2019 Breaches
Unauthorized Employee Email Access Led to Mental Health Center Breach
Who: The Kentucky Counseling Center # of Records: 16,400 When it occurred: December 6, 2018 What Happened: A staff member took the list without authorization from our computer system and used an anonymous Internet file sharing service to email the list How it...
Third Party Storage of Swedish Medical Hotline Calls Breached
Who: Swedish National Health Service # of Records: 2.7 Million When it occurred: Dating back to 2013 What Happened: An estimated 2.7 million medical hotline phone calls were discovered to have been left open by an unprotected NAS (network attached storage) system and...
Crypto Brokerage Breached in Massive Data Hack
Who: Coinmama # of Records: 450,000 Users When it occurred: Prior to August 15, 2017 What Happened: Email addresses and hashed passwords” of users who registered on its platform before Aug. 5, 2017, have been posted on a dark web How it Happened: The breach is...
Unauthorized Access to Email leads to PHI Exposure at EyeSouth
Who: Georgia Eye Associates,EyeSouth Partners # of Records: 24.000 patients When it occurred: September 11, 2018, and October 25, 2018 What Happened: Unknown individual had access to one EyeSouth employee email account. How it Happened: EyeSouth determined that the...
Pharmacy Chain hit with POS Malware
Who: Pharmaca # of Records: 150,000 payment cards When it occurred: July 19, 2018, and December 12, 2018 What Happened: Malware may have captured customer payment card info in 13 locations in 5 states. How it Happened: After receiving reports of fraud related to a...
Tech Support Scam Ensnares California CPA Firm
Who: Martin Hutchison & Hohman # of Accounts Breached: None/Unknown What was affected: Tax returns, personal data. When it happened: February 15, 2019 How it happened: On Friday, February 15, 2019, while trying to resolve an email failure with our email host,...
Hack of VFEmail Results in Catastrophic Loss
Who:VFEmail # of Accounts Breached: All customers/subscribers What was affected: All the data was destroyed, on both the main and the backup systems. When it happened: February 11, 2019 How it happened: The U.S. servers of privacy-focused e-mail provider VFEmail were...
2 Hackers Arrested for Breaching 20+ Websites
Who: 20 Websites - various educational and business websites # of Accounts Breached: 20 Websites What happened: 2 Student Hackers Arrested When it happened: Between December 2018 and January 2019 How it happened: Police arrested Bashir from Gopalganj on Thursday and...
A Glitch in an Indian Railway Website allowed unlimited login attempts
Who: Indian Railways Catering & Tourism Corporation (IRCTC) When did it happen: February 24, 2019 What was affected: OTP - One TIme Password. Bookings of customers How it happened: A glitch in IRCTC's website allows users the innumerable attempts to log in to the...
POS Vendor Experiences Malware Hack at Multiple Business Locations
Who: North Country Business Products, Inc. Includes dozens of metro Dunn Brothers locations, Chino Latino, Sebastian Joe's, Stony Point Resort, Pittsburgh Blue, and more Minnesota businesses. # of Records: Undetermined When it occurred: Jan. 3 and Jan. 24, 2019 What...
Kansas City Anesthesiologist Employee Loses Patient Surgery Schedules
Who: Anesthesia Associates of Kansas City # of Records exposed: 3,472 Patients When it occurred: December 14, 2018 What happened: Paperwork containing patient schedules and information has been stolen from an employee How did it happen: The employee had left a bag...
Large Unprotected Database of Personal Information found in Delhi, India
Who: Indian Data Base # of Records: 458,388 When it occurred: What happened: A large Indian database of personal information was left unattended and unprotected in Delhi, India. How did it happen: A 4.1 GB MongoDB database that appeared to be the property of...
Brute Force Attack on School District Leaves Student Data Unreadable
Who: Mount Zion School District # of Records: None lost — just made unreadable When it Occurred: February 4, 2019 What Happened: Foreign hackers targeted the Mount Zion schools computer system in an attack that resulted in 19 days' worth of grades being wiped out...
IT Firm says 200 Vermont Municipalities at Risk by Legacy Software
Who: 200 Vermont municipalities and the Vermont Tax Department # of Accounts Breached: None What was happened: New England Municipal Resource Center, or NEMRC, is legacy software that cities and towns use for managing functions such as utility bills, tax bills, land...
Restaurant Using Third-Party Point of Sale System Compromised by Malware
Who: Truluck's Seafood, Steak & Crab House # of Accounts Breached: Undetermined What happened: Malicious malware that had the ability to capture credit or debit card information was inserted into the point of sale systems at the restaurants allowing customers...