Thank you for visiting the Chronology of Data Breaches!
We’re in the process of implementing some exciting new features and apologize for any inconvenience. In the meantime, you can download a compilation of historic data below.
If you have questions or corrections, please contact us at firstname.lastname@example.org.
Type of Breach
Fraud Involving Debit and Credit Cards Not Via Hacking (skimming devices at point-of-service terminals, etc.)
Hacked by an Outside Party or Infected by Malware
Insider (employee, contractor or customer)
Physical (paper documents that are lost, discarded or stolen)
Portable Device (lost, discarded or stolen laptop, PDA, smartphone, memory stick, CDs, hard drive, data tape, etc.)
Stationary Computer Loss (lost, inappropriately accessed, discarded or stolen computer or server not designed for mobility)
Unintended Disclosure Not Involving Hacking, Intentional Breach or Physical Loss (sensitive information posted publicly, mishandled or sent to the wrong party via publishing online, sending in an email, sending in a mailing or sending via fax)
Unknown (not enough information about breach to know how exactly the information was exposed)
Type of Business
Businesses (Financial and Insurance Services)
Businesses (Retail/Merchant including Online Retail)
Government & Military
Healthcare, Medical Providers and Medical Insurance Services
We source most of our data from state Attorneys General and the U.S. Department of Health and Human Services. While we aim to provide the most accurate and up-to-date information, this is an incomplete look at the true scope of the problem due in part to varying state laws.