Attrition.org Data Loss Archive and Database (DLDOS)

Beginning July 15, 2008, Open Security Foundation is the new host of DataLossDB, that will serve as a community-driven project for information about data breaches that involve personally identifying information. Attrition.org's data loss resources have been completely migrated to DataLossDB, so please make sure to bookmark DataLossDB for updates. You can track all of this information through the DataLossDB RSS feed.

In what has become a regular occurance, companies, universities, and various government entities are collecting your personal information (sometimes without your knowledge or consent), and subsequently letting it fall into the hands of the bad guys. This is your personal information; name, address, Social Security number, credit card number, medical history, and more. Unfortunately, this page is updated quite frequently and the list continues to grow.

Attrition.org's Data Loss Mail List is available for news and discussion about breaches of personally identifying information.

And why do we do all of this? Part of the answer can be found here.


Ten Most Recent

DataLossDB.org - [2008-09-14]
(Please bookmark DataLossDB for web updates and RSS feeds. Attrition.org's Data Loss resources will no longer be updated.) [archive]

University of Pittsburgh - [2008-09-09]
(Stolen laptop contains names and Social Security numbers of unspecified number of graduates) [archive]

GS Caltex - [2008-09-06]
(Names, Social Security numbers, and addresses of 11,000,000 found on lost discs) [archive]

National Offender Management Service - [2008-09-06]
(Names, dates of birth, National Insurance numbers of 5,000 on missing hard drive) [archive]

East Burke (Morganton, NC) High School - [2008-09-05]
(Social Security numbers, names, addresses, and other information of 163 found on web) [archive]

Clarkson University - [2008-09-02]
(Names, Social Security numbers, and dates of birth for 245 available on file server) [archive]

Reynoldsburg Ohio City School District - [2008-08-28]
(Stolen laptop contains names, addresses, and Social Security numbers of 4,259) [archive]

Ohio Police & Fire Pension Fund - [2008-08-27]
(Records of 13,000 retired police compromised in database) [archive]

Kansas State University - [2008-08-27]
(Stolen document contains names and Social Security numbers of 86) [archive]

Prince William Co. Public Schools - [2008-08-26]
(Confidential information for more than 2,600 exposed through file-sharing program) [archive]

Pennsylvania Public Welfare Department - [2008-08-26]
(2,845 welfare renewal packets sent to wrong mailing addresses ) [archive]


2008 Archives - 206 incidents in archives

Graphic Data, Royal Bank of Scotland, NatWest, American Express - [2008-08-26]
(Drive purchased on eBay contains personal and account details of around one million) [archive]

National Technical Institute for the Deaf - [2008-08-25]
(Social Security numbers, names, and dates of birth for at least 12,700 on stolen laptop) [archive]

Best Western - [2008-08-23]
(Credit card numbers and addresses of 8,000,000 compromised by hack) [archive]

Louisiana Real Estate Commission - [2008-08-22]
(13,000 Social Security numbers and other personal information posted on the internet) [archive]

Korean Ministry of Education, Science and Technology - [2008-08-22]
(Thousands of South Korean officials' information leaked on the Internet) [archive]

PA Consulting / The Home Office - [2008-08-21]
(Contractor loses data on tens of thousands criminals) [archive]

The Princeton Review - [2008-08-20]
(Information about 34,000 students and 74,000 students containing names and birth dates) [archive]

Barclays Bank PLC - [2008-08-20]
(Account details sent to thousands in mailing error) [archive]

Kingston Tax Service - [2008-08-19]
(Stolen laptop contains personal information for an unknown number of clients) [archive]

UK Department for Work and Pensions - [2008-08-18]
(Unauthorised disclosure of personal information on two discs retained by a contractor) [archive]

Dominion Enterprises / InterActive Financial Marketing Group (IFMG) - [2008-08-18]
(Names, Social Security numbers, and dates of birth of 92,095 on hacked server) [archive]

Wuesthoff Medical Center - [2008-08-14]
(Names, social security numbers and medical information of over 500 posted to web) [archive]

Charter Communications - [2008-08-13]
(Social Security numbers and dates of birth of 9,000 on stolen laptops) [archive]

Ireland Department of Social and Family Affairs - [2008-08-11]
(Personal and financial information of 380,000 on stolen laptop) [archive]

Harris County Hospital District - [2008-08-07]
(Financial and medical of 1,200 downloaded to flash drive later reported missing) [archive]

Arapahoe Community College - [2008-08-04]
(15,000 notified about lost flash drive containing names, addresses, credit card numbers and Social Security numbers) [archive]

Countrywide Financial Corp. - [2008-08-02]
(Insider possibly compromises 2,000,000 records, including Social Security numbers, of mortgage applicants) [archive]

Stepping Hill Hospital (UK) - [2008-08-01]
(Personal information of 1,581 on stolen laptop) [archive]

Delphi Automotive / Ohio Department of Job and Family Services - [2008-08-01]
(Missing flash drive contains Social Security numbers of about 2,600) [archive]

University of Texas at Dallas - [2008-07-31]
(Social Security numbers and other personal information for 9,100 possibly exposed by hack) [archive]

City of Yuma, Arizona - [2008-07-30]
(Social Security numbers of 300 accidentally released via email) [archive]

Anheuser-Busch - [2008-07-29]
(Stolen laptop contains employees' Social Security numbers and home addresses) [archive]

Blue Cross Blue Shield of Georgia - [2008-07-29]
(202,000 notified about letters containing personal and medical information sent to wrong addresses) [archive]

Connecticut College - [2008-07-26]
(Hacked server contains names, addresses, and Social Security numbers of about 2,800) [archive]

Ohio University - [2008-07-25]
(Names and Social Security numbers of 492 posted to web) [archive]

University of Houston - [2008-07-24]
(Social Security numbers and names of 259 found on web) [archive]

Hillsborough Community College - [2008-07-24]
(Social Security numbers, names, addresses, and routing numbers of 2,000 stored on stolen laptop) [archive]

Saint Mary's Regional Medical Center - [2008-07-24]
(128,000 notified about possible database intrusion) [archive]

Village of Tinley Park, Illinois - [2008-07-24]
(Lost backup tape contains Social Security numbers of 20,400) [archive]

Minneapolis Veterans Home - [2008-07-19]
(Stolen server contains Social Security numbers, addresses, and medical information for 336) [archive]

Falkirk and District Royal Infirmary - [2008-07-18]
(Names, address and patient details of 89 on stolen laptop) [archive]

University of Maryland - [2008-07-17]
(Social Security numbers of 23,000 visible on mailing labels) [archive]

Bristol-Myers Squibb - [2008-07-17]
(Names, addresses, and Social Security numbers on stolen backup tape) [archive]

University of Texas at Austin - [2008-07-15]
(Social Security numbers of about 2,500 exposed on internet) [archive]

Missouri National Guard - [2008-07-15]
(Personal information of about 2,000 soldiers breached) [archive]

Weber Law Firm - [2008-07-15]
(Financial files of hundreds discarded in dumpster) [archive]

Indiana State University - [2008-07-15]
(Personal information of about 2,500 on stolen laptop) [archive]

Washington Metropolitan Area Transit Authority - [2008-07-14]
(Social Security numbers of almost 4,700 posted to web) [archive]

Fort Lewis - [2008-07-11]
(Personal information of up to 900 on stolen laptop) [archive]

Williamson County (TN) Schools - [2008-07-10]
(Names and Social Security numbers of 4,000 posted to web) [archive]

Wagner Resource Group - [2008-07-09]
(Social Security numbers, dates of birth, and names of about 2,000 exposed through peer-to-peer file sharing) [archive]

LPL Financial - [2008-07-08]
(Hackers potentially able to access names, addresses and Social Security numbers of 10,219) [archive]

Yan Chai Hospital - [2008-07-08]
(Lost backup disks contain 3,000 names and identity card numbers) [archive]

Florida Agency for Health Care Administration - [2008-07-07]
(Names, addresses, birth dates, driver licenses and Social Security numbers of 55,000 organ donors exposed) [archive]

Clark County Nevada District Court - [2008-07-04]
(Names, addresses, Social Security numbers and birth dates of 380 released by e-mail) [archive]

Associated Newspapers (UK) - [2008-07-04]
(Names, addresses, and bank account numbers of thousands on stolen laptop) [archive]

University of Nebraska at Kearney - [2008-07-02]
(2,035 notified about names and Social Security numbers on hacked computers) [archive]

Baptist Health - [2008-07-02]
(1,800 notified about breach of system records including names and Social Security numbers) [archive]

Montgomery Ward - [2008-06-27]
(Online database containing 51,000 credit card numbers hacked) [archive]

Texas Department of Public Safety - [2008-06-26]
(Names, birth dates, driver's license and Social Security numbers 826 employees stolen from contracted company) [archive]

Southeast Missouri State University - [2008-06-24]
(Former employee indicted for possessing 800 student names and Social Security numbers) [archive]

California Department of Consumer Affairs - [2008-06-23]
(Names and Social Security numbers of 5,000 improperly transmitted electronically) [archive]

CNET Networks - [2008-06-23]
(Names, birth dates, Social Security numbers of over 6,500 on stolen computers) [archive]

Virgin Media - [2008-06-20]
(Unencrypted CD containing bank account details of 3,000 customers lost) [archive]

Petroleum Wholesale - [2008-06-19]
(Hundreds of names, addresses and debit and credit card numbers on files found in dumpster) [archive]

Castlecroft Medical Practice - [2008-06-18]
(Medical information, names, addresses, and dates of birth of 11,000 on stolen laptop) [archive]

Texas Insurance Claims Services - [2008-06-13]
(Hundreds of names, addresses and Social Security numbers on files found in dumpster) [archive]

Columbia University - [2008-06-12]
(Social Security numbers of 5,000 available on web) [archive]

Dickson County (TN) Board of Education - [2008-06-11]
(Names and Social Security numbers of 850 on stolen laptop) [archive]

University of Florida - [2008-06-10]
(Social Security numbers, names, and addresses of about 11,300 accidentally posted online) [archive]

University of Utah Hospitals and Clinics - [2008-06-10]
(2.2 million billing records including 1.3 million Social Security numbers on stolen tapes) [archive]

1st Source Bank - [2008-06-10]
(Debit cards replaced for an unknown number of customers) [archive]

Cotton Traders - [2008-06-10]
(Card details of 38,000 customers stolen from hacked website) [archive]

University of South Carolina - [2008-06-09]
(Stolen computer contains personal information of about 7,000) [archive]

East Tennessee State University - [2008-06-07]
(6,200 notified about stolen computer containing personal information) [archive]

Stanford University - [2008-06-06]
(72,000 notified about personal information on stolen laptop) [archive]

Canadian Canola Growers Association - [2008-06-04]
(Stolen laptop contains social insurance numbers and bank account numbers of 32,000) [archive]

AT&T - [2008-06-04]
(Stolen laptop exposes employee names, salary and Social Security numbers) [archive]

Medisure - [2008-06-04]
(Tapes stolen containing thousands of employee names, addresses and medical details) [archive]

Oregon State University - [2008-06-03]
(Online orders of as many as 4,700 possibly compromised) [archive]

Connecticut Department of Labor - [2008-06-02]
(Documents containing names, addresses and Social Security numbers of about 2,100 lost) [archive]

Walter Reed Army Medical Center - [2008-06-02]
(Personal information including Social Security numbers found on "non-secure computer network") [archive]

Pocono Mountain School District - [2008-05-31]
(Personal information including names, addresses, Social Security numbers of more than 11,000 hacked) [archive]

State Street Corp - [2008-05-29]
(Names, addresses and Social Security numbers of 45,500 customers on stolen computer) [archive]

University of California, San Francisco - [2008-05-28]
(Compromised computer contains names, medical information, and some Social Security numbers of 3,569) [archive]

Downingtown Area School District - [2008-05-22]
(Student steals names, addresses, Social Security numbers of 55,000 people) [archive]

HealthSpring - [2008-05-22]
(Stolen laptop believed to contain names, Social Security numbers, and dates of birth of 9,000) [archive]

Bank of New York Mellon / Archive Systems, Inc. - [2008-05-21]
(Updated - Missing tapes contain Social Security numbers and other personal information of 4.5 million) [update][archive]

Oklahoma Corporation Commission - [2008-05-21]
(Server sold at auction compromises more than 5,000 Social Security numbers) [archive]

New York University - [2008-05-20]
(Names and Social Security numbers of 273 available through internet searches) [archive]

University of Florida College of Medicine - Jacksonville - [2008-05-20]
(Photographs and identifying information of 1,900 on improperly disposed computer) [archive]

Greil Memorial Psychiatric Hospital - [2008-05-16]
("Hundreds" of names, dates of birth, Social Security numbers on lost index cards) [archive]

Spring Independent School District (Texas) - [2008-05-16]
(Stolen flash drive contains Social Security numbers, dates of birth, and other information of 8,000) [archive]

BB&T Insurance - [2008-05-15]
(Social Security numbers, names, and dates of birth of school employees on stolen laptop) [archive]

Oklahoma State University - [2008-05-14]
(Breached server contains names and Social Security numbers of about 70,000) [archive]

First Calgary Savings - [2008-05-14]
(Account information for "hundreds" on laptop stolen from car) [archive]

Pfizer - [2008-05-12]
(Salary information, names, and addresses for 13,000 on stolen laptop / flash drive) [archive]

Dave & Buster's - [2008-05-12]
(Credit and debit card account numbers of 5,000 customers hacked from cash register terminals) [archive]

Chilean Ministry of Education - [2008-05-11]
(Identity card numbers, names, and addresses of 6 million stolen and posted to the internet) [archive]

Princeton University Tower Club - [2008-05-09]
(Names and Social Security numbers of 103 inadvertantly released via email) [archive]

Las Cruces Public Schools - [2008-05-08]
(Staff member posts personal data for 1,800 students and staff on web site) [archive]

Dominican University - [2008-05-08]
(Students accessed staff records, exposing names, addresses, Social Security numbers of more than 5,000 students) [archive]

Hongkong and Shanghai Banking Corporation - [2008-05-08]
(Information on 159,000 customers, including name, account number and transactions, lost on stolen server) [archive]

Northeast Security - [2008-05-06]
(Social Security numbers, bank account numbers, canceled checks of customers thrown in dumpster) [archive]

Ohio State University Agricultural Technical Institute - [2008-05-06]
(Names, positions, salaries and Social Security numbers of 192 accidentally sent by email) [archive]

WESTPAC - [2008-05-04]
(Visa cards recalled after 2,000 customers account details may have been compromised) [archive]

Iredell County Tax Administration - [2008-05-02]
(Bank accounts, routing numbers, names, addresses of 468 taxpayers stolen from bank courier) [archive]

Lunardi's Supermarket - [2008-05-01]
(More than 100 customers lose debit and credit card information to ATM scam) [archive]

University of California, San Francisco - [2008-05-01]
(Patients medical records, names, addresses for 6,313 exposed on vendors website) [archive]

Staten Island University Hospital - [2008-05-01]
(Social Security numbers, names, and insurance numbers of 88,000 on stolen computer) [archive]

Baltimore Highway Administration - [2008-04-25]
(Employee information for about 1,800 accidentally exposed on internal server) [archive]

Child Assessment Service, Tuen Mun Centre - [2008-04-25]
(Medical data and identity on 700 children exposed) [archive]

University of Colorado at Boulder - [2008-04-25]
(Names, addresses, and Social Security numbers of about 9,500 on compromised server) [archive]

WiseBuys - [2008-04-25]
(Hundreds of credit and debit card numbers reported stolen) [archive]

Coos County Oregon - [2008-04-24]
(Nearly 500 Social Security numbers and personal information reported on stolen laptop) [archive]

Chrysler Financial - [2008-04-23]
(Data tape lost in transit contained personal information) [archive]

Southern Connecticut State University - [2008-04-23]
(11,000 students and alumni exposed on website) [archive]

University of Texas Health Science Center - [2008-04-23]
(Social Security numbers available on about 2,000 billing envelopes) [archive]

CollegeInvest - [2008-04-22]
(Lost hard drive exposes 200,000 customers during office relocation) [archive]

University of Massachusetts - [2008-04-22]
(Hackers breach system accessing thousands of medical records) [archive]

Boots Dental Plan - [2008-04-22]
(Account details of 34,000 stolen from courier) [archive]

LendingTree - [2008-04-22]
(Social Security numbers, names, addresses, and other personal information inappropriately accessed) [archive]

Bank of Ireland - [2008-04-22]
(Account information, addresses, and medical information of 10,000 on stolen laptops) [archive]

Central Collection Bureau - [2008-04-19]
(Social Security numbers and names of 700,000 on stolen server) [archive]

University of Miami - [2008-04-17]
(Stolen tapes containing names, addresses, and medical records of 2.1 million patients) [archive]

Connecticut State University System / Buffalo State / Northwest Missouri State University - [2008-04-17]
(Stolen laptop contains names and Social Security numbers of 20,500 students) [archive]

University of Virginia - [2008-04-16]
(Social Security numbers and names of over 7,000 on stolen laptop) [archive]

Stokes County High Schools - [2008-04-14]
(Stolen computer exposes 800 student names and Social Security numbers) [archive]

University of Toledo - [2008-04-13]
(Name, address, and Social Security numbers for 6,488 exposed on internal server) [archive]

West Seneca School District - [2008-04-12]
(Students hack school district computer system 1,800 employees notified) [archive]

Bowdoin College - [2008-04-11]
(Student Social Security numbers, names, addresses, insurance information left exposed on server) [archive]

New York-Presbyterian Hospital/Weill Cornell Medical Center - [2008-04-11]
(Names, phone numbers and some Social Security numbers of 40,000 stolen by employee) [archive]

Joliet West High School - [2008-04-10]
(Names and Social Security numbers of "about every student enrolled" accessed) [archive]

Wellcare - [2008-4-08]
(71,000 insurance records including Social Security numbers exposed on internet) [archive]

WellPoint - [2008-04-08]
(Social Security numbers and medical information for about 128,000 exposed on internet) [archive]

Pfizer - [2008-04-07]
(Stolen laptop contains names and credit card numbers of about 800) [archive]

University of California, Irvine - [2008-04-04]
(Up to 7,000 affected - very few details available) [archive]

Okemo Mountain Resort - [2008-04-01]
(Computer network breach exposes tens of thousands of credit card transactions) [archive]

Advance Auto Parts - [2008-03-31]
("Network intrusion" exposes financial information for up to 56,000) [archive]

Museum of Science, Boston - [2008-03-28]
(Names, credit card numbers, and other personal information of 140 exposed on web) [archive]

Leicester NHS Trust - [2008-03-28]
(Names, addresses, bank details and national insurance numbers for 180 found in street) [archive]

Antioch University - [2008-03-28]
(Names, Social Security numbers, academic records and payroll documents of 70,000 on hacked computer system) [archive]

BNY Mellon Shareowner Services - [2008-03-26]
(3,500 notified about names, Social Security numbers and possibly banking information on lost tapes) [archive]

The Dental Network - [2008-03-26]
(Names, addresses, dates of birth and Social Security numbers of about 75,000 posted on web site) [archive]

Super 8 Motel - [2008-03-24]
(Customer credit card numbers, names, addresses dumped in landfill) [archive]

National Institutes of Health - [2008-03-24]
(Names and medical information of 2,500 on stolen laptop) [archive]

Western Carolina University - [2008-03-23]
(Social Security numbers of 555 on hacked server) [archive]

Agilent Technologies - [2008-03-22]
(Social Security numbers, names, and financial information of 51,000 on stolen laptop) [archive]

Compass Bank - [2008-03-21]
(Stolen hard drive hard drive contains 1,000,000 customer records) [archive][update]

Rhode Island Department of Administration - [2008-03-21]
(Missing disk contains Social Security numbers of almost 1,400) [archive]

Lasell College - [2008-03-20]
(Names and Social Security numbers of 20,000 accessed by hacker) [archive]

Affordable Realty - [2008-03-19]
(Financial information and Social Security numbers of "hundreds" found in dumpster) [archive]

Binghamton University - [2008-03-17]
(Names, grade point averages and Social Security numbers of over 300 accidentally e-mailed) [archive]

Hannaford - [2008-03-17]
(4.2 million credit card and debit card numbers exposed in breach) [archive]

Broward County School District (FL) - [2008-03-15]
(Hacker gains access to names, addresses, phone numbers and Social Security numbers of over 38,000) [archive][update]

Utah Division of Finance - [2008-03-15]
(Personal information of about 500 possibly accessed by unauthorized persons) [archive]

University Health Care (Utah) - [2008-03-13]
(Stolen laptop contains 4,800 patients' names, Social Security numbers, and health information) [archive]

Harvard University - [2008-03-12]
(Personal information of 10,000 including 6,500 Social Security numbers possibly compromised from hack) [archive]

Blue Cross Blue Shield of Western New York - [2008-03-10]
(Missing laptop contains "vital information" of an estimated 40,000) [archive]

MTV Networks - [2008-03-08]
(External breach exposes about 5,000 names and Social Security numbers) [archive]

Cascade Healthcare Community - [2008-03-06]
(Computer virus exposes credit card information, names, and addresses of more than 11,500) [archive]

Nevada Department of Public Safety - [2008-03-05]
(Social Security numbers and addresses of 109 on lost thumb drive) [archive]

Madeley Health Centre (UK) - [2008-03-05]
(Names, addresses, dates of birth and medical treatment details of 238 on stolen memory stick) [archive]

Kraft Foods - [2008-03-03]
(Missing laptop contains names and possibly Social Security numbers of 20,000) [archive]

Wellesley Health Department - [2008-02-29]
(Social Security numbers, names, addresses, and dates of birth for about 480 lost from open envelope) [archive]

Health Net Federal Services - [2008-02-27]
(Social Security numbers for 103,000 posted on web) [archive]

NY Department of Finance - [2008-02-27]
(Thousands being notified for defective envelopes, Social Security numbers exposed) [archive]

LGT Bank - [2008-02-25]
(Stolen bank records of 1,400 contain financial information) [archive]

Mecklenburg County, North Carolina (NC) - [2008-02-25]
(400 account numbers in stolen vehicle) [archive]

Newfoundland Eastern School District - [2008-02-21]
(Medicare numbers, names, and addresses of 28,000 students on stolen laptop) [archive]

Texas A&M University - [2008-02-16]
(Names and Social Security numbers of 3,000 inadvertantly posted online) [archive]

First Magnus Financial - [2008-02-15]
(Thousands of documents containing Social Security numbers, credit card information, addresses recovered from trash) [archive]

Crosslines Ministries of Carthage - [2008-02-15]
(Social Security numbers, names, and addresses of 2,000 in stolen files) [archive]

Lexmark International - [2008-02-15]
(Undisclosed number of names, addresses and Social Security numbers disclosed on file-sharing site) [archive]

Russells Hall Hospital - [2008-02-14]
(Medical records of 5,123 on stolen laptop) [archive]

Tenet Healthcare Corporation - [2008-02-14]
(Former employee convicted of identity theft had access to records of 37,000) [archive]

Middle Tennessee State University - [2008-02-13]
(Names and Social Security numbers of about 1,500 on compromised computer) [archive]

Lifeblood - [2008-02-13]
(Missing laptops contain personal information including dates of birth and some Social Security numbers of 321,000) [archive]

Rose-Hulman Institute of Technology - [2008-02-13]
(Names, social security numbers and dates of birth of 1900 students posted online) [archive]

Long Island University - [2008-02-12]
(Up to 30,000 notified about potentially compromised letters containing names and Social Security numbers) [archive]

Modesto California City Schools / Clovis Unified / Los Angeles Department of Water and Power - [2008-02-12]
(Stolen hard drive holds names, addresses, birth dates and Social Security numbers of over 15,000) [archive]

Jefferson County (CO) Public Schools - [2008-02-11]
(Stolen computer holds names, addresses, dates of birth, and school information for up to 2,900) [archive]

MLSgear.com - [2008-02-08]
(Names, addresses, credit and debit card information on compromised servers) [archive]

Memorial Hospital (South Bend, IN) - [2008-02-07]
(Social Security numbers, names, addresses, and dates of birth of 4,300 on lost laptop) [archive]

Diocese of Providence - [2008-02-02]
(Names, addresses, and Social Security numbers of 5,000 on stolen computers) [archive]

Marine Corps Bases Japan - [2008-02-01]
(Social Security numbers, names, and other information of 4,000 on stolen laptop) [archive]

University of Minnesota Reproductive Medicine Center - [2008-01-31]
(Medical information of 3,100 on lost flash drive) [archive]

South Carolina Department of Health and Environmental Control - [2008-01-31]
(About 400 names and Social Security numbers on stolen laptop) [archive]

Davidson Companies - [2008-01-30]
(Hacked database contains names, Social Security numbers and account information for 226,000) [archive]

Horizon Blue Cross Blue Shield of New Jersey - [2008-01-29]
(Stolen laptop contains names and Social Security numbers of over 300,000) [archive]

Wake County (NC) Emergency Medical Services - [2008-01-29]
(Names, addresses and Social Security numbers of as many as 4,642 on missing laptop) [archive][update]

Georgetown University - [2008-01-29]
(Social Security numbers and other personal information of about 38,000 on stolen hard drive) [archive]

T. Rowe Price Retirement Plan Services - [2008-01-28]
(35,000 names and Social Security numbers on stolen computers) [archive]

Penn State University - [2008-01-25]
(Stolen laptop contains Social Security numbers of 677) [archive]

OmniAmerican Bank - [2008-01-25]
(Debit cards, and PIN numbers of customers compromised via hack) [archive]

Fallon Community Health Plan - [2008-01-24]
(Medical information and names of 29,800 on stolen laptop) [archive]

United Kingdom Ministry of Defence - [2008-01-18]
(Stolen laptop contains passport details, National Insurance numbers, medical records of 600,000) [archive]

GE Money / Iron Mountain - [2008-01-17]
(Credit card numbers and some Social security numbers of 650,000 on missing backup tape) [archive]

University of Wisconsin-Madison - [2008-01-16]
(Social Security numbers of about 205 employees exposed on web) [archive]

Wisconsin Department of Revenue - [2008-01-15]
(Social Security numbers of 5,000 on mailing labels) [archive]

Naval Surface Warfare Center Dahlgren Division - [2008-01-15]
(Names, Social Security numbers, and financial information found on report obtained by suspected identity thieves) [archive]

Tennessee Tech University - [2008-01-14]
(Lost portable drive contains names and Social Security numbers of 990) [archive]

California State University, Stanislaus - [2008-01-12]
(Credit card numbers, cardholder names and expiration dates exposed) [archive]

Virginia Department of Social Services - [2008-01-11]
(Letters mailed to 1,500 regarding a "potential security breach") [archive]

Oldham NHS Primary Care Trust - [2008-01-11]
(Personal and medical information of 148 on missing "data sticks") [archive]

University of Iowa - [2008-01-11]
(Social Security numbers and other information for 216 exposed in Internet) [archive]

University of Akron - [2008-01-11]
(Social Security numbers, names and addresses of 800 on missing hard drive) [archive]

Select Physical Therapy - [2008-01-10]
(4,000 records containing Social Security numbers, credit and debit card account numbers, names, and addresses dumped) [archive]

University of Georgia - [2008-01-08]
(Social Security numbers, names and addresses of 4,250 on hacked server) [archive]

Wisconsin Department of Health and Family Services - [2008-01-08]
(Social Security numbers of 260,000 on mailing labels) [archive]

Geeks.com - [2008-01-07]
(Credit card numbers, names, and addresses possibly compromised on "hacker safe" web site) [archive]

New Mexico State University - [2008-01-05]
(Employee Social Security numbers and names on missing hard drive) [archive]

Maryland Department of Assessments and Taxation - [2008-01-04]
(Social Security numbers for roughly 900 transmitted to unprotected web site) [archive]

Florida Department of Children and Families - [2008-01-04]
(Social Security numbers, birth dates and other information for thousands on stolen laptops) [archive]

Health Net - [2008-01-04]
(Names and Social Security numbers of about 5,000 on stolen laptop) [archive]

Dorothy Hains Elementary School (Georgia) - [2008-01-03]
(Social Security numbers on stolen computer) [archive]

Workers Compensation Fund - [2008-01-02]
(Social Security numbers and other personal information for about 2,800 people on stolen laptop) [archive]


2007 Archives - 331 incidents in archives

Administrative Systems Inc - [2007-12-29]
(Computer containing customer Social Security numbers, names, and addresses stolen from office) [archive]

United States Air Force - [2007-12-28]
(Social Security numbers, birth dates, and addresses of 10,501 on missing laptop) [archive][update]

Davidson County (Tennessee) Election Commission - [2007-12-28]
(Names, addresses and complete Social Security numbers of more than 337,000 Davidson County voters on stolen laptops) [archive]

Minnesota Department of Commerce - [2007-12-28]
(Names, addresses, Social Security numbers and state license data of 219 on stolen laptop) [archive]

Franklin County Municipal Court (Ohio) - [2007-12-21]
(More than 270 Social Security numbers possibly exposed on web site) [archive]

Skipton Financial Services - [2007-12-21]
(Names, National Insurance numbers, and financial information of 14,000 on stolen laptop) [archive]

Greenville County (S.C.) School District - [2007-12-20]
(Hacked computer contains names and Social Security numbers of hundreds) [archive]

Dormitory Authority of the State of New York - [2007-12-20]
(Social Security numbers, phone numbers and addresses of up to 800 on missing tapes) [archive]

Pennsylvania Department of Aging - [2007-12-19]
(Social Security numbers, names, and medical information for 21,000 on stolen laptop) [archive]

HM Revenue & Customs (HMRC) - [2007-12-18]
(Names, addresses, date of births, and national insurance numbers on lost data cartridge) [archive]

Royal Bolton Hospital - [2007-12-17]
(Names, addresses, and medical information on stolen laptop) [archive]

West Penn Allegheny Health System - [2007-12-17]
(Stolen laptop contains names, Social Security numbers, and care information for 42,000) [archive]

Deloitte & Touche - [2007-12-14]
(Stolen laptop contains names, Social Security numbers, birth dates for undisclosed number of people) [archive]

Iowa Department of Natural Resources - [2007-12-11]
(Social Security numbers and names on missing flash drive) [archive]

Cameron County, Texas - [2007-12-10]
(Social Security numbers, names, and salaries of county employees released by email) [archive]

Sutter Lakeside Hospital - [2007-12-10]
(Names, addresses, Social security numbers, and dates of birth for about 45,000 on stolen laptop) [archive]

Tricare Europe - [2007-12-10]
(4,700 households notified about personal information accessed by "external entities") [archive]

Citizens Advice - [2007-12-07]
(Bank account numbers, National Insurance numbers, names, and addresses of 60,000 on stolen laptop) [archive]

Oak Ridge National Laboratory - [2007-12-06]
(12,000 notified about names, Social Security numbers and birth dates on hacked database) [archive]

Forrester Research - [2007-12-05]
(Stolen laptop contains names, addresses and Social Security numbers of an undisclosed number of people) [archive]

Memorial Blood Centers - [2007-12-05]
(Social Security numbers and names of about 268,000 on stolen laptop) [archive]

Duke University - [2007-12-04]
(Social Security numbers of 1,400 on hacked server possibly compromised) [archive]

Indianapolis Power and Light - [2007-12-04]
(Social Security numbers, names, and addresses of 3,000 posted online) [archive]

Passport Canada - [2007-12-04]
(Personal information for passport applicants exposed on web site) [archive]

Prescription Advantage - [2007-11-30]
(Personal information of 150,000 exposed by undisclosed means) [archive]

Telsell - [2007-11-27]
(Credit card details of 30,000 stolen) [archive]

Provincial Public Health Laboratory - [2007-11-26]
(Undisclosed number of names along with medical information on compromised computer) [archive]

Allied Irish Bank - [2007-11-23]
(Mailing error affects 11,000 customers by revealing bank account details) [archive]

University of Florida - [2007-11-21]
(Social Security numbers of 415 former students posted to web) [archive]

HM Revenue & Customs (HMRC) - [2007-11-20]
(Names, addresses, and National Insurance numbers of 25,000,000 lost in mail) [archive]

Ohio Masonic Home / Community Blood Center / Battelle & Battelle LLC - [2007-11-17]
(At least 1,200 have personal information on stolen laptop) [archive][update]

U.S. Department of Veteran Affairs - [2007-11-16]
(1.8 million Social Security numbers found on home computer of former contractor) [archive]

Service Canada - [2007-11-16]
(Personal information of 1,600 on stolen laptop) [archive]

Kansas State University - [2007-11-16]
(128 student Social Security numbers exposed on web site) [archive]

A.J. Falciani Realty Company - [2007-11-16]
(Social Security numbers, names, addresses, and dates of birth of between 500 and 1,000 on stolen computers) [archive]

Roudebush VA Medical Center - [2007-11-15]
(Stolen computers contain Social Security numbers and names of about 12,000 veterans) [archive]

Glenrose Rehabilitation Hospital - [2007-11-13]
(Medical information of 270 children on stolen "memory stick") [archive]

Commerce Bancorp - [2007-11-13]
(Social Security numbers and account numbers given out by employee) [archive]

The Foreign and Commonwealth Office (UK) - [2007-11-13]
(50,000 online visa applications exposed on website) [archive]

State of Nevada - [2007-11-11]
(Social Security numbers for hundereds of state employees on missing CDs) [archive]

Carolinas Medical Center - NorthEast - [2007-11-07]
(Social Security numbers and names of 28,000 on lost laptop) [archive]

Butte Community Bank - [2007-11-06]
(Unknown number of customers have names, Social Security numbers and account numbers on stolen laptop) [archive]

Montana State University - [2007-11-06]
(Three seperate breaches potentially expose Social Security numbers for 271) [archive]

Alabama Department of Public Health - [2007-11-06]
(Names, ages, and Social Security numbers of 1,554 families sent to wrong addresses) [archive]

HM Revenue & Customs (HMRC) - [2007-11-05]
(Lost CD contains names, national insurance numbers, and pension data for 15,000) [archive]

City University of New York - [2007-11-01]
(20,000 Social Security numbers on stolen laptop) [archive]

Pathology Group of the Mid-South - [2007-10-30]
(Social Security numbers, names, and addresses of 75,000 on stolen computers) [archive]

Hartford Financial Services Group - [2007-10-30]
(Personal information of 230,000 customers on lost backup tapes) [archive]

University of Nevada, Reno - [2007-10-30]
(Lost flash drive contains names and Social Security numbers of 16,000) [archive]

United States Postal Service - [2007-10-29]
(Social Security numbers and names of 3,000 on stolen laptop) [archive]

Art.com - [2007-10-28]
(Credit card information for undisclosed number of accounts on hacked server) [archive]

University of Akron - [2007-10-25]
(Lost microfilm contains names, Social Security numbers, and dates of birth for about 1,200) [archive]

Not Your Average Joe's - [2007-10-24]
(Credit card numbers for "significantly fewer" than 3,500 compromised) [archive]

Bates College - [2007-10-23]
(Social Security numbers, names, addresses, and dates of birth of about 500 accessible on network) [archive]

Dixie State College - [2007-10-23]
(11,000 notified about compromised server containing Social Security numbers and names) [archive]

Blockbuster - [2007-10-23]
(About 400 documents containing credit card information and Social Security numbers found in trash container) [archive]

West Virginia Public Employees Insurance Agency - [2007-10-23]
(Missing computer tape holds Social Security numbers, names, and addresses for 200,000) [archive]

University of Cincinnati - [2007-10-18]
(Stolen thumb drive contains Social Security numbers of over 7,000) [archive]

Louisiana Office of Student Financial Assistance - [2007-10-17]
(Sensitive data for "virtually all" Louisiana college applicants on lost backups) [archive]

Home Depot - [2007-10-17]
(Personal information including names and Social Security numbers for 10,000 on stolen laptop) [archive]

Administaff Inc. - [2007-10-16]
(Stolen laptop may contain 159,000 names, addresses, and Social Security numbers) [archive]

Transportation Security Administration - [2007-10-15]
(Names, addresses, dates of birth, and some Social Security numbers of 3,930 on stolen laptops) [archive]

Montana State University - [2007-10-13]
(1,400 notified about hacked computer containing Social Security and credit card numbers) [archive]

King County (WA) Transportation Department - [2007-10-12]
(Social Security numbers, names, and addresses of 1,400 on stolen laptop) [archive]

Commerce Bank - [2007-10-10]
(Details for 3,000 in hacked database, but only 20 supposedly accessed) [archive]

Pfizer / Wheels Inc. - [2007-10-10]
(Names, addresses, birth dates and driver's license numbers of 1,800 employees revealed) [archive]

Pembroke School District - [2007-10-09]
(Names, birth dates and Social Security numbers found on web) [archive]

Semtech - [2007-10-08]
(Stolen laptop contains undisclosed personal information for employees) [archive]

Carnegie Mellon University - [2007-10-08]
(Students' Social Security numbers on two stolen laptops) [archive]

University of Iowa - [2007-10-08]
(Stolen laptop contains personal information for 184, including 100 Social Security numbers) [archive]

HM Revenue & Customs (HMRC) - [2007-10-05]
(Stolen laptop contains personal and financial details of at least 400) [archive]

Kartenhaus - [2007-10-05]
(Credit card numbers and billing addresses for 66,000 customers stolen) [archive]

MacEwan College - [2007-10-04]
(Credit card numbers, addresses, and other information publicly available on internet) [archive]

Massachusetts Division of Professional Licensure - [2007-10-04]
(Social Security numbers of about 450,000 licensed professionals inadvertently released) [archive]

Athens Regional Health Services - [2007-10-02]
(Medical information, names, and some Social Security numbers of 1,441 on stolen computer) [archive]

The Nature Conservancy - [2007-10-02]
(Social Security numbers, names, and addresses of 14,000 illegally accessed) [archive]

Gap Inc. - [2007-09-28]
(Personal data including some Social Security numbers for 800,000 on stolen laptop) [archive]

Utah Department of Workforce Services - [2007-09-24]
(Stolen laptop contains Social Security numbers of about 2,000) [archive]

ABN Amro Mortgage Group - [2007-09-21]
(5,000 Social Security numbers and other personal details leaked over internet) [archive]

City of Columbus, Ohio - [2007-09-21]
(Stolen computers contain names and Social Security numbers of 3,500) [archive]

University of Michigan - [2007-09-19]
(Social Security numbers, names, and addresses on stolen backup tapes) [archive]

St. Edmundsbury Borough Council (UK) - [2007-09-16]
(Bank and national insurance details of 1,380 people on stolen laptop) [archive]

Tennessee Tech University - [2007-09-14]
(3,100 Social Security numbers revealed in errant email) [archive]

TD Ameritrade - [2007-09-14]
(Personal information of 6.3 million exposed by database hack) [archive]

TennCare / Americhoice Inc. - [2007-09-12]
(Lost CD contains Social Security numbers, names, and dates of birth of 67,000) [archive]

Gander Mountain - [2007-09-11]
(Credit card information for 112,000 customers possibly compromised) [archive]

Pennsylvania Public Welfare Department - [2007-09-11]
(Medical information of over 300,000 on stolen computers) [archive]

Purdue University - [2007-09-10]
(Social Security numbers and names of 111 exposed on web) [archive]

McKesson - [2007-09-07]
(Stolen computers may contain addresses, medical information, and Social Security numbers for "thousands") [archive]

De Anza College - [2007-09-06]
(Stolen laptop contains names, addresses and some Social Security numbers for 4,375) [archive]

University of South Carolina - [2007-09-06]
("Accidental disclosure" of personal information on web affects 1,482) [archive]

Pfizer - [2007-09-04]
(Social Security numbers, names and financial information of 34,000 accessed by employee) [archive]

Johns Hopkins Hospital - [2007-09-01]
(Social Security numbers, names, and medical histories of 5,783 on stolen computer) [archive]

The Hospital for Sick Children (SickKids) - [2007-08-31]
(Lost hard drive contains medical records for 3,300) [archive]

AT&T - [2007-08-30]
(Social Security numbers, names, and other personal information on stolen laptop) [archive]

Maryland Department of the Environment - [2007-08-30]
(Stolen laptop contains undisclosed types of personal information) [archive]

Connecticut Department of Revenue Services - [2007-08-28]
(Social Security numbers and names of 106,000 on stolen laptop) [archive]

American Ex-Prisoners of War - [2007-08-26]
(Stolen digital and paper records include Social Security numbers and addresses of 35,000) [archive]

Loomis Chaffee School - [2007-08-23]
(Personal information including Social Security numbers of several hundred on stolen computers equipment) [archive]

New York City Financial Information Services Agency - [2007-08-23]
(Stolen laptop contains financial information for as many as 280,000) [archive]

California Public Employees' Retirement System - [2007-08-22]
(445,000 brochures distributed with whole or partial Social Security numbers on address panel) [archive]

West Virginia Board of Barbers and Cosmetologists - [2007-08-21]
(Personal information of thousands in stolen safe) [archive]

Walter Reed Army Institute of Research - [2007-08-21]
(Boxes of documents containing personal information found in trash bin) [archive]

Toshiba General Hospital - [2007-08-16]
(Medical information for 51,156 on stolen laptop) [archive]

Sky Lakes Medical Center / Verus Inc. - [2007-08-15]
(30,000 notified about unprotected Social Security numbers left online) [archive]

Idaho Army National Guard - [2007-08-15]
(Social Security numbers for 3,400 on stolen thumb drive) [archive]

Pfizer - [2007-08-13]
(Contractor loses laptops containing Social Security numbers and names of 950) [archive]

Providence Alaska Medical Center - [2007-08-11]
(Missing laptop contains medical information and names of 250) [archive]

Legacy Health System - [2007-08-10]
(Personal data for 747 patients possibly stolen by former employee) [archive]

Tele2 - [2007-08-10]
(Hackers steal confidential data on 60,000 Norwegians) [archive]

Loyola University - [2007-08-10]
(Social Security numbers of about 5,800 students on discarded hard drive) [archive]

Yale University - [2007-08-08]
(About 10,200 Social Security numbers and names on stolen computers) [archive]

Electronic Data Systems Corp. - [2007-08-07]
(Employee steals names and other information of 498 Medicaid recipients) [archive]

Merrill Lynch - [2007-08-07]
(Social Security numbers for 33,000 on stolen "computer device") [archive]

First Response Finance - [2007-08-07]
(Theft of storage discs may affect "thousands") [archive]

Verisign - [2007-08-06]
(Stolen laptop contains Social Security numbers and names of employees) [archive]

Kellogg Community Federal Credit Union - [2007-08-04]
(Stolen computer containing Social Security numbers, names, and addresses for unidentified number of customers) [archive]

Wabash Valley Correctional Facility - [2007-08-03]
(Unidentified breach of internal system compromises Social Security numbers of employees) [archive]

Capital Health - [2007-08-03]
(Stolen computers contained medical insurance cards, names, addresses, and hospital admission data of 20,000) [archive]

E.ON - [2007-08-02]
(Stolen laptop held by accounting firm contained Social Security numbers and birthdates of "most" employees) [archive]

University of Toledo - [2007-08-02]
(Computer stolen with two hard drives containing student and staff Social Security numbers, names, and grade change information.) [archive]

Yuba County Child Support Services (California) - [2007-07-28]
(Stolen laptop contains names and Social Security numbers of 70,000) [archive]

City of Virginia Beach - [2007-07-27]
(2,000 names and Social Security numbers stolen by contractor) [archive]

City Harvest - [2007-07-27]
("Improper access of systems" exposes credit card numbers of donors) [archive]

CESA #11 - [2007-07-27]
(Social Security Numbers, bank routing info, names, addresses of 300 WI residents exposed) [archive]

American Education Services - [2007-07-27]
(Social Security Numbers, names and addresses of 5000 on stolen contractor laptop) [archive]

Aflac - [2007-07-26]
(Insurance records, names, addresses of 152,000 on stolen laptop) [archive]

United States Marine Corps / Penn State University - [2007-07-26]
(Names and Social Security numbers of 10,554 Marines found through Google) [archive]

Newcastle City Council (UK) - [2007-07-26]
(Financial information of up to 54,000 released on the internet) [archive]

St. Vincent Hospital - [2007-07-24]
(Social Security numbers and names of about 51,000 left "unprotected") [archive]

Westpac - [2007-07-24]
(Credit card details for 1,400 Virgin Money customers exposed due to bank security breach) [archive]

University of Michigan - [2007-07-21]
(5,500 notified about personal information on hacked server) [archive]

SAIC - [2007-07-20]
(Social Security numbers, names, and health information for 580,000 households transmitted unencrypted) [archive]

Texas Secretary of State - [2007-07-19]
(Names and Social Security numbers of thousands accessible on Texas Secretary of State website) [archive]

Jackson Local Schools (Ohio) - [2007-07-19]
(1,800 Social Security numbers exposed on web) [archive]

Cricket Communications - [2007-07-19]
(Documents stolen from store result in loss of 300 credit card numbers) [archive]

Connecticut General Assembly Transportation Committee - [2007-07-18]
(Social Security numbers of 300 former employees of defunct L.G. Defelice Inc. posted on CT transportation committee website) [archive]

Kingston Technology Co. - [2007-07-17]
(Unidentified breach exposes 27,000 credit card numbers, names, addresses since 2005) [archive]

Louisiana Board of Regents - [2007-07-17]
(Records of students and staff including Social Security numbers, names, and addresses exposed on web) [archive]

Western Union - [2007-07-17]
(Credit card information and names of over 20,000 in hacked database) [archive]

Metropolitan St. Louis Sewer District - [2007-07-13]
(Employee downloads about 1,600 Social Security numbers to home computer) [archive]

City of Encinitas, California - [2007-07-13]
(Financial information and addresses of about 1,200 posted on web) [archive]

Disney Movie Club / Alta Resources - [2007-07-11]
(Contracted employee steals unknown number of credit card numbers) [archive]

Cuyahoga County Department of Development (Ohio) - [2007-07-09]
(Names and Social Security numbers on memory stick stolen in carjacking) [archive]

Resona Bank (Japan) - [2007-07-09]
(Names, account numbers, and transaction details of 980,000 on lost documents) [archive]

Securitas Security Services USA Inc. - [2007-07-07]
(Names, addresses, and Social Security numbers of over 100,000 current and former employees) [archive]

Highland University - [2007-07-05]
(Social Security numbers and credit card and bank account information in robbed office) [archive]

Fidelity National Information Services - [2007-07-03]
(2.3 million consumer records containing credit card and bank account information stolen) [archive]

Harrison County Schools (West Virginia) - [2007-06-29]
(Stolen computers contain Social Security numbers of "several" employees) [archive]

University of California, Davis - [2007-06-27]
(Social Security numbers, names, and dates of birth of 1,120 possibly accessed) [archive]

Bowling Green State University - [2007-06-27]
(Lost storage device contained Social Security numbers, and names of 199 former students) [archive]

Milwaukee PC - [2007-06-27]
(Credit card information for 65,000 possibly compromised) [archive]

Ohio Bureau of Workers' Compensation - [2007-06-25]
(Social Security numbers and other personal data of 439 on stolen laptop) [archive]

Winn-Dixie - [2007-06-23]
(Pharmacy documents found behind closed Winn-Dixie, containing prescription information, Social Security numbers of thousands) [archive]

Texas First Bank - [2007-06-22]
(4,000 Social Security numbers and account numbers on stolen laptop) [archive]

American Airlines - [2007-06-21]
(Internal web site leaks personal information of over 300) [archive]

Tokyo University Hospital - [2007-06-21]
(Medical information of 120 patients missing) [archive]

Parisexposed.com - [2007-06-18]
(Names, addresses, and credit card numbers exposed on web for 750) [archive]

Texas A&M Corpus Christi - [2007-06-18]
(Flash drive containing 8,000 Social Security numbers lost in Madagascar by professor) [archive]

State of Ohio - [2007-06-15]
(Backup device with over 1,000,000 personal records stolen from car) [archive][update]

Georgia Tech University - [2007-06-14]
(Personal information including dates of birth exposed for about 23,000) [archive]

Coastal Community Credit Union - [2007-06-14]
(Stolen backup tapes contain personal and financial information of about 120,000) [archive]

City of Lynchburg - [2007-06-14]
(Prescription drug and personal information of 1200 employees and retirees exposed on web) [archive]

Eden Project - [2007-06-13]
(Personal and financial details of 500 on stolen laptop) [archive]

Grand Valley State University - [2007-06-11]
(Stolen flash drive contains about 3,000 Social Security numbers) [archive]

Pfizer - [2007-06-11]
(Laptop containing 17,000 employee Socials, names, addresses, accessed through unauthorized software.) [archive]

Concord Hospital - [2007-06-09]
(Names, addresses, dates of birth and Social Security numbers of over 9,000 exposed) [archive]

Concordia Hospital - [2007-06-09]
(Medical information, names, and birthdates of 3,000 on stolen computer) [archive]

University of Iowa - [2007-06-08]
(1,100 Social Security numbers on breached web server) [archive]

University of Virginia - [2007-06-08]
(Hack exposes Social Security numbers, names, dates of birth of 5,735 faculty members) [archive]

Dearfield Medical Building - [2007-06-07]
(Improperly disposed records contain names, addresses, and medical information) [archive]

Cedarburg High School - [2007-06-06]
(Students access Social Security numbers, names, addresses of employees on computer) [archive]

Stevens Hospital - [2007-06-04]
(About 550 names and Social Security numbers on laptop exposed to Internet) [archive]

Gadsden State Community College - [2007-06-03]
(Grades, Social Security numbers, names of about 400 students found on local business driveway) [archive]

Northwestern University - [2007-06-01]
(Personal information of 4,000 available online) [archive]

Bank of Scotland - [2007-06-01]
(62,000 mortgage account numbers, names, addresses, and dates of birth on disc lost in the mail) [archive]

Jax Federal Credit Union - [2007-06-01]
(Social Security numbers and account numbers of 7,500 clients posted on website, then indexed by Google) [archive]

Fresno County (California) - [2007-06-01]
(Missing computer disk contains names, addresses, Social Security numbers of 10,000) [archive]

Priority One Credit Union - [2007-05-31]
(Social Security numbers and account numbers printed on envelope) [archive]

Saskatoon Health Region - [2007-05-30]
(Confidential material for over 2,000 sold at auction) [archive]

CoverTN - [2007-05-26]
(279 Social Security numbers of applicants exposed on web) [archive]

Family Health Plus / Child Health Plus - [2007-05-25]
(Stolen laptop containing personal information of applicants recovered) [archive]

North Carolina Department of Transportation - [2007-05-25]
(25,000 Social Security numbers and names on breached server) [archive]

Waco Independent School District - [2007-05-24]
(Students break into server, potentially compromising student and employee personal data) [archive]

Beacon Medical Services - [2007-05-24]
(Medical records and financial data of 5000 emergency room patients exposed on Internet) [archive]

Check into Cash - [2007-05-23]
(Discarded documents contain Social Security numbers, addresses, and photocopies of driver's licenses) [archive]

University of Colorado at Boulder - [2007-05-22]
(45,000 Social Security numbers and names of College of Arts and Sciences students breached) [archive]

University of Pittsburgh Medical Center - [2007-05-22]
(Mailing containing visible Social Security numbers sent to 6,000 former patients) [archive]

Columbia Bank (NJ) - [2007-05-21]
(Hack exposes Social Security numbers and names of online banking customers) [archive]

Northwestern University - [2007-05-20]
(Stolen laptop contains names and Social Security numbers) [archive]

Riverside Community Hospital - [2007-05-20]
(Medical Records, Social Security Numbers, Names, Addresses, and more of over 10,000 found in dumpster) [archive]

Yuma Elementary School District 1 - [2007-05-19]
(Social Security numbers and payroll data of 91 substitute teachers stolen from car) [archive]

Texas Commission on Law Enforcement Officers Standards and Education - [2007-05-19]
(Social Security numbers, names, dates of birth of 229,000 on stolen computer) [archive]

Illinois Department of Financial and Professional Regulation - [2007-05-19]
(300,000 Social Security numbers, names and addresses on breached server) [archive]

Stony Brook University - [2007-05-19]
(Social Security numbers of 90,000 posted on web and cached by Google) [archive]

Alcatel-Lucent - [2007-05-17]
(Lost or stolen disk contains names, addresses, Social Security numbers, birth dates and salary information) [archive]

Georgia Department of Human Resources - [2007-05-17]
(Social Security numbers for 140,000 infants improperly discarded) [archive]

Indianapolis Public Schools - [2007-05-16]
(Personal records for about 7,500 posted on internet) [archive]

IBM - [2007-05-15]
(Missing tapes contain dates of birth, Social Security numbers, and addresses of IBM employees) [archive]

Community College of Southern Nevada - [2007-05-14]
(197,000 notified about names and Social Security numbers on breached server) [archive]

Goshen College - [2007-05-12]
(Names, addresses, birth dates, Social Security numbers of 7,300 exposed by hack) [archive]

UCI Medical Center - [2007-05-11]
(Medical files containing personal information for nearly 300 patients missing) [archive]

Highland Hospital - [2007-05-10]
(Stolen laptop contains names and Social Security numbers of about 13,000) [update][archive]

SEB - [2007-05-09]
(Credit and debit cards numbers of 10,000 stolen) [archive]

Standard Life - [2007-05-09]
(Financial information sent to wrong customers could impact 300) [archive]

University of Missouri - [2007-05-08]
(22,396 Social Security numbers and names retrieved from hacked computer) [archive]

Indiana Department of Administration - [2007-05-07]
(Social Security numbers exposed on web for "no more than a couple hundred") [archive]

Marks & Spencer - [2007-05-05]
(26,000 notified about personal information on stolen laptop) [archive]

United States Transportation Security Administration - [2007-05-04]
(Lost hard drive contains Social Security numbers and banking data of 100,000) [archive]

Louisiana State University - [2007-05-03]
(Social Security numbers, full names and grades of 750 possibly on stolen laptop) [archive]

Montgomery College - [2007-05-03]
(Publicly accessible computer exposes names and Social Security numbers of hundreds) [archive]

Maryland Department of Natural Resources - [2007-05-03]
(Names and Social Security numbers of about 1,400 on missing thumb drive) [archive]

Weston Travel and Insurance Agencies - [2007-05-02]
(Hundreds of customers' personal documents found in a dumpster) [archive]

Royal Cornwall Hospitals NHS Trust - [2007-05-02]
(Bank details of around 10,000 employees on stolen computer) [update][archive]

Champaign Fraternal Order of Police - [2007-05-01]
(139 officers' personal information found on computer donated to charity) [archive]

JP Morgan Chase - [2007-05-01]
(Social Security numbers and account information for 47,000 on lost tape) [archive]

University of New Mexico - [2007-04-29]
(Names, addresses, and financial information of 3,000 on stolen laptop) [archive]

Couriers On Demand - [2007-04-27]
(Hundreds of job applicants' names, addresses, and Social Security numbers on web) [archive]

Caterpillar Inc. - [2007-04-27]
(Stolen laptop computer contains personal data on unknown number of employees) [archive]

Innovation Interactive / Ceridian Corp. - [2007-04-26]
(Former Ceridian employee posts bank information of 150 to personal web site) [archive]

Purdue University - [2007-04-24]
(175 notified about Social Security numbers and names exposed on web) [archive]

Baltimore County Department of Health - [2007-04-24]
(Names, Social Security numbers, and dates of birth of about 6,000 on stolen laptop) [archive]

Neiman Marcus Group - [2007-04-24]
(Stolen computer equipment contains Social Security numbers and other information on 160,000) [archive]

Federal Emergency Management Agency - [2007-04-23]
(Social Security numbers of 2,300 printed on mailing envelopes) [archive]

United States Department of Agriculture - [2007-04-20]
(An estimated 63,000 Social Security numbers posted on public web site) [update][archive]

Los Alamos National Laboratory - [2007-04-20]
(550 names and Social Security numbers found on web site) [archive]

Albertsons - [2007-04-20]
(Over 100 Credit/Debit Cards stolen by card terminal hijacking in area grocery stores) [archive]

New Mexico State University - [2007-04-19]
(Names and Social Security numbers of more than 5,600 posted to web) [archive]

University of California, San Francisco - [2007-04-18]
(Names, contact information, and Social Security numbers of 3,000 on stolen server) [archive]

Ohio State University - [2007-04-18]
(Stolen laptops contain names and Social Security numbers of 3,500) [archive]

CVS Corp. - [2007-04-17]
(Credit card numbers, medical information and other sensitive material for over 1,000 dumped) [archive]

Ohio State University - [2007-04-17]
(Over 14,000 Social Security numbers, names, and addresses on compromised computer) [archive]

Bank of America - [2007-04-12]
(Names, addresses, and Social Security numbers on stolen laptop) [archive]

Fulton County, Georgia - [2007-04-12]
(75,000 voter registration application cards with Social Security numbers, names, and addresses) [archive]

University of Pittsburgh Medical Center - [2007-04-12]
(80 patients' names and Social Security numbers available on internet) [archive]

Black Hills State University - [2007-04-12]
(Social Security numbers and names of 56 posted on college web site) [archive]

New Horizons Community Credit Union - [2007-04-11]
(About 9,000 alerted about confidential member loan information) [archive]

ChildNet - [2007-04-11]
(Stolen laptop contains personal information of about 12,000) [update][archive]

Georgia Department of Community Health / Affiliated Computer Services - [2007-04-10]
(Social Security numbers, birthdates and addresses of 2.9 million on lost CD) [archive]

Turbo Tax - [2007-04-09]
(Web error permitted access to others' tax returns) [archive]

Rogers Communications Inc - [2007-04-08]
(Hundreds of orders with personal details and Social Insurance numbers found strewn in parking lot) [archive]

Chicago Public Schools - [2007-04-06]
(Stolen laptops contain names and Social Security numbers of about 40,000) [archive]

Hortica - [2007-04-06]
(Missing backup tapes contain names, Social Security numbers, drivers' license numbers) [archive]

DCH Health System - [2007-04-05]
(Social Security numbers and other personal data of 6,000 on missing disc and documents) [archive]

University of California, San Francisco - [2007-04-04]
(Social Security numbers, names, and bank information of about 46,000 on compromised server) [archive]

University of Montana-Western - [2007-03-30]
(Stolen disk contains Social Security numbers of over 400 students) [archive]

Navy Station San Diego - [2007-03-30]
(Missing laptops may contain names, rates and ratings, and Social Security numbers) [archive]

Los Angeles County Child Support Services - [2007-03-30]
(243,000 notified that personal information may be at risk) [archive]

RadioShack - [2007-03-29]
(Thousands of documents with credit card numbers and other personal information found in trash) [archive]

Nottinghamshire Healthcare - [2007-03-27]
(Stolen laptop contains names, addresses, and dates of birth on 11,500 children) [archive]

St. Mary Parish Schools (Louisiana) - [2007-03-27]
(Yahoo! crawler reveals 380 employee Social Security numbers) [archive]

Halifax - [2007-03-27]
(Stolen documents contain data on 13,000 mortgage customers) [archive]

U.S. Army Training and Doctrine Command - [2007-03-26]
(As many as 16,000 Social Security numbers, names and payroll information on stolen laptop) [archive]

Group Health Cooperative Health Care System - [2007-03-24]
(Stolen laptops contain Social Security numbers and names of 31,000) [archive]

Swedish Urology Group - [2007-03-23]
(Hundreds of personal files on stolen hard drive) [archive]

HSBC Australia - [2007-03-21]
(Banking details, names and home addresses of 100 in lost documents) [archive]

Tax Service Plus - [2007-03-20]
(Up to 4,000 notified about tax returns on stolen computer) [archive]

Springfield (Ohio) City Schools - [2007-03-16]
(Social Security numbers and names of 1,950 on stolen laptop) [archive]

Empire Blue Cross and Blue Shield / WellPoint - [2007-03-14]
(Names, Social Security numbers, and medical information for 75,000 on lost CD) [update][archive]

Dai Nippon Printing Company - [2007-03-12]
(Nearly 9 million pieces of private data on customers stolen) [archive]

University of Idaho - [2007-03-10]
(Names, birthdates and Social Security numbers for about 2,700 university employees on web) [archive]

California National Guard - [2007-03-09]
(1,300 Social Security numbers, addresses, and dates of birth on stolen hard drive) [archive]

United States Census Bureau - [2007-03-07]
(Personal information from 302 households posted on public Internet site) [archive]

Los Rios Community College - [2007-03-07]
(About 2,000 names, Social Security numbers, and birth dates found in Google search) [archive]

Johnny's Selected Seeds - [2007-03-03]
(11,500 credit card numbers on hacked server) [archive]

Metropolitan State College of Denver - [2007-03-02]
(Names and Social Security numbers of 988 former students on stolen laptop) [archive]

Westerly Hospital - [2007-03-01]
(2,000 names, Social Security numbers, and medical records posted on web site) [archive]

The Hospital for Sick Children (SickKids) - [2007-03-01]
(Medical information of research study patients on stolen laptop) [archive]

Tokyo University of Science - [2007-03-01]
(Personal information of 8,800 on stolen hard disk) [archive]

Gulf Coast Medical Center - [2007-02-28]
(Two stolen computers contain personal information on 9,900 people) [archive]

Japan Post - [2007-02-24]
(Bag containing personal information on 290,000 customers stolen) [archive]

National Australia Bank - [2007-02-23]
(Names and account numbers of 397 people sent to wrong addresses) [archive]

Worcestershire County Council - [2007-02-23]
(Banking details, names, and addresses of 19,000 on stolen laptop) [archive]

Rabun Apparel - [2007-02-23]
(1,006 names and Social Security numbers of former employees posted to internet) [archive]

Speedmark - [2007-02-22]
(35,000 notified about Social Security numbers, names, and addresses on stolen computer) [archive]

Georgia Tech University - [2007-02-21]
(Social Security numbers, names, and addresses of 3,000 accessed through compromised account) [archive]

Back and Joint Institute of Texas - [2007-02-20]
(Hundreds of medical records with Social Security numbers found in trash behind building) [archive]

Stop & Shop - [2007-02-19]
(Unknown number of consumers' credit and debit card data stolen by skimmers) [archive]

Seton Family of Hospitals - [2007-02-19]
(Social Security numbers, names, and dates of birth for 7,800 on stolen laptop) [archive]

Clarksville-Montgomery County Schools (TN) - [2007-02-19]
(633 Social Security numbers inadvertently placed on web site) [archive]

State of Connecticut - [2007-02-17]
(1,753 employee names and Social Security numbers posted to web) [archive]

City College of San Francisco - [2007-02-15]
(Names and Social Security numbers of 11,000 posted on web site) [archive]

Iowa Department of Education - [2007-02-15]
(160,000 personal records in file on hacked web site) [archive]

Kaiser Permanente - [2007-02-14]
(Medical information and some Social Security numbers for 22,000 on stolen laptop) [archive]

Washington D.C. Metropolitan Police Department - [2007-02-11]
(Social Security numbers for 2,000 police officers exposed) [archive]

Department for Work and Pensions (UK) - [2007-02-10]
(Bank details of as many as 26,000 pensioners sent to wrong addresses) [archive]

State of Indiana - [2007-02-10]
(5,600 people and businesses notified about credit card numbers on hacked server) [archive]

Radford University - [2007-02-09]
(Breached computer contained 2,400 Social Security numbers and birthdates) [archive]

East Carolina University - [2007-02-09]
(Social Security numbers, names, and some credit card numbers for 65,000 posted to web) [archive]

Piper Jaffray - [2007-02-08]
(More than 1,000 Social Security numbers printed on W-2 envelopes) [archive]

St. Mary's Hospital - [2007-02-08]
(130,000 names, Social Security numbers and birthdates of patients on stolen laptop) [update][archive]

Central Connecticut State University - [2007-02-07]
(Letters reveal Social Security numbers for about 750 students) [archive]

University of Nebraska, Lincoln - [2007-02-07]
(72 Social Security numbers posted on public web site for over two years) [archive]

Johns Hopkins Hospital - [2007-02-07]
(Missing computer tapes contain Social Security numbers of 52,000) [archive]

Metro Credit Services - [2007-02-06]
(Social Security numbers, medical bills, and phone bills for "thousands" found in discarded boxes) [archive]

New York Department of Labor - [2007-02-06]
(Personal information for 537 on stolen documents) [archive]

CTS - [2007-02-03]
(Social Security numbers, names, and banking information of 800 on stolen computer) [archive]

Birmingham Veterans Affairs Medical Center - [2007-02-02]
(Portable hard drive may contain personal identifying information on up to 48,000 veterans) [archive]

New York Department of State - [2007-02-02]
(Commercial records containing Social Security numbers posted on web) [archive]

University of Missouri - [2007-02-02]
(Personal information including Social Security numbers of 1,220 on hacked server) [archive]

Wisconsin Legislative Human Resources Office - [2007-02-02]
(Social Security numbers and other personal information stolen from employee's car) [archive]

San Francisco Indian Consulate - [2007-02-02]
(Thousands of sensitive documents dumped at recycling center) [archive]

Massachusetts Department of Industrial Accidents - [2007-02-01]
(Database containing 1,200 Social Security numbers and names allegedly accessed) [archive]

Vermont Agency of Human Services - [2007-01-29]
(Social Security numbers, names, and bank information for 70,000 on hacked computer) [archive]

Halifax Bank of Scotland - [2007-01-29]
(Woman who asked for her bank statement was sent those of 75,000 other customers) [archive]

Salina Regional Health Center - [2007-01-28]
(1,100 names, Social Security numbers, and medical histories on stolen laptop) [archive]

Eastern Illinois University - [2007-01-26]
(Social Security numbers and names of 1,400 students on stolen computer) [archive]

Chase / Bank One - [2007-01-26]
(4,100 names and Social Security numbers found in purchased used furniture) [archive]

Anthem Blue Cross Blue Shield - [2007-01-26]
(Social Security numbers and names of around 50,000 on stolen backup tapes) [archive]

Vanguard University - [2007-01-26]
(Social Security numbers, names, dates of birth for 5,105 on stolen computers) [archive]

Indiana Department of Transportation - [2007-01-26]
(Names and Social Security numbers of about 4,000 employees posted on internal network) [archive]

Wahiawa Women, Infants and Children - [2007-01-25]
(Up to 11,500 notified about compromise of personal information) [archive]

Ohio Board of Nursing - [2007-01-25]
(3,031 nurses' Social Security numbers and names posted on web) [archive]

Rutgers University - [2007-01-24]
(Social Security numbers and personal identification numbers of 200 students on stolen faculty laptop) [archive]

Clay High School (OR) - [2007-01-23]
(Social Security numbers, names, addresses, and birthdays of students and faculty hacked by student) [archive]

Xerox - [2007-01-23]
(297 Wilsonville employees notified of theft of laptop containing personal information) [archive]

Chicago Board of Elections - [2007-01-22]
(Social Security numbers, birth dates and addresses of 1.3 million voters on over 100 missing discs) [archive][update]

Greenville County School District (S.C.) - [2007-01-20]
(Social Security numbers and personnel records of thousands of teachers left behind in move) [archive]

Internal Revenue Service / Kansas City Government - [2007-01-19]
(26 IRS tapes with taxpayer information missing from Kansas City Hall) [archive]

KB Home - [2007-01-18]
(2,700 notified about Social Security numbers and names on stolen computer) [archive]

Talvest Mutual Funds - [2007-01-18]
(Missing backup file with personal information, account numbers, Social insurance numbers on 470,000 investors) [archive]

TJX Companies, Inc. - [2007-01-17]
(Hack exposes 45.7 million credit card numbers and transaction details) [update][archive][archive]

Rincon del Diablo Municipal Water District - [2007-01-17]
(Names and credit card numbers of 500 customers on stolen computers) [archive]

University of New Mexico - [2007-01-16]
(Stolen computers may have contained faculty members' names and Social Security numbers) [archive]

North Carolina Department of Revenue - [2007-01-13]
(Files on 30,000 taxpayers on stolen laptop) [archive]

MoneyGram - [2007-01-12]
(Server with consumer information for about 79,000 bill payment customers unlawfully accessed) [archive]

University of Idaho - [2007-01-11]
(As many as 70,000 Social Security numbers, names and addresses on stolen computers) [archive]

Altria / United Technologies / Prudential Financial / Towers Perrin - [2007-01-08]
(Laptops containing data about "tens of thousands" on stolen laptops) [archive][update][update 2]

University of Notre Dame - [2007-01-08]
(Social Security numbers and salary information on stolen laptop) [archive]

Johnston County (North Carolina) - [2007-01-04]
(Stolen laptop contains names and Social Security numbers of volunteer firemen) [archive]

Academic Magnet High School (South Carolina) - [2007-01-03]
(Personal information for about 500 students on stolen computer) [archive]


2006 Archives - 346 incidents in archives

KeyCorp - [2006-12-29]
(9,300 customers' Social Security numbers on vendor's stolen laptop) [archive]

Wisconsin Department of Revenue - [2006-12-29]
(Social Security numbers for 170,000 taxpayers exposed on mailing labels) [archive][update]

Montana State University - [2006-12-27]
(Social Security numbers for 259 students mailed to other students) [archive]

Deaconess Hospital - [2006-12-27]
(Social Security numbers for 128 patients on stolen or missing laptop) [archive]

Utah Valley State College - [2006-12-22]
(Social Security numbers and personal information on thousands of students and faculty appear on Yahoo) [archive]

Bank of America - [2006-12-22]
(Social Security numbers and personal information on undisclosed number of customers stolen by former contractor) [archive]

U.S. State Department - [2006-12-22]
(Social Security numbers and personal information contained in 700 passport applications missing) [archive][update]

Santa Clara County (California) - [2006-12-21]
(2,500 Social Security numbers and names on stolen server) [archive]

SFX Baseball, Inc. - [2006-12-20]
(117, including 90 Major League Baseball players' information found in dumpster) [archive]

Big Foot High School (Wisconsin) - [2006-12-20]
(Social Security numbers and dates of birth of 87 exposed on web) [archive]

Lakeland Library Cooperative - [2006-12-20]
(Personal information of more than 15,000 patrons available on web site) [archive]

Mississippi State University - [2006-12-19]
(Social Security numbers and other information for about 2,400 exposed on web) [archive]

North Bay Regional Center - [2006-12-16]
(Personal data might have been compromised for over 3,000 clients) [archive]

City of Wickliffe, Ohio - [2006-12-16]
(Computer intrusion exposes Social Security numbers for 125) [archive]

University of Colorado at Boulder - [2006-12-15]
(Social Security numbers and names exposed for about 17,500) [archive]

St. Vrain Valley School District - [2006-12-14]
(Papers containing personal information of as many as 600 students stolen) [archive]

Durham (N.C.) Public Schools - [2006-12-14]
(Students hack database containing thousands of employees' Social Security numbers) [archive]

Geisinger Health Systems / Williamson Medical Center / Emory University / Grady Memorial Hospital - [2006-12-14]
(Over 64,000 notified about medical records on stolen computer) [archive][update][update 2]

Boeing Co. - [2006-12-13]
(Social Security numbers and other personal information of 382,000 employees on stolen laptop) [archive]

University of Texas at Dallas - [2006-12-12]
(Social Security numbers and other personal information of 35,000 exposed by hack) [archive][update]

Aetna Inc. / Group Health Insurance Inc. / Nationwide Health Plans / Concentra Preferred Systems - [2006-12-12]
(Medical claim records for 200,279 in stolen lockbox containing computer backup tapes) [archive][update][update 2]

UCLA - [2006-12-12]
(Breached database contains personal information on about 800,000) [archive]

Independent Living Funds - [2006-12-11]
(Thousands of names, national insurance numbers, bank details on stolen backup tape) [archive]

Virginia Commonwealth University - [2006-12-09]
(561 students' names, Social Security numbers and addresses leaked by email) [archive]

State of Vermont - [2006-12-08]
(Social Security numbers of health care providers posted to internet) [archive]

Premier Bank - [2006-12-06]
(Book stolen from vehicle contains about 1,800 names and account numbers) [archive]

West Virginia Air National Guard - [2006-12-05]
(Stolen laptop contains Social Security numbers and names) [archive]

Nassau Community College - [2006-12-05]
(List with Social Security numbers and names of 21,000 students apparently stolen) [archive]

City of Grand Prairie (Texas) - [2006-12-03]
(Social Security numbers and personal info on hundreds of city employees posted to web) [archive]

TransUnion Credit Bureau - [2006-11-30]
(Scam companies gain access to more than 1,700 people's credit information) [archive]

Pennsylvania Department of Transportation - [2006-11-30]
(Personal information for over 11,400 on stolen computers) [archive]

California State University, Los Angeles - [2006-11-29]
(Social Security numbers and names of 2,882 on stolen USB drive) [archive]

Kaiser Permanente Colorado - [2006-11-28]
(Stolen laptop contains names, dates of birth, physician/provider data on 38,000) [archive]

Johnston County (North Carolina) - [2006-11-27]
("Thousands" of names and identifying information posted to web) [archive]

Greenville (South Carolina) County School District - [2006-11-27]
(Social Security numbers and birthdates for about 100,000 on computers sold at auctions) [archive]

Chicago Public Schools / All Printing & Graphics Inc. - [2006-11-27]
(Social Security numbers, names, and addresses of 1,740 accidentally sent in mailing) [archive]

Indiana Department of Health - [2006-11-25]
(Stolen computers may contain women's Social Security numbers, names, and medical information) [archive]

Scotland Yard / Logica CMG - [2006-11-21]
(Bank account information for over 15,000 policemen on stolen laptop) [archive]

New York City Administration for Children's Services - [2006-11-20]
(More than 200 case files filled with confidential information dumped on street corner) [archive]

Jefferson College of Health Sciences - [2006-11-17]
(143 students have names and Social Security numbers inadvertently released by email) [archive]

Boeing - [2006-11-15]
(Social Security numbers and names of 762 employees on stolen laptop) [archive]

Connors State College - [2006-11-14]
(Social Security numbers and data for at least 22,500 on stolen laptop) [archive]

Hertz Global Holdings Inc. - [2006-11-11]
(Social Security numbers and names discovered on former employee's home computer) [archive]

ARCO - [2006-11-10]
(At least 440 have bank accounts compromised through gas station pumps) [archive]

Los Alamos National Laboratory / KSL Services Inc. - [2006-11-10]
(Personal information of about 1,000 on lost compact disc) [archive]

Calgary Health Region - [2006-11-09]
(Contact information and medical information for about 1,000 children on stolen laptop) [archive]

City of Lubbock, Texas - [2006-11-07]
(Social Security numbers for about 5,800 exposed on web) [archive]

Bowling Green, Ohio, Police Department - [2006-11-06]
(Names, Social Security numbers, dates of birth, and license information for 200 posted to web) [archive]

Intermountain Healthcare - [2006-11-03]
(Recovered hard drive contains Social Security numbers and names on 6,244) [archive]

Starbucks - [2006-11-03]
(Social Security numbers and names of about 60,000 on stolen laptops) [archive]

West Shore Bank - [2006-11-03]
(About 1,000 debit card holders notified about compromise) [archive]

University of Virginia - [2006-11-03]
(632 students receive email with others' Social Security numbers) [archive]

Wesco - [2006-11-03]
(Unknown number affected by credit card transaction fraud) [archive] [update] [update]

Villanova University - [2006-11-02]
(Names, birth dates and driver's license numbers of 1,243 on stolen laptop) [archive]

Greater Media Inc. - [2006-11-02]
(Unknown number of Social Security numbers on stolen laptop) [archive]

Muskogee Veterans Affairs Hospital - [2006-11-02]
(Over 1,400 Social Security numbers and names on lost computer disks) [archive]

Manhattan Veterans Affairs Medical Center - [2006-11-02]
(Hundreds of veterans' names and Social Security numbers on stolen computer) [archive]

U.S. Army Cadet Command - [2006-11-01]
(Stolen laptop contains Social Security numbers, addresses, birthdates and more for about 4,600) [archive]

Hancock Askew & Co. LLP - [2006-10-28]
(Stolen laptop contains employee 401(k) information) [archive]

Gymboree - [2006-10-27]
(Social Security numbers and names of 20,000 potentially on stolen laptops) [archive]

Tuscarawas County, Ohio - [2006-10-26]
(Potentially hundreds or thousands of Social Security numbers of voters on LexisNexis) [archive]

Children's Hospital (Akron, Ohio) - [2006-10-26]
(Hacked computers contain private patient data and account information for 200,000) [update][archive]

Colorado Department of Human Services / Affiliated Computer Services Inc. - [2006-10-26]
(Stolen computer contains client personal information) [archive]

Ontario Science Center - [2006-10-26]
(Stolen laptop contains members' personal information) [archive]

Department of Homeland Security - [2006-10-25]
(Thumbdrive containing personal information on current and past employees has been lost ) [archive]

Swedish Medical Center - [2006-10-25]
(1,100 Social Security numbers, names, and birthdates at risk from insider fraud) [archive]

Chicago Board of Election - [2006-10-24]
(Social Security and birth date information from more than 780,000 registered voters on vulnerable web site) [archive]

St. Francis Hospital / Advanced Receivable Strategy - [2006-10-23]
(Patients' names and or Social Security number on lost compact disc) [archive][update]

Allina Hospitals and Clinics - [2006-10-20]
(Personal information including names and Social Security numbers for over 14,000 households on stolen laptop) [archive]

T-Mobile - [2006-10-20]
(Lost laptop may contain Social Security numbers, names, and addresses of about 43,000) [archive]

Germanton Elementary School (North Carolina) - [2006-10-18]
(Stolen computer contains Social Security numbers of students) [archive]

City of Visalia, California - [2006-10-17]
(Discarded city records containing Social Security numbers may affect about 200) [archive]

Ohio Ethics Commission - [2006-10-13]
(Hundreds of documents containing Social Security numbers and financial statements found in alley) [archive]

University of Texas at Arlington - [2006-10-12]
(Social Security numbers, names and other information for 2,500 on stolen computers) [archive]

Brock University - [2006-10-12]
(Personal information for 70,000 on hacked computer includes some credit card and account information) [archive]

Adams State College - [2006-10-11]
(Report listing 184 high school students on stolen laptop) [archive]

Republican National Committee - [2006-10-11]
(Wrongly addressed email includes top donors' names, race, Social Security numbers) [archive]

Florida Department of Labor - [2006-10-11]
(Names and Social Security numbers of 4,624 posted to internet) [archive]

Troy Athens High School (Michigan) - [2006-10-09]
(Stolen hard drive may contain students' transcripts, test scores, addresses and Social Security numbers) [archive]

Camp Pendleton Marine Corps Base - [2006-10-06]
(Personal info on 2,400 residents on lost laptop computer) [archive]

Cleveland Air Route Traffic Control Center - [2006-10-06]
(Names and Social Security numbers of at least 400 on missing hard drive) [archive]

Capistrano Unified School District - [2006-10-05]
(Stolen computers "likely" list names and Social Security numbers for employees) [archive] [update]

Statistics Canada - [2006-10-05]
(Cabinet filled with census files sold at auction) [archive]

Cumberland County PA. - [2006-10-03]
(Cumberland County discovers employee Social Security numbers on county website) [archive]

Seattle-Tacoma International Airport - [2006-10-02]
(Almost 7,000 names and Social Security numbers on lost disks) [archive]

State of Kentucky - [2006-09-29]
(146,000 notified about exposed Social Security numbers in mail envelope windows) [archive]

University of Iowa - [2006-09-29]
(Computer containing Social Security numbers of 14,500 research subjects hacked) [archive]

North Carolina Department of Motor Vehicles - [2006-09-28]
(Computer stolen from contains personal information on 16,000 motorists) [archive]

America Online - [2006-09-27]
(Six arrested in AOL harvesting scheme involving thousands. Bank account, credit card, other personal info vulnerable) [archive]

General Electric - [2006-09-25]
(Stolen laptop contains names and Social Security numbers for about 50,000) [archive][update]

Nagasaki University Hospital of Medicine and Dentistry - [2006-09-24]
(Stolen computers contain names and medical information of about 9,000) [archive]

Erlanger Hospital (Tennessee) - [2006-09-23]
(4,150 Social Security numbers and names on lost USB storage device) [archive]

Allstate Canada Inc. - [2006-09-23]
(Personal information for 60 to 70 customers stolen from car) [archive]

Purdue University - [2006-09-22]
(2,482 hacked records include Social Security numbers, names, and email addresses) [archive]

University of Colorado at Boulder - [2006-09-22]
(1,372 students and former students have Social Security numbers and names on missing computers) [archive]

United States Department of Commerce and Census Bureau - [2006-09-21]
(246 of 1,137 lost laptops contain personal information on 558 households) [archive]

Pima County Health Department (Arizona) - [2006-09-21]
(Names and dates of birth for about 2,500 recovered from stolen car) [archive]

City of Savannah - [2006-09-20]
(Over 8,800 names and some Social Security numbers possibly compromised) [archive]

Berry College - [2006-09-20]
(Social Security numbers and names of 2,093 "misplaced") [archive]

Life is good - [2006-09-19]
(Credit card numbers of 9,250 on hacked server) [archive]

DePaul Medical Center (Norfolk, Virginia) - [2006-09-18]
(About 100 affected by loss of stolen computers) [archive]

Whistle Junction Restaurant (Orlando, Florida) - [2006-09-17]
(Goes out of business and dumps unknown number of employee records in a dumpster) [archive]

Direct Loan - [2006-09-17]
(Over 21,000 borrowers' Social Security numbers possibly exposed online) [archive]

Michigan Department of Community Health - [2006-09-16]
(Lost flash drive contains 4,000 Social Security numbers and other personal information) [archive]

Howard, Rice, Nemerovski, Canady, Falk & Rabkin - [2006-09-16]
(Social Security numbers and names of 500 on stolen laptop) [archive]

University of Texas at San Antonio - [2006-09-15]
(64,000 notified about compromised Social Security numbers, names and addresses) [archive]

Scotland Post Office / Natwest / Royal Bank of Scotland - [2006-09-15]
(Customers' bank details, National Insurance numbers, passport numbers and other personal information in a bin) [archive]

Berks County, Pennsylvania - [2006-09-15]
(Names, addresses, Social Security numbers and other information of some of 25,000 gun-permit holders on web) [archive]

Mercy Medical Center Merced - [2006-09-15]
(Memory card contains 295 names, Social Security numbers, birthdates and medical record numbers) [archive]

Illinois Department of Corrections - [2006-09-14]
(Social Security numbers, names, and salaries of "many" employees found outside company grounds) [archive]

Nikon Inc. - [2006-09-14]
(3,235 credit card numbers, names and addresses published on web site) [archive]

American Family Insurance - [2006-09-13]
(Stolen laptop contains over 2,000 customer Social Security and drivers license numbers) [archive]

City of Paris, Kentucky - [2006-09-12]
(Lost thumb drive might contain Social Security numbers and names of about 100) [archive]

Telesource - [2006-09-11]
(Social Security numbers and other personal information found in dumpster) [archive]

Cleveland Clinic (Florida) - [2006-09-08]
(Social Security numbers, dates of birth, addresses and other details of 1,100 patients stolen) [archive][update][update 2]

University of Minnesota - [2006-09-08]
(Personal information of 13,084, including 603 Social Security numbers, on stolen computers) [archive]

Linden Lab / Second Life - [2006-09-08]
(Names, address, and payment information of almost 650,000 on hacked server) [archive]

BMO Bank of Montreal - [2006-09-08]
(Stolen laptop contains personal data for about 900 clients) [archive]

Florida National Guard - [2006-09-07]
(Social Security numbers of up to 100 soldiers on stolen laptop) [archive]

Chase Card Services - [2006-09-07]
(Tapes with information on over 2.5 million Circuit City cardholders thrown in trash) [archive]

Transportation Security Administration - [2006-09-06]
(Social Security numbers and birth dates of 1,195 mailed to wrong addresses) [archive]

Wells Fargo - [2006-09-01]
(Social Security numbers and names of Wells Fargo employees on stolen laptop) [archive]

City of Chicago / Nationwide Retirement Solutions - [2006-09-01]
(38,443 names, addresses, Social Security numbers, and dates of birth on stolen laptop) [archive]

Virginia Commonwealth University - [2006-09-01]
(Names, Social Security numbers, and email addresses of 2,100 exposed online) [archive]

Domino's Pizza - [2006-08-31]
("Thousands" of credit card numbers, names, and expiry dates found on slips in dumpster) [archive]

LabCorp - [2006-08-31]
(Names and Social Security numbers on stolen medical lab computer) [archive]

Valley Baptist Medical Center - [2006-08-29]
(73 possibly exposed by web site with names, Social Security numbers, and dates of birth) [archive]

United States Department of Education - [2006-08-29]
(Two stolen laptops may contain personal information of 43 people) [archive]

Compass Health - [2006-08-29]
(Stolen laptop contains personal data including Social Secutity numbers) [archive]

AT&T - [2006-08-29]
(Hackers access credit card information for "fewer than 19,000") [archive]

New Mexico Administrative Office of the Courts - [2006-08-27]
(Names, Social Security numbers and addresses of 1,500 employees posted on state FTP server) [archive]

University of South Carolina - [2006-08-26]
(Intruder could have accessed names, Social Security numbers, and dates of birth of about 6,000) [archive]

PortTix - [2006-08-26]
(Credit card information for about 2,000 accessed through hacked web site) [archive]

Verizon Wireless - [2006-08-25]
(Names and cell phone information for over 5,000 leaked on spreadsheet) [archive]

Sovereign Bank - [2006-08-25]
(Three stolen laptops may contain customers' personal data) [archive]

Dominion Resources - [2006-08-25]
(Two stolen laptops contain personal employee information) [archive]

Federal Motor Carrier Safety Administration - [2006-08-25]
(Stolen laptop "might contain" personal information on 193 people) [archive]

United States Department of Education - [2006-08-23]
("Limited number" of 6.4 million borrowers have information exposed on web) [archive]

Troy Beaumont Hospital - [2006-08-22]
(Social Security numbers and insurance information on 28,400 Home Care patients on stolen laptop) [archive]

Beaverton School District (Oregon) - [2006-08-22]
(Missing time slips for 1,600 employees include names and Social Security numbers) [archive]

Aflac - [2006-08-22]
(Names, addresses, Social Security numbers, and birth dates of 612 on stolen laptop) [archive]

California Department of Mental Health - [2006-08-18]
(Missing tape contains names, addresses, and Social Security numbers of 9,468) [archive]

HCA Inc. - [2006-08-17]
(Stolen computers contain names and Social Security numbers of employees and physicians) [archive]

Williams-Sonoma - [2006-08-17]
(Stolen laptop contains personal information for about 1,200) [archive]

Chevron - [2006-08-16]
("Potentially tens of thousands" of employees' Social Security numbers on stolen laptop) [archive]

University of Kentucky Department of Geography - [2006-08-15]
(About 80 students affected by disclosure of Social Security numbers) [archive]

University of Kentucky - [2006-08-15]
(About 630 students affected by disclosure of Social Security numbers) [archive]

Madrona Medical Group - [2006-08-11]
(Over 6,000 patients notified about illegal download of personal information) [archive]

United States Department of Transportation - [2006-08-09]
(Stolen laptop contains personal information of 133,000 Florida residents) [archive]

Linens 'n Things - [2006-08-08]
(90 receipts containing credit card numbers and names taken from store) [archive]

Virginia Bureau of Insurance - [2006-08-08]
(Social Security numbers may have been accessible on website for six weeks) [archive]

United States Department of Veterans Affairs / Unisys - [2006-08-08]
(Stolen computer contains personal data on as many as 38,000 veterans) [archive]

America Online (AOL) - [2006-08-06]
(650,000 users' search queries exposed - some contain personally identifiable information) [archive]

PSA HealthCare - [2006-08-04]
(Personal information for over 51,000 on stolen laptop) [archive]

Matrix Bancorp Inc. - [2006-08-04]
(Customers' personal account information on stolen laptop computer) [archive]

Toyota - [2006-08-04]
(Personal information for about 1,500 people on stolen laptop) [archive]

Vassar Brothers Medical Center - [2006-08-02]
(Social Security numbers and dates of birth of 257,800 on stolen laptop) [archive]

Belhaven College - [2006-08-02]
(About 300 employee names and Social Security numbers on stolen laptop) [archive]

West Virginia Division of Rehabilitation Services - [2006-08-02]
(Names, addresses, Social Security numbers and phone numbers on stolen laptop) [archive]

Wichita State University - [2006-08-01]
(Credit card and other information compromised for over 2,000 people) [archive]

Dollar Tree - [2006-08-01]
(Hundreds of customers report money stolen from their bank accounts due to unauthorized ATM withdrawals) [archive]

U.S. Bank - [2006-08-01]
("A very small number" of customers' names, phone numbers, and Social Security numbers stolen from car) [archive]

Cal Poly - [2006-08-01]
(3,020 Social Security numbers on stolen laptop) [archive]

Sentry Insurance - [2006-07-29]
(Social Security numbers and names of 72 people sold over Internet, over 112,000 more stolen) [archive]

Lancaster General Hospital - [2006-07-28]
(Personal information about hundreds of local physicians stolen) [archive]

Los Angeles County Adult Protective Services - [2006-07-27]
(Eleven laptops stolen - contain information "not for public consumption") [archive]

Los Angeles County Community Development Commission - [2006-07-27]
(Hacker gains access to personal information on 4,800 public housing residents) [archive]

Los Angeles County Department of Community and Senior Services - [2006-07-27]
(Stolen laptop - unknown number of records breached) [archive]

Kaiser Permanente - [2006-07-27]
(160,000 notified that personal information is on stolen laptop) [archive]

United States Navy - [2006-07-26]
(Two stolen laptops contain personal information on about 31,000 recruiters and recruits) [archive]

MD Management / Canadian Medical Association - [2006-07-26]
(About 8,000 notified about personal information on stolen laptop) [archive]

Cablevision - [2006-07-25]
(Lost computer tape included Social Security and 401(k) election information for about 13,700) [archive]

Old Mutual Capital Inc. - [2006-07-25]
(6,500 informed that stolen laptop contains names, addresses, account numbers, and Social Security numbers) [archive]

Armstrong World Industries / Deloitte & Touche - [2006-07-25]
(Stolen laptop contains personal information of 12,000 current and former employees) [archive]

Georgetown University Hospital / InstantDX - [2006-07-25]
(Social Security numbers, names, addresses, and dates of birth exposed to computer consultant) [archive]

New York City Department of Homeless Services - [2006-07-24]
(Names and Social Security numbers of 8,400 homeless parents in errant email attachment) [archive]

Wolters Kluwer - [2006-07-24]
(Names and Social Security numbers of 8,500 current and former employees on stolen laptop) [archive]

CS Stars / Special Funds Conservation Committee - [2006-07-21]
(Stolen computer contains Social Security numbers and other information on over 500,000) [archive]

Oasis (UK clothing store) - [2006-07-20]
(Credit card receipts containing numbers and signatures found in street) [archive]

Nelnet Inc. / United Parcel Service (UPS) - [2006-07-18]
(Personal information for 188,000 on lost backup tape) [archive]

United States Department of Agriculture - [2006-07-18]
(350 Social Security numbers, names, and addresses on stolen laptop possibly accessed) [archive]

Merlin Information Services - [2006-07-17]
(Information on 5,875 people fraudulently obtained through computer system) [archive]

Mississippi Secretary of State - [2006-07-16]
(Web site reveals thousands of individuals' Social Security numbers) [archive]

Northwestern University - [2006-07-14]
(Personally identifying information of almost 17,000 on breached computers) [archive]

Hampton Circuit Court (Virginia) - [2006-07-14]
(Hundreds of Social Security numbers found on publicly accessible computer) [archive]

University of Iowa - [2006-07-14]
(Personal information of 280 current and former students on stolen laptop) [archive]

Moraine Park Technical College - [2006-07-13]
(Social Security numbers, names, addresses and phone numbers for 1,500 on missing disk) [archive]

Montana Public Health and Human Services - [2006-07-07]
(Stolen computer, unknown if any sensitive personal information was taken) [archive]

United States Navy - [2006-07-07]
(Social Security numbers and other personal information of Navy personnel discovered on Internet site) [archive]

National Association of Securities Dealers (NASD) - [2006-07-07]
(Ten stolen laptops contain "scant amounts" of personal information) [archive]

Hattiesburg City Hall (Mississippi) - [2006-07-07]
(Stolen hard drives contain names and Social Security numbers) [archive]

University of Tennessee - [2006-07-06]
(Social Security numbers and names of 36,000 exposed to hacker) [archive]

Automatic Data Processing - [2006-07-06]
(Data thief gathers information on "hundreds of thousands" of American investors) [archive]

Bisys Group, Inc. - [2006-07-05]
(Personal details of about 61,000 investors in stolen truck) [archive]

American Red Cross - [2006-07-01]
(Social Security numbers and medical information on stolen laptop) [archive]

United States Department of Veterans Affairs - [2006-06-30]
(16,000 legal case records on missing backup tape) [archive]

Washington Regional Medical Center - [2006-06-30]
(About 5,000 possibly affected by laptop theft) [archive]

National Institutes of Health Federal Credit Union - [2006-06-29]
(41,000 members contacted about possibility of identity theft) [archive]

Nebraska Treasurer's Office - [2006-06-29]
(Social Security numbers and names of 300,000 possibly obtained) [update] [archive]

AllState - [2006-06-29]
(27,000 notified regarding stolen computer with Social Security numbers and policy information) [archive]

Minnesota Department of Revenue - [2006-06-28]
(Public and private tax data missing for about 2,400 individuals and 48,000 businesses) [archive]

AAAAA Rent-A-Space - [2006-06-27]
(Web based payment system exposes customer names, Social Security numbers, credit card numbers) [archive]

Government Accountability Office - [2006-06-27]
(Social Security numbers, names, and addresses pulled from web site for "less than 1,000") [archive]

HSBC (United Kingdom) - [2006-06-27]
(Confidential account information stolen for 20 customers) [archive]

King County Elections (Washington) - [2006-06-26]
(Social Security numbers for "thousands" posted to county web site) [archive]

Australian High Tech Crime Centre - [2006-06-26]
(Names and bank account numbers of 3,500 on lost "memory stick") [archive]

Social Security Administration - [2006-06-24]
(Social Security numbers and personal data of 228 on stolen laptop) [archive]

Catawba County Schools, North Carolina - [2006-06-24]
(619 students' Social Security numbers found through Google search) [archive]

United States Navy - [2006-06-23]
(Social Security numbers and other personal data of 28,000 found on public web site) [archive]

San Francisco State University - [2006-06-23]
(Stolen laptop contains names and Social Security numbers of about 3,000 current and former students) [archive]

University of Kentucky - [2006-06-22]
(Lost flash drive contains Social Security numbers for 6,500) [archive]

Federal Trade Commission - [2006-06-22]
(Personal and financial information of 110 on stolen laptops) [archive]

United States Department of Agriculture - [2006-06-22]
(Hacker may have obtained names and Social Security numbers of 26,000 workers and contractors) [archive]

Cumberland County Emergency Medical Services (North Carolina) - [2006-06-21]
(Personal information of more than 24,000 people on stolen portable computer) [archive]

New Jersey Department of Labor and Workforce Development - [2006-06-20]
(Personal information of 498 mailed to wrong addresses) [archive]

University of Alabama at Birmingham - [2006-06-20]
(Names, Social Security numbers and medical information of 9,800 on stolen computer) [archive]

Equifax Inc. - [2006-06-20]
(Stolen company laptop with names and Social Security numbers could affect 2,500) [archive]

ING U.S. Financial Services - [2006-06-18]
(Stolen laptop contains Social Security numbers of 13,000) [archive]

Automatic Data Processing Inc. - [2006-06-17]
(Social Security numbers and income information for at least 80 exposed) [archive]

Western Illinois University - [2006-06-17]
(Social Security numbers, names, addresses for as many as 180,000 compromised by hack) [update] [archive]

New York State Comptroller's Office - [2006-06-16]
(Social Security numbers and addresses of state employees on lost cartridge) [archive]

Union Pacific - [2006-06-16]
(30,000 names, Social Security numbers, and birth dates on stolen personal computer) [archive]

American International Group - [2006-06-14]
(Social Security numbers, names, and medical records for 930,000 on stolen server) [archive]

Oregon Department of Revenue - [2006-06-13]
(Social Security numbers, names and addresses possibly revealed for 2,200 taxpayers) [archive]

Hanford Nuclear Reservation - [2006-06-13]
(4,000 current and former workers have Social Security numbers and other information compromised) [archive]

State of Minnesota - [2006-06-13]
(Missing laptops might contain Social Security numbers and other personal information on local government employees) [archive]

KDDI (Japan - telecom carrier) - [2006-06-13]
(Names, addresses, phone numbers, and other information leaked for four million customers) [archive]

Denver Election Commission - [2006-06-11]
(Social Security numbers, addresses, and other information for 150,000 on lost files) [archive]

Nationwide Retirement Systems - [2006-06-10]
(Social Security numbers, dates of birth, and names on stolen laptops) [archive]

National Nuclear Safety Administration - [2006-06-09]
(Personal records of at least 1,500 government employees and contractors hacked) [archive]

Ohio University - [2006-06-09]
(Private information of over 70,000 breached) [archive]

University of Michigan Credit Union - [2006-06-08]
(Personal information of 5,000 members on unshredded missing/stolen documents) [archive]

Colorado Mental Health Institute - [2006-06-07]
(Stolen files contain personal information for 287 employees) [archive]

University of Texas El Paso - [2006-06-06]
(Students allegedly access 4,719 student and faculty Social Security numbers) [archive]

Internal Revenue Service - [2006-06-05]
(Missing laptop contains fingerprints, names, Social Security numbers of 291 employees and applicants) [archive]

Humana Medicare - [2006-06-03]
(Social Security numbers and other information for 17,000 left on unsecured hotel computer) [archive]

Buckeye Community Health Plan - [2006-06-03]
(Personal information for 72,000 Medicaid recipients on stolen laptops) [archive]

Ahold USA (Stop & Shop, Giant, Tops) / Electronic Data Systems Corp. - [2006-06-02]
(Social Security numbers and pension data on lost laptop) [archive]

University of Kentucky - [2006-06-01]
(Personal information, including Social Security numbers, posted online for 1,300) [archive]

YMCA of Greater Providence - [2006-06-01]
(Laptop with 65,000 members' information stolen) [archive]

Miami University (Ohio) - [2006-06-01]
(Personal information of 851 students on lost computer) [archive]

Ernst & Young / Hotels.com - [2006-06-01]
(Names, addresses, and credit card information for 243,000 on stolen laptop) [archive]

VyStar Credit Union - [2006-05-31]
(Around 34,000 member accounts compromised by hack) [archive]

Texas Guaranteed Student Loan Corp. / Hummingbird, Ltd. - [2006-05-31]
(Names and Social Security numbers of 1.3 million on "lost equipment") [archive]

Florida International University - [2006-05-30]
(Thousands of names and Social Security numbers possibly compromised by hacker) [archive]

California State University, Stanislaus - [2006-05-26]
(Social Security numbers, names, addresses, and dates of birth for 1,294 posted to web) [archive]

Sacred Heart University - [2006-05-24]
(Names, addresses, and Social Security numbers found on compromised computer) [archive][update]

Mortgage Lenders Network USA - [2006-05-23]
(Stolen files contain personal information of thousands of people) [archive]

Butler County Department of Mental Retardation Developmental Disabilities - [2006-05-23]
(Stolen laptops contain personal information on 100) [archive]

University of Delaware Department of Public Safety - [2006-05-23]
(1,076 regarding exposure of names, Social Security numbers, and drivers license numbers) [archive]

United States Department of Veterans Affairs - [2006-05-22]
(Names, Social Security numbers, and dates of birth of 26.5 million U.S. military veterans stolen) [update] [update] [archive]

Frost Bank - [2006-05-19]
(About 100 customers' debit card information stolen from the database of an unnamed national retailer) [archive]

American Red Cross - [2006-05-18]
(8,000 people notified regarding breached names, Social Security numbers, and dates of birth) [update] [archive]

University of California, Berkeley - [2006-05-16]
(Social Security numbers and names of 1,200 possibly accessed over internet) [archive]

The American Institute of CPAs - [2006-05-16]
(330,000 notified about missing hard drive containing names, addresses, and Social Security numbers) [archive]

Mercantile Potomac Bank - [2006-05-12]
(Stolen laptop contains Social Security numbers and/or account numbers of 48,000 customers) [archive]

Columbus Bank & Trust - [2006-05-11]
(2,000 accounts flagged due to stolen credit and check card information) [archive]

Ohio University Hudson Health Center - [2006-05-11]
(Names, birth dates, Social Security numbers and medical information for 60,000 people accessed) [archive]

Wells Fargo - [2006-05-05]
(Missing data includes names, addresses, Social Security numbers and mortgage loan deposit numbers) [archive]

Idaho Power Company - [2006-05-04]
(Employee names and Social Security numbers among data found on drives sold on Ebay) [update] [archive]

State of Georgia - [2006-05-02]
(Personal information found on sold state government computers) [archive]

Ohio University - [2006-05-02]
(Records breached for 300,000 people/organizations including 137,000 Social Security numbers) [archive]

United States Department of Defense - [2006-04-28]
(Personal information for over 14,000 military employees compromised by hack) [update] [archive]

State of Ohio - [2006-04-28]
(Social Security numbers of potentially millions of registered voters in Ohio leaked) [archive]

Iron Mountain / Long Island Railroad - [2006-04-27]
(Lost tapes include Social Security numbers for about 17,000 current and former employees) [archive]

Aetna Inc. - [2006-04-26]
(Stolen laptop contains personal information on about 38,000 members) [archive]

Purdue University School of Electrical and Computer Engineering - [2006-04-26]
(1,351 notified following breach involving Social Security numbers) [archive]

MasterCard / Clydesdale Bank (U.K.) / Morgan Stanley - [2006-04-26]
(Stolen credit card details affects 2,000) [update] [archive]

University of Virginia - [2006-04-24]
(Stolen computer contains Social Security numbers and names for students) [archive]

University of Texas McCombs School of Business - [2006-04-23]
(Records including Social Security numbers breached for 197,000 people) [archive]

Boeing - [2006-04-21]
(Social Security numbers and names of 3,600 on stolen laptop) [archive]

University of Alaska Fairbanks - [2006-04-21]
(Personal information of 38,941 possibly stolen by hacker) [archive]

Monarch Beauty Supply - [2006-04-20]
(Over 2,600 sales receipts with credit and debit card numbers thrown in dumpster) [archive]

Fraser Health Authority - [2006-04-16]
(Missing computer and disk contains names, birth dates, contact information and referral reasons for thousands) [archive]

Voluntary Employees Benefit Association of Hawaii - [2006-04-14]
(Social Security numbers, names, and dates of birth illegally reproduced for over 40,000) [archive]

University of South Carolina - [2006-04-14]
(Social Security numbers of 1,400 students released by email) [archive]

Fifth Third Bank - [2006-04-13]
(Insider compromises personal information of nearly 1,000 customers) [archive]

Ross-Simons - [2006-04-12]
(Social Security numbers and credit card numbers of 32,000 exposed by breach) [update] [archive]

Broward County Records Division, Florida - [2006-04-10]
(Social Security numbers and other information posted to public web site) [archive]

University of Medicine and Dentistry of New Jersey - [2006-04-09]
(2,000 students and alumni have Social Security numbers and financial information exposed) [archive]

DiscountDomainRegistry.com - [2006-04-07]
(Personal and financial information exposed for "thousands") [archive]

Authorize.net - [2006-04-03]
(About 3,000 suspicious credit card transactions processed) [archive]

Con Edison - [2006-04-01]
(15,000 W-2 forms containing Social Security numbers and addresses lost in mail) [archive]

Shorter College - [2006-04-01]
(Hacker potentially gains access to student and faculty information) [archive]

Los Angeles County Department of Social Services - [2006-03-31]
(94,000 notified about unshredded documents containing Social Security numbers and medical information) [archive]

Connecticut Technical High School System - [2006-03-30]
(Social Security numbers of 1,250 staff members leaked via email) [archive]

United States Marine Corp - [2006-03-30]
(Lost drive contains Social Security numbers of over 207,000 U.S. Marines) [archive]

Georgia Technology Authority - [2006-03-30]
(570,000 pension plan members have confidential information exposed by hack) [archive]

University of Nebraska, Lincoln - [2006-03-29]
(Social Security numbers and other information for 342 students archived by Google) [archive]

Florida Department of Management Services / Convergys Corp. - [2006-03-26]
(108,000 could be affected by possibly compromised personal data) [archive]

California State University, Dominguez Hills - [2006-03-24]
(Stolen laptop had personal information on 2,486 students and potential students) [archive]

Vermont State Colleges - [2006-03-24]
(Stolen laptop contains Social Security numbers and payroll data) [update] [archive]

California State Employment Development Division - [2006-03-24]
(64,000 tax forms with Social Security numbers and financial information sent to wrong addresses) [archive]

Fidelity Investments / Hewlett-Packard - [2006-03-22]
(196,000 retirees and former employees warned about personal information on stolen laptop) [update] [archive]

District of Columbia Board of Elections and Ethics - [2006-03-22]
(Voter Social Security numbers viewable by all from board of elections lists) [archive]

Bananas.com - [2006-03-16]
(274 notified about stolen credit card information) [archive]

Ernst & Young - [2006-03-15]
(Stolen laptop contains names and Social Security numbers of IBM, Nokia, Cisco, and BP employees)
[update] [archive]

General Motors - [2006-03-14]
(100 GM employees have Social Security numbers stolen by former security guard) [archive]

Choice One Online / Buffalo Bisons web site - [2006-03-14]
(Credit card numbers on team web site compromised) [archive]

Verizon - [2006-03-08]
(Stolen laptops may contain Social Security numbers and other information of Verizon employees) [archive]

Georgetown University - [2006-03-05]
(Names, Social Security numbers, birthdates of 41,000 compromised) [archive]

Metropolitan State College - [2006-03-03]
(93,000 Social Security numbers and student names possibly on stolen laptop) [archive]

Olympic Funding Chicago - [2006-03-02]
(Unknown number of client names and Social Security numbers on stolen hard drives) [archive]

Medco Health Solutions, Inc. - [2006-03-01]
(Unencrypted Social Security numbers for about 4,600 on stolen laptop) [archive]

Bank of Bermuda - [2006-03-01]
(800 customers have ATM cards compromised by breach) [archive]

Ernst & Young - [2006-02-25]
(Stolen laptop contains names and Social Security numbers) [archive]

Deloitte & Touche - [2006-02-23]
(Lost CD contains personal details on over 3,000 current US/Canada McAfee employees and 6,000 former McAfee employees) [archive] [archive 2]

Denver International Airport / Affiliated Computer Services - [2006-02-23]
(Credit card information stolen from vendor in charge of airport parking) [archive]

PricewaterhouseCoopers - [2006-02-22]
(Stolen laptop contains health information and Social Security numbers of 4,000 people) [archive]

New Hampshire Department of Motor Vehicles - [2006-02-22]
(Cain & Abel program found on server with credit card information) [archive]

Alltel - [2006-02-20]
(Customers' Social Security numbers, addresses and phone numbers found in dumpster) [archive]

University of Northern Iowa - [2006-02-18]
(Laptop with about 6,000 W-2 forms illegally accessed) [archive]

Pelican Bay State Prison - [2006-02-17]
(Inmates gain access to employees' Social Security numbers, pension account information) [archive]

Mount St. Mary's Hospital - [2006-02-17]
(Stolen laptops may contain Social Security numbers and addresses) [archive]

University of Washington Medical Center - [2006-02-16]
(Hacker gains opportunity to view patient medical records) [archive]

U.S. Department of Agriculture - [2006-02-16]
(350,000 Social Security numbers and tax IDs accidentally released) [archive]

Blue Cross and Blue Shield of Florida - [2006-02-16]
(Contractor emails 27,000 names and Social Security numbers to home computer) [archive]

Old Dominion University - [2006-02-15]
(601 student Social Security numbers published to web) [archive]

Suffolk County Clerk's Office, New York - [2006-02-15]
(Over 7,000 homeowners' Social Security numbers posted on website) [archive]

Bank of America, Wells Fargo, Washington Mutual, OfficeMax - [2006-02-09]
(Breach involving unknown vendor leads to cancellation of about 200,000 debit cards) [update] [archive]

Blue Cross Blue Shield of North Carolina - [2006-02-07]
(Over 600 member Social Security numbers printed on mailing labels) [archive]

Regions Bank - [2006-02-06]
(New credit cards being issued for 100,000 following breach) [archive]

FedEx - [2006-02-04]
(Up to 8,500 W-2 forms recalled when mailed to wrong employees) [archive]

Presbyterian Health Care Service - [2006-02-02]
(450 patients' Social Security numbers and credit card numbers on stolen computer) [archive]

University of Colorado at Colorado Springs - [2006-02-01]
(Virus-infected computer compromises personal information for about 2,500) [archive]

Boston Globe and Worcester Telegram & Gazette - [2006-01-31]
(Credit card data of up to 240,000 subscribers may have been exposed) [archive]

Washington State Health Care Authority - [2006-01-31]
(About 6,000 Social Security numbers printed on postcards) [archive]

Honeywell International - [2006-01-31]
(About 19,000 current and former employees notified about information posted on web) [update] [archive]

Cooks Illustrated - [2006-01-30]
(Unknown unauthorized access to back-office system) [archive]

State of Rhode Island - [2006-01-28]
(4,118 credit card numbers "probably taken") [archive]

College of St. Scholastica - [2006-01-27]
(12,000 notified about names and Social Security numbers on recovered stolen computer) [archive]

Providence Home Services - [2006-01-26]
(Personal data and medical records for 365,000 on stolen backup disks and tapes) [archive]

Ameriprise Financial, Inc. - [2006-01-25]
(226,000 notified about personal data on stolen laptop) [archive]

University of Delaware - [2006-01-25]
(Social Security numbers for 159 graduate students possibly compromised) [archive]

University of Washington Medical Center - [2006-01-24]
(Personal information for about 1,600 patients on stolen laptops) [archive]

University of Notre Dame - [2006-01-23]
(Personal and financial information of some University donors may be at risk) [archive]

California National Guard - [2006-01-21]
(Data for hundreds of Guardsmen possibly exposed by stolen briefcase) [archive]

University of Kansas - [2006-01-20]
(Online applicants may have personal information exposed via Web) [archive]

Bournemouth Borough Council - [2006-01-18]
(Personal information for about 70 found dumped) [archive]

New York City Teachers' Retirement System - [2006-01-16]
(Personal and financial information of around 5,800 pensioners possibly compromised) [archive]

Illinois Education Association - [2006-01-15]
(Social Security numbers for "many" teachers on stolen computer equipment) [archive]

People's Bank / UPS - [2006-01-11]
(Personal data for 90,000 customers lost in transit) [archive]

Grand Hotel, Brighton / De Vere Group - [2006-01-09]
(Hotel registration cards containing credit card details found) [archive]

Kerzner International Ltd. / Atlantis - [2006-01-08]
(Personal information for around 55,000 customers stolen) [archive]

H&R Block - [2006-01-02]
(Mailing labels include customer Social Security numbers) [archive]

University of Pittsburgh Medical Center - [2006-01-01]
(Personal information for 700 patients possibly compromised) [archive]


2005 Archives - 139 incidents

Marriott International Inc. - [2005-12-28]
(Missing backup tapes contain credit card and Social Security numbers of 206,000) [archive]

Ford Motor Company - [2005-12-22]
(70,000 names and Social Security numbers on stolen computer) [archive]

DHL / LaSalle Bank / ABN Amro Mortgage Group Inc - [2005-12-21]
(Tape with over 2 million customer records lost, then recovered) [archive]

Guidance Software - [2005-12-19]
(Hacked database reveals about 3,800 credit card numbers) [archive]

Sam's Club - [2005-12-12]
(Breach exposed credit card data belonging to an unspecified number of customers) [archive]

Iowa State University - [2005-12-12]
(About 2,500 donors' encrypted credit card numbers and 3,000 staff Social Security numbers) [archive]

Aid To The Church In Need - [2005-12-12]
(Criminals steal around 2,800 credit card details) [archive]

Idaho State University - [2005-12-09]
(Social Security numbers, dates of birth, and passwords on hacked computer) [archive]

Oregon Community Credit Union - [2005-12-09]
(About 200 Social Security numbers, names and addresses in stolen car) [archive]

Federal Reserve Bank - [2005-12-08]
(About 8,000 personal and business checks lost from truck) [archive]

J-Sargeant Reynolds Community College - [2005-12-08]
(Over 26,000 names, addresses, and Social Security numbers posted on web) [archive]

San Antonio Independent School District - [2005-12-08]
(Stolen laptop contains names and Social Security numbers) [archive]

Washington State Employment Security Department - [2005-12-06]
(Stolen laptop contains 530 names, Social Security numbers) [archive]

University of San Diego - [2005-12-03]
(7,800 linked to USD told of network security breach) [archive]

First Trust Bank - [2005-12-03]
(Stolen laptop contains personal information for thousands of current and former customers) [archive]

Cornell University - [2005-12-02]
(900 individuals notified regarding possible breach) [archive]

Scottrade/TROY Group - [2005-11-26]
(Estimated 140,000 customers at risk) [archive] [archive]

University of Delaware - [2005-11-23]
(952 names and Social Security numbers possibly compromised on hacked servers) [archive]

Indiana University Kelley School of Business - [2005-11-18]
(5,278 names, grades, and some Social Security numbers on hacked computer) [archive]

Boeing Co. - [2005-11-18]
(Names, social security numbers of 161,000 current, former workers at risk) [archive]

Georgia Tech Office of Enrollment Services - [2005-11-11]
(Stolen computers contain data on 13,000 past, present, and prospective students) [archive]

TransUnion LLC - [2005-11-09]
(Data of 3,623 consumers on stolen computer) [archive]

Papa John's - [2005-11-07]
(Personal data exposed through web-based customer feedback page) [archive]

Safeway - [2005-11-05]
(Names and Social Security numbers of about 1,400 on stolen laptop) [archive]

Keck School of Medicine (USC) - [2005-11-04]
(50,000 names and social security numbers on stolen server) [archive]

University of Tennessee Medical Center - [2005-11-01]
(Records of 3,800 on stolen laptop) [archive]

University of Tennessee - [2005-10-29]
(1,900 employees and students notified about name and Social Security number exposure) [archive]

University of Western Ontario - [2005-10-24]
(About 1,000 students' personal information exposed on web) [archive]

State of California - [2005-10-21]
(Tens of thousands of children have personal information exposed) [archive]

Vermont Technical College - [2005-10-20]
(Names, Social Security numbers, and other data exposed on web) [archive]

Wilcox Memorial Hospital - [2005-10-20]
(130,000 names and Social Security numbers on lost disk drive) [archive]

Monmouth University - [2005-10-20]
(677 students have names and Social Security numbers posted on web) [archive]

Montclair State University - [2005-10-15]
(Names and Social Security numbers of 9,100 undergrads exposed) [archive]

Blockbuster Video - [2005-10-08]
(Hundreds of Social Security and credit card numbers found in dumpster) [archive]

Bank of America - [2005-10-07]
(Letters sent to Visa Buxx users about data loss from laptop theft) [archive]

University of Georgia - [2005-09-29]
(Social Security numbers of about 1,600 exposed by breach) [archive]

RBC Dain Rauscher Inc. - [2005-09-28]
(300,000 households notified about possible data theft) [archive]

City University of New York - [2005-09-28]
(771 students, employees, former employees, and retirees alerted about exposure) [archive]

Internal Revenue Service - [2005-09-22]
(Estimated 30,000 tax forms lost in traffic accident) [archive]

Children's Health Council - [2005-09-19]
(Stolen backup tape - as many as 6,700 notified) [archive]

North Fork Bank - [2005-09-17]
(Laptop with data on 9,000 mortgages stolen) [archive]

Choicepoint - [2005-09-16]
(5,236 to be notified about new breaches, 4,667 new notices sent for February breach) [update]
[archive] [archive 1] [archive 2] [archive 3]

Miami (Ohio) University - [2005-09-16]
(Social Security numbers and grades for over 21,000 exposed) [update]

Fort Carson - [2005-09-13]
(Thousands of soldiers warned to watch credit records) [archive]
(Just an FYI - if you steal a computer or hard drive, you are now a 1337 h4x0r) [article]

Kent State University - [2005-09-10]
(More than 100,000 students and faculty alerted about stolen computers) [archive]

Iowa Student Loan - [2005-09-02]
(165,000 notified about names and Social Security numbers on lost compact disc) [archive]

Stark State College of Technology - [2005-08-30]
(7,058 students possibly have personal data exposed by software glitch) [archive]

JPMorgan Chase - [2005-08-30]
(Letter sent to clients regarding stolen laptop) [archive]

California State University - [2005-08-30]
(Names and Social Security numbers of 154 potentially exposed) [archive]

ChartOne - [2005-08-27]
(3,851 patients have records and Social Security numbers stolen) [archive]

United States Air Force - [2005-08-19]
(Personal data for 33,000 officers breached) [archive]

University of Colorado - [2005-08-19]
(49,000 database entries exposed) [archive]

California State University, Stanislaus - [2005-08-15]
(877 students notified that Social Security numbers and names are on breached server) [archive]

Verizon Wireless - [2005-08-12]
(Programming error exposes customer account information) [archive]

University of Utah - [2005-08-10]
(Hacked server contains about 100,000 names and Social Security numbers) [archive]

Federal Reserve Bank - [2005-08-09]
(Cargo truck loses checks containing Social Security numbers, names and addresses) [archive]

Sonoma State University - [2005-08-09]
(Names and Social Security numbers of 61,709 are accessible) [archive]

University of North Texas - [2005-08-09]
(Almost 39,000 contacted regarding data breach) [archive]

Madison Area Technical College - [2005-08-05]
(About 100 have Social Security numbers and other personal information thrown in dumpster) [archive]

Cal Poly Pomona - [2005-08-04]
(Over 31,000 exposed) [archive]

Anderson College - [2005-08-04]
(Bag containing documents with about 800 Social Security numbers found off campus) [archive]

University of Colorado - [2005-08-03]
(Social Security numbers, names of 36,000 accessed) [archive]

Austin Peay State University - [2005-07-30]
(2,772 Social Security numbers posted on university web site) [archive]

San Diego County Employees Retirement Association - [2005-07-29]
(Over 32,000 exposed to data theft) [archive]

California State University, Dominguez Hills - [2005-07-28]
(Names and Social Security numbers for 9,613 on hacked computer) [archive]

KC & Associates (St. John's Regional Medical Center) - [2005-07-25]
(27,000 patients notifed about stolen computers) [archive]

University of Colorado at Boulder - [2005-07-21]
(Unauthorized access gained to a server with Socials, Names, Addresses of 42,000 staff, faculty, and students) [archive]

Iowa State University - [2005-07-20]
(Access gained to over 2,000 alumni Social Security and credit card numbers) [archive]

SpreadFirefox.com - [2005-07-15]
(About 100,000 Firefox users are urged to change their passwords) [archive]

Arizona Biodyne (Blue Cross Blue Shield) - [2005-07-13]
(Safe containing tapes with information on 57,000 customers stolen) [archive]

University of Southern California - [2005-07-09]
(270,000 people to be contacted regarding security breach) [update] [archive] [archive 2]

City National Bank / Iron Mountain - [2005-07-08]
(Lost tapes contain Social Security numbers and account information) [update][archive]

Michigan State University - [2005-07-07]
(27,000 accounts possibly compromised) [archive]

Iron Mountain / Time Warner, Inc. - [2005-07-06]
(physical loss of backup tapes - 600,000 exposed) [archive] [archive 2]

Ohio State University Medical Center - [2005-07-06]
(15,000 patients notified about breach) [archive]

University of San Diego - [2005-07-01]
(Social Security numbers and credit card numbers for about 3,300 on hacked computer) [archive]

Bank of America - [2005-06-30]
(Social Security numbers, names and addresses of 18,000 on stolen laptop) [archive]

Infinity eSearch - India - [2005-06-30]
(Call center employees allegedly sell personal customer data) [archive]

DSW Shoes - [2005-06-30]
(Unspecified customer information, FTC Chief is victim - 1.4 million cardnumbers exposed) [update] [archive]

Medica Health Plans - [2005-06-29]
(System administrators may have had access to around 1.2 million member records) [archive]

University of Connecticut - [2005-06-28]
(Information on 72,000 students, staff, and faculty exposed) [archive]

Kent State University - [2005-06-23]
(Data on 1,400 current and former employees stolen) [archive]

Eastman Kodak Co. - [2005-06-22]
(5,800 warned about stolen personal data) [archive]

CVS Corp. - [2005-06-21]
(Information on millions of transactions possibly revealed) [archive]

CardSystems (MasterCard, Visa, American Express) - [2005-06-19]
(Almost 40 million cardholders exposed. Visa and American Express finally say "enough is enough". Black. Hole.)
An overview of the sequence of events can be found here.
[update] [update 2] [archive] [archive 2] [archive 3] [archive 4]

University of Hawaii - [2005-06-17]
(Suspect had access to 150,000 Social Security numbers) [archive]

Federal Deposit Insurance Corporation (FDIC) - [2005-06-17]
(Personal data of nearly 6,000 current and former employees stolen) [archive]

Equifax Canada Inc. - [2005-06-17]
(605 consumer files breached - second breach in the last year) [archive]

Motorola - [2005-06-13]
(Theft of computers containing names and Social Security numbers) [archive]

UPS/Citigroup - [2005-06-06]
(3.9 million customers are notified) [archive] [archive 2]

Cleveland State University - [2005-06-04]
(Laptop with information on 44,000 stolen) [archive]

Duke University Medical Center - [2005-06-04]
(14,000 notified of password and Social Security number breach) [archive]

U.S. Department of Justice / Omega World Travel - [2005-06-01]
(Laptop with travel information for Justice Department employees stolen) [archive]

California Department of Health Services - [2005-05-31]
(Information for 21,600 at risk - stolen laptop) [archive]

Stanford University - [2005-05-27]
(9,600 notified about exposed personal data) [archive]

Purdue University - [2005-05-25]
(Over 11,000 at risk, 679 in Fort Wayne) [archive]

Bank of America, Wachovia, and others - [2005-05-23]
(Account information for 670,000 people stolen) [archive]

MCI - [2005-05-23]
(Personal information for 16,500 on stolen laptop) [archive]

Jackson Community College - [2005-05-23]
(8,000 Social Security numbers possibly accessed) [archive]

Valdosta State University - [2005-05-22]
(Up to 40,000 Social Security numbers possibly exposed) [archive]

University of Iowa - [2005-05-18]
(30,000 credit card holders at risk) [archive]

Oklahoma State University - [2005-05-16]
(37,000 Social Security numbers at risk) [archive]

Georgia Technology Authority - [2005-05-14]
(Personal information stolen by government employee) [update] [archive]

Westborough Bank - [2005-05-12]
(750 customers may have lost data to convicted felon) [archive]

Hinsdale Central High School - [2005-05-12]
(High school students access Social Security numbers) [archive]

Michigan State University - [2005-05-06]
(40,000 warned of server intrusion) [archive]

Arbella Mutual Insurance Company - [2005-05-05]
(Social Security numbers, names and addresses, and dates of birth obtained over web) [archive]

Colorado State Health Department - [2005-05-02]
(1,600 families affected by stolen laptop) [archive]

Florida International University - [2005-04-29]
(Social Security and credit card numbers exposed for students and staff) [archive]

Georgia Southern University - [2005-04-28]
(Thousands at risk after credit card and Social Security numbers are stolen) [archive]

Christus St. Joseph Hospital - [2005-04-26]
(Letters sent to 16,000 patients regarding breach) [archive]

NTT DATA Corporation - [2005-04-25]
(Information concerning a total of 2,146 customers stolen) [archive]

Carnegie Mellon University - [2005-04-21]
(19,000 notified about possible breach) [archive]

Ameritrade - [2005-04-20]
(200,000 customers potentially affected) [archive]

Polo Ralph Lauren - [2005-04-15]
(Data stolen at Polo Ralph Lauren affects 180,000 GM card holders) [archive]

Comcast - [2005-04-14]
(Company sued for disclosing customer information to RIAA) [archive]

Tufts University - [2005-04-12]
(106,000 notified about security breach) [archive]

Eastern National - [2005-04-12]
(15,000 warned about possible data theft) [archive]

LexisNexis - [2005-04-12]
(59 admitted incidents in two years - up to 310,000 exposed) [archive] [archive 2]

San Jose Medical Group - [2005-04-08]
(Stolen computer leads to 185,000 patient notifications) [archive]

University of California, San Francisco - [2005-04-06]
(Hacked computer contains personal information on about 7,000) [archive]

University of California, Davis - [2005-04-05]
(Names and SSNs of 1100 exposed by hack) [archive]

University of California, Berkeley - [2005-03-28]
(Stolen laptop contains personal information of almost 100,000) [update] [archive]

University of Nevada Las Vegas - [2005-03-18]
(As many as 5,000 international student records at risk) [archive]

State of Michigan - [2005-03-18]
(Millions of drivers and voters at possible risk) [archive]

Boston College - [2005-03-17]
(120,000 alumni notified after breach) [archive]

Chico State University - [2005-03-16]
(Over 59,000 faculty, staff, and students are contacted) [archive]

Kaiser Permanente - [2005-03-11]
(Company fined US $200,000 for publicly posting information) [update] [archive]
(Information on 140 people posted) [archive]

Choicepoint - [2005-03-11]
(145,000 could be affected - 6 million dollar loss cited)
(Oluwatunji Oluwatosin faces 22 more charges in data theft case)
[update] [archive] [archive 2] [archive 3]

Las Vegas Department of Motor Vehicles - [2005-03-11]
(Personal information of over 8,900 people stolen) [archive]

New York State Agencies - [2005-02-26]
(72 web site intrusions in five years sparks privacy concerns) [archive]

Bank of America - [2005-02-26]
(Over 1 million government employees are put at increased risk) [archive]

Paymaxx - [2005-02-25]
(Online payroll site shut down after holes are found) [archive]

T-Mobile USA Inc. - [2005-02-21]
(Celebrity phone numbers and email addresses posted - teen sentenced to juvinile probation) [update] [archive]

University of Chicago Hospital - [2005-02-18]
(As many as 85 people affected) [archive]

T-Mobile USA Inc. - [2005-02-16]
(Guilty plea by T-Mobile intruder) [archive]

University of Northern Colorado - [2005-01-22]
(Personal information of 15,790 UNC employees on missing hard drive) [archive]

Science Applications International Corp. - [2005-02-12]
(Government contractor breach) [archive]

University of California San Diego - [2005-01-18]
(3,500 students and alumni at risk) [archive]

George Mason University - [2005-01-10]
(32,000 staff and students at risk) [update] [archive]


2004 Archives - 23 incidents

Hamilton County (Ohio) Clerk of Courts - [2004-12-22]
(320,000 documents containing personal information removed from web site) [archive]

Delta Blood Bank - [2004-12-21]
(100,000 blood donors put at risk) [archive]

Brazos Higher Education Service Corp. - [2004-11-25]
(Over 100,000 notified about potential fraud after laptop is stolen) [archive]

Russia - [2004-11-25]
(Personal information sold cheap...) [archive]

Petco - [2004-11-17]
(Petco "must establish a comprehensive security information program") [archive]

Cal State Hayward - [2004-09-23]
(Over 2,000 notified about server breach) [archive]

Teledata Communications Inc. - [2004-09-16]
("I didn't know the magnification...") [archive]

Cal State San Marcos - [2004-08-03]
(Names and Social Security numbers for 23,000 on stolen laptop) [archive]

Intuit - [2004-07-14]
(Stolen computer contains credit card information and personal detials for about 47,000) [archive]

America Online - [2004-06-24]
(92 million email addresses for 30 million subscribers sold to spammers) [update] [archive]

Alameda Alliance for Health / Spotcheck - [2004-05-12]
(Social Security numbers, names and addresses of about 95,000 on stolen hard drive) [archive]

The University of California (UCLA) - [2004-04-29]
(Names, birth dates, Social Security numbers of 145,000 on stolen laptop) [archive]

Illinois Secretary of State - [2004-04-29]
(Up to 200,000 license plate records found) [archive]

Fleet Credit Card Services - [2004-04-16]
(New cards to an unspecified number of customers... a security breach at an unnamed merchant) [archive]

GMAC Financial Services - [2004-03-29]
(Stolen laptops contain names, addresses, dates of birth, Social Security numbers, credit scores on 200,000) [archive]

BJ's Wholesale Club - [2004-03-19]
(Undisclosed number of credit cards stolen via a security breach) [archive]

San Diego State University - [2004-03-17]
(380,000 people possibly affected by hack) [update] [archive]

California Employment Development Department - [2004-02-13]
(Information on 90,000 people exposed) [archive]

New York University - [2004-02-03]
(Personal information including some Social Security numbers for 2,100 posted on internet) [archive]

University of Georgia - [2004-01-29]
(Social Security numbers and credit card numbers of 20,000 possibly accessed) [archive]

Airlines Reporting Corp. - [2004-01-14]
(Several major airlines lose customer information) [archive]

New York University - [2004-01-10]
(Social Security numbers and names for about 1,800 posted on web site) [archive]

U.S. Treasury Department - [2004-01-08]
(10,000 email addresses to be exposed) [archive]


2003 Archives - 12 incidents

Bank Rhode Island - [2003-12-19]
(Names and Social Security numbers of about 43,000 customers stolen) [archive]

Acxiom Corp. [update] - [2003-12-18]
("He was a person who liked to retain data on people") [update] [archive] [archive 2] [archive 3] [archive 4]

Wells Fargo - [2003-11-22]
(Physical computer theft... thief arrested) [archive] [archive]

Orbitz - [2003-10-28]
(Email addresses end up in spammers' hands) [archive]

JetBlue Airways - [2003-09-20]
(Gave 5 million passenger itineraries to a Defense Department contractor) [archive]

PetCo - [2003-07-12]
(Up to 500,000 credit card numbers exposed) [archive]

Virginia Credit Union - [2003-05-07]
(800 credit card accounts blocked and cancelled) [archive]

Georgia Tech University - [2003-03-31]
(Hackers break into server containing credit card numbers of about 57,000) [archive]

University of Texas at Austin - [2003-03-06]
(Data exposed for about 55,200 people - Christopher Andrew Phillips sentenced September 2005)
[update] [archive]

Data Processors International - [2003-03-06]
(Over 5 million credit card numbers and expiration dates stolen) [archive]

Indiana University School of Medicine - [2003-02-28]
(Names, addresses, and Social Security numbers of 7,000 on hacked computer) [archive]

IBM / ISM Canada - [2003-01-30]
(Social insurance numbers, names, and addresses for about 180,000 on stolen hard drive) [archive]

United States Department of Defense / Triwest - [2003-01-03]
(Social Security numbers, names, and addresses for about 562,000 on stolen computers) [archive]


2002 Archives - 3 incidents

U.S. Government - [2002-03-29]
(Allowed remote Internet users to browse documents ranging from correspondence to online order data) [archive]

Microsoft - [2002-03-27]
(Personal information of thousands of applicants revealed) [archive]

BT - [2002-03-25]
(Almost 5,000 phone numbers exposed, number of private lines unknown) [archive]


2001 Archives - 10 incidents

Playboy.com - [2001-11-20]
(Credit card numbers obtained) [archive]

Ziff-Davis - [2001-11-20]
(Hundreds of credit card numbers leaked) [archive]

HypoVereinsbank - [2001-09-17]
(Hackers hired to steal account information for television show) [archive]

ZixIt-Anacom - [2001-06-21]
(Credit card databases illegally accessed) [archive]

Health.org - [2001-05-25]
(Thousands have personal information exposed) [archive]

Egghead.com - [2001-04-27]
("Oh, this is nothing...") [archive]

Accubyte - [2001-04-17]
(Personal information exposed through shopping cart software) [archive]

ADDR.com - [2001-04-02]
(46,000 accounts possibly compromised) [archive]

AtomicPark.com - [2001-03-20]
(500 customers notified about breach) [archive]

Amazon/Bibliofind.com - [2001-03-05]
(98,000 customer records compromised) [archive]


2000 Archives - 5 incidents

University of Washington Medical Center - [2000-12-09]
(Hacker gains access to about 4,000 Social Security numbers, names and medical information) [archive]

Travelocity - [2000-11-15]
(Account information for up to 51,000 exposed) [archive]

Contour Software - [2000-11-15]
(Over 700 loan applications and Social Security numbers divulged) [archive]

Western Union - [2000-11-14]
(15,700 credit card or debit card numbers possibly copied) [archive]

CD Universe - [2000-01-10]
(300,000 credit card numbers stolen by hacker) [archive]

Copyright 2005-2008 by attrition.org. Permission is granted to use this page and other Data Loss resources in non-profit works and research. Use of these resources for commercial interests requires authorization and licensing arrangements. For more information, please e-mail staff@attrition.org with a brief summary of how you would like to use this information; product, service, research, etc.


main page ATTRITION feedback