Black Kite vs. The Competition See the Difference →

Data Breaches Caused By Third-parties

2024 Data leaks

Data Leaks for 2024
Date
Company
Data Breached
Use of 3rd Party
3rd-party Company
Date
Company
Data Breached
Use of 3rd Party
3rd-party Company
Date May
Data Breached Automotive aftermarket parts provider
Use of 3rd Party Cloud storage provider
3rd-party Company Snowflake
Date May
Company QuoteWizard
Data Breached Insurance providers
Use of 3rd Party Cloud storage provider
3rd-party Company Snowflake
Date May
Company Ticketmaster
Data Breached Customer information
Use of 3rd Party Cloud storage provider
3rd-party Company Snowflake
Date May
Company Santander
Data Breached Customer information
Use of 3rd Party Cloud storage provider
3rd-party Company Snowflake
Date May
Data Breached Personally identifiable information (PII)
Use of 3rd Party Software provider
3rd-party Company Tekrom Technology A.s. (T-Soft)
Date May
Company HSBC
Data Breached Source codes, database files, compiled JAR files, certification files, SQL files, JSON configuration files, and email addresses
Use of 3rd Party Multinational universal bank
3rd-party Company Baton Systems
Date May
Company Barclays
Data Breached Source codes, database files, compiled JAR files, certification files, SQL files, JSON configuration files, and email addresses
Use of 3rd Party Multinational universal bank
3rd-party Company Baton Systems
Date May
Data Breached Participant ID (keycoded identifier), study name, status, date of explicit consent, date of screen failure, random date, arm/cohort/startification, date of first dose, date of current dose, date of last dose, date of last visit, number of rescans , previous participant identification, age, gender, race, ethnicity, end of randomized period, reason for discontinuation of treatment, date of discontinuation of treatment, reason for discontinuation of study, date of discontinuation of study, study completed, date of study completion, date of death, SDVTier, participant identification, birth year, laboratory results, value within range, laboratory date, medications used, medical history information, For responsible investigators (HCP), research center staff, and people assigned to the research study; field personnel information, UserOID, login name, screen name, full name, user role, country, corporate contact information (address, email, fax, phone, license number)
Use of 3rd Party Medicine company
3rd-party Company eClinical Solutions LLC
Date April
Data Breached Personally identifiable information (PII)
Use of 3rd Party District government office
3rd-party Company Tyler Technologies
Date April
Company Cisco Duo
Data Breached Phone number, Carrier, Location data, Date, Time, Message type
Use of 3rd Party Multi-factor authentication and Single Sign-On service
3rd-party Company Telephony Provider
Date March
Data Breached Documents containing confidential information
Use of 3rd Party Goverment
3rd-party Company Xplain
Date March
Company Fidelity
Data Breached Names, Social Security numbers, states of residence, bank account and routing numbers, and dates of birth.
Use of 3rd Party Financial services corporation
3rd-party Company Infosys McCamish Systems (IMS)
Date March
Data Breached Card information
Use of 3rd Party Bank holding company
3rd-party Company A Merchant Processor
Date February
Data Breached Names, social Security number, date of birth, driver’s license numbers, state identification numbers, passports, direct deposit bank information, medical information, and health insurance information.
Use of 3rd Party Healthcare Provider
3rd-party Company Bowden Barlow Law, P.A.
Date February
Data Breached Date of birth, Social Security number, passport number, driver’s license number, health insurance information, and general health information.
Use of 3rd Party Brokerage firms
3rd-party Company Keenan & Associates
Date February
Data Breached The system is down, files and databases are encrypted
Use of 3rd Party Hospitals
3rd-party Company Hipocrate Information System (HIS)
Date February
Company Audiens
Data Breached Beneficiary’s marital status, date of birth, social security number, name of health insurer, and guarantees open to third-party payment.
Use of 3rd Party Corporate office
3rd-party Company Viamedis
Date February
Company Santéclair
Data Breached Beneficiary’s marital status, date of birth, social security number, name of health insurer, and guarantees open to third-party payment.
Use of 3rd Party Health counselor
3rd-party Company Viamedis
Date February
Data Breached Personal information of the patients.
Use of 3rd Party Healthcare Company
3rd-party Company Philips’Respironics unit
Date February
Company Kalixia
Data Breached Beneficiary’s marital status, date of birth, social security number, name of health insurer, and guarantees open to third-party payment.
Use of 3rd Party Corporate office
3rd-party Company Viamedis
Date February
Company Itelis
Data Breached Beneficiary’s marital status, date of birth, social security number, name of health insurer, and guarantees open to third-party payment.
Use of 3rd Party Business to business service
3rd-party Company Viamedis
Date February
Data Breached Beneficiary’s marital status, date of birth, social security number, name of health insurer, and guarantees open to third-party payment.
Use of 3rd Party Health insurance agency
3rd-party Company Viamedis
Date February
Data Breached Full name, address, health diagnosis, medications, and prescriptions.
Use of 3rd Party Pharmaceutical company
3rd-party Company Cencora
Date February
Data Breached Full name, address, health diagnosis, medications, and prescriptions.
Use of 3rd Party Pharmaceutical company
3rd-party Company Cencora
Date February
Company GSK
Data Breached Full name, address, health diagnosis, medications, and prescriptions.
Use of 3rd Party Pharmaceutical company
3rd-party Company Cencora
Date February
Data Breached Full name, address, health diagnosis, medications, and prescriptions.
Use of 3rd Party Pharmaceutical company
3rd-party Company Cencora
Date February
Data Breached Full name, address, health diagnosis, medications, and prescriptions.
Use of 3rd Party Pharmaceutical company
3rd-party Company Cencora
Date February
Data Breached Full name, address, health diagnosis, medications, and prescriptions.
Use of 3rd Party Pharmaceutical company
3rd-party Company Cencora
Date February
Data Breached Full name, address, health diagnosis, medications, and prescriptions.
Use of 3rd Party Pharmaceutical company
3rd-party Company Cencora
Date February
Data Breached Full name, address, health diagnosis, medications, and prescriptions.
Use of 3rd Party Pharmaceutical company
3rd-party Company Cencora
Date February
Company AbbVie
Data Breached Full name, address, health diagnosis, medications, and prescriptions.
Use of 3rd Party Pharmaceutical company
3rd-party Company Cencora
Date February
Company Bayer
Data Breached Full name, address, health diagnosis, medications, and prescriptions.
Use of 3rd Party Pharmaceutical company
3rd-party Company Cencora
Date February
Data Breached Full name, address, health diagnosis, medications, and prescriptions.
Use of 3rd Party Pharmaceutical company
3rd-party Company Cencora
Date February
Data Breached Beneficiary’s marital status, date of birth, social security number, name of health insurer, and guarantees open to third-party payment.
Use of 3rd Party Health insurance company
3rd-party Company Viamedis
Date February
Data Breached Names, addresses, social security numbers, dates of birth, and financial information, including account and credit card numbers
Use of 3rd Party Financial services company
3rd-party Company Infosys McCamish Systems (IMS)
Date February
Data Breached Personally identifiable information on employees (including some people who worked there from 2007 to 2017)
Use of 3rd Party Government agency
3rd-party Company CGI Federal
Date January
Data Breached Full names and one or more of the following data elements: date of birth, address, medical record number, hospital account number, admission diagnosis, and date(s) and time(s) of service.
Use of 3rd Party Health provider
3rd-party Company Perry Johnson & Associates, Inc., (PJ&A)
Date January
Company Concentra
Data Breached Full names and one or more of the following data elements: date of birth, address, medical record number, hospital account number, admission diagnosis, and date(s) and time(s) of service.
Use of 3rd Party Health provider
3rd-party Company Perry Johnson & Associates, Inc., (PJ&A)
Date January
Data Breached Name, date of birth, Social Security number, driver’s license/state ID number, passport number, military ID number, financial account number, credit/debit card number with and without expiration date and security code, health insurance information, and clinical information, such as diagnosis/conditions, lab results, and prescription information.
Use of 3rd Party Healthcare services provider
3rd-party Company Brady Martz & Associates
Date January
Data Breached Names, dates of birth, contact information, general health information, medical treatment information, Social Security numbers, and/or employment records.
Use of 3rd Party Healthcare services provider
3rd-party Company HMG Healthcare
Date January
Data Breached Name, address, date of birth, driver’s license or other state identification number, Social Security number, account access credentials, health insurance information, medical treatment and diagnosis information, medical treatment cost information, patient account number, Medicare or Medicaid number, healthcare provider information, and prescription information.
Use of 3rd Party Healthcare services provider
3rd-party Company ConsensioHealth
Date January
Data Breached Name, address, date of birth, driver’s license or other state identification number, Social Security number, account access credentials, health insurance information, medical treatment and diagnosis information, medical treatment cost information, patient account number, Medicare or Medicaid number, healthcare provider information, and prescription information.
Use of 3rd Party Healthcare services provider
3rd-party Company ConsensioHealth
Date January
Data Breached Name, address, date of birth, driver’s license or other state identification number, Social Security number, account access credentials, health insurance information, medical treatment and diagnosis information, medical treatment cost information, patient account number, Medicare or Medicaid number, healthcare provider information, and prescription information.
Use of 3rd Party Healthcare services provider
3rd-party Company ConsensioHealth
Date January
Company Rusta
Data Breached Sensitive personal data
Use of 3rd Party Cloud hosting services provider
3rd-party Company Tietoevry
Date January
Company Filmstaden
Data Breached Sensitive personal data
Use of 3rd Party Cloud hosting services provider
3rd-party Company Tietoevry
Date January
Company Primula
Data Breached Sensitive personal data
Use of 3rd Party Cloud hosting services provider
3rd-party Company Tietoevry
Date January
Data Breached Name, address, date of birth, driver’s license or other state identification number, Social Security number, account access credentials, health insurance information, medical treatment and diagnosis information, medical treatment cost information, patient account number, Medicare or Medicaid number, healthcare provider information, and prescription information.
Use of 3rd Party Health care company
3rd-party Company ConsensioHealth
Date January
Data Breached Name, address, date of birth, driver’s license or other state identification number, Social Security number, account access credentials, health insurance information, medical treatment and diagnosis information, medical treatment cost information, patient account number, Medicare or Medicaid number, healthcare provider information, and prescription information.
Use of 3rd Party Health care company
3rd-party Company ConsensioHealth
Date January
Data Breached Name, address, date of birth, driver’s license or other state identification number, Social Security number, account access credentials, health insurance information, medical treatment and diagnosis information, medical treatment cost information, patient account number, Medicare or Medicaid number, healthcare provider information, and prescription information.
Use of 3rd Party Health care company
3rd-party Company ConsensioHealth
Date January
Data Breached Name, address, date of birth, driver’s license or other state identification number, Social Security number, account access credentials, health insurance information, medical treatment and diagnosis information, medical treatment cost information, patient account number, Medicare or Medicaid number, healthcare provider information, and prescription information.
Use of 3rd Party Health care company
3rd-party Company ConsensioHealth
Date January
Data Breached Personally identifiable information
Use of 3rd Party Expansion card company
3rd-party Company Keating Consulting Group
Date January
Data Breached Not disclosed
Use of 3rd Party County
3rd-party Company TietoEVRY
Date January
Data Breached Not disclosed
Use of 3rd Party Municipality
3rd-party Company TietoEVRY
Date January
Data Breached Not disclosed
Use of 3rd Party Local government office
3rd-party Company TietoEVRY
Date January
Data Breached Not disclosed
Use of 3rd Party University
3rd-party Company TietoEVRY
Date January
Data Breached Not disclosed
Use of 3rd Party University
3rd-party Company TietoEVRY
Date January
Data Breached Not disclosed
Use of 3rd Party University
3rd-party Company TietoEVRY
Date January
Data Breached Not disclosed
Use of 3rd Party University
3rd-party Company TietoEVRY
Date January
Company SLU
Data Breached Not disclosed
Use of 3rd Party University
3rd-party Company TietoEVRY
Date January
Data Breached Not disclosed
Use of 3rd Party Global Job Market
3rd-party Company TietoEVRY
Date January
Company Grangnården
Data Breached Not disclosed
Use of 3rd Party Farming supplier
3rd-party Company TietoEVRY
Date January
Company Moelven
Data Breached Not disclosed
Use of 3rd Party Wood Products Company
3rd-party Company TietoEVRY
Date January
Company Rusta
Data Breached Not disclosed
Use of 3rd Party Company
3rd-party Company TietoEVRY
Date January
Company Filmstaden
Data Breached Not disclosed
Use of 3rd Party Television company
3rd-party Company TietoEVRY
Date January
Data Breached Not disclosed
Use of 3rd Party Health Corporation
3rd-party Company Perry Johnson & Associates, Inc., (PJ&A)
Date January
Data Breached Not disclosed
Use of 3rd Party Hospital
3rd-party Company Perry Johnson & Associates, Inc., (PJ&A)
Date January
Data Breached Names, addresses, dates of birth, Social Security numbers, driver’s license or other government ID numbers, passport numbers, email addresses, financial account details, tax identification numbers, medical and health information, health insurance and healthcare provider details, online account credentials, and credit or debit card numbers.
Use of 3rd Party Government agency
3rd-party Company Orrick, Herrington & Sutcliffe
Date January
Company MultiPlan
Data Breached Names, addresses, dates of birth, Social Security numbers, driver’s license or other government ID numbers, passport numbers, email addresses, financial account details, tax identification numbers, medical and health information, health insurance and healthcare provider details, online account credentials, and credit or debit card numbers.
Use of 3rd Party Corporation
3rd-party Company Orrick, Herrington & Sutcliffe
Date January
Data Breached Names, addresses, dates of birth, Social Security numbers, driver’s license or other government ID numbers, passport numbers, email addresses, financial account details, tax identification numbers, medical and health information, health insurance and healthcare provider details, online account credentials, and credit or debit card numbers.
Use of 3rd Party Vision insurance plans
3rd-party Company Orrick, Herrington & Sutcliffe
Date January
Data Breached Names, addresses, dates of birth, Social Security numbers, driver’s license or other government ID numbers, passport numbers, email addresses, financial account details, tax identification numbers, medical and health information, health insurance and healthcare provider details, online account credentials, and credit or debit card numbers.
Use of 3rd Party Health Options Company
3rd-party Company Orrick, Herrington & Sutcliffe
Date January
Data Breached Name Address Date of birth Social Security number Taxpayer Identification Number Medical Record number Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location) Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification) Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party Health Center
3rd-party Company HealthEC LLC
Date January
Data Breached Name Address Date of birth Social Security number Taxpayer Identification Number Medical Record number Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location) Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification) Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party Community Health Centers
3rd-party Company HealthEC LLC
Date January
Data Breached Name Address Date of birth Social Security number Taxpayer Identification Number Medical Record number Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location) Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification) Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party Health care Center
3rd-party Company HealthEC LLC
Date January
Data Breached Name Address Date of birth Social Security number Taxpayer Identification Number Medical Record number Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location) Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification) Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party Behavioral health network
3rd-party Company HealthEC LLC
Date January
Data Breached Name Address Date of birth Social Security number Taxpayer Identification Number Medical Record number Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location) Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification) Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party Cancer center
3rd-party Company HealthEC LLC
Date January
Data Breached Name Address Date of birth Social Security number Taxpayer Identification Number Medical Record number Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location) Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification) Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party Health care company
3rd-party Company HealthEC LLC
Date January
Data Breached Name Address Date of birth Social Security number Taxpayer Identification Number Medical Record number Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location) Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification) Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party Health care company
3rd-party Company HealthEC LLC
Date January
Data Breached Name Address Date of birth Social Security number Taxpayer Identification Number Medical Record number Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location) Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification) Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party Health care company
3rd-party Company HealthEC LLC
Date January
Data Breached Name Address Date of birth Social Security number Taxpayer Identification Number Medical Record number Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location) Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification) Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party Health care company
3rd-party Company HealthEC LLC
Date January
Data Breached Name Address Date of birth Social Security number Taxpayer Identification Number Medical Record number Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location) Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification) Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party Home care
3rd-party Company HealthEC LLC
Date January
Company KidneyLink
Data Breached Name Address Date of birth Social Security number Taxpayer Identification Number Medical Record number Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location) Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification) Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party National kidney platform
3rd-party Company HealthEC LLC
Date January
Company Beaumont ACO
Data Breached Name Address Date of birth Social Security number Taxpayer Identification Number Medical Record number Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location) Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification) Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party Physician and health system company
3rd-party Company HealthEC LLC
Date January
Data Breached Name Address Date of birth Social Security number Taxpayer Identification Number Medical Record number Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location) Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification) Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party Medicaid program
3rd-party Company HealthEC LLC
Date January
Data Breached Name Address Date of birth Social Security number Taxpayer Identification Number Medical Record number Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location) Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification) Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party Health care company
3rd-party Company HealthEC LLC
Date January
Data Breached Name Address Date of birth Social Security number Taxpayer Identification Number Medical Record number Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location) Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification) Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party Health care company
3rd-party Company HealthEC LLC
Date January
Company HonorHealth
Data Breached Name Address Date of birth Social Security number Taxpayer Identification Number Medical Record number Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location) Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification) Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party Health care company
3rd-party Company HealthEC LLC
Date January
Data Breached Name Address Date of birth Social Security number Taxpayer Identification Number Medical Record number Medical information (diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location) Health insurance information (beneficiary number, subscriber number, Medicaid/Medicare identification) Billing and claims information (patient account number, patient identification number, and treatment cost information)
Use of 3rd Party Health care company
3rd-party Company HealthEC LLC

2023 Data leaks

Data Leaks for 2023
Date
Company
Data Breached
Use of 3rd Party
3rd-party Company
Date December
Data Breached Not disclosed for now
Use of 3rd Party Nonprofit cooperative financial institution
3rd-party Company Trellance
Date December
Data Breached Not disclosed for now
Use of 3rd Party Medical Center
3rd-party Company Asper Biogene
Date December
Data Breached Name, date of birth, gender, phone number and address; health insurance information; and some clinical information. No Social Security numbers were compromised.
Use of 3rd Party Medical Center
3rd-party Company Perry Johnson & Associates, Inc., (PJ&A)
Date December
Data Breached Name, date of birth, gender, phone number and address; health insurance information; and some clinical information. No Social Security numbers were compromised.
Use of 3rd Party Medical Center
3rd-party Company Perry Johnson & Associates, Inc., (PJ&A)
Date December
Data Breached Full name Dates of birth Phone number Patient account/medical record number Injury type and date Diagnosis information Treatment type and date Procedure information Social Security Number (SSN)
Use of 3rd Party Medical Center
3rd-party Company ESO Solutions, Inc.
Date December
Data Breached Full name Dates of birth Phone number Patient account/medical record number Injury type and date Diagnosis information Treatment type and date Procedure information Social Security Number (SSN)
Use of 3rd Party Medical Center
3rd-party Company ESO Solutions, Inc.
Date December
Data Breached Full name Dates of birth Phone number Patient account/medical record number Injury type and date Diagnosis information Treatment type and date Procedure information Social Security Number (SSN)
Use of 3rd Party Medical Center
3rd-party Company ESO Solutions, Inc.
Date December
Data Breached Full name Dates of birth Phone number Patient account/medical record number Injury type and date Diagnosis information Treatment type and date Procedure information Social Security Number (SSN)
Use of 3rd Party Medical Center
3rd-party Company ESO Solutions, Inc.
Date December
Data Breached Full name Dates of birth Phone number Patient account/medical record number Injury type and date Diagnosis information Treatment type and date Procedure information Social Security Number (SSN)
Use of 3rd Party Medical Center
3rd-party Company ESO Solutions, Inc.
Date December
Data Breached Full name Dates of birth Phone number Patient account/medical record number Injury type and date Diagnosis information Treatment type and date Procedure information Social Security Number (SSN)
Use of 3rd Party Medical Center
3rd-party Company ESO Solutions, Inc.
Date December
Data Breached Full name Dates of birth Phone number Patient account/medical record number Injury type and date Diagnosis information Treatment type and date Procedure information Social Security Number (SSN)
Use of 3rd Party Medical Center
3rd-party Company ESO Solutions, Inc.
Date December
Data Breached Full name Dates of birth Phone number Patient account/medical record number Injury type and date Diagnosis information Treatment type and date Procedure information Social Security Number (SSN)
Use of 3rd Party Medical Center
3rd-party Company ESO Solutions, Inc.
Date December
Data Breached Full name Dates of birth Phone number Patient account/medical record number Injury type and date Diagnosis information Treatment type and date Procedure information Social Security Number (SSN)
Use of 3rd Party Medical Center
3rd-party Company ESO Solutions, Inc.
Date December
Data Breached Full name Dates of birth Phone number Patient account/medical record number Injury type and date Diagnosis information Treatment type and date Procedure information Social Security Number (SSN)
Use of 3rd Party Medical Center
3rd-party Company ESO Solutions, Inc.
Date December
Data Breached Full name Dates of birth Phone number Patient account/medical record number Injury type and date Diagnosis information Treatment type and date Procedure information Social Security Number (SSN)
Use of 3rd Party Medical Center
3rd-party Company ESO Solutions, Inc.
Date December
Data Breached Full name Dates of birth Phone number Patient account/medical record number Injury type and date Diagnosis information Treatment type and date Procedure information Social Security Number (SSN)
Use of 3rd Party Medical Center
3rd-party Company ESO Solutions, Inc.
Date December
Data Breached Full name Dates of birth Phone number Patient account/medical record number Injury type and date Diagnosis information Treatment type and date Procedure information Social Security Number (SSN)
Use of 3rd Party Medical Center
3rd-party Company ESO Solutions, Inc.
Date November
Data Breached Insurance and clinical information from medical transcription files and some Social Security numbers.
Use of 3rd Party Healthcare Company
3rd-party Company Perry Johnson & Associates, Inc., (PJ&A)
Date November
Company Taylor Rose
Data Breached Not disclosed for now
Use of 3rd Party Independent firm of solicitors
3rd-party Company CTS
Date November
Company Sutter Health
Data Breached names, dates of birth, health insurance information, provider names, treatment cost information, and diagnoses/treatment information.
Use of 3rd Party Healthcare center
3rd-party Company Virgin Pulse
Date November
Data Breached names, dates of birth, health insurance information, provider names, treatment cost information, and diagnoses/treatment information.
Use of 3rd Party Healthcare center
3rd-party Company Welltok, a Virgin Pulse company
Date November
Data Breached Not disclosed for now
Use of 3rd Party Law firm
3rd-party Company CTS
Date November
Company Setfords
Data Breached Not disclosed for now
Use of 3rd Party Law firm
3rd-party Company CTS
Date November
Company Talbots
Data Breached Not disclosed for now
Use of 3rd Party Fashion company
3rd-party Company CTS
Date November
Company Gateley
Data Breached Not disclosed for now
Use of 3rd Party Commercial law firm
3rd-party Company CTS
Date November
Company Dollar Tree
Data Breached Names, dates of birth, and Social Security numbers (SSNs).
Use of 3rd Party Discount store company
3rd-party Company Zeroed-In Technologies
Date November
Company Family Dollar
Data Breached Names, dates of birth, and Social Security numbers (SSNs).
Use of 3rd Party Discount store company
3rd-party Company Zeroed-In Technologies
Date November
Data Breached Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party Healthcare Center
3rd-party Company Welltok
Date November
Data Breached Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party Healthcare Center
3rd-party Company Welltok
Date November
Data Breached Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party Healthcare Center
3rd-party Company Welltok
Date November
Data Breached Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party Healthcare Center
3rd-party Company Welltok
Date November
Data Breached Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party Healthcare Center
3rd-party Company Welltok
Date November
Data Breached Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party Healthcare Center
3rd-party Company Welltok
Date November
Data Breached Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party Healthcare Center
3rd-party Company Welltok
Date November
Data Breached Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party Healthcare Center
3rd-party Company Welltok
Date November
Company Westat, Inc.
Data Breached Demographic, clinical, and financial information were present in the impacted files.
Use of 3rd Party Management services company
3rd-party Company Nuance Communications, Inc.
Date November
Data Breached Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party Healthcare Center
3rd-party Company Welltok
Date November
Data Breached Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party Healthcare Center
3rd-party Company Welltok
Date November
Company Sutter Health
Data Breached Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party Healthcare Center
3rd-party Company Welltok
Date November
Data Breached Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party Healthcare Center
3rd-party Company Welltok
Date November
Data Breached Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party Healthcare Center
3rd-party Company Welltok
Date November
Data Breached Full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
Use of 3rd Party Healthcare Center
3rd-party Company Welltok
Date November
Data Breached 1.5TB of documents leaked + 3 full backups of CRM for branches
Use of 3rd Party Government
3rd-party Company Sirva Worldwide, Inc.
Date November
Data Breached No financial data
Use of 3rd Party Appliance company
3rd-party Company Unknown
Date November
Data Breached Names, Social Security numbers, Dates of birth, Addresses, Medical record numbers, Hospital account numbers, Admission diagnoses, and Dates and times of service.
Use of 3rd Party Nonprofit integrated healthcare company
3rd-party Company Perry Johnson & Associates, Inc., (PJ&A)
Date November
Data Breached Not disclosed for now
Use of 3rd Party Physicians’ Service
3rd-party Company Medical Eye Services, Inc.
Date November
Company 1Password
Data Breached Employees’ full names, their social security numbers (SSNs), and Health or Medical Insurance plan numbers.
Use of 3rd Party Software company
3rd-party Company Okta
Date November
Company BeyondTrust
Data Breached Employees’ full names, their social security numbers (SSNs), and Health or Medical Insurance plan numbers.
Use of 3rd Party Identity management company
3rd-party Company Okta
Date November
Company Okta
Data Breached Not disclosed for now
Use of 3rd Party IT service management company
3rd-party Company Rightway Health
Date November
Company Cloudflare
Data Breached Employees’ full names, their social security numbers (SSNs), and Health or Medical Insurance plan numbers.
Use of 3rd Party IT service management company
3rd-party Company Okta
Date October
Data Breached Date of birth, address, medical record number, encounter number, medical information, dates/times of service, and, in some cases, Social Security number.
Use of 3rd Party Health company
3rd-party Company Perry Johnson & Associates, Inc., (PJ&A)
Date October
Data Breached Personal information
Use of 3rd Party Government department
3rd-party Company Ipswitch, Inc.
Date October
Company SA Health
Data Breached Health information (personal, medical and/or legal documents)
Use of 3rd Party Local health networks
3rd-party Company Personify Care
Date October
Data Breached PII
Use of 3rd Party Health Plan
3rd-party Company Maximus
Date October
Data Breached Date of birth, address, medical record number, encounter number, medical information, dates/times of service, and, in some cases, Social Security number.
Use of 3rd Party Medical Transcription Firm
3rd-party Company Nuance Communications
Date October
Company Super SA
Data Breached Pll
Use of 3rd Party State government office
3rd-party Company Former external service provider
Date October
Data Breached PII
Use of 3rd Party Health company
3rd-party Company unknown
Date October
Company Humana Inc.
Data Breached Names, addresses, dates of birth, Social Security numbers, and medical treatment information.
Use of 3rd Party Health insurance company
3rd-party Company PNC Bank
Date October
Data Breached Not disclosed for now
Use of 3rd Party Health services provider
3rd-party Company TransForm
Date October
Data Breached Not disclosed for now
Use of 3rd Party Health services provider
3rd-party Company TransForm
Date October
Data Breached Not disclosed for now
Use of 3rd Party Health services provider
3rd-party Company TransForm
Date October
Data Breached Not disclosed for now
Use of 3rd Party Health services provider
3rd-party Company TransForm
Date October
Data Breached Not disclosed for now
Use of 3rd Party Health services provider
3rd-party Company TransForm
Date October
Data Breached Consumers’ names, dates of birth, driver’s license numbers, state identification card numbers, addresses, Social Security numbers and protected health information.
Use of 3rd Party Corporate medical office
3rd-party Company Arietis Health
Date October
Data Breached Patient data, including names, driver’s license numbers, Social Security numbers, dates of birth, medical record numbers, patient account numbers, diagnosis and treatment information, health insurance information, and prescription and provider information.
Use of 3rd Party Medical billing service
3rd-party Company Ipswitch, Inc.
Date October
Company Sony
Data Breached Not disclosed for now
Use of 3rd Party Japanese multinational conglomerate corporation
3rd-party Company Ipswitch, Inc.
Date October
Company Flagstar Bank
Data Breached Names and Social Security Numbers (SSNs)
Use of 3rd Party Commercial banking company
3rd-party Company Fiserv
Date October
Company Fiserv
Data Breached Names and Social Security Numbers (SSNs)
Use of 3rd Party Financial services company
3rd-party Company Ipswitch, Inc.
Date September
Data Breached Employees’ first and last names, claimants first and last names, case numbers, employer CERT codes, provider name, provider city, claim number, date(s) of service, internal INEL codes, and amounts billed and paid.
Use of 3rd Party Endoscopy Center
3rd-party Company SightPath Medical
Date September
Data Breached Employees’ first and last names, claimants first and last names, case numbers, employer CERT codes, provider name, provider city, claim number, date(s) of service, internal INEL codes, and amounts billed and paid.
Use of 3rd Party Rural health system
3rd-party Company DMS Health Technologies
Date September
Data Breached Employees’ first and last names, claimants first and last names, case numbers, employer CERT codes, provider name, provider city, claim number, date(s) of service, internal INEL codes, and amounts billed and paid.
Use of 3rd Party Emergency Services
3rd-party Company Orrick, Herrington & Sutcliffe
Date September
Data Breached Not disclosed for now
Use of 3rd Party Government ministry
3rd-party Company IFX Networks Colombia
Date September
Data Breached Not disclosed for now
Use of 3rd Party Government ministry
3rd-party Company IFX Networks Colombia
Date September
Data Breached Not disclosed for now
Use of 3rd Party Government ministry
3rd-party Company IFX Networks Colombia
Date September
Company 890 Schools
Data Breached Names, dates of birth, contact information, Social Security numbers, student ID numbers, and some school-related records (e.g., enrollment records, degree records, and course-level data).
Use of 3rd Party School
3rd-party Company National Student Clearinghouse (NSC)
Date September
Company Amerita
Data Breached Not disclosed for now
Use of 3rd Party Complex pharmaceutical products and clinical services company
3rd-party Company PharMerica
Date September
Company BORN Ontario
Data Breached Full name, Home address, Postal code, Date of birth, Health card number, Dates of service/care, Lab test results, Pregnancy risk factors, Type of birth, Procedures, Pregnancy and birth outcomes
Use of 3rd Party Healthcare provider
3rd-party Company Ipswitch, Inc.
Date September
Company Airbus
Data Breached Names, addresses, phone numbers and emails
Use of 3rd Party Aerospace company
3rd-party Company Turkish Airlines
Date September
Company FTX
Data Breached Non-sensitive customer data
Use of 3rd Party Crypto company
3rd-party Company Kroll Inc.
Date September
Data Breached Non-sensitive customer data
Use of 3rd Party Financial markets organizations company
3rd-party Company Kroll Inc.
Date September
Company BlockFi
Data Breached Non-sensitive customer data
Use of 3rd Party Crypto company
3rd-party Company Kroll Inc.
Date September
Data Breached PII
Use of 3rd Party University
3rd-party Company Unknown
Date August
Data Breached Not disclosed for now
Use of 3rd Party Hhealth care services that support vital government programs
3rd-party Company Ipswitch, Inc.
Date August
Data Breached Not disclosed for now
Use of 3rd Party University
3rd-party Company Ipswitch, Inc.
Date August
Data Breached Not disclosed for now
Use of 3rd Party Media company
3rd-party Company Ipswitch, Inc.
Date August
Data Breached Not disclosed for now
Use of 3rd Party Health insurance company
3rd-party Company Ipswitch, Inc.
Date August
Data Breached Not disclosed for now
Use of 3rd Party Personalized insurance coverage company
3rd-party Company Ipswitch, Inc.
Date August
Data Breached Not disclosed for now
Use of 3rd Party Financial insurance products company
3rd-party Company Ipswitch, Inc.
Date August
Data Breached Not disclosed for now
Use of 3rd Party Third-party billing agency
3rd-party Company Ipswitch, Inc.
Date August
Data Breached Not disclosed for now
Use of 3rd Party Medical school
3rd-party Company Ipswitch, Inc.
Date August
Data Breached Not disclosed for now
Use of 3rd Party Operational and financial objectives company
3rd-party Company Ipswitch, Inc.
Date August
Data Breached Names, demographic information, names of relatives, dates of service, medical facility information, practition
Use of 3rd Party Computer software company
3rd-party Company Ipswitch, Inc.
Date August
Data Breached IUD numbers, birth dates, addresses and other contact information, demographic/income information, health insurance information and clinical and medical information, including diagnoses, conditions, lab results, medications, and other treatment information
Use of 3rd Party Healthcare company
3rd-party Company IBM
Date August
Data Breached Personal information including Social Security numbers.
Use of 3rd Party Electric services company
3rd-party Company CLEAResult
Date August
Data Breached IUD numbers, birth dates, addresses and other contact information, demographic/income information, health insurance information and clinical and medical information, including diagnoses, conditions, lab results, medications, and other treatment information
Use of 3rd Party Healthcare company
3rd-party Company IBM
Date August
Company Zillow
Data Breached Not disclosed for now
Use of 3rd Party San Francisco MLS entities
3rd-party Company Rapattoni Corporation
Date August
Data Breached Not disclosed for now
Use of 3rd Party San Francisco MLS entities
3rd-party Company Rapattoni Corporation
Date August
Data Breached Names, contact information, dates of birth, health insurance data, and medical information
Use of 3rd Party Healthcare company
3rd-party Company IBM
Date August
Data Breached Not disclosed for now
Use of 3rd Party Real Estate
3rd-party Company Rapattoni Corporation
Date August
Company Cincy MLS
Data Breached Not disclosed for now
Use of 3rd Party Real Estate company
3rd-party Company Rapattoni Corporation
Date August
Data Breached Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party Government department
3rd-party Company IBM
Date August
Data Breached Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party Social Services Company
3rd-party Company IBM
Date August
Company IBM
Data Breached Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party International Business Machines Corporation
3rd-party Company Ipswitch, Inc.
Date August
Data Breached Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party Healthcare company
3rd-party Company Ipswitch, Inc.
Date August
Company MAXIMUS
Data Breached Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party Healthcare company
3rd-party Company Ipswitch, Inc.
Date August
Data Breached Identity, communication, customer transactions, visual and audio records
Use of 3rd Party Sportive Products Company
3rd-party Company Vodatech IT
Date August
Data Breached Not disclosed for now
Use of 3rd Party
3rd-party Company Vodatech IT
Date August
Data Breached Not disclosed for now
Use of 3rd Party Car dealer
3rd-party Company Vodatech IT
Date August
Data Breached Identity, communication, customer transactions, visual and audio records
Use of 3rd Party Technology company
3rd-party Company Vodatech IT
Date August
Data Breached Identity, communication, customer transactions, visual and audio records
Use of 3rd Party Sportswear company
3rd-party Company Vodatech IT
Date August
Data Breached Identity, communication, customer transactions, visual and audio records
Use of 3rd Party Clothing company
3rd-party Company Vodatech IT
Date August
Data Breached Identity, communication, customer transactions, visual and audio records
Use of 3rd Party Rental Trade company
3rd-party Company Vodatech IT
Date August
Data Breached Identity, communication, customer transactions, visual and audio records
Use of 3rd Party Garment Marketing Company
3rd-party Company Vodatech IT
Date August
Data Breached Identity, communication, customer transactions, visual and audio records
Use of 3rd Party Retirement Company
3rd-party Company Vodatech IT
Date August
Company UPS Cargo
Data Breached Identity, communication, customer transactions, visual and audio records
Use of 3rd Party Transportation of containerized and palletized cargo company
3rd-party Company Vodatech IT
Date August
Data Breached Identity, communication, customer transactions, visual and audio records
Use of 3rd Party Insurance company
3rd-party Company Vodatech IT
Date July
Data Breached Name, U.S. Social Security Number, date of birth, home mailing address, Serco and/or personal e-mail address, and selected health benefits
Use of 3rd Party Escrow service
3rd-party Company CashCall Inc.
Date July
Data Breached Name, U.S. Social Security Number, date of birth, home mailing address, Serco and/or personal e-mail address, and selected health benefits
Use of 3rd Party Financial institution
3rd-party Company CashCall Inc.
Date July
Data Breached Name, U.S. Social Security Number, date of birth, home mailing address, Serco and/or personal e-mail address, and selected health benefits
Use of 3rd Party Financial flexibility company
3rd-party Company CashCall Inc.
Date July
Data Breached Names, addresses, Social Security numbers, dates of birth, health insurance information, and protected health information
Use of 3rd Party Health Insurance
3rd-party Company Cognizant Technology Solutions Corporation
Date July
Data Breached Names, dates of birth, addresses, Social Security numbers, driver’s license numbers, and clinical information, such as provider names, dates of service, and/or diagnoses
Use of 3rd Party Medical center
3rd-party Company Delaware Health Network
Date July
Data Breached Name, U.S. Social Security Number, date of birth, home mailing address, Serco and/or personal e-mail address, and selected health benefits
Use of 3rd Party Farm
3rd-party Company CashCall Inc.
Date July
Data Breached Name, U.S. Social Security Number, date of birth, home mailing address, Serco and/or personal e-mail address, and selected health benefits
Use of 3rd Party Corporate deliver solutions firm
3rd-party Company CashCall Inc.
Date July
Company Serco Group
Data Breached Name, U.S. Social Security Number, date of birth, home mailing address, Serco and/or personal e-mail address, and selected health benefits
Use of 3rd Party Management consulting company
3rd-party Company CBIZ, Inc.
Date July
Company CBIZ, Inc.
Data Breached Name, U.S. Social Security Number, date of birth, home mailing address, Serco and/or personal e-mail address, and selected health benefits
Use of 3rd Party Software company
3rd-party Company Ipswitch, Inc.
Date July
Data Breached Social ID Number, name, surname, e-mail and phone number
Use of 3rd Party Company
3rd-party Company Mivento IT Services
Date July
Data Breached Social ID Number, name, surname, e-mail and phone number
Use of 3rd Party Company
3rd-party Company Mivento IT Services
Date July
Data Breached Social ID Number, name, surname, e-mail and phone number
Use of 3rd Party Manufacturing Company
3rd-party Company Mivento IT Services
Date July
Data Breached Social ID Number, name, surname, e-mail and phone number
Use of 3rd Party installation systems
3rd-party Company Mivento IT Services
Date July
Data Breached Social ID Number, name, surname, e-mail and phone number
Use of 3rd Party One of the longest-standing companies of Anadolu Group
3rd-party Company Mivento IT Services
Date July
Data Breached Social ID Number, name, surname, e-mail and phone number
Use of 3rd Party Isuzu dealer
3rd-party Company Mivento IT Services
Date July
Data Breached Social ID Number, name, surname, e-mail and phone number
Use of 3rd Party Mobile telecommunication company
3rd-party Company Mivento IT Services
Date July
Company Vestel
Data Breached Social ID Number, name, surname, e-mail and phone number
Use of 3rd Party Company
3rd-party Company Mivento IT Services
Date June
Data Breached Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party Health Insurance
3rd-party Company Ipswitch, Inc.
Date June
Data Breached Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party Insurance company
3rd-party Company Ipswitch, Inc.
Date July
Company Postbank
Data Breached PII
Use of 3rd Party Deutsche Post’s financial institution
3rd-party Company Majorel
Date June
Data Breached Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party Hospital District
3rd-party Company Ipswitch, Inc.
Date July
Company ING
Data Breached PII
Use of 3rd Party Financial services corporation
3rd-party Company Majorel
Date June
Company Pôle emploi
Data Breached Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party Government agency
3rd-party Company Ipswitch, Inc.
Date June
Data Breached Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party Insurance company
3rd-party Company Ipswitch, Inc.
Date June
Data Breached Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party Medical center
3rd-party Company Ipswitch, Inc.
Date July
Company Comdirect
Data Breached PII
Use of 3rd Party Private banking company
3rd-party Company Majorel
Date July
Company Deutsche Bank
Data Breached PII
Use of 3rd Party Investment banking company
3rd-party Company Majorel
Date June
Company Majorel
Data Breached Not disclosed for now
Use of 3rd Party Call center
3rd-party Company Ipswitch, Inc.
Date June
Company TJ Maxx
Data Breached Protected health and personal information could include first and last names, Social Security numbers, dates of birth, home addresses, medical conditions and diagnoses, and disability codes.
Use of 3rd Party Department store chain
3rd-party Company Ipswitch, Inc.
Date June
Data Breached Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party Healthcare company
3rd-party Company Ipswitch, Inc.
Date June
Data Breached Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party Healthcare company
3rd-party Company Ipswitch, Inc.
Date June
Company Shutterfly
Data Breached Protected health and personal information could include first and last names, Social Security numbers, dates of birth, home addresses, medical conditions and diagnoses, and disability codes.
Use of 3rd Party Company
3rd-party Company Ipswitch, Inc.
Date June
Data Breached Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party County
3rd-party Company Ipswitch, Inc.
Date June
Data Breached Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party Healthcare company
3rd-party Company Ipswitch, Inc.
Date June
Data Breached Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party Healthcare company
3rd-party Company Ipswitch, Inc.
Date June
Data Breached Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party Adult day care center
3rd-party Company Ipswitch, Inc.
Date June
Company Alogent
Data Breached Name, department client number (DCN), date of birth, possible benefit eligibility status or coverage, and medical claims information
Use of 3rd Party Document imaging company
3rd-party Company Ipswitch, Inc.
Date June
Data Breached Protected health and personal information could include first and last names, Social Security numbers, dates of birth, home addresses, medical conditions and diagnoses, and disability codes.
Use of 3rd Party County government
3rd-party Company Ipswitch, Inc.
Date June
Company TomTom
Data Breached Protected health and personal information could include first and last names, Social Security numbers, dates of birth, home addresses, medical conditions and diagnoses, and disability codes.
Use of 3rd Party Technology company
3rd-party Company Ipswitch, Inc.
Date June
Data Breached Protected health and personal information could include first and last names, Social Security numbers, dates of birth, home addresses, medical conditions and diagnoses, and disability codes.
Use of 3rd Party Land-grant university
3rd-party Company Ipswitch, Inc.
Date June
Data Breached Not disclosed for now
Use of 3rd Party Airport
3rd-party Company Aon
Date June
Data Breached Protected health and personal information could include first and last names, Social Security numbers, dates of birth, home addresses, medical conditions and diagnoses, and disability codes.
Use of 3rd Party Largest independent banks in Texas
3rd-party Company Ipswitch, Inc.
Date June
Company Aon
Data Breached Not disclosed for now
Use of 3rd Party Management consulting company
3rd-party Company Ipswitch, Inc.
Date June
Data Breached Protected health and personal information could include first and last names, Social Security numbers, dates of birth, home addresses, medical conditions and diagnoses, and disability codes.
Use of 3rd Party Company
3rd-party Company Ipswitch, Inc.
Date June
Data Breached Name, Social Security number and other personal information.
Use of 3rd Party Government agency
3rd-party Company PBI Research Services (PBI)
Date June
Data Breached Name, Social Security number and other personal information.
Use of 3rd Party Insurance company
3rd-party Company PBI Research Services (PBI)
Date June
Data Breached Name, Social Security number and other personal information.
Use of 3rd Party Life insurance company
3rd-party Company PBI Research Services (PBI)
Date June
Data Breached Full name, Date of birth, Social security number, Zip code, State of residence, Policy number Agent ID (for agents)
Use of 3rd Party Information services
3rd-party Company Ipswitch, Inc.
Date June
Data Breached Full name, Date of birth, Social security number, Zip code, State of residence, Policy number Agent ID (for agents)
Use of 3rd Party Local department of social services
3rd-party Company Ipswitch, Inc.
Date June
Data Breached Full name, Date of birth, Social security number, Zip code, State of residence, Policy number Agent ID (for agents)
Use of 3rd Party Government agency
3rd-party Company Ipswitch, Inc.
Date June
Data Breached Full name, Date of birth, Social security number, Zip code, State of residence, Policy number Agent ID (for agents)
Use of 3rd Party Federal agency
3rd-party Company Ipswitch, Inc.
Date June
Data Breached Full name, Date of birth, Social security number, Zip code, State of residence, Policy number Agent ID (for agents)
Use of 3rd Party Government department
3rd-party Company Ipswitch, Inc.
Date June
Data Breached Full name, Date of birth, Social security number, Zip code, State of residence, Policy number Agent ID (for agents)
Use of 3rd Party Government department
3rd-party Company Ipswitch, Inc.
Date June
Data Breached Full name, Date of birth, Social security number, Zip code, State of residence, Policy number Agent ID (for agents)
Use of 3rd Party Police department
3rd-party Company Ipswitch, Inc.
Date June
Company CoxHealth
Data Breached Names, addresses, medical billing and insurance information, certain medical information and demographic information such as date of birth and Social Security numbers, UPMC said in a statement.
Use of 3rd Party Not-for-profit health system
3rd-party Company Intellihartx LLC
Date June
Data Breached Names, addresses, medical billing and insurance information, certain medical information and demographic information such as date of birth and Social Security numbers, UPMC said in a statement.
Use of 3rd Party International health care leader
3rd-party Company Intellihartx LLC
Date June
Data Breached Name, address, medical billing and insurance information, certain medical information such as diagnoses and medication, and demographic information such as date of birth and Social Security number.
Use of 3rd Party Call center
3rd-party Company GoAnywhere MFT
Date June
Data Breached Physical address, Social Security number, account number and account status
Use of 3rd Party Premier auto finance company
3rd-party Company NCB Management Services, Inc.
Date June
Data Breached Physical address, Social Security number, account number and account status
Use of 3rd Party Retail banking company
3rd-party Company NCB Management Services, Inc.
Date June
Data Breached Physical address, Social Security number, account number and account status
Use of 3rd Party Investment bank
3rd-party Company NCB Management Services, Inc.
Date June
Company Capital One
Data Breached Physical address, Social Security number, account number and account status
Use of 3rd Party Bank holding company
3rd-party Company NCB Management Services, Inc.
Date June
Data Breached Social Security Numbers and employee ID numbers (not necessarily for all impacted individuals; for example, approximately 9,000 Social Security Numbers were included)
Use of 3rd Party Government department
3rd-party Company Ipswitch, Inc.
Date June
Data Breached Name and Social Security number, driver’s license number, passport number, date of birth, Airman Certificate number, and other government-issued identification number(s)
Use of 3rd Party World’s largest low-cost carrier.
3rd-party Company Pilot Credentials
Date June
Data Breached Name and Social Security number, driver’s license number, passport number, date of birth, Airman Certificate number, and other government-issued identification number(s)
Use of 3rd Party Major US-based airline headquartered
3rd-party Company Pilot Credentials
Date June
Data Breached Not disclosed for now
Use of 3rd Party Government agency
3rd-party Company HWL Ebsworth Lawyers
Date June
Data Breached Names, Address, Social Security Number, Birth date, Height, Eye Color, Driver’s License Number, Vehicle Registration Information, Handicap Placard Information
Use of 3rd Party Department of motor vehicles
3rd-party Company Ipswitch, Inc.
Date June
Data Breached Names, Address, Social Security Number, Birth date, Height, Eye Color, Driver’s License Number, Vehicle Registration Information, Handicap Placard Information
Use of 3rd Party Accessible information and services to OMV needs company.
3rd-party Company Ipswitch, Inc.
Date June
Company DHL
Data Breached Not disclosed for now
Use of 3rd Party Logistics company providing courier, package delivery and express mail services
3rd-party Company Ipswitch, Inc.
Date June
Data Breached Not disclosed for now
Use of 3rd Party Transport for London is a local government body responsible for most of the transport network
3rd-party Company Ipswitch, Inc.
Date June
Data Breached Not disclosed for now
Use of 3rd Party Certified public accountant
3rd-party Company Ipswitch, Inc.
Date June
Data Breached Not disclosed for now
Use of 3rd Party Advice Services
3rd-party Company Ipswitch, Inc.
Date June
Data Breached Not disclosed for now
Use of 3rd Party American networking company
3rd-party Company Ipswitch, Inc.
Date June
Data Breached Not disclosed for now
Use of 3rd Party State
3rd-party Company Ipswitch, Inc.
Date June
Data Breached Not disclosed for now
Use of 3rd Party Education Department
3rd-party Company Ipswitch, Inc.
Date June
Data Breached Not disclosed for now
Use of 3rd Party University
3rd-party Company Ipswitch, Inc.
Date June
Data Breached Not disclosed for now
Use of 3rd Party Thirteen provinces and territories
3rd-party Company Ipswitch, Inc.
Date June
Company Boots
Data Breached Not disclosed for now
Use of 3rd Party UK Limited, trading as Boots
3rd-party Company Ipswitch, Inc.
Date June
Company Aer Lingus
Data Breached Not disclosed for now
Use of 3rd Party Flag carrier
3rd-party Company Ipswitch, Inc.
Date June
Data Breached Not disclosed for now
Use of 3rd Party Flag carrier
3rd-party Company Ipswitch, Inc.
Date June
Company BBC
Data Breached Not disclosed for now
Use of 3rd Party Broadcasting company
3rd-party Company Ipswitch, Inc.
Date June
Company Ofcom
Data Breached Not disclosed for now
Use of 3rd Party Government office
3rd-party Company Ipswitch, Inc.
Date May
Data Breached Names, addresses, and Social Security numbers.
Use of 3rd Party Health company
3rd-party Company NationsBenefits Holding, LLC
Date May
Data Breached Names, addresses, and Social Security numbers.
Use of 3rd Party Academic medical center
3rd-party Company Credit Control Corporation
Date May
Data Breached Names, addresses, and Social Security numbers.
Use of 3rd Party Regional healthcare system
3rd-party Company Credit Control Corporation
Date May
Data Breached Names, addresses, and Social Security numbers.
Use of 3rd Party Hospital
3rd-party Company Credit Control Corporation
Date May
Data Breached Names, addresses, and Social Security numbers.
Use of 3rd Party Medical clinic
3rd-party Company Credit Control Corporation
Date May
Data Breached Names, addresses, and Social Security numbers.
Use of 3rd Party Integrated, not-for-profit health network serving
3rd-party Company Credit Control Corporation
Date May
Data Breached Names, addresses, and Social Security numbers.
Use of 3rd Party Integrated, not-for-profit health network serving
3rd-party Company Credit Control Corporation
Date May
Data Breached Names, addresses, and Social Security numbers.
Use of 3rd Party Dermatology Services
3rd-party Company Credit Control Corporation
Date May
Data Breached Names, addresses, and Social Security numbers.
Use of 3rd Party Radiology Center
3rd-party Company Credit Control Corporation
Date May
Data Breached Names, addresses, and Social Security numbers.
Use of 3rd Party Award-winning, non-profit healthcare system
3rd-party Company Credit Control Corporation
Date May
Data Breached Names, addresses, and Social Security numbers.
Use of 3rd Party Medical group
3rd-party Company Credit Control Corporation
Date May
Data Breached Names, addresses, and Social Security numbers.
Use of 3rd Party Medical laboratory
3rd-party Company Credit Control Corporation
Date May
Data Breached Names, addresses, and Social Security numbers.
Use of 3rd Party Multispecialty pediatric physician practice
3rd-party Company Credit Control Corporation
Date May
Data Breached Names, addresses, and Social Security numbers.
Use of 3rd Party Free-standing children’s hospital
3rd-party Company Credit Control Corporation
Date May
Data Breached Names, addresses, and Social Security numbers.
Use of 3rd Party Medical services
3rd-party Company Credit Control Corporation
Date May
Data Breached Names, addresses, and Social Security numbers.
Use of 3rd Party Radiology services
3rd-party Company Credit Control Corporation
Date May
Data Breached Names, addresses, and Social Security numbers.
Use of 3rd Party Medical services
3rd-party Company Credit Control Corporation
Date May
Data Breached Names, addresses, and Social Security numbers.
Use of 3rd Party Orthopedic services
3rd-party Company Credit Control Corporation
Date May
Company Discord
Data Breached User email addresses, contents of customer service messages, and attachments
Use of 3rd Party VoIP and instant messaging social platform.
3rd-party Company Zendesk
Date May
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Liberal arts college
3rd-party Company Brightline Health
Date May
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Bank
3rd-party Company Brightline Health
Date May
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party University
3rd-party Company Brightline Health
Date May
Company VERTEX
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Biotech company
3rd-party Company Brightline Health
Date May
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party University
3rd-party Company Brightline Health
Date May
Company Undead Labs
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Video game developer
3rd-party Company Brightline Health
Date May
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party University
3rd-party Company Brightline Health
Date May
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Non-profit organization
3rd-party Company Brightline Health
Date May
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Insurance Company
3rd-party Company Brightline Health
Date May
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Bank
3rd-party Company Brightline Health
Date May
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Landmark
3rd-party Company Brightline Health
Date May
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Independent non-profit health system
3rd-party Company Brightline Health
Date May
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Engineering consultant
3rd-party Company Brightline Health
Date May
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Association
3rd-party Company Brightline Health
Date May
Company Seagen Inc.
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Biotechnology company
3rd-party Company Brightline Health
Date May
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Transportation service
3rd-party Company Brightline Health
Date May
Company Pyrotek Inc
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Consulting services
3rd-party Company Brightline Health
Date May
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Civil engineering company
3rd-party Company Brightline Health
Date May
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Manufacturing company
3rd-party Company Brightline Health
Date May
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party General contractor
3rd-party Company Brightline Health
Date May
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Computer game developer
3rd-party Company Brightline Health
Date May
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party City
3rd-party Company Brightline Health
Date May
Company MIIA
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Internet Service Providers
3rd-party Company Brightline Health
Date May
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Lumber store
3rd-party Company Brightline Health
Date May
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Mechanical contractor
3rd-party Company Brightline Health
Date May
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Food products supplier
3rd-party Company Brightline Health
Date May
Company KPMG LLP
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party International Limited is a multinational professional services network
3rd-party Company Brightline Health
Date May
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party School district
3rd-party Company Brightline Health
Date May
Company Keller Supply
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Plumbing supply store
3rd-party Company Brightline Health
Date May
Company IUOE
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Trade union
3rd-party Company Brightline Health
Date May
Company Insitu, Inc.
Data Breached Names, addresses, dates of birth, member identification numbers, date of health plan coverage, and/or employer names.
Use of 3rd Party Company that designs, develops and manufactures unmanned aerial systems.
3rd-party Company Brightline Health
Date May
Company Intel
Data Breached Source code
Use of 3rd Party Semiconductor corporation
3rd-party Company Micro Star International (MSI)
Date May
Data Breached Sensitive personal identifiable information
Use of 3rd Party Commercial products
3rd-party Company Razor Consulting Solutions
Date May
Data Breached Name, address, claim number, dates of service, the last four digits of their Medicare Beneficiary number, and service/procedure descriptions with billing codes.
Use of 3rd Party Federal agency
3rd-party Company Palmetto GBA
Date May
Data Breached Names, addresses, telephone numbers, email addresses, dates of birth and national insurance numbers.
Use of 3rd Party Government district
3rd-party Company Evide Impact Limited
Date May
Company Coles
Data Breached Employee details
Use of 3rd Party Supermarket company
3rd-party Company Latitude Financial Services
Date May
Data Breached Name, gender, date of birth, marital status and mother tongue; home addresses, phone numbers, and email addresses; OHIP numbers; insurance policy numbers; health care providers; patient ID numbers; patient visit ID numbers; scheduled surgical dates; past medical history and procedure description.
Use of 3rd Party Hospital
3rd-party Company Aetonix Systems Inc.
Date May
Data Breached Name, address, loan number, and bank account information.
Use of 3rd Party Home lending
3rd-party Company Unknown
Date May
Data Breached Name, address, loan number, and bank account information.
Use of 3rd Party Home lending
3rd-party Company Unknown
Date May
Data Breached Names, contact information, member IDs, dates of birth and coverage information.
Use of 3rd Party University
3rd-party Company Brightline Health
Date May
Data Breached Names, contact information, member IDs, dates of birth and coverage information.
Use of 3rd Party HealthCare Alliance
3rd-party Company Brightline Health
Date May
Data Breached Names, contact information, member IDs, dates of birth and coverage information.
Use of 3rd Party Children’s Health
3rd-party Company Brightline Health
Date May
Data Breached Names, contact information, member IDs, dates of birth and coverage information.
Use of 3rd Party Hospital
3rd-party Company Brightline Health
Date May
Data Breached Sensitive information.
Use of 3rd Party Consultant
3rd-party Company Rackspace Cloud
Date May
Data Breached Names, addresses, dates of birth, Social Security numbers, insurance information, medical diagnosis and medications.
Use of 3rd Party Medical
3rd-party Company Community Health Systems
Date May
Data Breached Names, addresses, dates of birth, Social Security numbers, insurance information, medical diagnosis and medications.
Use of 3rd Party Medical center
3rd-party Company Community Health Systems
Date May
Data Breached Names, addresses, dates of birth, Social Security numbers, insurance information, medical diagnosis and medications.
Use of 3rd Party Medical center
3rd-party Company Community Health Systems
Date May
Data Breached Names, addresses, dates of birth, Social Security numbers, insurance information, medical diagnosis and medications.
Use of 3rd Party Medical
3rd-party Company Community Health Systems
Date May
Data Breached Names, addresses, dates of birth, Social Security numbers, insurance information, medical diagnosis and medications.
Use of 3rd Party Medical center
3rd-party Company Community Health Systems
Date May
Data Breached Names, addresses, dates of birth, Social Security numbers, insurance information, medical diagnosis and medications.
Use of 3rd Party Medical center
3rd-party Company Community Health Systems
Date May
Company Webster Bank
Data Breached Names, Social Security numbers and financial account information.
Use of 3rd Party Commercial banking company
3rd-party Company Guardian Analytics, Inc.
Date May
Company Iowa Medicaid
Data Breached Names, addresses, diagnoses and treatment information, insurance carrier information, and insurance subscriber identification numbers.
Use of 3rd Party Health and Human Services
3rd-party Company Telligen, Inc.
Date April
Data Breached Names, demographic information, health insurance numbers, Social Security numbers, dates of service, phone numbers, and provider names.
Use of 3rd Party Health insurance agency
3rd-party Company GoAnywhere MFT
Date April
Data Breached First and last name, address, phone number, date of birth, gender, health plan subscriber ID number, Social Security number, and/or Medicare number.
Use of 3rd Party Supplemental benefits company
3rd-party Company GoAnywhere MFT
Date April
Data Breached Consumers’ names, addresses, member IDs, dates of birth, phone numbers, employers’ names and group ID numbers, and coverage start/end dates. After confirming that consumer data
Use of 3rd Party Technology-enabled behavioral health home
3rd-party Company GoAnywhere MFT
Date April
Data Breached Not disclosed for now
Use of 3rd Party Aircraft supply store
3rd-party Company 100X, Inc
Date April
Data Breached Not disclosed for now
Use of 3rd Party Low-cost insurance coverage for children and teens
3rd-party Company Independent Living Systems
Date April
Data Breached Not disclosed for now
Use of 3rd Party Aviation consultant
3rd-party Company 100X, Inc
Date April
Data Breached Not disclosed for now
Use of 3rd Party Transportation service
3rd-party Company 100X, Inc
Date April
Data Breached Not disclosed for now
Use of 3rd Party Composite and metal repairs services company
3rd-party Company 100X, Inc
Date April
Data Breached Not disclosed for now
Use of 3rd Party Aircraft supply store
3rd-party Company 100X, Inc
Date April
Data Breached Not disclosed for now
Use of 3rd Party Aircraft maintenance company
3rd-party Company 100X, Inc
Date April
Data Breached Not disclosed for now
Use of 3rd Party Financial planner
3rd-party Company 100X, Inc
Date April
Data Breached Not disclosed for now
Use of 3rd Party Florida Limited Liability company
3rd-party Company 100X, Inc
Date April
Data Breached Not disclosed for now
Use of 3rd Party Aviation engineering company
3rd-party Company 100X, Inc
Date April
Data Breached Not disclosed for now
Use of 3rd Party Aircraft supply store
3rd-party Company 100X, Inc
Date April
Data Breached Not disclosed for now
Use of 3rd Party Eye care center
3rd-party Company 100X, Inc
Date April
Data Breached Not disclosed for now
Use of 3rd Party Aviation asset trading company
3rd-party Company 100X, Inc
Date April
Data Breached Not disclosed for now
Use of 3rd Party Commercial company
3rd-party Company 100X, Inc
Date April
Data Breached Not disclosed for now
Use of 3rd Party Airlines and Aviation company
3rd-party Company 100X, Inc
Date March
Data Breached Former employees data
Use of 3rd Party Software vendor
3rd-party Company GoAnywhere MFT
Date March
Data Breached Former employees data
Use of 3rd Party Software vendor
3rd-party Company GoAnywhere MFT
Date March
Data Breached Former employees data
Use of 3rd Party Software vendor
3rd-party Company GoAnywhere MFT
Date March
Company Virgin Group
Data Breached Former employees data
Use of 3rd Party Software vendor
3rd-party Company GoAnywhere MFT
Date March
Data Breached Former employees data
Use of 3rd Party Software vendor
3rd-party Company GoAnywhere MFT
Date March
Data Breached Former employees data
Use of 3rd Party Software vendor
3rd-party Company GoAnywhere MFT
Date March
Data Breached Customer data
Use of 3rd Party Software vendor
3rd-party Company Nebu BV
Date March
Data Breached Customer data
Use of 3rd Party Software vendor
3rd-party Company Nebu BV
Date March
Data Breached Customer data
Use of 3rd Party Software vendor
3rd-party Company Nebu BV
Date March
Data Breached Customer data
Use of 3rd Party Software vendor
3rd-party Company Nebu BV
Date March
Data Breached Customer data
Use of 3rd Party Software vendor
3rd-party Company Nebu BV
Date March
Data Breached Customer data
Use of 3rd Party Software vendor
3rd-party Company Nebu BV
Date March
Data Breached Customer data
Use of 3rd Party Software vendor
3rd-party Company Nebu BV
Date March
Company Heineken
Data Breached Customer data
Use of 3rd Party Software vendor
3rd-party Company Nebu BV
Date March
Company VodafoneZiggo
Data Breached Customer data
Use of 3rd Party Software vendor
3rd-party Company Nebu BV
Date March
Data Breached Students’ credit and debit card information
Use of 3rd Party Software vendor
3rd-party Company AudienceView
Date March
Company Uber
Data Breached Private driver data
Use of 3rd Party Mid-size law firm
3rd-party Company Genova Burns
Date March
Company Hatch Bank
Data Breached Sensitive data
Use of 3rd Party Software vendor
3rd-party Company GoAnywhere MFT
Date March
Company Rubrik
Data Breached Sensitive data
Use of 3rd Party Software vendor
3rd-party Company GoAnywhere MFT
Date March
Data Breached Sensitive data
Use of 3rd Party Software vendor
3rd-party Company GoAnywhere MFT
Date March
Data Breached Sensitive data
Use of 3rd Party Software vendor
3rd-party Company GoAnywhere MFT
Date March
Data Breached Sensitive data
Use of 3rd Party Software vendor
3rd-party Company GoAnywhere MFT
Date March
Data Breached Names and email addresses
Use of 3rd Party Email marketing vendor
3rd-party Company Unknown
Date March
Company SpaceX
Data Breached 3,000 drawings
Use of 3rd Party Laser cutting service
3rd-party Company Maximum Industries
Date March
Company AT&T
Data Breached Wireless accounts was exposed
Use of 3rd Party Telecommunications company
3rd-party Company Unknown
Date February
Data Breached Customer data was not compromised
Use of 3rd Party Software vendor
3rd-party Company GoAnywhere MFT
Date February
Company Boost Mobile
Data Breached Employees, customers, business, operations or financial information
Use of 3rd Party Satellite television company
3rd-party Company DISH Network Corporation
Date February
Company Sling TV
Data Breached Employees, customers, business, operations or financial information
Use of 3rd Party Satellite television company
3rd-party Company DISH Network Corporation
Date February
Data Breached Names, email addresses, phone numbers, protected health information and insurance information
Use of 3rd Party Media vendor
3rd-party Company Rise Interactive
Date February
Data Breached Names, email addresses, phone numbers, protected health information and insurance information
Use of 3rd Party Media vendor
3rd-party Company Rise Interactive
Date February
Data Breached Patient names, internal Sharp identification numbers and/or invoice numbers, payment amounts, and the names of the Sharp facilities receiving the payments.
Use of 3rd Party Regional health care group
3rd-party Company Unknown
Date February
Company Atlassian
Data Breached Email addresses, phone numbers, names
Use of 3rd Party Office functions vendor
3rd-party Company Envoy
Date February
Data Breached Personal and health information
Use of 3rd Party Software vendor
3rd-party Company GoAnywhere
Date January
Data Breached Names, Social Security numbers, financial account information, dates of birth, and protected health information
Use of 3rd Party Software vendor
3rd-party Company Diligent Corporation
Date January
Data Breached Name, URL, address, and email address
Use of 3rd Party Email marketing vendor
3rd-party Company MailChimp
Date January
Company Yuga Labs
Data Breached Name, URL, address, and email address
Use of 3rd Party Email marketing vendor
3rd-party Company MailChimp
Date January
Company WooCommerce
Data Breached Name, URL, address, and email address
Use of 3rd Party Email marketing vendor
3rd-party Company MailChimp
Date January
Company FanDuels
Data Breached Email addresses and names of customers, or potential customers, that are used to send marketing emails
Use of 3rd Party Email marketing vendor
3rd-party Company MailChimp
Date January
Data Breached Full names, dates of birth, and NMAC account numbers
Use of 3rd Party Automotive industry company
3rd-party Company Unknown
Date January
Company Datadog
Data Breached Signing keys and its passphrase
Use of 3rd Party Software vendor
3rd-party Company CircleCI
Date January
Company KLM
Data Breached Names, email addresses, phone numbers, latest transactions, and Flying Blue information
Use of 3rd Party Loyalty program
3rd-party Company Flying Blue
Date January
Company Air France
Data Breached Names, email addresses, phone numbers, latest transactions, and Flying Blue information
Use of 3rd Party Loyalty program
3rd-party Company Flying Blue

2022 Data leaks

Data Leaks for 2022
Date
Company
Data Breached
Use of 3rd Party
3rd-party Company
Date July
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Retirement community
3rd-party Company Infinity Rehab
Date July
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Rehabilitation center
3rd-party Company Infinity Rehab
Date July
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Apartment building
3rd-party Company Infinity Rehab
Date July
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Doctor in Newcastle
3rd-party Company Infinity Rehab
Date July
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Nursing home
3rd-party Company Infinity Rehab
Date July
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Nursing home
3rd-party Company Infinity Rehab
Date July
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Rehabilitation center
3rd-party Company Infinity Rehab
Date July
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Adult day care center
3rd-party Company Infinity Rehab
Date July
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Able Palms Home Health
3rd-party Company Infinity Rehab
Date July
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Nursing home
3rd-party Company Infinity Rehab
Date July
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Nursing home
3rd-party Company Infinity Rehab
Date July
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Rehabilitation center
3rd-party Company Infinity Rehab
Date July
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Retirement community
3rd-party Company Infinity Rehab
Date July
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Physical therapist
3rd-party Company Infinity Rehab
Date July
Company Someren Glen
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Retirement home
3rd-party Company Infinity Rehab
Date July
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Retirement community
3rd-party Company Infinity Rehab
Date July
Company Clermont Park
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Rehabilitation center
3rd-party Company Infinity Rehab
Date July
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Nursing home
3rd-party Company Infinity Rehab
Date July
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Nursing home
3rd-party Company Infinity Rehab
Date July
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Nursing home
3rd-party Company Infinity Rehab
Date July
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Nursing home
3rd-party Company Infinity Rehab
Date July
Data Breached Full names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Rehabilitation center
3rd-party Company Infinity Rehab
Date October
Data Breached Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare IDs, and health information such as treatment and diagnosis information
Use of 3rd Party Healthcare practice
3rd-party Company Not disclosed
Date September
Data Breached Names, Social Security numbers, addresses, dates of birth, phone numbers, email addresses, Medicare ID numbers, Medicaid ID numbers and health plan carrier names.
Use of 3rd Party Health insurance company
3rd-party Company Alight.com (Choice Health prev)
Date September
Company Humana
Data Breached Customers’ first and last names, Social Security numbers, Medicare beneficiary identification numbers, dates of birth, addresses, contact information and health insurance information
Use of 3rd Party Health insurance company
3rd-party Company Alight.com (Choice Health prev)
Date August
Data Breached Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party Medical clinic
3rd-party Company Not disclosed
Date August
Data Breached Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party Medical clinic
3rd-party Company Not disclosed
Date August
Data Breached Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party Medical clinic
3rd-party Company Not disclosed
Date August
Data Breached Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party Medical clinic
3rd-party Company Not disclosed
Date August
Data Breached Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party Medical clinic
3rd-party Company Not disclosed
Date August
Data Breached Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party Medical clinic
3rd-party Company Not disclosed
Date August
Data Breached Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party Medical clinic
3rd-party Company Not disclosed
Date August
Data Breached Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party Medical clinic
3rd-party Company Not disclosed
Date August
Data Breached Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party Medical clinic
3rd-party Company Not disclosed
Date August
Data Breached Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party Medical clinic
3rd-party Company Not disclosed
Date August
Data Breached Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party Medical clinic
3rd-party Company Not disclosed
Date August
Data Breached Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party Medical clinic
3rd-party Company Not disclosed
Date August
Data Breached Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party Medical clinic
3rd-party Company Not disclosed
Date August
Data Breached Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party Medical clinic
3rd-party Company Not disclosed
Date August
Data Breached Patients’ names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, Medical Record Numbers, Medicaid or Medicare identification numbers, and health information such as treatment and diagnosis info.
Use of 3rd Party Medical clinic
3rd-party Company Not disclosed
Date July
Data Breached Names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, medical record numbers, Medicaid/Medicare IDs, and health information, including diagnosis and treatment information
Use of 3rd Party Health care organization
3rd-party Company Not disclosed
Date July
Company Somnia, Inc.
Data Breached Names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, medical record numbers, Medicaid/Medicare IDs, and health information, including diagnosis and treatment information
Use of 3rd Party Health care organization
3rd-party Company Not disclosed
Date July
Data Breached Names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, medical record numbers, Medicaid/Medicare IDs, and health information, including diagnosis and treatment information
Use of 3rd Party Health care organization
3rd-party Company Not disclosed
Date July
Data Breached Names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, medical record numbers, Medicaid/Medicare IDs, and health information, including diagnosis and treatment information
Use of 3rd Party Health care organization
3rd-party Company Not disclosed
Date July
Data Breached Names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, medical record numbers, Medicaid/Medicare IDs, and health information, including diagnosis and treatment information
Use of 3rd Party Health care organization
3rd-party Company Not disclosed
Date July
Data Breached Names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, medical record numbers, Medicaid/Medicare IDs, and health information, including diagnosis and treatment information
Use of 3rd Party Health care organization
3rd-party Company Not disclosed
Date July
Data Breached Names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, medical record numbers, Medicaid/Medicare IDs, and health information, including diagnosis and treatment information
Use of 3rd Party Health care organization
3rd-party Company Not disclosed
Date July
Data Breached Names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, medical record numbers, Medicaid/Medicare IDs, and health information, including diagnosis and treatment information
Use of 3rd Party Health care organization
3rd-party Company Not disclosed
Date July
Data Breached Names, Social Security numbers, dates of birth, driver’s license numbers, financial account information, health insurance policy numbers, medical record numbers, Medicaid/Medicare IDs, and health information, including diagnosis and treatment information
Use of 3rd Party Health care organization
3rd-party Company Not disclosed
Date December
Data Breached Names, birthdates, addresses, Social Security numbers, Medicaid numbers, service dates, and medical record numbers, clinical details
Use of 3rd Party Texas-based St. Luke’s Health provider
3rd-party Company Adelanto Healthcare Ventures
Date December
Company Sobeys
Data Breached Not disclosed for now
Use of 3rd Party The second largest supermarket chain
3rd-party Company Empire Co.
Date September
Company Magento
Data Breached Not disclosed for now
Use of 3rd Party Open-source eCommerce platform
3rd-party Company FishPig
Date August
Data Breached 2.5M Student Loan Records
Use of 3rd Party Servicing system and web portal provider
3rd-party Company Nelnet Servicing
Date August
Company KeyBank
Data Breached Names, mortgage information, phone numbers, property information, home insurance information and Social Security numbers
Use of 3rd Party Insurance services vendor
3rd-party Company Overby-Seawell
Date August
Data Breached Names, email addresses, delivery addresses, phone numbers, payment card numbers, LastPass technical information and source code
Use of 3rd Party Phone number verification services provider
3rd-party Company Twilio
Date August
Data Breached Not disclosed for now
Use of 3rd Party Software vendor
3rd-party Company Not disclosed
Date August
Data Breached Names, shipping addresses, email addresses, credit and debit card numbers and expiration dates, security codes, and billing addresses
Use of 3rd Party Shopping cart and payment processing services provider
3rd-party Company Freestyle Solutions
Date August
Data Breached Not disclosed for now
Use of 3rd Party Third-party payment gateway provider
3rd-party Company Not disclosed
Date August
Data Breached Patients’ names, home addresses, dates of treatment, health plan numbers, and medical record numbers
Use of 3rd Party Healthcare management services provider
3rd-party Company Practice Resources, LLC
Date August
Company Signal
Data Breached Phone numbers
Use of 3rd Party Phone number verification services provider
3rd-party Company Twilio
Date August
Data Breached Email addresses
Use of 3rd Party Email marketing service provider
3rd-party Company MailChimp
Date August
Company NHS
Data Breached Not disclosed for now
Use of 3rd Party IT provider
3rd-party Company Advanced
Date August
Data Breached Names, Social Security numbers, and birthdates of employees
Use of 3rd Party Telecommunications service provider
3rd-party Company Orange Silicon Valley
Date August
Data Breached Names, addresses, Social Security numbers, driver’s license numbers, government IDs, and medical information, such as treatment, diagnosis, and medical history
Use of 3rd Party Ambulance billing services vendor
3rd-party Company Intermedix Corporation
Date July
Data Breached Names, home addresses, email addresses, phone numbers and Social Security numbers
Use of 3rd Party Servicing system and customer website portal provider
3rd-party Company Nelnet Servicing
Date July
Data Breached Social Security numbers, names, addresses, and unique ID numbers
Use of 3rd Party Third-party administrator
3rd-party Company Zenith American Solutions
Date July
Data Breached Names, addresses, account numbers, credit scores, and Social Security numbers
Use of 3rd Party Printing vendor
3rd-party Company Not disclosed
Date July
Company Celsius
Data Breached Customer emails
Use of 3rd Party Email delivery vendor
3rd-party Company Customer.io
Date July
Data Breached Names, email addresses, TSO Patron ID and information about TSO accounts (e.g. donor level, credit on account status, gift certificate status), personal information, demographic information (age range, gender, ethnicity), and opinions on the TSO
Use of 3rd Party Mailing list provider
3rd-party Company WordFly
Date July
Data Breached Dates of birth, Social Security numbers, health insurance and medical treatment information
Use of 3rd Party Accounts receivable management solutions provider
3rd-party Company Professional Finance Company
Date July
Data Breached Names, addresses, dates of birth, diagnostic and treatment information, health insurance information, and Social Security numbers
Use of 3rd Party VPN service provider
3rd-party Company Virtual Private Network Solutions
Date June
Data Breached Names, dates of birth, addresses, Social Security numbers, driver’s license numbers, medical and treatment information, health insurance information, and billing information
Use of 3rd Party Provider of revenue cycle management and other administrative services
3rd-party Company Conifer Revenue Cycle Solutions
Date June
Data Breached Names, Social Security numbers, addresses, and some pension benefit information
Use of 3rd Party Provider of digital and in-person total wellbeing solutions
3rd-party Company LifeWorks US
Date June
Data Breached Names, Social Security numbers, addresses, phone numbers, driver’s license numbers, email addresses, dates of birth, medical record numbers, and health insurance information
Use of 3rd Party Eye care software provider
3rd-party Company EyeCare Leaders
Date June
Company OpenSea
Data Breached Email addresses
Use of 3rd Party Email delivery vendor
3rd-party Company Customer.io
Date June
Data Breached Customer names, addresses, account numbers, phone numbers, and email addresses
Use of 3rd Party Third-party subcontractor
3rd-party Company Not disclosed
Date June
Data Breached Names, pharmacy and claim information, drug names, and prescription dates from certain prescriptions filled in 2012
Use of 3rd Party Legal services provider
3rd-party Company Warner Norcross & Judd
Date May
Company St. Luke’s
Data Breached Patient names, insured names, addresses, phone numbers, ID numbers, dates of birth, last five digits of Social Security numbers, descriptions of services, billing amounts, outstanding balances, payment due dates, and status of the accounts
Use of 3rd Party Billing services vendor
3rd-party Company Kaye-Smith
Date May
Data Breached Patient names, dates of birth, medical record numbers, and treatment information
Use of 3rd Party EMR provider
3rd-party Company MyCare
Date May
Data Breached Students’ grades and private messages with parents
Use of 3rd Party Education software provider
3rd-party Company Illuminate Education
Date May
Data Breached Names, Social Security numbers, dates of birth, addresses
Use of 3rd Party Medi-Cal managed service provider
3rd-party Company Partnership HealthPlan of California
Date May
Company Mangatoon
Data Breached Names, email addresses, genders, social media account identities, auth tokens from social logins and salted MD5 password hashes
Use of 3rd Party Search-powered solutions provider
3rd-party Company Elasticsearch
Date April
Data Breached Names, PII, addresses, dates of birth, date of service, description of service, diagnosis codes, information provided as part of a health assessment, and member ID
Use of 3rd Party Mailing and printing services vendor
3rd-party Company OneTouchPoint
Date April
Data Breached Not disclosed
Use of 3rd Party Provider of solutions to the aviation industry
3rd-party Company Airline Choice
Date April
Company Dis-Chem
Data Breached First names, surnames, email addresses and cellphone numbers
Use of 3rd Party Third-party service provider
3rd-party Company Not disclosed
Date March
Data Breached Names, Social Security numbers, dates of birth, and medical or treatment details
Use of 3rd Party Imaging and ambulatory surgical services provider
3rd-party Company Shields Health Care Group Inc.
Date March
Data Breached Names, addresses, phone numbers, gender, dates of birth, medical codes, and Social Security numbers
Use of 3rd Party Healthcare software provider
3rd-party Company MCG Health
Date March
Company Rennline
Data Breached Names, credit or debit card numbers, expiration dates, card verification codes (CVV), billing addresses, and transaction details
Use of 3rd Party Software vendor
3rd-party Company Freestyle Solutions
Date March
Company Okta
Data Breached Employee credentials
Use of 3rd Party Customer service provider
3rd-party Company Sykes Enterprises
Date March
Data Breached User credentials
Use of 3rd Party Access & authentication management vendor
3rd-party Company Okta
Date March
Company Highmark
Data Breached Not disclosed
Use of 3rd Party Printing and mailing vendor
3rd-party Company Quantum Group
Date March
Company DataHEALTH
Data Breached Names, addresses, phone numbers, Medical information, insurance information, dates of birth, payment information, and Social Security numbers.
Use of 3rd Party Hosting & software vendor
3rd-party Company Not disclosed
Date March
Data Breached Names, addresses, dates of birth, ages, phone numbers, Social Security numbers, and some Medicaid information
Use of 3rd Party Healtcare vendor
3rd-party Company Liberty of Oklahoma
Date March
Company Acro
Data Breached Cardholder names, payment card numbers, dates of expiry, and security codes
Use of 3rd Party Payment processing vendor
3rd-party Company Not disclosed
Date March
Data Breached Source code
Use of 3rd Party Hardware contractor
3rd-party Company Nvidia
Date February
Company Not disclosed
Data Breached Names, dates of birth and Social Security numbers
Use of 3rd Party Healthcare provider
3rd-party Company Comprehensive Health Services
Date February
Data Breached Names, addresses, Social Security numbers, birthdates, client identification numbers, medical diagnostic and treatment information, and health insurance information
Use of 3rd Party Business service provider
3rd-party Company Morley Companies
Date February
Data Breached Names, emails, mailing addresses, and logins
Use of 3rd Party Third-party vendor
3rd-party Company Not disclosed
Date February
Data Breached Victims’ last names, addresses, and health-related information
Use of 3rd Party DNA research contractor
3rd-party Company DNA Solutions Inc.
Date February
Data Breached First names, last names, dates of birth, Social Security numbers, driver’s licenses numbers, financial information, health insurance information and treatment information
Use of 3rd Party Software vendor
3rd-party Company Advent Health Partners
Date January
Data Breached Names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Provider in therapy services
3rd-party Company Infinity Rehab
Date January
Data Breached Names, addresses, dates of birth, driver’s license or state identification numbers, Social Security numbers, claims information, financial account numbers, medications information, lab results, and medical diagnosis/conditions information
Use of 3rd Party Healthcare provider
3rd-party Company Avamere Health Services
Date January
Data Breached Names, addresses, Social Security numbers and medical histories
Use of 3rd Party Hosting provider
3rd-party Company Netgain
Date January
Data Breached Names, dates of birth, addresses and tax file numbers
Use of 3rd Party Payroll provider
3rd-party Company Frontier Software
Date January
Data Breached Patient names, dates of birth, dates of service, provider names, Social Security numbers, driver’s license numbers, treatment information, and health insurance information
Use of 3rd Party Technology vendor
3rd-party Company Ciox Health
Date January
Company Red Cross
Data Breached Not disclosed
Use of 3rd Party Hosting provider
3rd-party Company Not disclosed

2021 Data Leaks

Data Leaks for 2021
Date
Company
Data Breached
Use of 3rd Party
3rd-party Company
Date November
Company QRS Clients
Data Breached Names, birth dates, addresses, Social Security numbers, portal usernames, medical treatment and diagnosis information, and patient identification numbers.
Use of 3rd Party EHRS vendor
3rd-party Company QRS
Date October
Data Breached First and last names, birth dates, phone numbers, member ID numbers, clinical data pertaining to kidney care services, and addresses.
Use of 3rd Party IT vendor
3rd-party Company PracticeMax
Date October
Data Breached Names, identification numbers, and contact details, bank account details in “a few cases” and “certain limited health-related information”
Use of 3rd Party Software vendor
3rd-party Company Agape Connecting People
Date October
Data Breached Medical reports, complaints about medical treatment, and potential evidence in a criminal case
Use of 3rd Party Software provider
3rd-party Company Not disclosed
Date September
Company NRS
Data Breached PII and biometrics
Use of 3rd Party Slot machine operator
3rd-party Company Dotty’s
Date August
Data Breached Policy holder names, addresses, birthdates, policy numbers, and other health insurance information
Use of 3rd Party Administrative service vendor
3rd-party Company Secure Administrative Solutions LLC
Date August
Data Breached 200 online customer bank accounts
Use of 3rd Party Software
3rd-party Company Not disclosed
Date August
Data Breached Names, COVID-19 contact tracing information, vaccination appointments, Social Security numbers, employee IDs, and email addresses.
Use of 3rd Party Business app
3rd-party Company Microsoft
Date August
Data Breached Patients’ health information
Use of 3rd Party Software vendor
3rd-party Company CaptureRx
Date July
Data Breached Patient names, birth dates, medical record numbers, and clinical information related to treatment at Jefferson Health such as treatment plan, diagnosis, or prescription information. For some patients, Social Security number was also included as well.
Use of 3rd Party Cloud provider
3rd-party Company Elekta
Date July
Data Breached Names, birthdates, medical information
Use of 3rd Party Billing vendor
3rd-party Company Guidehouse
Date July
Company Saudi Aramco
Data Breached **Employees: name, photo, passport copy, email, phone number, residence permit (Iqama card) number, job title, ID numbers, family information, etc. **Project specification for systems related to/including electrical/power, architectural, engineering, civil, construction management, environmental, machinery, vessels, telecom, etc. Internal analysis reports, agreements, letters, pricing sheets, etc. **Network layout mapping out the IP addresses, **Scada points, Wi-Fi access points, IP cameras, and IoT devices. **Location map and precise coordinates. **List of Aramco’s clients, along with invoices and contracts
Use of 3rd Party Third-party contractor
3rd-party Company Not disclosed
Date July
Company Hospitals
Data Breached Name, address, email address, date of birth, driver’s license number, Social Security number, diagnosis, laboratory and treatment information, patient identification number, medication information, health insurance identification and claims information, tax identification number, employee username with password, employee username with security questions and answers, and bank account and/or credit card/debit card information
Use of 3rd Party Medical management services provider
3rd-party Company PracticeFirst
Date July
Company Hospitals
Data Breached Name, tax ID, social security number, date of birth, other government-issued ID, telephone number, healthcare account number and balance, date of service, ClearBalance loan number and balance, personal banking information, clinical information, health insurance information, and full-face photographic image
Use of 3rd Party Medical loan provider
3rd-party Company ClearBalance
Date July
Data Breached Financial data
Use of 3rd Party Clothing and retail vendor
3rd-party Company Spreadshirt, Spreadshop, and TeamShirts
Date July
Data Breached Stock plan participants’ names, addresses, dates of birth, Social Security Numbers, corporate company names
Use of 3rd Party Account maintenance services
3rd-party Company Guidehouse, Accellion
Date July
Data Breached Availability of systems
Use of 3rd Party IT management software for MSP
3rd-party Company Kaseya
Date June
Data Breached Names, dates of birth, Social Security numbers, addresses
Use of 3rd Party Medicaid contractor
3rd-party Company Maximus
Date June
Company CVS Health
Data Breached COVID-19 vaccines and medications
Use of 3rd Party Hosting vendor
3rd-party Company Not disclosed
Date June
Data Breached Availability of e-mail newsletters
Use of 3rd Party E-mail newsletter
3rd-party Company iConstituent
Date June
Data Breached Credit card information, Social security numbers, and driver license numbers of under 1,000 Mercedes-Benz customers and potential buyers
Use of 3rd Party Vendor
3rd-party Company Not disclosed
Date June
Data Breached Names, Social Security numbers, addresses, birth dates, medical diagnosis and treatment details.
Use of 3rd Party Cloud provider
3rd-party Company Elekta
Date June
Company AmeriGas
Data Breached Internal email with spreadsheet attachments containing 123 AmeriGas employees’ information, including Lab IDs, social security numbers, driver’s license numbers, and dates of birth
Use of 3rd Party Regulatory compliance vendor
3rd-party Company J. J. Keller
Date June
Data Breached First and last name, personal or business mailing address, email address, or phone number. For some instances, a vehicle purchased, leased, or inquired about, such as the Vehicle Identification Number (VIN), make, model, year, color, and trim packages.
Use of 3rd Party Digital marketing vendor
3rd-party Company Shift Digital
Date June
Data Breached Healthcare data
Use of 3rd Party Software vendor
3rd-party Company CaptureRX
Date June
Data Breached Customer back up files (details not disclosed)
Use of 3rd Party Software vendor
3rd-party Company Logicgate
Date May
Data Breached Not disclosed
Use of 3rd Party Security defense contractor
3rd-party Company BlueForce
Date May
Data Breached Email addresses, communication information of employees, sensitive files
Use of 3rd Party Physics lab
3rd-party Company Fermilab
Date May
Data Breached Full names, Email addresses, Home addresses, Dates of birth, Passport numbers, Applicant photos, Mobile phone numbers, Social network URLs for some applicants.
Use of 3rd Party Recruitment vendor
3rd-party Company Fasttrack Recruitment
Date May
Data Breached At least 76,000 email addresses were exposed, including those belonging to individuals outside of the ministry
Use of 3rd Party Software vendor
3rd-party Company Fujitsu
Date May
Company Canada Post
Data Breached Sender and receiver contact information, names, and mailing addresses
Use of 3rd Party Software vendor
3rd-party Company CommPort Communications
Date May
Data Breached Not disclosed
Use of 3rd Party Glass and metal packaging manufacturer
3rd-party Company Ardagh
Date May
Data Breached Source code
Use of 3rd Party Software auditing company
3rd-party Company CodeCov
Date May
Data Breached Availability of EHR
Use of 3rd Party EHR vendor
3rd-party Company APRIMA
Date May
Data Breached Personal data including SSN
Use of 3rd Party Managed IT services
3rd-party Company Netgain
Date May
Data Breached Names of individuals who were potentially exposed to COVID-19, positive or negative test results, any experienced symptoms, household members, and some contact information
Use of 3rd Party Contact tracing app vendor
3rd-party Company Insights Global
Date May
Data Breached Financial data of students
Use of 3rd Party Cap/ Gown vendor
3rd-party Company Herff Jones
Date April
Data Breached Availability of customer reservation systems
Use of 3rd Party Software Vendor
3rd-party Company Radixx (subsidiary of Sabre Corporation)
Date April
Data Breached Not disclosed
Use of 3rd Party File sharing appliance vendor
3rd-party Company Soliton (FileZen application)
Date April
Data Breached Employee and local admin accounts
Use of 3rd Party Password manager (Passwordstate)
3rd-party Company Click Studios
Date April
Company Apple
Data Breached Macbook blueprints
Use of 3rd Party Macbook manufacturer
3rd-party Company Quanta
Date April
Data Breached Shipping labels and customer receipts
Use of 3rd Party B2B packaging vendor
3rd-party Company Bizongo
Date April
Data Breached Contact details, dates of birth, insurance ID numbers, and health information, such as treatments and medical conditions.
Use of 3rd Party File sharing application
3rd-party Company Accellion
Date April
Data Breached Audio recordings, transcripts of chats, full names, home addresses, phone numbers and more.
Use of 3rd Party Telemarketing
3rd-party Company CallX
Date April
Data Breached Names, dates of birth, Social security numbers, bank account and routing numbers, patient billing information, medical information, such medical symptoms and diagnosis
Use of 3rd Party IT services
3rd-party Company Netgain
Date April
Data Breached Not disclosed
Use of 3rd Party Software auditing company
3rd-party Company CodeCov
Date April
Data Breached Subscriber ID,Social Security numbers, diagnoses, conditions, claims data, dates of services, medical procedure codes, insurance policy numbers, provider names, contact details, and dates of birth.
Use of 3rd Party Revenue cycle service provider
3rd-party Company MedData
Date April
Data Breached Variety of personally identifiable information, including federal tax documents, passports, addresses, birth dates, bank account information and Social Security numbers
Use of 3rd Party File sharing app
3rd-party Company Accellion
Date April
Data Breached Possibly employee sensitive information
Use of 3rd Party Accounting firm
3rd-party Company Perkins & Co, Netgain (4th party)
Date April
Data Breached Patients’ names, addresses, procedure information
Use of 3rd Party Virtual waiting room vendor
3rd-party Company Medifie
Date April
Company Biotel Heart
Data Breached Social Security numbers, medical records, contact information
Use of 3rd Party Third-party vendor
3rd-party Company Not disclosed
Date April
Company Upstox
Data Breached Contact data and KYC details of customers
Use of 3rd Party Third-party data warehouse systems
3rd-party Company Not disclosed
Date April
Company Celcius
Data Breached Customer emails
Use of 3rd Party Email distribution vendor
3rd-party Company Not disclosed
Date April
Data Breached Not disclosed
Use of 3rd Party Cloud company
3rd-party Company Route mobil
Date April
Data Breached Social Security numbers, financial information, medical records and more of patients, employees and dependents
Use of 3rd Party Parent company
3rd-party Company Personal Touch Holding Corp.
Date April
Company Ei2
Data Breached Names, identification number, contact information, educational qualifications, and employment history
Use of 3rd Party Contact centre solution provider
3rd-party Company I-vic International
Date April
Company Park Mobile
Data Breached Customer email addresses, dates of birth, phone numbers, license plate numbers, hashed passwords and mailing addresses
Use of 3rd Party Third-party software
3rd-party Company Not disclosed
Date March
Data Breached Personal data and data belonging to stakeholders
Use of 3rd Party Third-party file transfer application
3rd-party Company Accellion
Date March
Data Breached Contact information, insurance ID numbers, dates of birth, and health information, such as medical conditions and treatments.
Use of 3rd Party Third-party file transfer application
3rd-party Company Accellion
Date March
Data Breached Full name, sex, home address, and, in many cases, cellphone number and responses to political polling for 6.5 million Israeli adults.
Use of 3rd Party Polling app vendor
3rd-party Company Elector Software
Date March
Data Breached Patients’ name, date of birth, address, social security number and diagnosis codes.
Use of 3rd Party Administrative services vendor
3rd-party Company PeakTPA
Date March
Data Breached Members’ names and addresses
Use of 3rd Party Event management vendor
3rd-party Company SPARGO
Date March
Data Breached Students’ names, dates of birth, and student identification numbers.
Use of 3rd Party Technology vendor (for school nutrition)
3rd-party Company PCS Revenue Systems
Date March
Data Breached Video footages
Use of 3rd Party Security camera vendor
3rd-party Company Verkada
Date March
Data Breached Patients’ data
Use of 3rd Party Business associate
3rd-party Company Health Net Community Solutions, Inc, Accellion
Date March
Data Breached Patients’ health information
Use of 3rd Party Third-party file transfer application
3rd-party Company Accellion
Date March
Data Breached Patient names, addresses, LMC medical record numbers, Social Security numbers and health insurance details.
Use of 3rd Party IT vendor
3rd-party Company Healthgrades
Date March
Company Austin ISD
Data Breached Students’ name, their identification number, and date of birth
Use of 3rd Party Third-party vendor
3rd-party Company not disclosed
Date March
Company Flagstar Bank
Data Breached Social Security numbers and mailing addresses
Use of 3rd Party Third-party file transfer application
3rd-party Company Accellion
Date March
Data Breached Names, addresses, Social Security numbers, medical record numbers, bank account numbers and medical record disclosure logs
Use of 3rd Party Technology vendor
3rd-party Company Netgain
Date March
Data Breached Emails
Use of 3rd Party Email server
3rd-party Company Microsoft
Date March
Data Breached Availability of the websites
Use of 3rd Party Domain registrar
3rd-party Company Atak Domain
Date March
Company Qualys
Data Breached Customer data possibly including invoices, purchase orders, tax documents, and scan reports
Use of 3rd Party Third-party file transfer application
3rd-party Company Accellion
Date February
Data Breached Over 425,000 immigration documents, COVID-19 results
Use of 3rd Party Software vendor
3rd-party Company Amber Group
Date February
Data Breached Personal information include contain names, addresses, license plate numbers and vehicle identification numbers (VIN)
Use of 3rd Party Payment processor
3rd-party Company AFTS
Date February
Data Breached Email addresses
Use of 3rd Party Web analytics
3rd-party Company WayDev
Date February
Data Breached User accounts – including include names, email addresses, and salted and hashed passwords. Also home addresses and phone numbers for some users.
Use of 3rd Party Cloud provider
3rd-party Company Not disclosed
Date February
Data Breached Customer accounts and source code of Stormshield Network Security (SNS)
Use of 3rd Party Cybersecurity vendor
3rd-party Company Stormshield
Date February
Data Breached Names, addresses, dates of birth, dates of service, telephone numbers, account numbers, health insurance information,medical information and possibly SSN
Use of 3rd Party Managed IT services
3rd-party Company Netgain
Date February
Data Breached Unauthorized appointments
Use of 3rd Party Appointment scheduling software
3rd-party Company Epic Software
Date February
Data Breached Social Security numbers, passport and visa details, dates of birth and driver’s license numbers, as well as health information and financial account information
Use of 3rd Party Embedded software vendor
3rd-party Company Wind River Systems
Date February
Data Breached Full names, dates of birth, email addresses, phone numbers, physical addresses, social security numbers, secondary insurance information, familial relationships to the child in question, and financial details
Use of 3rd Party Web hosting vendor
3rd-party Company Jelly Bean Communications Design
Date February
Data Breached Contact details, dates of birth, MPI numbers, medical record information, health insurance data, financial account details, passport numbers, diagnoses, treatments, and Social Security numbers
Use of 3rd Party Support vendor
3rd-party Company USF
Date February
Data Breached Clients’ confidential information
Use of 3rd Party Third-party file transfer application
3rd-party Company Accellion
Date February
Data Breached Bank account numbers, routing information, names, addresses, billing amounts and utility account numbers of customers
Use of 3rd Party Utility bill payment vendor
3rd-party Company Automatic Funds Transfer Services
Date February
Data Breached Microsoft 365 email accounts
Use of 3rd Party Certificate provider
3rd-party Company Mimecast
Date February
Data Breached Social Security numbers and banking information
Use of 3rd Party Third-party file transfer application
3rd-party Company Accellion
Date January
Data Breached Unknown at this stage
Use of 3rd Party Cybersecurity vendor
3rd-party Company SonicWall
Date January
Data Breached Company emails
Use of 3rd Party Defence tech service provider
3rd-party Company ELCOM Innovations
Date January
Data Breached Full names, Social Security numbers, details of medical examinations, drug and alcohol testing reports, and scans of driver’s licenses
Use of 3rd Party Occupational healthcare provider
3rd-party Company Taylor Made Diagnostics (TMD)
Date January
Company Bonobos
Data Breached Names and telephone numbers associated with 7 million customers or orders, 3.5 million records containing the last four digits of credit card numbers, and account information for 1.8 million customers, including encrypted passwords
Use of 3rd Party Cloud service provider
3rd-party Company Not disclosed
Date January
Data Breached Customer name and HAL account identification number for about 33,000 email addresses.
Use of 3rd Party Software company
3rd-party Company Aspira
Date January
Data Breached Full names, addresses, phone numbers, and exact working hours of at least 12 NameSouth employees, credit card statements
Use of 3rd Party OEM company
3rd-party Company NameSouth
Date January
Data Breached Unknown at this stage
Use of 3rd Party Stock investment app
3rd-party Company Not disclosed
Date January
Data Breached Personal data of 214 million social media users
Use of 3rd Party Third-party app
3rd-party Company SocialArk
Date January
Company OmniTRAX
Data Breached Internal OmniTRAX documents, contents of employee computers
Use of 3rd Party Parent company
3rd-party Company Broe Group
Date January
Data Breached Commercially and personally sensitive information
Use of 3rd Party Third-party file transfer application
3rd-party Company Acellion Software

2020 Data Leaks

Data Leaks for 2020
Date
Company
Data Breached
Use of 3rd Party
3rd-party Company
Date December
Data Breached HR chat messages
Use of 3rd Party Software vendor for chatting app
3rd-party Company Able Software
Date December
Company Microsoft
Data Breached Credentials for Azure
Use of 3rd Party Third-party reseller
3rd-party Company Not disclosed
Date Deecember
Data Breached Full names and dates of birth, postal and email addresses, phone numbers, passport details, credit card numbers, medical records and recent test results and diagnoses.
Use of 3rd Party Software vendor
3rd-party Company iSofH
Date December
Data Breached Patient names, contact details, dental diagnoses, treatment information, patient account numbers, billing details, dentists’ names, bank account numbers, and health insurance data.
Use of 3rd Party Support vendor-accounting billing
3rd-party Company Dental Care Alliance (DCA)
Date December
Company Now:Pensions
Data Breached Names, postal and email addresses, birth dates and national insurance numbers of 30,000 customers
Use of 3rd Party Third-party contractor
3rd-party Company Not disclosed
Date December
Data Breached Digital certificate toolkit
Use of 3rd Party Certificate authority
3rd-party Company Vietnam Certification Authority
Date December
Data Breached Red-team tools
Use of 3rd Party CyberSecurity firm
3rd-party Company FireEye
Date December
Data Breached Customers’ email traffic
Use of 3rd Party Network management software vendor
3rd-party Company SolarWinds
Date November
Data Breached Data of some current and former employees, as well as some company information
Use of 3rd Party Networking equipment vendor
3rd-party Company Belden
Date November
Data Breached Names and contact information
Use of 3rd Party Cloud and CRM provider
3rd-party Company Blackbaud
Date November
Data Breached Contact details, health insurance policy numbers, and appointment notes related to treatment, such as health conditions, procedures, and prescriptions, as well as other sensitive data, including the credit card information and Social Security information of some patients
Use of 3rd Party Appointment app provider
3rd-party Company Luxottica
Date November
Data Breached Driver’s license numbers, names, dates of birth, addresses and vehicle registration histories
Use of 3rd Party Insurance software company
3rd-party Company Vertafore
Date November
Data Breached Customer names, tax ID numbers, loan documents, business contracts, private emails, invoices, credentials for network shares, company confidential files
Use of 3rd Party Banking software provider
3rd-party Company ABS
Date November
Company WildWorks
Data Breached 7 million parent account email addresses, and 32 million usernames associated with the parent accounts, containing encrypted passwords, players’ birthdays and gender
Use of 3rd Party Third-party server
3rd-party Company Not disclosed
Date November
Data Breached Names, credit card details, ID numbers and reservation details
Use of 3rd Party Channel manager
3rd-party Company Prestige Software
Date October
Data Breached Not disclosed
Use of 3rd Party Media-monitoring vendor
3rd-party Company Isentia
Date October
Data Breached E-mail addresses, full names, bcrypt hashed passwords, titles, company names, IP addresses, and other system-related data
Use of 3rd Party Software provider
3rd-party Company NITRO
Date October
Company Google
Data Breached Passports, driver’s licenses, ID cards (in Form I-9) of employees
Use of 3rd Party Law firm
3rd-party Company Fragomen, Del Rey, Bernsen & Loewy
Date October
Company JM Bullion
Data Breached Names addresses, payment card information (the account number, expiration date, and security codes)
Use of 3rd Party Third-party javacript
3rd-party Company Not disclosed
Date October
Data Breached Names, phone numbers, encrypted passwords, and partial credit card numbers of 1M accounts
Use of 3rd Party Third-party database hosting provider
3rd-party Company Not disclosed
Date October
Data Breached Names, phone numbers, locations, hundreds of thousands of voice mails, medical and financial details
Use of 3rd Party VoIP service provider
3rd-party Company Broadvoice
Date October
Data Breached Names, credit card information of 3M customers
Use of 3rd Party POS provider
3rd-party Company Not disclosed
Date October
Data Breached Utility bill information, credit/debit card information
Use of 3rd Party Third-party payment software provider
3rd-party Company Click2Gov
Date October
Data Breached Names, addresses, emails, product orders, the last four digits of SS numbers
Use of 3rd Party E-commerce platform
3rd-party Company Shopify
Date October
Data Breached Patient names, addresses, phone numbers , medical departments patients visited, dates of birth, treatment facilities, treating physicians, departments of service, room numbers, medical record numbers.
Use of 3rd Party Data management software, cloud service provider
3rd-party Company BlackBaud
Date September
Data Breached Utility payment information
Use of 3rd Party Third-party service provider
3rd-party Company Not disclosed
Date September
Data Breached Customer payment information
Use of 3rd Party E-commerce platform
3rd-party Company Adobe Magento 1
Date September
Data Breached Full names, email and street addresses, phone numbers and ZIP codes of 38 million US citizens
Use of 3rd Party Marketing company
3rd-party Company View Media
Date September
Data Breached Names, medical service numbers and dates of service for patients and list of donors
Use of 3rd Party Data management software vendor
3rd-party Company BlackBaud
Date September
Data Breached Members names, emails and physical addresses
Use of 3rd Party Data management software vendor
3rd-party Company BlackBaud
Date August
Data Breached Infection status, dates of birth, addresses, names, and other PII of COVID-19 patients in South Dakota
Use of 3rd Party Doftware vendor
3rd-party Company not disclosed
Date August
Data Breached Names, addresses and gift history of donors
Use of 3rd Party Software vendor
3rd-party Company Not disclosed
Date August
Company FeedMore
Data Breached Personal information of donors
Use of 3rd Party Software vendor
3rd-party Company BlackBaud
Date August
Data Breached Corporate data
Use of 3rd Party Wine and spirit maker
3rd-party Company Brown-Forman
Date July
Data Breached Personal information of investors
Use of 3rd Party Third-party software provider
3rd-party Company M.J. Brunner
Date July
Company Citrix
Data Breached E-mail IDs, phone numbers, last known location, phone type and login dates
Use of 3rd Party Third-party vendor
3rd-party Company Not disclosed
Date July
Company Promo.com
Data Breached First name, last name, email address, IP address, approximated user location based on their IP address, and gender, as well as encrypted, hashed and salted passwords.
Use of 3rd Party Third-party service provider
3rd-party Company Not disclosed
Date July
Data Breached Name, date of birth, contact information, and some information about donations regarding alumni and donors
Use of 3rd Party Cloud-computing service provider
3rd-party Company BlackBaud
Date July
Data Breached 7.5 million users’ names, emails and physical addresses, birthdates, and phone numbers
Use of 3rd Party Third-party service provider
3rd-party Company WayDev
Date June
Data Breached ACH routing numbers, IBANs and other financial data as well as PII
Use of 3rd Party Web development firm
3rd-party Company NetSentiel
Date June
Data Breached Names, addresses, birth dates, banking and IRS data
Use of 3rd Party Web site design firm
3rd-party Company 10up Inc
Date June
Company MU Health
Data Breached E-mail addresses & passwords of MU students
Use of 3rd Party Third-party web site
3rd-party Company Not disclosed
Date June
Company Keepnet
Data Breached Breached email addresses, breached passwords
Use of 3rd Party Third-party IT service provider
3rd-party Company Not disclosed
Date June
Company Joomla
Data Breached Full name,Business address, Business email address, Business phone number, Company URL, Nature of business,Encrypted password (hashed),IP address, Newsletter subscription preferences
Use of 3rd Party Third-party company(CMS)
3rd-party Company Open Source Matters
Date May
Data Breached PPP applications, in particular business details, such as an address or tax identification number, or a business owner’s information, such as name, address, Social Security number, phone number, email and citizenship status
Use of 3rd Party Third-party merchant
3rd-party Company Not disclosed
Date May
Data Breached 7 million Indians’ Aadhaar number, name, gender, date of birth, biometric details, Permanent Account Number (PAN), scanned copies of Caste and Religion certificates, user’s picture, residential details, professional degree certificates
Use of 3rd Party Amazon Web Services S3 bucket of a third party
3rd-party Company CSC e-Governance Services LTD
Date May
Company TrueCaller
Data Breached Full names, email addresses, mobile numbers, Facebook IDs, age, city, gender, telecom service provider
Use of 3rd Party Third-party merchant
3rd-party Company Not disclosed
Date May
Data Breached Full names and Social Security numbers of some people who have applied for unemployment benefits
Use of 3rd Party Third party
3rd-party Company Not disclosed
Date May
Data Breached Name, medical treatment information, diagnosis information/codes, medication information, dates of service, insurance provider, health insurance number, date of birth, and Social Security number.
Use of 3rd Party Network Services Provider
3rd-party Company Management and Network Services – MNS
Date April
Data Breached First and last name, billing address and IBAN and account number
Use of 3rd Party Third-party partner company
3rd-party Company Not disclosed
Date April
Data Breached Human resource files from RigUp’s clients, contractors, job seekers
Use of 3rd Party Labor and marketplace provider
3rd-party Company RigUp
Date April
Company Mariott
Data Breached 5.2 million customers’ personal information incl. names, addresses, birthdays, emails, phone numbers and loyalty reward program numbers
Use of 3rd Party Franchised hotel in Russia
3rd-party Company Not disclosed
Date April
Data Breached Not disclosed for now
Use of 3rd Party IT-services vendor
3rd-party Company Cognizant
Date April
Data Breached Names, phone numbers, addresses, credit card numbers, CVVs and expiration dates
Use of 3rd Party E-commerce vendor
3rd-party Company Volusion
Date March
Company T-Mobile
Data Breached Customer names and addresses, phone numbers, account numbers, rate plans, and features, and billing information.
Use of 3rd Party E-mail vendor
3rd-party Company Not disclosed
Date March
Company Radio.com
Data Breached Name, Social Security number, driver’s license number, listeners’ credentials
Use of 3rd Party Cloud hosting service
3rd-party Company Not disclosed
Date March
Company Chubb
Data Breached Sensitive files
Use of 3rd Party Third-party service provider
3rd-party Company Not disclosed
Date March
Data Breached Direct deposit forms, driver’s licenses, passports, birth certificates, marriage certificates
Use of 3rd Party Business service provider
3rd-party Company Canon Business Services
Date March
Data Breached 8 million sales records: customer names, email addresses, shipping addresses, purchases, last four digits of credit card numbers
Use of 3rd Party Third-party app
3rd-party Company Not disclosed
Date March
Data Breached Non-disclosure agreements, partial schematic for a missile antenna
Use of 3rd Party Precision parts maker
3rd-party Company Visser
Date February
Data Breached First and Last Name, Last Four Digits of Social Security Number, Transaction Date and Amount, Plan Sponsor/Employer Name, Address, Social Security Number, Email Address, Mailing Address, Date of Birth
Use of 3rd Party Administering services
3rd-party Company Interactive Medical Systems Corporation
Date February
Company TQL carriers
Data Breached Tax ID numbers, bank account numbers
Use of 3rd Party Freight brokerage services
3rd-party Company TQL
Date February
Data Breached Names, dates of birth, billing codes, insurance description, and medical record numbers
Use of 3rd Party Accounting and tax services
3rd-party Company BST
Date February
Data Breached Names, addresses, phone numbers, dates of birth, Social Security numbers and Health Share identification numbers
Use of 3rd Party Medical transportation
3rd-party Company GridWorks
Date February
Company Rutters Store
Data Breached Customers’ names, card numbers, expiration dates, and internal verification codes
Use of 3rd Party POS device
3rd-party Company Not disclosed
Date February
Company Carson City
Data Breached Resident’s names, addresses, email addresses, payment card numbers, expiration dates, card security code (CVV) information, bank account numbers and routing numbers
Use of 3rd Party Utility payment software
3rd-party Company Click2Gov
Date February
Data Breached Name, date of birth, Social Security number, financial account information, tax identification number, and information on borrowers, liability, assets, employment, and income
Use of 3rd Party Mortgage portal
3rd-party Company Not disclosed
Date February
Company Nedbank
Data Breached 1.7 million customers information(name, ID, contacts)
Use of 3rd Party Marketing and promotional campaigns
3rd-party Company Computer Facilities (Pty) Ltd
Date January
Company Instagram
Data Breached Instagram usernames and passwords
Use of 3rd Party Third-party app
3rd-party Company Social Captain
Date January
Data Breached Names, dates of birth, home addresses, email and phone numbers, names of family members, past addresses, the reason for application
Use of 3rd Party Third-party service provider
3rd-party Company Not disclosed
Date January
Data Breached Photo IDs, phone numbers and home addresses of marijuana users as well as cannabis variety and quantity purchased
Use of 3rd Party Point-of-sale software company
3rd-party Company THSuite
Date January
Company Regus
Data Breached Employee names, emails and performance
Use of 3rd Party Mystery shopping business
3rd-party Company Applause
Date January
Company Mitsubishi
Data Breached Company data, data of government organizations and private companies, names and addresses, previous employment history, birthdates, telephone numbers of 8,122 applicants, employees and retirees
Use of 3rd Party An affiliated company in China
3rd-party Company Not disclosed
Date January
Data Breached Names, street addresses and Social Security numbers
Use of 3rd Party Revenue cycle management vendor
3rd-party Company RCM Enterprise Services
Date January
Company Schools
Data Breached Name, payment card expiration date and security code and Blue Bear account usernames and passwords
Use of 3rd Party School software vendor
3rd-party Company Active Network
Date January
Data Breached E-mail addresses and phone numbers
Use of 3rd Party Hosting
3rd-party Company Amazon
Date January
Data Breached Name, address, email, phone number, customer number, age, account number and account balance
Use of 3rd Party Third-party CRM hosting firm
3rd-party Company Not disclosed

2019 Data Leaks

Data Leaks for 2019
Date
Company
Data Breached
Use of 3rd Party
3rd-party Company
Date December
Company Wyze customer
Data Breached 2.4 million customers
Use of 3rd Party IoT vendor
3rd-party Company Wyze
Date December
Data Breached 98,000 SAF servicemen information
Use of 3rd Party healthcare training provider
3rd-party Company HMI Institute of Health Sciences
Date December
Data Breached 2,400 personal data including full names and NRIC numbers, and a combination of contact numbers, e-mail addresses or residential addresses
Use of 3rd Party logistics services
3rd-party Company ST Logistics
Date December
Company City of Sioux
Data Breached 3,500 customers utility and parking accounts
Use of 3rd Party online parking ticket system and utility billing system portal
3rd-party Company Click2Gov
Date December
Data Breached 8,800 Marietta utility customers card information
Use of 3rd Party online electric, water and sanitation payment software company
3rd-party Company Click2Gov
Date December
Data Breached fingerprint database
Use of 3rd Party not disclosed
3rd-party Company not disclosed
Date December
Data Breached 477,000 clients’ media contacts, business account information, 35,000 hashed user passwords, various documents, and admin credentials
Use of 3rd Party PR company
3rd-party Company iPR Software
Date November
Data Breached seven current and former employees’ information includes names, dates of birth, and Social Security numbers
Use of 3rd Party not disclosed
3rd-party Company not disclosed
Date November
Data Breached email addresses, usernames and recent tweets
Use of 3rd Party SDK kit
3rd-party Company One Audience
Date November
Data Breached not disclosed
Use of 3rd Party tax collections
3rd-party Company not disclosed
Date November
Company TennCare
Data Breached 44,000 members information
Use of 3rd Party pharmacy management vendor
3rd-party Company Magellan Health System
Date November
Company Macy’s
Data Breached first and last names, physical addresses, ZIP codes, email addresses, payment card numbers, card security codes, and expiration dates
Use of 3rd Party Website Javascript
3rd-party Company not disclosed
Date November
Data Breached not disclosed
Use of 3rd Party online water bill payments software company
3rd-party Company Click2Gov
Date November
Data Breached 4,000 residents’ data
Use of 3rd Party online water bill payments software company
3rd-party Company Click2Gov
Date November
Company Florida Blue
Data Breached 5 million members’ information
Use of 3rd Party managed care company
3rd-party Company Magellan Health Inc
Date October
Company UniCredit
Data Breached 400,000 Italian clients’ information
Use of 3rd Party not disclosed
3rd-party Company not disclosed
Date October
Company NordVPN
Data Breached some of the browsing habits of customers
Use of 3rd Party data center provider
3rd-party Company not disclosed
Date October
Data Breached undisclosed number of patients’ information
Use of 3rd Party manage radiology benefits
3rd-party Company Magellan National Imaging Associates
Date October
Data Breached 560,000 students’ information
Use of 3rd Party learning assessment platform
3rd-party Company Pearson Clinical Assessment (AIMSweb)
Date October
Company CenturyLink
Data Breached 2.8 million CenturyLink customer information which including names, addresses, phone numbers, email addresses and CenturyLink account numbers
Use of 3rd Party notification platform
3rd-party Company not disclosed
Date October
Data Breached thousands of usernames, passwords and addresses
Use of 3rd Party educational technology company
3rd-party Company Chegg
Date October
Data Breached 10,000 Zendesk Support and Chat accounts
Use of 3rd Party customer service software provider
3rd-party Company Zendesk
Date September
Data Breached 1,498 individuals’ information includes encrypted credit or debit card numbers, first names, last names, addresses and email addresses
Use of 3rd Party payment software system
3rd-party Company Click2Gov
Date September
Data Breached not disclosed
Use of 3rd Party payment software system
3rd-party Company Click2Gov
Date September
Company DoorDash
Data Breached 4.9 million consumers, Dashers, and merchants
Use of 3rd Party service provider
3rd-party Company not disclosed
Date September
Company Malinda Air
Data Breached Malinda’s passengers information
Use of 3rd Party not disclosed
3rd-party Company not disclosed
Date September
Company Yves Rocher
Data Breached 2.5 million Canadian customers’ personal data
Use of 3rd Party Consulting services
3rd-party Company Aliznet
Date September
Data Breached usernames and email addresses associated with GitHub and Bitbucket and IP addresses and user agent strings & organisation name, repository URLs and names, branch names, and repository
Use of 3rd Party Analytics company
3rd-party Company CirclCI
Date August
Company Mastercard
Data Breached 90,000 customers’ names, addresses, and credit card numbers
Use of 3rd Party loyalty program
3rd-party Company not disclosed
Date August
Company Cable One
Data Breached 14 Cable One employee accounts may include addresses, Social Security numbers, government-issued identification numbers, financial account numbers, digital signatures or medical and health insurance information
Use of 3rd Party not disclosed
3rd-party Company not disclosed
Date August
Data Breached 3,700 students information in District 203, 49,000 students information in District 204, 3,206 students information in District 303 and 8,000 students information in District 304
Use of 3rd Party learning assessment platform
3rd-party Company Pearson Clinical Assessment (AIMSweb)
Date August
Data Breached students’ and teachers’ information (names, surnames, birthdates)
Use of 3rd Party learning assessment platform
3rd-party Company Pearson Clinical Assessment (AIMSweb)
Date July
Data Breached 534,500 patients information and 7,400 financial data of AEL, 412,000 patients information with 15,000 financial data of SML, 145,100 patients information with 3,800 financial data of CBLPath, 143,400 patients information with 4,200 financial data of LMC, 44,700 patients information with 1,800 financial data of APA, 14,900 patients information and 1,200 financial data of STD, 12,700 patients information with 600 financial data of PS, 4,000 patients information and 240 financial data of ADX, 9,200 patients information with 800 financial data of SP, 4,200 patients information with 350 financial data of WPC, 6,500 patients information with 500 financial data of AD, unknown number of Natera
Use of 3rd Party collections vendor
3rd-party Company American Medical Collection Agency
Date July
Data Breached 2.2 million patients information and 34,500 financial information
Use of 3rd Party collections vendor
3rd-party Company American Medical Collection Agency
Date June
Company Westpac Bank
Data Breached Up to 100,000 Australians’ personal information
Use of 3rd Party payments platform
3rd-party Company PayID
Date June
Company Komodo
Data Breached Komodo hacked its customers and unauthorisedly transferred nearly 8 million KMD and 96 Bitcoins from their cryptocurrency wallets to a new address owned by the company to protect its customers’ funds.
Use of 3rd Party JavaScript library
3rd-party Company not disclosed
Date June
Company Opko Health
Data Breached 422,600 patients information
Use of 3rd Party collections vendor
3rd-party Company American Medical Collection Agency
Date June
Data Breached 12 million patients of Quest Diagnostics,7.7 million Laboratory Corporation of America (LabCorp) patients information
Use of 3rd Party collections vendor
3rd-party Company American Medical Collection Agency
Date May
Data Breached 100.000 traveller photos and licence plate image
Use of 3rd Party not disclosed
3rd-party Company not disclosed
Date May
Data Breached 312,570 files in 51,025 folders, over 516 Gb of data financial and private information on all clients
Use of 3rd Party IT Company
3rd-party Company CITYCOMP
Date May
Company Instagram
Data Breached personal information including contact details
Use of 3rd Party social media marketing firm
3rd-party Company Chtrbox
Date May
Company Truecaller
Data Breached 140 million user names, phone numbers and email addresses
Use of 3rd Party not disclosed
3rd-party Company not disclosed
Date May
Data Breached 50.000 credit card holders information
Use of 3rd Party data management company
3rd-party Company not disclosed
Date May
Data Breached not disclosed
Use of 3rd Party to storage
3rd-party Company ASUS Webstorage
Date May
Data Breached not disclosed
Use of 3rd Party analytics service and open-source project
3rd-party Company Picreel and Alpaca Forms
Date May
Company UNIQLO
Data Breached 460,000 online store accounts
Use of 3rd Party not disclosed
3rd-party Company not disclosed
Date May
Company Forbes
Data Breached credit card information
Use of 3rd Party to build website
3rd-party Company not disclosed
Date April
Data Breached 15,000 customers information
Use of 3rd Party service provider for customer support processes
3rd-party Company Apptium Technologies
Date April
Data Breached 201 online stores including payment card information
Use of 3rd Party e-commerce platform
3rd-party Company PrismRBS
Date April
Company Facebook
Data Breached 540 million records, including account names, Facebook ID, and user activity
Use of 3rd Party to develop app
3rd-party Company Cultura Colectiva
Date March
Data Breached customer names, contact information (including phone numbers and email addresses) and other details related to property evaluations
Use of 3rd Party fund management company and provider of property valuations
3rd-party Company LandMark White Limited
Date March
Data Breached the personal and medical information of hundreds of thousands of people may have been compromised
Use of 3rd Party contractor that provides mailing and other services for hospitals and healthcare companies
3rd-party Company Wolverine Solutions Group
Date March
Data Breached patient names, addresses, Social Security numbers, birth dates and health insurance information for 45,000 patients was exposed
Use of 3rd Party claim processing
3rd-party Company MiraMed
Date February
Data Breached personal information including Social Security numbers, names, dates of birth and home addresses may have been stolen
Use of 3rd Party employee and background screening software
3rd-party Company Image-I-Nation Technologies
Date February
Company Huddle House
Data Breached credit card payment information since Aug. 2017
Use of 3rd Party Point-of-sale systems
3rd-party Company not disclosed
Date February
Company China Railway
Data Breached millions of train passengers’ information
Use of 3rd Party Ticketing
3rd-party Company not disclosed
Date February
Company Houzz
Data Breached user names, salted and hashed passwords, IP addresses and, for users who logged into Houzz using Facebook, their Facebook IDs
Use of 3rd Party not disclosed
3rd-party Company not disclosed
Date January
Company LocalBitcoins
Data Breached theft of almost 8 bitcoins ($28,200) from five of the victims
Use of 3rd Party Forum software
3rd-party Company not disclosed
Date January
Company Ascension
Data Breached 24 million financial and banking documents, representing tens of thousands of loans and mortgages from some of the biggest banks in the US
Use of 3rd Party OCR Services
3rd-party Company OpticsML
Date January
Data Breached 650 consumer data
Use of 3rd Party Online payroll, benefits, tax compliance & HR services
3rd-party Company BenefitMall
Date January
Data Breached the extent is unknown
Use of 3rd Party open-source library
3rd-party Company PHP PEAR
Date January
Data Breached flight information of passengers
Use of 3rd Party online flight booking system
3rd-party Company Amadeus
Date January
Data Breached credit card information of visitors
Use of 3rd Party Javascript for advertising
3rd-party Company Adverline
Date January
Data Breached credit card information of citizens
Use of 3rd Party online parking ticket payment system
3rd-party Company Click2Gov
Date January
Data Breached credit card information of 6,000 people
Use of 3rd Party online parking ticket payment system
3rd-party Company Click2Gov
Date January
Company Humana
Data Breached name, address, date of birth, partial info of the SSN, and some info about policy type of unknown number of customers
Use of 3rd Party Bankers Life
3rd-party Company LCP Corp.

2018 Data Leaks

Data Leaks for 2018
Date
Company
Data Breached
Use of 3rd Party
3rd-party Company
Date December
Data Breached 31,000 Patient Records
Use of 3rd Party Transportation
3rd-party Company LCP Corp.
Date December
Company BevMo
Data Breached credit card data of nearly 15,000 customers
Use of 3rd Party online payment system
3rd-party Company NCR Corp.
Date December
Data Breached 6,000 citizens’ payment information
Use of 3rd Party online payment system
3rd-party Company Click2Gov
Date December
Data Breached 16,000 patients’ health information including names, birth dates, insurance information and addresses
Use of 3rd Party application-hosting service provider
3rd-party Company IT Lighthouse
Date December
Data Breached approximately 47,000 patients or guarantors whose payment information, including partial credit card information
Use of 3rd Party credit card processing system
3rd-party Company not disclosed
Date December
Data Breached account and password data of almost 50,000 users
Use of 3rd Party Programming software
3rd-party Company Easy Programming Language
Date November
Company Marriott
Data Breached personal information of as many as 500 million guests
Use of 3rd Party Hotels (acquired)
3rd-party Company Starwood
Date November
Data Breached unknown amount of data exposed
Use of 3rd Party small and mid-tier suppliers
3rd-party Company not disclosed
Date November
Company BitPay
Data Breached users of CoPay mobile cryptocoin wallet were targeted for cryptocoin theft, but none stolen
Use of 3rd Party JavaScript Library
3rd-party Company Right9ctrl
Date November
Company Atrium Health
Data Breached 2.65 M patient records including names, addresses, dates of birth, invoice numbers, account balances, dates of service, insurance policy information and Social Security numbers
Use of 3rd Party billing services
3rd-party Company AccuDoc Solutions Inc.
Date November
Data Breached potentially almost 6,000 individual’s personal info including name, address, postcode, email, phone, and encrypted password
Use of 3rd Party mobile app for One Planet York program
3rd-party Company Appware
Date November
Company Nordstrom
Data Breached personal info of employees including names, SSNs and dates of birth, checking account and routing numbers, salaries, etc.
Use of 3rd Party management of direct deposits of wages
3rd-party Company Not Disclosed
Date November
Data Breached 2,400 user accounts with payment information
Use of 3rd Party Online Payment
3rd-party Company Click2Gov
Date November
Data Breached Social Security numbers of thousands of individuals who applied for a job
Use of 3rd Party online employment application services
3rd-party Company Jobscience, Inc.
Date November
Data Breached Social Security numbers of thousands of individuals who applied for a job
Use of 3rd Party online employment application services
3rd-party Company Jobscience, Inc.
Date November
Data Breached names and addresses of 4500 consumers
Use of 3rd Party Online tracking tool
3rd-party Company Canada Post
Date November
Data Breached potential theft of BTC from customers
Use of 3rd Party Web Analytics
3rd-party Company StatCounter
Date October
Company VestaCP
Data Breached managed to launch DDoS attacks
Use of 3rd Party not disclosed
3rd-party Company not disclosed
Date October
Data Breached personal and payment card info of 30K employees and service members
Use of 3rd Party Maintenance of travel records
3rd-party Company not disclosed
Date October
Data Breached unknown amount of customers’ names and credit card numbers
Use of 3rd Party Online Payment
3rd-party Company Click2Gov
Date October
Data Breached unknown amount of payment card info (still in investigation)
Use of 3rd Party 3rd-party Javascript for customer rating
3rd-party Company Shopper Approved
Date October
Data Breached Unknown amount of data
Use of 3rd Party Microchip in servers and online portal for software update
3rd-party Company Supermicro
Date September
Data Breached Accounts of more than 50 million users compromised
Use of 3rd Party Social Media Connection
3rd-party Company Facebook
Date September
Data Breached Sensitive information about MPs, journalist and conference attendees, including personal mobile numbers
Use of 3rd Party Conference App
3rd-party Company CrowdComms
Date September
Company Perth Mint
Data Breached Names, addresses, passport and bank account of 3200 customers
Use of 3rd Party Online depository
3rd-party Company Not disclosed
Date September
Data Breached Financial and personal details of 380,000 customers
Use of 3rd Party Website Javascript
3rd-party Company Still in investigation
Date September
Company Foosackly
Data Breached Unauthorized access to 165K customers’ payment card information
Use of 3rd Party Cash register system
3rd-party Company Not disclosed
Date September
Data Breached Names, employee IDs, physician’s name of hundreds of employees and retirees
Use of 3rd Party Fitness vendor
3rd-party Company Health Fitness Corp
Date September
Data Breached payment card data from customers of hundreds of e-commerce websites may have been stolen due to the compromise of the cloud service firm Feedify
Use of 3rd Party Cloud service provider
3rd-party Company Feedify
Date September
Data Breached Teachers’ emails, usernames and passwords were exposed
Use of 3rd Party Instructional tool
3rd-party Company Edmodo
Date September
Data Breached Names, their BCBSRI ID numbers, service providers, types of service provided and costs of claims for 1.5K customers
Use of 3rd Party Responsible for sending members’ benefits explanations
3rd-party Company Not disclosed
Date September
Company Wegmans
Data Breached cost the grocery chain over $900,000
Use of 3rd Party Seafood supplier
3rd-party Company Invermar
Date August
Data Breached 7GB cache of data exposed with medical information for employees of 181 business locations and social security numbers for nearly 3000 individuals
Use of 3rd Party Back-up pharmacy services
3rd-party Company MedCall Healthcare Advisers
Date August
Company Mention
Data Breached Data at risk of exposure includes names and email addresses, account profile info (plan value, # of alerts and mentions)
Use of 3rd Party Marketing
3rd-party Company Not disclosed
Date August
Data Breached The personal data of 2M patients was left exposed online
Use of 3rd Party Telemedicine company
3rd-party Company Hova Health
Date August
Company GoDaddy
Data Breached Sensitive data on 31,000 GoDaddy servers exposed online
Use of 3rd Party Cloud data storage
3rd-party Company Amazon S3 Bucket
Date August
Data Breached Unknown amount of data
Use of 3rd Party Remote support
3rd-party Company Remote support solution provider
Date August
Company Air Canada
Data Breached Profile data, including names, email addresses and phone numbers, passport info, NEXUS numbers, dates of birth,etc.
Use of 3rd Party Mobile app
3rd-party Company Not disclosed
Date August
Data Breached Customer’s email address, phone number and full bank account number and alert details
Use of 3rd Party Website providers
3rd-party Company Fiserv
Date June
Company TicketMaster
Data Breached 40K UK citizens’ info
Use of 3rd Party Website application
3rd-party Company Inbenta
Date June
Company Reddit
Data Breached Access data: email addresses of current Reddit users and a 2007 database
Use of 3rd Party SMS login system
3rd-party Company Not disclosed
Date June
Data Breached Passwords, usernames, contact info of millions
Use of 3rd Party Online Survey Tool
3rd-party Company Typeform
Date June
Data Breached Over 10K individuals’ names, credit card numbers, card expiration dates and security codes
Use of 3rd Party Online payment system
3rd-party Company Click2Gov
Date June
Data Breached Any data submitted in the course of recruitment
Use of 3rd Party Online recruitment services
3rd-party Company PageUp
Date June
Company Klook
Data Breached Personal data and credit card info of undisclosed number of customers
Use of 3rd Party Web-based analytics tool
3rd-party Company SOCIAPlus
Date June
Data Breached Personal information of hundreds of patients
Use of 3rd Party Transcription services
3rd-party Company Nuance Communications
Date June
Data Breached No indication that any personal information was been accessed or viewed
Use of 3rd Party Website hosting
3rd-party Company Not disclosed
Date May
Data Breached 5,6K customer info (PII)
Use of 3rd Party Domain registiration, agent for service of process for clients
3rd-party Company Corporation Service Company
Date May
Data Breached Internal FTP credentials, AWS Secret Keys/Passwords, the internal and SQL root password
Use of 3rd Party Cloud data storage contractor
3rd-party Company Agilisium
Date May
Data Breached Credit card data belonging to an undisclosed number of customers
Use of 3rd Party Point-of-sale system
3rd-party Company Not disclosed
Date April
Data Breached Hundreds of thousands of customer data (per company)
Use of 3rd Party Online chat application
3rd-party Company Not disclosed
Date February
Data Breached 19K patients’ records
Use of 3rd Party Transcription services
3rd-party Company Not disclosed
Date February
Company Applebee’s
Data Breached Credit card information from unknowing diners at more than 160 Applebee’s restaurants
Use of 3rd Party Point-of-sale system
3rd-party Company Not disclosed
Date January
Company Western Union
Data Breached Undisclosed # of customers’ contact info, bank names, WU internal ID numbers, transaction amounts, times and ID numbers
Use of 3rd Party Cloud-based or off-site backup storage provider
3rd-party Company Not disclosed
Date January
Company Reddit
Data Breached No access to Reddit’s systems or to any Redditors’ email accounts
Use of 3rd Party Third-party software vendor to send account emails (e.g., reset password e-mails)
3rd-party Company Mailgun

2017 Data Leaks

Data Leaks for 2017
Date
Company
Data Breached
Use of 3rd Party
3rd-party Company
Date November
Company Forever 21
Data Breached Credit card data belonging to an undisclosed number of customers
Use of 3rd Party Point-of-sale system
3rd-party Company Not disclosed
Date October
Data Breached Thousands of customer names and e-mails
Use of 3rd Party Management of an online rating system
3rd-party Company A former supplier
Date October
Data Breached Credit card data belonging to an undisclosed number of customers at 41 hotels
Use of 3rd Party Point-of-sale system
3rd-party Company Not disclosed
Date October
Company Uber
Data Breached Confidential information of 57M Uber users (names, driver licence #, etc)
Use of 3rd Party Coding site used by Uber engineers
3rd-party Company GitHub
Date September
Data Breached Unknown
Use of 3rd Party Computer cleaner/ad removal tool
3rd-party Company CCleaner
Date July
Company Equifax
Data Breached Personal info (SSNs, names, addresses) of 143M consumers
Use of 3rd Party 3rd party tool to build web applications
3rd-party Company Not disclosed
Date July
Company Verizon
Data Breached 14M customer data including account and personal info
Use of 3rd Party Providing customer service analytics
3rd-party Company NICE Systems
Date July
Data Breached Credit card data belonging to an undisclosed number of customers at 11 hotels
Use of 3rd Party Travel services (reservation)
3rd-party Company Sabre Corp. (SynXis)
Date July
Data Breached Unknown
Use of 3rd Party Server management software
3rd-party Company NetSarang
Date June
Data Breached Personal info 200M voters
Use of 3rd Party Marketing
3rd-party Company Deep Root
Date June
Data Breached Unknown (lost of hundreds of million dollars to ransonware)
Use of 3rd Party Accounting software
3rd-party Company MeDoc
Date May
Data Breached Tens of thousands (possibly up to millions) of patient records
Use of 3rd Party Management of record backups
3rd-party Company iHealth Innovations
Date May
Data Breached Unknown
Use of 3rd Party Open source video transcoder
3rd-party Company Handbrake
Date March
Company Brand New Day
Data Breached 14K patient info
Use of 3rd Party A vendor system used by a contracted provider
3rd-party Company Not disclosed
Date February
Data Breached 14K patients’ sensitive info (name, address, SSNs, birth dates, medical info)
Use of 3rd Party Server containing its electronic health records database
3rd-party Company Not disclosed

2015 Data Leaks

Data Leaks for 2015
Date
Company
Data Breached
Use of 3rd Party
3rd-party Company
Date September
Company T-Mobile
Data Breached 15M customer records (SSNs, birth dates, driver licence #, etc)
Use of 3rd Party Customer credit assessment
3rd-party Company Experian
Date September
Data Breached Customers’ credit card and personal info
Use of 3rd Party Online photo order and print
3rd-party Company PNI Digital Media

2014 Data Leaks

Data Leaks for 2014
Date
Company
Data Breached
Use of 3rd Party
3rd-party Company
Date October
Data Breached Contact info for 76M households and 7M small business
Use of 3rd Party Management of its Corporate Challenge Race Registration
3rd-party Company Not disclosed
Date July
Company Lowe’s
Data Breached Current and former drivers’ records (SSNs, birth dates, driver licence #, etc)
Use of 3rd Party Online database to store driver info
3rd-party Company SafetyFirst – E-Driver File
Date April
Data Breached Records about 15K patients posted withoout authentication
Use of 3rd Party Transcription services
3rd-party Company MDF Transcription Services

2013 Data Leaks

Data Leaks for 2013
Date
Company
Data Breached
Use of 3rd Party
3rd-party Company
Date November
Company Target
Data Breached Data of 70M customers and 40M credit/debit card
Use of 3rd Party Heating, ventilaion, and air conditioning (HVAC)
3rd-party Company Fazio Mechanical Services
Date July
Data Breached Personal Info of 100K individuals and 1000s of clients
Use of 3rd Party Web server hosting
3rd-party Company Not disclosed