Win 25 Macintosh and Apple computers or a ZERO SR Electric Motorcycle Click to Enter

Popular Companies Data Breach List

YEAR-2018

YEAR
COMPANY NAME
AFFECTED
SUMMARY
Jun-18
Wells FargoWells Fargo
500000

"A Bressler, Amery & Ross lawyer representing Wells Fargo, responding to a third party subpoena in a case between two financial advisors, produced documents without redaction or confidentiality designations that revealed "billions of dollars of client account information, from residents of numerous states and possibly Europe."

Jun-18
Canada BellCanada Bell
1.9 Million

"The illegally accessed information contains approximately 1.9 million active email addresses and approximately 1,700 names and active phone numbers."

Jun-18
EdmodoEdmodo
77 Million

"Details of 77 million students, teachers and parents are thought to be up for sale on the web."

Jun-18
ZomatoZomato
.17 Million

"Food and restaurant search engine Zomato's database has suffered a security breach, with the user records of up to 17 million people having been stolen."

18-June
MyHeritage MyHeritage
92 Million

"The company learned about the breach on June 4, 2018, after an unnamed security researcher discovered a database file named "myheritage" on a private server located outside of the company, and shared it with MyHeritage team. After analyzing the file, the company found that the database, which included the email addresses and hashed passwords of nearly 92.3 million users, are of those customers who signed up for the MyHeritage website before October 27, 2017."

June-18
TicketflyTicketfly
26 Million

"The San Francisco firm's parent company, Eventbrite, said Sunday that the stolen information included customers' names, addresses, emails and phone numbers. It hasn't disclosed other details, but a website that tracks data breaches says the hack affected more than 26 million user accounts."

May-18
Bank of Montreal / Simplii FinancialBank of Montreal / Simplii Financial
90000

"On Sunday, May 27, fraudsters contacted BMO claiming that they were in possession of certain personal and financial information for a limited number of customers. We believe they originated the attack from outside the country. We took steps immediately when the incident occurred and we are confident that exposures identified related to customer data have been closed off. We have notified and are working with relevant authorities as we continue to assess the situation."

May-18
TD Ameritrade / ScottradeTD Ameritrade / Scottrade
20000

"U.S. discount brokerage firm Scottrade has confirmed that a third-party data breach inadvertently exposed 20,000 of its customers' non-public information."

May-18
Wonga.comWonga.com
270000

"Payday loans company Wonga has suffered a data breach that could affect up to 270,000 customers."

May-18
FAFSA ToolkitFAFSA Toolkit
100000

"Nearly 100,000 taxpayers may have had their personal information compromised by a security breach of an Internal Revenue Service tool that makes it easier to fill out the Free Application for Federal Student Aid, the Fafsa."

Apr-18
Emory HealthcareEmory Healthcare
80000

"Emory Healthcare: Nearly 80,000 patients were potentially impacted by a recent data breach at Georgia-based Emory Clinic."

Apr-18
JoblinkDun & Bradstreet
4.8 Million

"A malicious hacker breached the site, and the breach could impact as many as 4.8 million accounts across the ten states."

Apr-18
Dun & BradstreetDun & Bradstreet
33.6 Million

"A Dun & Bradstreet 52GB database containing about 33.6 million records with very specific details about each of the people involved from job title to email address has been exposed."

Apr-18
WishboneWishbone
2 Million

"The company became aware of the data swipe on March 14. The info may contain more than 2 million email addresses, among other things."

Apr-18
Saks Fifth Ave / Lord and TaylorSaks Fifth Ave / Lord and Taylor
5 Million

"A well-known ring of cybercriminals has obtained more than five million credit and debit card numbers from customers of Saks Fifth Avenue and Lord & Taylor, according to a cybersecurity research firm that specializes in tracking stolen financial data. The data, the firm said, appears to have been stolen using software that was implanted into the cash register systems at the stores and that siphoned card numbers until last month."

March-18
Under Armour (via MyFitnessPal )Under Armour (via MyFitnessPal )
150 Million

"US sportswear brand Under Armour said user names, email addresses and scrambled passwords were among the stolen data. However, payment card data was not affected. It urged customers to change their passwords immediately."

March-18
OrbitzOrbitz
800000

"According to Expedia, information that was likely accessed could include the customer's full name, payment card information, date of birth, phone number, email address, physical and/or billing address and gender."

Mar-18
Arby's Fast Food CompanyArby's Fast Food Company
355000

"Hackers gained credit card information for as many as 355,000 customers through POS malware. Arby's says customers should check their accounts for any unauthorized purchases and report to their bank any such instances."

Mar-18
Coachella Valley Music and Arts FestivalCoachella
950000

"An unidentified hacker calling himself Berkut is selling more than 950,000 user accounts for the Coachella music festival, including email addresses, user names and hashed passwords."

Feb-18
ESEA Sports NetworkESEA Sports Network
1.5 Million

"More than 1.5m users of e-sports network ESEA have been affected by a major leak after owners refused to pay a $50,000 ransom demand."

Feb-18
Hardware ZoneHardware Zone
685000

"The hacker used the compromised credentials to impersonate the senior moderator to retrieve user profile data which comprised name, email address and user ID, and possible optional data fields," said SPH Magazines. "

Feb-18
SnapchatSnapchat
50000

"According to a person familiar with the matter, the attack relied on a link sent to users through a compromised account that, when clicked, opened a website designed to mimic the Snapchat login screen."

Jan-18
Unique Identification Authority of India (UIDAI)Unique Identification Authority of India (UIDAI)
1 Billion +

"The personal information of more than a billion Indians stored in the world's largest biometric database can be bought online for less than £6, according to an investigation by Indian Chandigarh-based Tribune newspaper. The reported breach is the latest in a series of alleged leaks from the Aadhaar database, which has been collecting the photographs, thumbprints, retina scans and other identifying details of every Indian citizen."

Jan-18
United States NavyUnited States Navy
130000

"A data breach at the US Navy has exposed the social security numbers and names of more than 130,000 current and former sailors."

Jan-18
Quest DiagnosticsQuest Diagnostics
34000

"Protected health information of roughly 34,000 people who use Quest Diagnostics' online patient portal is now compromised."

YEAR-2017

YEAR
COMPANY NAME
AFFECTED
SUMMARY
Dec-17
Madison Square GardenMadison Square Garden
Undisclosed

"Anyone who purchased food, drink, or other merchandise at the company's properties between Nov. 9, 2015 and Oct. 24, 2016 may have had their payment card information filched."

Dec-17
EirEir
120000

"The company will contact 130,000 customers to advise them to reset their modems, and have said that at least 2,000 devices were breached. "

Dec-17
Daily MotionDaily Motion
85 Million

"Over 85 million Dailymotion users' email addresses, usernames and passwords have reportedly been hacked by an unknown hacker. Dailymotion is like France's YouTube."

Dec-17
Ai.typeAi.type
31 Million

"Personal data belonging to over 31 million customers of a popular virtual keyboard app has leaked online, after the app's developer failed to secure the database's server."

Nov-17
UberUber
57 Million

"Hackers stole the personal data of 57 million customers and drivers from Uber Technologies Inc., a massive breach that the company concealed for more than a year. This week, the ride-hailing firm ousted its chief security officer and one of his deputies for their roles in keeping the hack under wraps, which included a $100,000 payment to the attackers."

Nov-17
Michigan State UniversityMichigan State University
400000

"Michigan State University has experienced a data breach, which it said took place on November 13th. Their database includes 400,000 people's information."

Nov-17
HUDHUD
425000

"Two separate data incidents, one of which exposed the personal information of more than 425,000 public housing residents."

Nov-17
AU Red CrossAU Red Cross
1.3 Million

"1.3 million Red Cross blood donors were leaked online in the form of a single database file. 550,000 of the donors were identified as unique."

Oct-17
WeeblyWeebly
43.4 Million

"Web hosting service Weebly has confirmed a major data breach from February 2016 that affected 43.4 million users."

Oct-17
Modern Business SolutionsModern Business Solutions
Undisclosed

"Allegedly, a hacker scanning for unsecured databases was able to compromise at least 58.8 million records, possibly as many as 258 million."

Sep-17
InstagramInstagram
6 Million

"A hack believed to target only celebrity accounts on Instagram has also accessed millions of users' private data."

Sep-17
EquifaxEquifax
143 Million

"The breach lasted from mid-May through July. The hackers accessed people's names, Social Security numbers, birth dates, addresses and, in some instances, driver's license numbers, and passports. They also stole credit card numbers for about 209,000 people and dispute documents with personal identifying information for about 182,000 people. And they grabbed personal information of people in the UK and Canada too."

Sep-17
Taringa!Taringa!
28 Million

"Taringa, a Reddit-like social network website for Latin American users, has suffered a massive data breach in which 28 million accounts of registered users have been stolen."

Sep-17
ClixsenseClixsense
6.6 Million

"More than 2.2 Million people have already had their personal and sensitive data posted to PasteBin. The hackers who dumped the data has put another 4.4 Million accounts up for sale."

Sep-17
Eddie BauerEddie Bauer
Undisclosed

"Credit and debit cards used at 350+ North American stores during the first six months of 2016 may have been compromised."

Sep-17
MinecraftMinecraft
6 Million

"For each user, the data included a username, a hashed password, the registration and last login dates, and a user ID. For the vast majority of users, but not for all, there was also an email address associated with their account."

Sep-17
Bon SecoursBon Secours
650000

"Personal information of patients was left exposed on the internet for four days."

Aug-17
OperaOpera
1.7 Million

"The company said it detected and then quickly blocked an attack last week, but some data, including some sync users' passwords and account information, such as login names, may have been compromised."

Aug-17
Athens OrthopedicAthens Orthopedic
300000

"Confirmed that a hacker had gained access to our electronic medical records system earlier in the month, using the log-in credentials of a third-party vendor."

Aug-17
SteamSteam
9 Million

"A known vulnerability found in older vBulletin discussion board software program, which powers the site's community, allowed the hacker to gain access to the databases."

Aug-17
UbuntuUbuntu
2 Million

"The breach was a result of known SQL injection vulnerability in the Forumrunner add-on on the forum, which Canonical had neglected to patch."

Aug-17
YahooYahoo
200 Million

"2012 Data breach finally comes to public light 4 years after the fact."

Aug-17
WarframeWarframe
800000

"Warframe is available on PC, Playstation 4 and Xbox One, and is consistently in thetop 20 played games on Steam. Company confirmed that a list of 775,749 email addresses was acquired through a Drupal SQL exploit."

Aug-17
Election Systems & Software (ES&S) Election Systems & Software (ES&S)
1.8 Million

"But hackers given access to an ExpressPoll-5000 electronic poll book—the kind of device used to check in voters on Election Day—have discovered the personal records of 654,517 people who voted in Shelby Country, Tennessee."

Aug-17
UnicreditUnicredit
400000

"UniCredit, Italy's largest bank, has admitted that it suffered two data breaches in the past year, affecting 400,000 customers in total."

Aug-17
TCM BankTCM Bank
10,000

"Credit card applicants between March 2017 and July 2018 may have their names, addresses, dates of birth as well as Social Security numbers exposed due to a website misconfiguration, leaving thousands of people at risk."

Aug-17
RedditReddit
Users from 2007 database backup

“A hacker gained access to several employee accounts, accessing credentials, email addresses, and all content such as private messages.”

Jul-17
UnityPoint HealthUnityPoint Health
1.4 Million

“A phish email tricked some of UnityPoint employees into providing their confidential sign-in information which allowed attackers access to data such as addresses, birth dates, medical records, medications, etc. affecting 1.4 million patients.”

Jul-17
Boys Town National Research HospitalBoys Town National Research Hospital
105,309

“The largest ever reported breach by a pediatric care provider or children’s hospital affected 105,309 individuals, employees and patients, stole personal information such as names, birth dates, social security numbers, medical records, among other data.”

Jul-17
ComplyRightComplyRight
662,000

"Cloud-based HR and tax service company, ComplyRight, was impacted by a security breach that jeopardized sensitive consumer information such as names, addresses, phone numbers, email addresses and Social Security numbers."

Jul-17
TicketmasterTicketmaster
40,000

"About 40,000 UK customers were directly involved in the massive credit card skimming operation from e-commerce sites said to be affected by third-party companies and later altered by hackers."

Jul-17
TimehopeTimehope
21 Million

"Unknown attackers managed to break into Timehop's Cloud Computing Environment and access the data of entire 21 million users -- including their names, email addresses, and phone numbers attached to accounts."

Jul-17
BadooBadoo
127 Million

"User accounts for dating site Badoo are being traded in the digital underground, including email address, cracked passwords, names, and dates of birth."

Jul-17
Kansas Department of Commerce Kansas Department of Commerce
5 Million

"The Kansas News Service obtained information through a public records request that revealed that roughly 5.5 million Social Security numbers from individuals in 10 states were accessed in the data breach in March."

Jul-17
Verizon (Via partner Upguard)Verizon (Via partner Upguard)
14 Million

"UpGuard's Cyber Risk Team can now report that a misconfigured cloud-based file repository exposed the names, addresses, account details, and account personal identification numbers (PINs) of as many as 14 million US customers of telecommunications carrier Verizon, per analysis of the average number of accounts exposed per day in the sample that was downloaded. The cloud server was owned and operated by telephonic software and data firm NICE Systems, a third-party vendor for Verizon."

Jul-17
ImeshImesh
51 Million

"Although the company is no longer around, the data dump included 51 million username/password combos, reconfirming the need for unique and strong passwords."

Jul-17
Vertical ScopeVertical Scope
45 Million

"Stolen database contains close to 45 million records from 1,100 websites and forums."

Jul-17
MongoDMMongoDM
36 Million

"More than 36 million accounts/records of internal data from several vulnerable networks."

Jun-17
NeopetsNeopets
70 Million

"Tens of millions of user accounts from virtual pets community Neopets have allegedly been hacked and traded on the criminal underground."

Jun-17
EquifaxEquifax
431000

"Thieves were able to access W-2 data merely by entering at Equifax's portal the employee's default PIN code, exposing 431,000 Kroger employees."

Jun-17
LinkedinLinkedin
117 Million

"A hacker is trying to sell the account information, including emails and passwords, of 117 million LinkedIn users. The hacker, who goes by the name "Peace," told Motherboard that the data was stolen during the LinkedIn breach of 2012."

Jun-17
MyspaceMyspace
360 Million

"Myspace may no longer be "hip," but this hacker thinks your stolen account data is still worth something online. A hacker known as Peace is trying to sell the passwords and emails of 360 million Myspace users for six bitcoin."

Jun-17
Time Warner CableTime Warner Cable
320,00

"Up to 320,000 Time Warner Cable customers may have had their email passwords stolen resulting from a variety of hacking methods, company officials confirmed."

YEAR-2016

YEAR
COMPANY NAME
AFFECTED
SUMMARY
Dec-16
EirEir
120,000

"The company will contact 130,000 customers to advise them to reset their modems, and have said that at least 2,000 devices were breached. "

Dec-16
Daily MotionDaily Motion
85 Million

"Over 85 million Dailymotion users' email addresses, usernames and passwords have reportedly been hacked by an unknown hacker. Dailymotion is like France's YouTube."

Dec-16
Madison Square GardenMadison Square Garden
Undisclosed

"Anyone who purchased food, drink, or other merchandise at the company’s properties between Nov. 9, 2015 and Oct. 24, 2016 may have had their payment card information filched."

Nov-16
Michigan State UniversityMichigan State University
400,000

 "Michigan State University has experienced a data breach, which it said took place on November 13th. Their database includes 400,000 people's information."

Nov-16
HUDHUD
425,000

"Two separate data incidents, one of which exposed the personal information of more than 425,000 public housing residents."

Nov-16
AU Red CrossAU Red Cross
1.3 Million

"1.3 million Red Cross blood donors were leaked online in the form of a single database file. 550,000 of the donors were identified as unique."

Oct-16
WeeblyWeebly
43.4 Million

 "Web hosting service Weebly has confirmed a major data breach from February 2016 that affected 43.4 million users."

Oct-16
Modern Business SolutionsModern Business Solutions
Undisclosed

"Allegedly, a hacker scanning for unsecured databases was able to compromise at least 58.8 million records, possibly as many as 258 million."

Sep-16
ClixsenseClixsense
6.6 Million

"More than 2.2 Million people have already had their personal and sensitive data posted to PasteBin. The hackers who dumped the data has put another 4.4 Million accounts up for sale."

Sep-16
Eddie BauerEddie Bauer
Undisclosed

"Credit and debit cards used at 350+ North American stores during the first six months of 2016 may have been compromised."

Sep-16
MinecraftMinecraft
6 Million

"For each user, the data included a username, a hashed password, the registration and last login dates, and a user ID. For the vast majority of users, but not for all, there was also an email address associated with their account."

Sep-16
Bon SecoursBon Secours
650,000

"Personal information of patients was left exposed on the internet for four days."

Aug-16
OperaOpera
1.7 Million

"The company said it detected and then quickly blocked an attack last week, but some data, including some sync users’ passwords and account information, such as login names, may have been compromised.”

Aug-16
Athens OrthopedicAthens Orthopedic
300,000

"Confirmed that a hacker had gained access to our electronic medical records system earlier in the month, using the log-in credentials of a third-party vendor."

Aug-16
SteamSteam
9 Million

"A known vulnerability found in older vBulletin discussion board software program, which powers the site’s community, allowed the hacker to gain access to the databases."

Aug-16
UbuntuUbuntu
2 Million

"The breach was a result of known SQL injection vulnerability in the Forumrunner add-on on the forum, which Canonical had neglected to patch."

Aug-16
YahooYahoo
200 Million

"2012 Data breach finally comes to public light 4 years after the fact."

Aug-16
WarframeWarframe
800,000

"Warframe is available on PC, Playstation 4 and Xbox One, and is consistently in thetop 20 played games on Steam. Company confirmed that a list of 775,749 email addresses was acquired through a Drupal SQL exploit."

Jul-16
BadooBadoo
127 Million

"User accounts for dating site Badoo are being traded in the digital underground, including email address, cracked passwords, names, and dates of birth."

Jul-16
iMeshiMesh
51 Million

"Although the company is no longer around, the data dump included 51 million username/password combos, reconfirming the need for unique and strong passwords."

Jul-16
Vertical ScopeVertical Scope
45 Million

"Stolen database contains close to 45 million records from 1,100 websites and forums."

Jul-16
MongoDMMongoDM
36 Million

"More than 36 million accounts/records of internal data from several vulnerable networks."

Jun-16
NeopetsNeopets
70 Million

"Tens of millions of user accounts from virtual pets community Neopets have allegedly been hacked and traded on the criminal underground."

Jun-16
EquifaxEquifax
431,000

"Thieves were able to access W-2 data merely by entering at Equifax’s portal the employee’s default PIN code, exposing 431,000 Kroger employees."

Jun-16
LinkedinLinkedin
117 Million

"A hacker is trying to sell the account information, including emails and passwords, of 117 million LinkedIn users. The hacker, who goes by the name “Peace,” told Motherboard that the data was stolen during the LinkedIn breach of 2012."

Jun-16
MyspaceMyspace
360 Million

"Myspace may no longer be “hip,” but this hacker thinks your stolen account data is still worth something online. A hacker known as Peace is trying to sell the passwords and emails of 360 million Myspace users for six bitcoin."

Jan-16
Time Warner CableTime Warner Cable
320,00

"Up to 320,000 Time Warner Cable customers may have had their email passwords stolen resulting from a variety of hacking methods, company officials confirmed."

YEAR-2015

Logo/Company Name
VICTIMS
SUMMARY
HyattHyatt
Undisclosed

"Hyatt said that it recently discovered malware on its payment-processing systems for Hyatt-managed locations. The company has since hired cybersecurity officials and strengthened the security of its system."

SanrioSanrio
3.3 Million

"The database houses 3.3 million accounts and has ties to a number of other Hello Kitty portals. The records exposed include first and last names, birthday, gender, country of origin, email addresses, unsalted SHA-1 password hashes, password hint questions, their corresponding answers, and other data points that appear to be website related."

MacKeeperMacKeeper
13 Million

"The makers of MacKeeper  have acknowledged a breach that exposed the usernames, passwords and other information on more than 13 million customers and users. It's database had been inadvertently exposed as a result of a server misconfiguration."

Elephant BarElephant Bar
Undisclosed

"The Elephant Bar restaurants warned customers who used credit cards at the 29-unit chain between August and December that their data may have been breached.Based upon an extensive forensic investigation, it appears that unauthorized individuals installed malicious software on POS systems."

VtechVtech
4.1-6.3 Million

"Personal information of about 6.4 million children was exposed in a recent data breach. That is in addition to records for 4.9 million adult customers VTech had previously said were affected by the breach."

Hilton WorldwideHilton Worldwide
Undisclosed

"Hilton Worldwide recently announced that it had discovered and removed malware designed to steal payment card information from restaurants, gift shops and other point-of-sale systems at some of its hotels. Hilton says it determined that the malware specifically targeted cardholder names, payment card numbers, security codes and expiration dates."

Georgia Voter Registry Georgia Voter Registry
6 Million

"Georgia Secretary of State Brian Kemp acknowledged Wednesday that his office last month illegally disclosed the Social Security numbers and other private information of more than 6 million registered voters. Kemp said the data went to 12 organizations who regularly subscribe to “voter lists” maintained by the state."

VBulletinVBulletin
480,000

"VBulletin Solutions has reset the passwords for over 300,000 accounts on its website following a security breach, and also released emergency security patches. The company's Internet forum software is used on tens of thousands of websites."

TalkTalkTalkTalk
156,959

"Talk Talk said the total number of customers affected by the attack in late October was 156,959, including 15,656 whose bank account numbers and sort codes were hacked.The company said 28,000 credit and debit card numbers, with some digits obscured, stolen by the hackers cannot be used for payment and customers cannot be identified from the data."

ScottradeScottrade
4.6 million

" The company announced on its website that hackers managed to access one of its servers in late 2013 and early 2014, stealing names and street addresses for 4.6 million of their clients. Other sensitive information, including email addresses and Social Security numbers, were also stored in the compromised system, but the company believes that this information has not been compromised."

T-Mobile --> ExperianT-Mobile --> Experian
15 million

"In T-Mobile's case, its credit application processor Experian was hacked, potentially exposing highly sensitive details of 15 Million people who applied for its service in the past two years. The stolen data includes home addresses, birth dates, driver's license number, passport number, military I.D. numbers and – most unfortunately – the Social Security numbers, among other information."

PatreonPatreon
2.3 million

"In a post published late Wednesday, Patreon CEO Jack Conte confirmed that the crowdfunding firm had been hacked and that the personal data of its users had been accessed.According to the company, no credit card or debit card numbers were stolen in the data breach, and also the already accessed, "all passwords, social security numbers, and tax form information" were properly encrypted. "

Excellus Blue Cross Blue ShieldExcellus Blue Cross Blue Shield
10.5 million

"The attackers gained access to the details of members, patients and other individuals Excellus does business with. According to the organization, the breach also impacts members of other Blue Cross Blue Shield plans who sought treatment in the 31 county upstate New York service area of Excellus BCBS. It is estimated that roughly 10..5 million individuals are affected."

Web.comWeb.com
93,000

"Domain registrar and web hosting firm Web.com said on Tuesday that hackers made away with credit card and personal information of roughly 93,000 of its customers after breaching a server operated by the company. Web.com said that it discovered the breach of one of its computer systems on August 13, 2015 through its ongoing security monitoring."

SterlingBackcheckSterlingBackcheck
100,000

Background check provider, SterlingBackcheck, recently began notifying 100,000 people that their names, birthdates and Social Security numbers may have been exposed when an unencrypted laptop was stolen from an employee's car on May 29, 2015, CBS46 News reports.

IRS
IRS
334,000

"The Internal Revenue Service (IRS) disclosed today that identity thieves abused a feature on the agency’s Web site to pull sensitive data on more than 330,000 potential victims as part of a scheme to file fraudulent tax refund requests. The new figure is far larger than the number of Americans the IRS said were potentially impacted when it first acknowledged the vulnerability in May 2015."

The Carphone WarehouseThe Carphone Warehouse
2.4 million

"Up to 2.4m Carphone Warehouse customers may have had their personal information and bank details compromised, after the mobile phone retailer said its systems had been breached by a sophisticated cyber attack. The attack hit the division of Carphone Warehouse that operates the websites OneStopPhoneShop.com, e2save.com and Mobiles.co.uk, and provides services to TalkTalk Mobile among others. As many as 90,000 customers may also have had their encrypted credit card details accessed by the hackers."

Ashley MadisonAshley Madison
37 million

Large caches of data stolen from online cheating site AshleyMadison.com have been posted online by an individual or group that claims to have completely compromised the company’s user databases, financial records and other proprietary information.

CVSPhoto.com, Costco Photo Center, Rite Aid PhotoCVSPhoto.com, Costco Photo Center, Rite Aid Photo
unknown

"Customer credit card information collected by the independent vendor who manages and hosts CVSPhoto.com may have been compromised,” CVS said in a statement that replaced the photo website’s normal homepage content. “As a precaution, as our investigation is underway we are temporarily shutting down access to online and related mobile photo services." *Same message appears on Costco & Rite Aid's websites.

UCLA HealthUCLA Health
4.5 million

The information compromised included names, dates of birth, Social Security numbers, Medicare and health plan identification numbers, patient diagnosis and procedures. It has been reported that UCLA did not take basic steps to encrypt the patient data.

Federal Government's OPM (Office of Personnel Management)Federal Government's OPM (Office of Personnel Management)
4.2 million - 1st Breach // 21.5 million - 2nd Breach

A massive cyber breach at the Office of Personnel Management may have exposed the personal and financial information of 21.5 million employees (or more), putting their credit and finances at risk.

Adult FriendFinderAdult FriendFinder
4 million

While there’s no concrete evidence that the payments information attached to the accounts were compromised, the online dating site Adult FriendFinder admitted that its database was breached — impacting an estimated 4 million members, according to multiple media reports. However, the scope of the breach hasn’t been fully discovered.

CareFirst Blue CrossCareFirst Blue Cross
1.1 million

Attackers gained access to names, birth dates, email addresses and insurance identification numbers. The company said the database did not include Social Security or credit card numbers, passwords or medical information. Nevertheless, CareFirst is offering credit monitoring and identity theft protection for two years.

Hard Rock Hotel & CasinoHard Rock Hotel & Casino
unknown

“This criminal attack was limited to credit or debit card transactions between September 3rd, 2014 and April 2nd, 2015 at restaurant, bar and retail locations at the Hard Rock Hotel Las Vegas property, including the Culinary Dropout Restaurant. The attack did not affect transactions at the hotel, casino, Nobu, Affliction, John Varvatos, Rocks, Hart & Huntington Tattoo or Reliquary Spa & Salon.”

Starbucks
Starbucks
unknown

Criminals are using Starbucks accounts to access consumers’ linked credit cards. Taking advantage of the Starbucks auto-reload function, they can steal hundreds of dollars in a matter of minutes. Because the crime is so simple, it can escalate quickly, and the consumer protections controlling the transaction are unclear. Starbucks denied the unauthorized activity was the result of a hack or intrusion into its servers or mobile applications.

Sally Beauty SupplySally Beauty Supply
unknown

Criminals used malware that is believed to have been effectively deployed on some of its point-of-sale systems at varying times between March 6th and April 17th, 2015. Accordingly, the payment card information of customers that used cards at affected U.S. Sally Beauty stores during this time may have been put at risk.

PremeraPremera
11 Million

Premera Blue Cross said it was hacked and now the private medical and financial data of up to 11 million customers may be exposed. The hackers were actually able to break into customers’ claims and view banking account numbers, Social Security numbers and birth dates, as well as sensitive clinical information.

Sacred HeartSacred Heart
14,000

One of the third-party vendors Sacred Heart Health System uses for its billing operations was recently hacked, compromising the health information of about 14,000 patients. Hackers used a phishing attack to gain access to the email account of an employee of the billing vendor. They were able to access patients’ names, dates of service, dates of birth, diagnoses and procedures, total charges, and physicians’ names. About 40 of the patients also had their Social Security numbers compromised.

SRI Inc.
SRI Inc.
9,000

Indiana-based SRI Incorporated – which conducts tax sales, deed sales and foreclosure sales relating to the recoupment of delinquent tax for local governments – is notifying roughly 9,000 individuals that their personal information may be at risk.

HMSA
HMSA
18,000

The HMSA website says users who received services from Anthem over the last 10 years could have had their information accessed. The information that may have been compromised includes names, dates of birth, cities of residence, and part of the membership number.

Anthem HealthcareAnthem Healthcare
98.6 Million

Anthem has updated the total, with non-customers included, and the amount of those affected could reach as high as 98.6 million. Uncertainty in the total is because 14 million of the records are incomplete, making it difficult for Anthem to link all of its members to the correct plans.

Morgan StanleyMorgan Stanley
350,000 Clients

Financial services firm Morgan Stanley publicly admitted on Jan. 5 2015 that it was the victim of an insider data breach.

USPS WorkersUSPS Workers
800,000

The USPS is victim of a cyber attack with Chinese hackers being suspected. Currently the FBI is investigating the breach and it appears that information obtained included names, dates of birth, Social Security numbers, addresses, and dates of employment. According to officials, all postal service employees were affected and they are not yet clear why their information was of interest to these hackers. They are not seeing any evidence of customer information being compromised.

YEAR-2014

Logo/Company Name
VICTIMS
SUMMARY
AliExpressAliExpress
7.7 million

Global threads bazaar AliExpress, an offshoot of global bazaar AliBaba, has patched a URL flaw that allowed attackers to harvest users’ personal details including names, shipping addresses and phone numbers. The insecure direct object reference vulnerability, reported by an unnamed researcher, affected 7.7 million logged-in users for AliExpress, the online retail wing of AliBaba that’s the most visited e-commerce site in Russia.

AT&TAT&T
280,000

The Federal Communications Commission (FCC) recently announced that AT&T has agreed to pay a $25 million fine for privacy violations related to a 2014 data breach that exposed almost 280,000 customers' names, full or partial Social Security numbers, and account-related data, including customer proprietary network information (CPNI).

UberUber
50,000

Uber said that on September 17, 2014, it discovered one of its databases could potentially have been accessed by a third party. After subsequent investigation, it learned that a one-time unauthorized access to an Uber database by a third-party occurred on May 13, 2014, & that the information of nearly 50,000 individuals (primarily taxi drivers employed by Uber) was compromised. The company disclosed that the files which were accessed only contained the names & driver’s license numbers of certain drivers.

Xbox Live Xbox Live
48 Million

Around 48 million Xbox subscribers were interrupted from their gaming. The motive of this hack is unclear.

Sony Pictures
Sony Pictures
47,000

Five Sony films, an early version of a script for the next James Bond movie, Spectre, Brad Pitt's Fury, and a whole host of Sony's private company information has apparently been exposed to the public, including bosses' salaries and employees' social security information.

Texas Health and Human ServicesTexas Health and Human Services
2 million

The Texas Health and Human Services department discovered a data breach, it appears by "chance", after terminating their relationship with Xerox Corporation. The information includes "Medicaid clients' names, birthdates, Medicaid numbers, and medical and billing records related to care provided through Medicaid, such as reports, diagnosis codes and photographs."

Korea Credit Bureau, NH Nonghyup Card, Lotte Card, KB Kookmin CardKorea Credit Bureau, NH Nonghyup Card, Lotte Card, KB Kookmin Card
104 million

Credit card details from almost half of all South Koreans have been stolen and sold to marketing firms. The data was stolen by a computer contractor working for a company called the Korea Credit Bureau that produces credit scores. Approximately 104 million credit card accounts were compromised following breaches at three credit card firms in South Korea. Originally, the BBC reported the breaches had affected 20 million cards.

StaplesStaples
1.2 million

"Staples that the investigation revealed that the hackers used malware that provided access to information for transactions at 115 of its stores. The hackers stole cardholder names, payment card numbers, expiration dates and card verification codes. The company is offering free identity theft protection services."

Barney & BarneyBarney & Barney
34,000

According to documents posted by financial news service Credit.com, the company has notified its customers that a pair of CDs containing the names, addresses, social security numbers and account numbers for users had gone missing.

Oregon Employment DepartmentOregon Employment Department
850,000

After reviewing 1.9 million records for people who have registered with the WorkSource Oregon Management Information System(WOMIS), state officials say they've identified 851,322 people whose information may have been compromised.

Chick-Fil-AChick-Fil-A
9,000

One financial institution that received an alert about a breach, said the bank had nearly 9,000 customer cards listed in that alert, and that the only common point-of-purchase were Chick-fil-A locations.

NaverNaver
25 Million

A 31yo was recently booked by the police for infiltrating the accounts of 25 million people on Naver, S. Korea's largest Web portal. According to the National Police Agency, the suspect, surnamed Seo, purchased the private information of 25 million people. Seo then used the data, which included the names, residential numbers, Internet IDs and passwords, to hack into Naver accounts. He sent spam messages and other illicit emails to the Naver account holders to rake in illegal profit of some 160 million won ($148,000).

JP Morgan Chase ConsumerJP Morgan Consumer
76 Million

Some reports suggests that credit and debit card information was not involved, that the hackers instead stole personal data such as addresses and phone numbers.

JP Morgan Small BusinessJP Morgan Small Business
7 Million

The New York Times reported that and 7 million small businesses were involved.

Jimmy Johns
Jimmy Johns
216 Locations

The company explained the incident this way: “An intruder stole log-in credentials from Jimmy John’s point-of-sale vendor and used these stolen credentials to remotely access the point-of-sale systems at some corporate and franchised locations.

GoodwillGoodwill
868,000

The national, charitable resale organization announced in early September that card information at approximately 330 stores had been compromised.

Home DepotHome Depot
56 Million

About 56 million card records were hacked in this attack that is said to revolve around malware that was installed on cash register systems.

EbayEbay
145 Million

The origin of the breach comes from hackers compromising a small number of employee login credentials, which gave access to eBay’s corporate network.

Sally's Beauty SupplySally's Beauty Supply
25,000 Records

In March, the Texas-based beauty chain said it had been hacked by the same gang that hacked Target.

Benesse HoldingsBenesse Holdings
22.6 Million

Education services provider Benesse Corp. said personal data on 22.6 million customers were stored on a smartphone owned by the Tokyo systems engineer under arrest on suspicion of theft and illegal copying of customer data. While announcing the figure Monday, Benesse, a subsidiary of Benesse Holdings Inc., said the stolen information — the worst data leak in Japan’s history — also included customer data on its group firms’ online-shopping website Benesse Life Smile Shop & message board website Benesse Women’s Park.

DropboxDropbox
6.9 Million

Hundreds of passwords to Dropbox accounts have been leaked in the latest security breach, with hackers threatening to release millions more account details in exchange for Bitcoin.

Dairy QueenDairy Queen
600,000

The ice cream chain said the breach affected 395 of its over 4,500 locations in the United States. The hacked information contained the names and credit card information of past customers.

Community Health SystemsCommunity Health Systems
4.5 Million

According to a CHS SEC filing describing the breach, the hack likely originated from China and focused on valuable non-clinical, non-medical data, such as “patient names, addresses, birthdates, telephone numbers and Social Security numbers."

Nieman Marcus Nieman Marcus
1.1 Million

The company, in a statement, said, “We do know, and our forensic reports have confirmed, that malicious software (malware) was clandestinely installed on our system and that it attempted to collect or ‘scrape’ payment card data from July 16, 2013 to Oct. 30, 2013.”

St Joseph's Health SystemSt Joseph's Health System
405,000

Information was accessed through a single server by hackers from China and other locations. The server contained employee and patient data for St. Joseph Regional Health Center in Bryan, Burleson St. Joseph Center, Madison St. Joseph Health Center, Grimes St. Joseph Health Center and St. Joseph Rehabilitation Center. The breach supposedly occurred between December 16 through the 18th, 2013. The data included patient names, birth dates, Social Security numbers, and possibly addresses. Medical information for patients was accessible, as well as bank information for current and former employees. Both adult and minor information may have been compromised.

Northwestern City of Verden
18 million

German authorities recently confirmed that they're investigating the theft of around 18 million e-mail account passwords, affecting all major German Internet service providers

LinkedIn / eHarmony LinkedIn / eHarmony
8 million

Business social network LinkedIn and online dating service eHarmony said Wednesday that some of their users' passwords were stolen and millions appear to have been leaked onto the Internet.

SnapchatSnapchat
2.3 Million

Thanks to a gap in the service's security, the phone numbers and usernames have been downloaded by a Web site calling itself SnapchatDB.info. The compromised accounts are concentrated mostly in California and New York, with the two states accounting for nearly 2.3 million accounts. Other regions affected include Illinois, Colorado and Florida.

YEAR-2013

Logo/Company Name
VICTIMS
SUMMARY
Target
Target
110 Million

Around 70 million holiday shoppers had their card data compromised late last year in the breach at Target, the incident that kicked off the current wave of big breaches.

Horizon Healthcare Services, Inc. (Horizon Blue Cross Blue Shield)Horizon Healthcare Services, Inc. (Horizon Blue Cross Blue Shield)
840,000

Sometime between November 1 and 3, two unencrypted laptops were stolen from employee workstations. The laptops were password-protected and cable-locked to the workstations. Names, Social Security numbers, addresses, dates of birth, Horizon Blue Cross Blue Shield New Jersey identification numbers, and demographic information may have been exposed.

Maricopa County Community College DistrictMaricopa County Community College District
2.49 Million

An unspecified data breach may have exposed the information of current and former students, employees, and vendors. Names, Social Security numbers, bank account information, and dates of birth may have been viewed by unauthorized parties.

CorporateCarOnline.comCorporateCarOnline.com
850,000

Hackers stole and stored information online related to customers who used limousine and other ground transportation. The online information included plain text archives of credit card numbers, expiration dates, names, and addresses. Many of the customers were wealthy and used credit cards that would be attractive to identity thieves.

Schnucks SupermarketSchnucks Supermarket
2.4 Million

According to the company, only card numbers and expiration dates appear to have been exposed, not the cardholder's name, address or identifying information.

MichaelsMichaels
2.6 Million
In a statement, the company said, “After weeks of analysis, (Michaels stores and its subsidiary, Aaron Brothers), were attacked by criminals using highly sophisticated malware that had not been encountered previously by either of the security firms” the company had retained to analyze what had gone wrong
AdobeAdobe
152 Million

Adobe said hackers had stolen encrypted customer credit card records, as well as login data for an undetermined number of Adobe user accounts.

ZapposZappos
24 Million

Hackers were able to access Zappos customer's names, e-mail addresses, addresses, phone numbers, the last four digits of credit card numbers and cryptically scrambled passwords.

YEAR-2012

Logo/Company Name
VICTIMS
SUMMARY
Sony's Playstation NetworkSony's Playstation Network
77 Million

Online gaming platform experienced a massive data breach that exposed the names, addresses and other personal information of 77 million users.



Subscribe to Our Newsletter for the latest news & alerts on scams and free security software.

Copyright © Prilock Security 2017 All Rights Reserved