health Partners
Date
January
Data Breached
Names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Provider in therapy services
3rd-party Company
Infinity Rehab
Date
January
Data Breached
Names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party
Healthcare provider
3rd-party Company
Avamere Health Services
Date
January
Company
Entira Family Clinics
Data Breached
Names, addresses, Social Security numbers and medical histories
Use of 3rd Party
Hosting provider
3rd-party Company
Netgain
Date
January
Company
Government of South Australia
Data Breached
Names, dates of birth, addresses and tax file numbers
Use of 3rd Party
Payroll provider
3rd-party Company
Frontier Software
Date
January
Data Breached
Patient names, dates of birth, dates of service, provider names, Social Security numbers, driver’s license numbers, treatment information, and health insurance information
Use of 3rd Party
Technology vendor
3rd-party Company
Ciox Health
Date
January
Company
Red Cross
Data Breached
Not disclosed
Use of 3rd Party
Hosting provider
3rd-party Company
Not disclosed
2021 Data Leaks
Data Leaks for 2021
Date
Company
Data Breached
Use of 3rd Party
3rd-party Company
Date
November
Company
QRS Clients
Data Breached
Names, birth dates, addresses, Social Security numbers, portal usernames, medical treatment and diagnosis information, and patient identification numbers.
Use of 3rd Party
EHRS vendor
3rd-party Company
QRS
Date
October
Company
Anthem, Humana
Data Breached
First and last names, birth dates, phone numbers, member ID numbers, clinical data pertaining to kidney care services, and addresses.
Use of 3rd Party
IT vendor
3rd-party Company
PracticeMax
Date
October
Company
Fullerton Health
Data Breached
Names, identification numbers, and contact details, bank account details in “a few cases” and “certain limited health-related information”
Use of 3rd Party
Software vendor
3rd-party Company
Agape Connecting People
Date
October
Company
Durham Regional Government
Data Breached
Medical reports, complaints about medical treatment, and potential evidence in a criminal case
Use of 3rd Party
Software provider
3rd-party Company
Not disclosed
Date
September
Company
NRS
Data Breached
PII and biometrics
Use of 3rd Party
Slot machine operator
3rd-party Company
Dotty’s
Date
August
Data Breached
Policy holder names, addresses, birthdates, policy numbers, and other health insurance information
Use of 3rd Party
Administrative service vendor
3rd-party Company
Secure Administrative Solutions LLC
Date
August
Company
First Horizon Bank
Data Breached
200 online customer bank accounts
Use of 3rd Party
Software
3rd-party Company
Not disclosed
Date
August
Data Breached
Names, COVID-19 contact tracing information, vaccination appointments, Social Security numbers, employee IDs, and email addresses.
Use of 3rd Party
Business app
3rd-party Company
Microsoft
Date
August
Company
Catholic Health
Data Breached
Patients’ health information
Use of 3rd Party
Software vendor
3rd-party Company
CaptureRx
Date
July
Company
Jefferson’s Kimmel Cancer Center
Data Breached
Patient names, birth dates, medical record numbers, and clinical information related to treatment at Jefferson Health such as treatment plan, diagnosis, or prescription information. For some patients, Social Security number was also included as well.
Use of 3rd Party
Cloud provider
3rd-party Company
Elekta
Date
July
Company
Memorial Health System
Data Breached
Names, birthdates, medical information
Use of 3rd Party
Billing vendor
3rd-party Company
Guidehouse
Date
July
Company
Saudi Aramco
Data Breached
**Employees: name, photo, passport copy, email, phone number, residence permit (Iqama card) number, job title, ID numbers, family information, etc.
**Project specification for systems related to/including electrical/power, architectural, engineering, civil, construction management, environmental, machinery, vessels, telecom, etc.
Internal analysis reports, agreements, letters, pricing sheets, etc.
**Network layout mapping out the IP addresses, **Scada points, Wi-Fi access points, IP cameras, and IoT devices.
**Location map and precise coordinates.
**List of Aramco’s clients, along with invoices and contracts
Use of 3rd Party
Third-party contractor
3rd-party Company
Not disclosed
Date
July
Company
Hospitals
Data Breached
Name, address, email address, date of birth, driver’s license number, Social Security number, diagnosis, laboratory and treatment information, patient identification number, medication information, health insurance identification and claims information, tax identification number, employee username with password, employee username with security questions and answers, and bank account and/or credit card/debit card information
Use of 3rd Party
Medical management services provider
3rd-party Company
PracticeFirst
Date
July
Company
Hospitals
Data Breached
Name, tax ID, social security number, date of birth, other government-issued ID, telephone number, healthcare account number and balance, date of service, ClearBalance loan number and balance, personal banking information, clinical information, health insurance information, and full-face photographic image
Use of 3rd Party
Medical loan provider
3rd-party Company
ClearBalance
Date
July
Company
SpreadGroup Customers
Data Breached
Financial data
Use of 3rd Party
Clothing and retail vendor
3rd-party Company
Spreadshirt, Spreadshop, and TeamShirts
Date
July
Company
Morgan Stanley
Data Breached
Stock plan participants’ names,
addresses,
dates of birth,
Social Security Numbers,
corporate company names
Use of 3rd Party
Account maintenance services
3rd-party Company
Guidehouse, Accellion
Date
July
Data Breached
Availability of systems
Use of 3rd Party
IT management software for MSP
3rd-party Company
Kaseya
Date
June
Company
Ohio Medicaid Program
Data Breached
Names, dates of birth, Social Security numbers, addresses
Use of 3rd Party
Medicaid contractor
3rd-party Company
Maximus
Date
June
Company
CVS Health
Data Breached
COVID-19 vaccines and medications
Use of 3rd Party
Hosting vendor
3rd-party Company
Not disclosed
Date
June
Data Breached
Availability of e-mail newsletters
Use of 3rd Party
E-mail newsletter
3rd-party Company
iConstituent
Date
June
Company
Mercedes-Benz USA
Data Breached
Credit card information, Social security numbers, and driver license numbers of under 1,000 Mercedes-Benz customers and potential buyers
Use of 3rd Party
Vendor
3rd-party Company
Not disclosed
Date
June
Data Breached
Names, Social Security numbers, addresses, birth dates, medical diagnosis and treatment details.
Use of 3rd Party
Cloud provider
3rd-party Company
Elekta
Date
June
Company
AmeriGas
Data Breached
Internal email with spreadsheet attachments containing 123 AmeriGas employees’ information, including Lab IDs, social security numbers, driver’s license numbers, and dates of birth
Use of 3rd Party
Regulatory compliance vendor
3rd-party Company
J. J. Keller
Date
June
Company
Volkswagen Group of America
Data Breached
First and last name, personal or business mailing address, email address, or phone number. For some instances, a vehicle purchased, leased, or inquired about, such as the Vehicle Identification Number (VIN), make, model, year, color, and trim packages.
Use of 3rd Party
Digital marketing vendor
3rd-party Company
Shift Digital
Date
June
Company
Harbor Regional Health
Data Breached
Healthcare data
Use of 3rd Party
Software vendor
3rd-party Company
CaptureRX
Date
June
Data Breached
Customer back up files (details not disclosed)
Use of 3rd Party
Software vendor
3rd-party Company
Logicgate
Date
May
Company
U.S. Government
Data Breached
Not disclosed
Use of 3rd Party
Security defense contractor
3rd-party Company
BlueForce
Date
May
Company
U.S. Department of Energy
Data Breached
Email addresses, communication information of employees, sensitive files
Use of 3rd Party
Physics lab
3rd-party Company
Fermilab
Date
May
Company
Fasttrack Customers
Data Breached
Full names,
Email addresses,
Home addresses,
Dates of birth,
Passport numbers,
Applicant photos,
Mobile phone numbers,
Social network URLs for some applicants.
Use of 3rd Party
Recruitment vendor
3rd-party Company
Fasttrack Recruitment
Date
May
Data Breached
At least 76,000 email addresses were exposed, including those belonging to individuals outside of the ministry
Use of 3rd Party
Software vendor
3rd-party Company
Fujitsu
Date
May
Company
Canada Post
Data Breached
Sender and receiver contact information, names, and mailing addresses
Use of 3rd Party
Software vendor
3rd-party Company
CommPort Communications
Date
May
Company
Ardagh Clients
Data Breached
Not disclosed
Use of 3rd Party
Glass and metal packaging manufacturer
3rd-party Company
Ardagh
Date
May
Data Breached
Source code
Use of 3rd Party
Software auditing company
3rd-party Company
CodeCov
Date
May
Data Breached
Availability of EHR
Use of 3rd Party
EHR vendor
3rd-party Company
APRIMA
Date
May
Data Breached
Personal data including SSN
Use of 3rd Party
Managed IT services
3rd-party Company
Netgain
Date
May
Company
Pennsylvania Health Department
Data Breached
Names of individuals who were potentially exposed to COVID-19, positive or negative test results, any experienced symptoms, household members, and some contact information
Use of 3rd Party
Contact tracing app vendor
3rd-party Company
Insights Global
Date
May
Company
University of Houston
Data Breached
Financial data of students
Use of 3rd Party
Cap/ Gown vendor
3rd-party Company
Herff Jones
Date
May
Data Breached
Healthcare data
Use of 3rd Party
Software vendor
3rd-party Company
CaptureRX
Date
April
Data Breached
Availability of customer reservation systems
Use of 3rd Party
Software Vendor
3rd-party Company
Radixx (subsidiary of Sabre Corporation)
Date
April
Data Breached
Not disclosed
Use of 3rd Party
File sharing appliance vendor
3rd-party Company
Soliton (FileZen application)
Date
April
Company
Click Studios Customers
Data Breached
Employee and local admin accounts
Use of 3rd Party
Password manager (Passwordstate)
3rd-party Company
Click Studios
Date
April
Company
Apple
Data Breached
Macbook blueprints
Use of 3rd Party
Macbook manufacturer
3rd-party Company
Quanta
Date
April
Data Breached
Shipping labels and customer receipts
Use of 3rd Party
B2B packaging vendor
3rd-party Company
Bizongo
Date
April
Data Breached
Contact details, dates of birth, insurance ID numbers, and health information, such as treatments and medical conditions.
Use of 3rd Party
File sharing application
3rd-party Company
Accellion
Date
April
Company
CallX Customers (possibly Lendingtree, Liberty Mutual Insurance and Vivint among the clients)
Data Breached
Audio recordings, transcripts of chats, full names, home addresses, phone numbers and more.
Use of 3rd Party
Telemarketing
3rd-party Company
CallX
Date
April
Company
Apple Valley Clinic
Data Breached
Names,
dates of birth,
Social security numbers,
bank account and routing numbers,
patient billing information,
medical information, such medical symptoms and diagnosis
Use of 3rd Party
IT services
3rd-party Company
Netgain
Date
April
Data Breached
Not disclosed
Use of 3rd Party
Software auditing company
3rd-party Company
CodeCov
Date
April
Data Breached
Subscriber ID,Social Security numbers, diagnoses, conditions, claims data, dates of services, medical procedure codes, insurance policy numbers, provider names, contact details, and dates of birth.
Use of 3rd Party
Revenue cycle service provider
3rd-party Company
MedData
Date
April
Data Breached
Variety of personally identifiable information, including federal tax documents, passports, addresses, birth dates, bank account information and Social Security numbers
Use of 3rd Party
File sharing app
3rd-party Company
Accellion
Date
April
Company
Wiener & Kennedy
Data Breached
Possibly employee sensitive information
Use of 3rd Party
Accounting firm
3rd-party Company
Perkins & Co, Netgain (4th party)
Date
April
Company
Doctors Medical Center
Data Breached
Patients’ names, addresses, procedure information
Use of 3rd Party
Virtual waiting room vendor
3rd-party Company
Medifie
Date
April
Company
Biotel Heart
Data Breached
Social Security numbers, medical records, contact information
Use of 3rd Party
Third-party vendor
3rd-party Company
Not disclosed
Date
April
Company
Upstox
Data Breached
Contact data and KYC details of customers
Use of 3rd Party
Third-party data warehouse systems
3rd-party Company
Not disclosed