2019 Breaches
Website Vulnerability Allows Open Access to Medical Records
Who: University of Washington Medicine # of Accounts Breached: 974,000 When it Occurred: Dec. 4, 2018 What Happened: A vulnerability on a website server that made protected internal files available and visible by a search on the internet How it happened: UW Medicine...
Good Backups Save Eye Clinic from falling victim to Ransomware Attack
Who: Dr. DeLuca & Dr. Marciano Eye # of Accounts Breached: 23, 578 patients When it happened: November 29, 2018 What Happened: Ransomware Attack How it happened: Twenty-five of the clinic's computer monitors went unresponsive the morning of Nov. 29 due to a...
Bank Security Chief Exploits ATM Flaw to Steal 1 Million US from Employer
Who: Huaxia Bank # of Records: Undetermined - Over 7 million Yuan When it occurred: November 2016 until January 2018 What Happened: Chinese bank’s software chief was jailed after finding way to withdraw US $1m in ‘free’ cash from ATMs How it Happened: 43-year-old Qin...
Improper Data Security Allowed Viewing of Private Messages from Gay Dating App
Who: Online Buddies Jack’d App # of Records: Undetermined >>> User base of 1 Million When it occurred: Open for over a year — Closed February 7, 2019 What Happened: Jack'd, a "gay dating and chat" application failed to adequately secure their S3 data stores...
Convincing Phishing Email led to PII Exposure at Valley Health Care
Who: Valley Professionals Health Care # of Records: 12,000 Patients When it occurred: October 26 to November 27, 2018 What Happened: A data breach affected all seven of its health care locations, including their mobile site. Additionally, personal information from...
Mississippi Hospital falls victim to Phishing Email
Who: Gulfport Memorial Hospital # of Records: 30,000 Patients When it occurred: December 6, 2018 What Happened: Email phishing incident How it Happened: An unauthorized third party gained access to an employee’s email account giving them access to patients names,...
Stolen Data from Ontario HealthCare Provider being held Ransom
Who: CarePartners # of Records: 80,000 Patients When it occurred: Breach happened in June 2018 — Extortion request February 4, 2019 What Happened: Hackers are attempting to extort the Ontario-based Care Partners provider for about $18,000 (5 bitcoins) to prevent the...
Banks Cut Ties After Australian Title Valuation Company Breached
Who: LandMark White # of Records: 100,000 customers When it occurred: January 23, 2019 What Happened: A massive data breach at valuation company LandMark White How it Happened: In a complex attack on LandMark White, 100,000 customers had personal information including...
UK Labour Party Databases Locked Down After Unauthorized Access
Who: Breakaway MPs accused of making off with Labour Party data without Authorization # of Records: Undetermined When it Occurred: February 21, 2019 What Happened: The Labour party learned of a number of attempts to access personal data by individuals who are not, or...
Software Error Allows Students Access Medical Records
Who: Amsterdam’s OLVG Hospital Group # of Records: Undetermined When it occurred: February 15, 2019 What Happened: A mistake in the software meant that all students were able to access confidential files because they were supposed to be able to work anywhere within...
Error in Processing Allows Improper forms to be Mailed Out
Who: Ohio Department of Commerce # of Records: 9,000 When it occurred: February 15, 2019 What Happened: Approximately 9,000 consumers were mailed forms that were inaccurate How it Happened: A processing error allowed the state to mailed forms to those who qualify for...
Employee On-Trial after Stealing Personal Data from Chinese Housing Company
Who: Ziroom # of Records: 800,000 When it occurred: February 20, 2019 What Happened: The personal information were discovered on a laptop, iPhone, and USB drive seized by authorities. The accused was identified only by her last name, Li. She joined the company in...
TX School District IT System held Ransom
Who: Crosby Independent School District, Tx # of Records: Records held Ransom When it occurred: February 4, 2019 What Happened: A ransomware virus has infiltrated the district’s IT system. How it Happened: The district’s IT Department discovered the ransomware virus...
Data Science Learning Site Breached by Third Party
Who: DataCamp # of Records: 700,000 accounts When it occurred: February 11, 2019 What Happened: User data was exposed by a third party who gained criminal unauthorized access to one of our systems. How it Happened: The details of user data affected in the breach....
POS Malware Responsible for Popular Breakfast Chain Breach
Who: Huddle House # of Records: 300,000 customers When it occurred: On or after August 2017 until February 1, 2019 What Happened: Some of their 350 franchisee-operated restaurants experienced a payment card breach. How it Happened: Criminals compromised a third-party...