2019 Breaches
Private Colleges Admission Files Breached
Who: Oberlin College, Grinnell College, Hamilton College # of Accounts Breached: What was affected: Admissions database When it happened: March 2019 How it happened: The mysterious sender offered the student a chance to see his file, including comments by admissions...
Michigan Health Alliance Crippled by Ransomware
Who: Health Alliance Plan # of Accounts Breached: More than 120,000 What was affected: Customers' names, addresses, dates of birth, member identification numbers, health care provider names, patient identification numbers and claim information, such as the service...
Serious Flaw in Communication App Exposes Data of 5 Million
Who: Dalil # of Accounts Breached: More than 5 million users What was affected: Personal Information by Users. The app collects users’: Cell phone number, IP address (internal and external where applicable)Device model, token, serial number, and operating system, IMEI...
PII from Accounting Firm Released Due to Un-redacted Recycling
Who: Professional Tax & Accounting What was affected: Tax documents. Personal information. When it happened: March 18, 2019 How it happened: When employees came to work at a Marshall County recycling center, they found boxes of documents that included people's...
Ransomware Encrypts UK Police Union Data
Who: Hampshire’s Police Federation # of Accounts Breached: Nearly 120,000 officers. What was affected: A number of databases. When it happened: March 21, 2019 How it happened: At approximately 2.45pm on 21 March 2019, the Police Federation of England and Wales (PFEW)...
Fired Employee Retaliates by Deleting AWS Servers of Former Employer
Who: Voova # of Accounts Breached: What was affected: Employer’s Amazon Web Services (AWS) accounts and 23 servers. When it happened: 22 Mar 2019 How it happened: An employee-from-hell has been jailed after he got fired (after a measly four weeks), ripped off a...
Florida Police Sergeant Data -Mined Police Database for Dates
Who: Bradenton Police Database # of Accounts Breached: Over 150 records What was affected: Personal information When it happened: 2011-2018 How it happened: Former Bradenton police sergeant Leonel Marines was suspended for three days without pay in 2012, after the...
International CyberCriminals to Blame for Breach of Citrix internal network
Who: Citrix # of Accounts Breached: What was affected: Business documents When it happened: March 6, 2019 How it happened: "On March 6, 2019, the FBI contacted Citrix to advise they had reason to believe that international cybercriminals gained access to the internal...
Data Breach At Third Party Medical Billing Company Exposes Rehab Patients
Who: Mary Free Bed Rehabilitation Hospital # of Accounts Breached: 4,755 What was affected: Private information of patients. When it happened: Around September 25, 2018 How it happened: An unauthorized party got access to the company’s computer system and infected it...
Phishing Attack on Frederick Regional Health System (FRHS) Compromises Hospice Patients
Who: Frederick Regional Health System # of Accounts Breached: What was affected: Patient names, health care companies, health care numbers and Social Security numbers When it happened: Between June 2017 to January 2019 How it happened: An unauthorized person accessed...
Warehousing and Logistics Company Hit With Ransomware
Who: Container World # of Accounts Breached: What was affected: Ransom-seeking cybercriminals successfully breached systems at Container World, a warehousing and logistics company that supplies much of province’s specialty liquor products When it happened: February...
Senior Center Fundraising Thwarted When Data on Servers is Held Ransom
Who: Ballard Northwest Senior Center # of Accounts Breached: The nonprofit center serves 4,000 seniors in Ballard, Magnolia, and Queen Anne, and raises much of the money for all its activities and services itself. What was affected: Servers of the senior center. When...
ING Bank Unlawfully Transmits Data to Third Party
Who: ING Bank # of Accounts Breached: Almost 20,000 people What was affected: IDs and names of 19,055 individuals and credit reports, address information and phone number of 1,172 sole proprietorships and partnership companies When it happened: March 2, 2019 How it...
GDPR Data Disclosures Hit Gateshead Council
Who: Gateshead Council # of Accounts Breached: 19 breaches What was affected: Private information including personal medical details When it happened: May 2018 - March 2019 How it happened: A council has admitted a series of data breaches, including uploading personal...
Stolen Employee Laptop exposes Patients e-PHI Due to Unencrypted data
Who: Re-Solutions, a division of RSC Insurance Brokerage # of Accounts Breached: 2,088 What was affected: A laptop computer of an employee was stolen on August 23, 2018, and has been found to contain patients’ ePHI When it happened: August 23, 2018 How it happened: On...