Completed Data Breach Investigations

Octapharma Plasma has reportedly been the victim of a ransomware attack that may have compromised consumers' sensitive data, including personal and medical information belonging to donors and employees.

J.P. Morgan recently disclosed a data breach that may have compromised Social Security numbers and financial information belonging to over 450,000 people.

Current and former patients of Valley Mountain Regional Center in California may have had their personal and medical data exposed in a July 2023 data breach.

A June 2023 data breach recently announced by Green Diamond Resource Company may have compromised consumers' personal, financial and medical information.

Blackstone Valley Community Health Care, which provides medical services in Rhode Island, is notifying individuals of a data breach that affected more than 34,000.

SysInformation Healthcare Services, a revenue cycle management and billing services company, recently reported a data breach that may have exposed consumers' personal and medical information.

Kisco Senior Living experienced a data breach in June 2023 and is now notifying individuals whose personal information may have been compromised.

More than 514,000 individuals were reportedly affected by a data breach that targeted HUB International between December 2022 and January 2023.

The Roman Catholic Diocese of Phoenix has reported a data breach that affected participants in Diocese-sponsored employee benefits programs.

Cherry Health, a healthcare provider in Grand Rapids, Michigan, is notifying patients and former employees of a data breach that may have impacted their personal and health information.

Logistics company Alan Ritchey recently reported a February 2024 data breach that may have exposed consumers' Social Security numbers and other personal information.

Greylock McKinnon Associates recently reported a data breach affecting over 300,000 individuals whose information was provided to the U.S. Department of Justice.

Group Health Cooperative of South Central Wisconsin has reported a data breach that may have impacted the protected health information of more than 533,000 individuals.

Pennsylvania's York County School of Technology revealed that 30,914 individuals may have had their personal and health information compromised in a data breach that took place last year.

On Q Financial recently reported that over 211,000 clients may have had their names and Social Security numbers exposed in a data breach.

City of Hope, a cancer treatment and research organization, has announced a data breach affecting 827,149 individuals that exposed personal, medical and financial information.

SouthState Bank is notifying consumers that their personal information may have been exposed during a cybersecurity incident discovered in early February 2024.

Emergency Medical Services Authority has reported to the Department of Health and Human Services that more than 600,000 patients may have had their personal information exposed in a data breach.

Orsini Pharmaceutical Services is notifying individuals that their personal and medical information may have been exposed in a January 2024 data breach.

GardaWorld Cash is notifying individuals of a data security incident that may have exposed their personal information in November 2023.

Select Education Group (which includes Institute of Technology, National Holistic Institute, Bauman College, Fremont University and Arch USA) is sending notice of a data breach affecting over 67,000 individuals.

Weirton Medical Center is notifying current and former patients of a data breach that may have compromised their personal information earlier this year.

Valley Oaks Health is providing notice of a data breach that reportedly exposed more than 50,000 individuals' personal information in June 2023.

Aveanna Healthcare, a provider of home and hospice care, is notifying patients and employees of a data breach that took place last year and exposed certain personal and medical information.

Flower delivery service Teleflora is sending letters to individuals affected by a November 2023 data breach that exposed the private information of more than 12,000.

Precision Tune Auto Care has reported a data breach that impacted more than 15,000 people and exposed sensitive personal information, including Social Security numbers.

More than 150,000 individuals have been impacted by a data breach at financial and global information services company Gerson Lehrman Group.

CCM Health reported an April 2023 data breach that may have exposed the personal information of more than 29,000 individuals.

Century Federal Credit Union is notifying individuals that their personal information may have been exposed when an unauthorized party accessed an employee email account in August and September 2023.

Eastern Radiologists recently reported that over 886,000 patients' personal and medical information may have been compromised in a November 2023 data breach.

Northeast Orthopedics and Sports Medicine, PLLC is notifying patients of a data breach that occurred in November 2023 and may have exposed sensitive personal and medical information.

Yakima Valley Radiology, PC confirmed a data security incident that compromised the personal and health information of 235,249 individuals.

Over 52,000 individuals may have had their personal information exposed during a data breach that targeted Greensboro College in August 2023.

Alliance Solutions Group, which does business as TalentLaunch, reported that workers' personal information may have been exposed in a May 2023 data breach.

UNITE HERE suffered a data breach that exposed the personal information of more than 790,000 individuals, specifically members and staff of certain unions, health funds and the San Diego UNITE HERE Pension Fund.

Approximately 54,353 people may have had their sensitive medical information exposed in a data breach affecting medQ, which provides imaging workflow software to practices across the country.

EdisonLearning has reported that individuals’ names and Social Security numbers may have been compromised in a March 2023 data breach.

Virginia Farm Bureau is notifying customers and employees that their personal information may have been exposed in an October 2022 data breach.

More than 2.3 million patients are affected by a data breach at Medical Management Resource Group (MMRG), which does business as American Vision Partners and provides administrative support to ophthalmology practices.

Golden Corral is notifying individuals of a data breach in which an unauthorized actor gained access to the company's computer systems and viewed and/or acquired the personal information of more than 180,000.

AGC America, Inc. reported that over 20,000 individuals may have had their personal information exposed during a data breach in December 2023.

Circuit board manufacturer MFLEX has reported that individuals' personal, medical and financial information may have been compromised in a month-long data breach.

Sage Home Loans (formerly Lenox Financial Mortgage Corporation) reported a December 2023 data breach that may have exposed the personal information of more than 27,000 individuals.

Coleman Health Services has reported that consumers' personal information may have been exposed when an unauthorized user gained access to employee email accounts in the fall of 2023.

Bayer Heritage Federal Credit Union has revealed that an unauthorized party gained access to company files in a breach affecting more than 60,000 individuals.

National Advisors Trust is notifying consumers about a data security incident that may have compromised their private information in April 2023.

Concentra Health Services reported that nearly 4 million patients' sensitive information may have been exposed in a data breach affecting medical transcription services provider Perry Johnson & Associates.

Knight Barry Title, Inc. reported in January 2024 that a data breach exposed consumers’ private information, including their Social Security numbers.

Washington National reported that over 20,000 people may have had their personal information exposed in a "SIM swapping" attack that allowed an unauthorized party to access a senior officer's cellular account.

Navvis & Company, which provides health management services to healthcare organizations, reported a July 2023 data breach that reportedly impacted hundreds of thousands of patients.

Kansas Joint & Spine Specialists has reported a data breach that may have impacted nearly 84,000 current and former patients.

Ardent Health Services has begun notifying patients of a November 2023 ransomware attack that may have exposed their personal and medical information.

Des Moines Orthopaedic Surgeons reported that nearly 307,900 individuals may have had their personal and medical information exposed in a February 2023 data breach.

More than 344,000 Jason's Deli customers may have had their personal information exposed in a December 2023 security incident involving credential stuffing.

Non-bank mortgage lender loanDepot, Inc. suffered a data breach in January 2024 that exposed the sensitive personal information of approximately 16.6 million individuals.

Horne, LLP, which provides business advisory and consulting services, suffered a data breach in December 2021 and is now notifying as many as 170,000 affected individuals.

Ashford announced a data breach that may have exposed the names and Social Security numbers of more than 46,900 individuals in September 2023.

Medical helicopter company Air Methods announced that patient information may have been exposed when a laptop was stolen from a billing office in November 2023.

Current and former employees of LA-based Oak View Group are receiving notice that their personal information may have been exposed in a data breach.

Carnegie Mellon University reported in January 2024 that an unauthorized party accessed thousands of individuals’ personal information during a data breach last year.

Cooper Aerobics Enterprises, Inc., which runs a fitness center, clinic, and medical imaging firm, is notifying individuals about a data security incident in which an unauthorized party may have accessed servers containing sensitive personal and health-related information.

Private equity firm Nautic Partners has announced a data breach that affects more than 7,800 individuals and reportedly exposed Social Security numbers.

Mississippi healthcare system Singing River has reported an August 2023 ransomware incident that may have exposed patients' personal and medical information.

ConsensioHealth, a medical management services organization that supports independent physician practices, is notifying thousands of patients after a data breach exposed personal and health information.

More than 10,000 individuals are reportedly affected by a cyberattack involving Fincantieri Marine Group that took place in April 2023.

Both employees and consumers are affected by an Academy Mortgage Corporation data breach that potentially exposed names and Social Security numbers.

UKG, which provides payroll and workforce management solutions, is reporting that the personal information of New York City Health + Hospitals employees may have been exposed inadvertently.

Electrostim Medical Services, Inc. (EMSI) has reported a data breach affecting more than 500,000 individuals that compromised personal and medical information.

Panasonic Avionics Corporation, which provides in-flight entertainment and communication systems, has reported a cybersecurity incident that exposed information of an undisclosed number of individuals.

HealthEC, LLC, a technology company that provides a platform used by healthcare organizations for care coordination, analytics and more, has announced a data breach that reportedly affects nearly 4.5 million patients of the company's clients.

Transformative Healthcare is notifying consumers that their personal information may have been exposed in a 2023 data breach that targeted its former subsidiary, Fallon Ambulance Service.

Retina Group of Washington has reported that nearly 456,000 individuals may have had their personal and medical information exposed in a March 2023 data breach.

LoanCare has reported a data breach affecting over 1.3 million consumers whose information was maintained by the company through its relationship with their mortgage loan servicer.

California waste management company Recology Inc. is notifying employees that their information may have been exposed in a November 2023 data breach.

Kimco Staffing Services announced a June 2023 data breach that may have exposed over 69,000 employees' names and Social Security numbers.

ESO Solutions, a software provider for hospitals and healthcare systems, announced a data breach that may have exposed 2.7 million patients' personal and medical information.

Comcast is notifying Xfinity customers of a massive data breach that occurred in October 2023 and potentially exposed the personal information of over 35 million individuals.

Mercy Medical Center in Cedar Rapids, Iowa announced that it was one of the victims of a massive data breach affecting medical transcription services provider Perry Johnson & Associates.

A data breach reported by Keenan & Associates may have exposed employees' personal and health information for nearly a week in August 2023.

Regional Family Medicine in Mountain Home, Arkansas has reported a data breach that may have exposed the personal information of over 80,000 patients and employees in June 2023.

Southern Illinois Healthcare's Harrisburg Medical Center reported that nearly 148,000 individuals may have had their personal and medical information exposed in a December 2022 data breach.

Financial Risk Mitigation has reported a data breach that exposed nearly 10,800 individuals' personal information in September 2023.

Red Roof recently announced that a September 2023 data breach exposed the private information of more than 27,000 individuals.

Americold Logistics reported an April 2023 data breach that may have exposed sensitive personal information belonging to its employees and their dependents.

Approximately 2.5 million patients, employees and their dependents had their personal information exposed in a May ransomware attack affecting the Kentucky-based healthcare system.

Henry Schein has begun notifying its employees, customers and suppliers that their sensitive information may have been exposed in an October 2023 data breach.

Cardiovascular Consultants reported that thousands of patients, policy holders and guarantors had their sensitive information exposed in a data breach earlier this year.

Around December 5, 2023, Advantis Global began sending out notice of a data breach that reportedly impacted over 5,000 individuals.

Pan-American Life Insurance Group announced that consumers' personal information was exposed in May 2023 during a data breach that targeted the MOVEit file transfer software.

East River Medical Imaging reported that thousands of its patients and employees had their sensitive information exposed in a September 2023 data breach.

United Regional Health Care System in Wichita Falls, Texas announced a data breach that may have exposed nearly 37,000 individuals' personal and medical information.

Japanese electronics company Alps Alpine reported that its North American subsidiary was affected by a data breach that exposed employees' personal information.

Zeroed-In Technologies, a data analytics firm, reported an August 2023 data breach affecting nearly 2 million individuals, including applicants and current and former employees of its clients.

Nonprofit organization Big Brothers Big Sisters of America reported a March 2023 data breach that may have exposed thousands of consumers' personal, financial and medical information.

Mission Community Hospital in California's San Fernando Valley is notifying patients of a data security incident that may have exposed their personal and medical information.

NSC Technologies is notifying employees and applicants that their personal information was exposed in a data breach it experienced in June 2023.

Clear Spring Life and Annuity Company has reported that personal information belonging to those associated with its annuity contracts and life insurance policies may have been exposed in a February 2023 ransomware attack.

More than 8 million people may have had personal - and, in some cases, medical and health information - exposed in a data breach involving MOVEit and announced by Welltok.

In November 2023, Pahl & McCay announced that consumers’ names, addresses and Social Security numbers were exposed in a security data incident.

AutoZone reported in November 2023 that almost 185,000 customers had their personal information exposed in the massive MOVEit data breach.

Medical College of Wisconsin reported that patients' personal and medical information was exposed during the massive MOVEit data breach in May 2023.

Midlothian, Texas pharmacy U.S. Drug Mart reported that it experienced a data breach that may have compromised consumers' personal and medical information.

Current and former Okta employees, as well as their dependents, may have had their personal information exposed in a September 2023 data security incident.

Rusnak Auto Group announced a data breach that may have exposed consumers' names and Social Security numbers between June 13 and June 16, 2023.

Tri Counties Bank reported that in February 2023, an unauthorized party may have gained access to personal information belonging to customers and employees, among others.

In November 2023, Stanley Steemer reported a hacking incident that has exposed the private information of thousands of individuals.

MESVision and Gerber Life Insurance Company are sending notices to nearly 27,000 individuals whose personal and health insurance information may have been exposed in a 2023 data breach affecting a widely used file transfer system known as MOVEIt.

Synergy Healthcare Services reported that a data breach may have exposed personal and health information of patients and others affiliated with certain long-term care providers.

Medical Eye Services (which does business as MESVision) announced a May 2023 data breach that may have compromised the personal information of its vision insurance plan participants.

Northwell Health has confirmed that it its patients' personal and medical information was exposed in a data breach affecting third-party vendor Perry Johnson & Associates, Inc.

The International Association of Sheet Metal, Air, Rail and Transportation Workers (SMART) reported that private data belonging to over 62,000 individuals was exposed in a data breach discovered in early September.

Financial Asset Management Systems is reporting a late March 2023 security incident that allowed certain information stored on its network to be obtained by an unauthorized party.

Kyocera AVX reported that over 39,000 individuals may have had their full names, Social Security numbers and other information exposed in a data breach it experienced between February 16 and March 30, 2023.

Hawkins Delafield & Wood LLP has reported a data security incident that may have exposed names and Social Security numbers.

Pacific Union College reported that over 56,000 individuals' personal and financial information was compromised in a data breach that occurred between March 5 and 19, 2023.

CRC Insurance Services reported that in January 2023, an unauthorized party may have gained access to personal and health information belonging to consumers associated with its insurance carrier and agency partners.

Deer Oaks is notifying consumers that their protected health information may have been accessed without authorization during a security incident discovered in early September.

Greater Rochester Independent Practice Association, a vendor for health providers and insurance plans, reported that over 279,000 individuals' information was exposed as part of the MOVEit data breach.

Georgia Northside Ear, Nose, and Throat began notifying patients in September 2023 that their personal and medical information was exposed in a data breach discovered in August of this year.

Cook County Health has confirmed that up to 1.2 million patients had their protected health information exposed during a data breach that affected one of the Illinois healthcare network's vendors.

Hilb reported in November 2023 that it experienced a data breach affecting over 81,000 individuals when an unauthorized party gained access to several employee email accounts.

Postmeds (which does business as TruePill) has reported that individuals' names and prescription information were revealed during a data breach that occurred between August 30 and September 1, 2023.

ProMach announced a data breach in October 2023 that may have compromised the personal and health information of current and former employees and potentially their beneficiaries and dependents.

Peerstar LLC announced a data breach during which an unauthorized third party may have accessed the personal and health information of more than 11,000 patients between February 22 and March 3, 2023.

Atlas Healthcare announced that personal information belonging to over 10,000 residents of three of its Connecticut assisted living facilities was exposed in a data breach in January 2023.

Around October 27, 2023, Drug Free Workplaces began sending out notice of a data breach that reportedly impacted 37,705 individuals.

Ben E. Keith Company reported in October 2023 that consumers’ names and Social Security numbers were exposed in a data breach it experienced earlier this year.

Progressive Leasing reported in late October that thousands of its customers and employees had their information exposed in a September 2023 data breach.

Sunflower Bank began notifying customers in September 2023 that their personal information was exposed in a data breach that targeted MOVEit.

Pension Benefit Information is notifying PHH Mortgage customers that their personal information may have been exposed in a massive data breach that targeted MOVEit in late May 2023.

Pension Benefit Information is notifying Athene policyholders of a data breach that may have compromised their personal information in late May 2023.

Pension Benefit Information reported in July 2023 that the massive MOVEit data breach exposed information belonging to customers affiliated with MassMutual Ascend and its subsidiaries.

Pension Benefit Information is notifying Nassau Life and Annuity customers that their personal information may have been exposed in the massive MOVEit data breach that occurred in late May 2023.

Pension Benefit Information reported in August 2023 that the massive MOVEit data breach impacted consumers affiliated with Consolidated Edison Company of New York (ConEd).

Taylored employees, as well as those working for related entities, may have had their personal information exposed in a data incident.

Radius reported in September 2023 that consumer information obtained through the company's collection efforts on behalf of its clients was exposed in the massive MOVEit data breach.

BHI Energy is notifying more than 90,000 individuals that their personal information may have been compromised after a hacker gained access to the company's network.

Jaco Oil Company reported on September 1, 2023 that files containing private data belonging to consumers had been copied from its computer network by an unauthorized individual.

Around August 29, 2023, Cornwell Quality Tools began sending out notice of a data breach that reportedly impacted 11,884 individuals.

Pension Benefit Information is sending data breach letters to insureds and prospective insureds of Standard Insurance Company whose personal information was compromised in a data breach.

In September 2023, Texas Medical Liability Trust reported that a breach of its systems may have compromised the data of nearly 60,000 individuals.

On August 17, 2023, Blue Cross Blue Shield of Arizona reported that 47,485 people were affected by a data breach that impacted TMG Health, a company that provides data services to the insurer.

American National reported in August 2023 that customers' personal and medical information was exposed during the massive MOVEit data breach in late May.

A data breach at the National Student Clearinghouse has affected more than 50,000 individuals and potentially exposed names and Social Security numbers.

It’s been reported that thousands of individuals have been affected by a data security incident announced in September 2023 by Founder Project Rx, Inc., which does business as Encore Pharmacy.

Vi Living reported in September 2023 that an unauthorized party accessed consumers' personal information during a March data breach.

A data breach at Mortgage Industry Advisory Corporation was reported on September 5, 2023 and affects nearly 9,000 individuals.

A data breach affecting Lifeline Systems Company was announced in September 2023 and may have exposed health and medical information.

A data breach experienced by Delaware Life Insurance Company in May 2023 has exposed private information belonging to its policy contract holders.

Data Media Associates began notifying patients in August 2023 that their personal and health information was exposed in a data breach it discovered in early June of this year.

On August 2, 2023, Acadia Health (Just Kids Dental) experienced a data breach that compromised patients' and employees' personal and health information.