Department of Agriculture, Trade and Consumer Protection

December 20, 2018

Between August 28, 2018 and December 3, 2018

Caribou Coffee Co.

Name, payment card number, expiration date, and card security code.

Unknown number of affected individuals including an unknown number of Wisconsin residents.

On November 28, 2018 Caribou Coffee Company identified unusual activity on their network. Caribou Coffee Co. conducted an investigation and determined there was unauthorized access to their point of sale systems exposing some customers’ data. Caribou Coffee Co. is reporting that the unauthorized access was stopped and the breach has been contained.

A full list of affected locations can be viewed at https://assets.coffeeandbagels-static.com/cariboucoffee/Data-Security-Notice.pdf

Caribou Coffee Co can be reach at (877) 698-3760, Monday through Friday, from 9:00 a.m. to 9:00 p.m. EST and weekends from 9:00 a.m. to 5:00 p.m. EST or by email at inquiries@cariboucoffee.com.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

December 20, 2018

Between August 28, 2018 and December 3, 2018

Bruegger’s Bagels

Name, payment card number, expiration date, and card security code.

Unknown number of affected individuals including an unknown number of Wisconsin residents.

On November 28, 2018 Bruegger’s identified unusual activity on their network. Bruegger’s conducted an investigation and determined there was unauthorized access to their point of sale systems exposing some customers’ data. Bruegger’s is reporting that the unauthorized access was stopped and the breach has been contained.

A full list of affected locations can be viewed at https://assets.coffeeandbagels-static.com/brueggers/Data-Security-Notice.pdf

Bruegger’s can be reach at (877) 698-3760, Monday through Friday, from 9:00 a.m. to 9:00 p.m. EST and weekends from 9:00 a.m. to 5:00 p.m. EST or by email at inquiries@brueggers.com

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

December 20, 2018

Between August 28, 2018 and December 3, 2018

Coffee and Bagel Brands

Name, payment card number, expiration date, and card security code.

Unknown number of affected individuals including an unknown number of Wisconsin residents.

On November 28, 2018 Coffee and Bagel Brands identified unusual activity on their network. Coffee and Bagel Brands conducted an investigation and determined there was unauthorized access to their point of sale systems exposing some customers’ data. Coffee and Bagel Brands is reporting that the unauthorized access was stopped and the breach has been contained.

A full list of affected locations can be viewed at https://assets.coffeeandbagels-static.com/coffeeandbagels/Data-Security-Notice.pdf.

Coffee and Bagel Brands can be reach at (877) 698-3760, Monday through Friday, from 9:00 a.m. to 9:00 p.m. EST and weekends from 9:00 a.m. to 5:00 p.m. EST or by email at inquiries@coffeeandbagels.com

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

November 30, 2018

Since 2014

Marriott International

Name, date of birth, address, phone number, email address, passport number, Starwood Preferred Guest account information, gender, arrival and departure information, reservation date, payment card numbers and payment card expiration dates.

Approximately 500 million affected individuals including an unknown number of Wisconsin residents.

On September 8, 2018, Marriott received an alert from an internal security tool regarding an attempt to access the Starwood guest reservation database. Marriott engaged leading security experts to help determine what occurred. Marriott learned during the investigation that there had been unauthorized access to the Starwood network since 2014.

On November 30, 2018, Marriott started notifying affected individuals by email. Marriott is providing affected individuals one year of WebWatcher monitoring.

Marriott has set up a dedicated website to answer questions at https://Info.starwoodhotels.com and they can be reached at their call center at 877-273-9481.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

November 7, 2018

October 16, 2018

Healthcare.gov

Name, date of birth, address, sex, last four digits of the Social Security number, expected income, tax filing status, immigration document types and numbers, employer, insurance plan, premium, and dates of coverage.

75,000 affected individuals including an unknown number of Wisconsin residents.

On October 16, 2018, Healthcare.gov found that a number of agent and broker accounts engaged in excessive searching for consumers, and through those searches, had access to the personal information of people who are listed on Marketplace applications. Healthcare.gov immediately shut off these accounts, and shut off the entire agent and broker function while changes were made to improve security.

Healthcare.gov is continuing to investigate this breach and putting additional security measures in place.

Healthcare.gov is offering 12 months of identity theft protection services through ID Experts® who can be contacted by calling toll-free (877) 916-8382 / International (616) 425-8364 / TTY (866) 405-2133 or going to https://secure.myidcare.com/enrollment/1?RTN=90000216. Agents are available Monday through Saturday from 9:00am – 9:00pm Eastern Time. The deadline to enroll is February 7, 2019.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

November 2, 2018

May 23, 2018

Five Guys Holdings, Inc.

Name, date of birth, Social Security number, address, hire date, termination date, and 401K contribution information.

Approximately 19,000 affected individuals including approximately 600 Wisconsin residents.

On August 6, 2018, Five Guys learned they were a victim of a phishing email incident that resulted in unauthorized access to an employee’s email account. Five Guys immediately secured the email account and conducted an internal investigation, which determined the email inbox contained personally identifiable employee information.

Five Guys is offering a one year membership for Experian’s® IdentityWorks to affected individuals.

Five Guys can be contacted with questions at 1-888-842-3153, Monday through Friday between 9:00am and 9:00pm Eastern Time.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

October 8, 2018

April 2018

Roadrunner Transportation Systems

Name, address, date of birth, and financial account number.

Unknown number of affected individuals including an unknown number of Wisconsin residents.

On July 2, 2018, Roadrunner Transportation Systems became aware they were the target of a phishing attack and that several employees clicked on phishing emails. Roadrunner Transportation Systems conducted an investigation and determined there was unauthorized access to several employee email accounts in April 2018.

Roadrunner Transportation Systems notified all affected individuals by letter on October 8, 2018 and are offering 12 months of credit monitoring services through Kroll.

Roadrunner Transportation Systems can be contacted at 1-833-228-5713 Monday through Friday 9:00am to 6:00pm (EST).

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

August 23, 2018

August 20, 2018

T-Mobile USA Inc.

Name, phone number, email address, account number, account type, and billing zip code.

Unknown number of affected individuals including an unknown number of Wisconsin residents.

On August 20, 2018, T-Mobile USA Inc. discovered and shut down what it describes as unauthorized access to certain information. In an online statement, T-Mobile USA Inc. confirmed that Social Security numbers, financial data, and passwords were not involved in this breach.

T-Mobile USA Inc. customers can contact Customer Care by dialing 611 from your mobile phone. T-Mobile USA Inc. has posted an online disclosure at: https://www.t-mobile.com/customers/6305378821.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

August 10, 2018

January 1, 2013 through March 28, 2018

Adams County, WI

Name, Social Security number, Driver’s license number, date of birth, address, telephone number, email address, medical and health plan numbers, license plate numbers, fingerprints, full-face photos and more.

258,120 affected individuals, an unknown number of these individuals are Wisconsin residents.

On March 28, 2018, Adams County became aware of questionable activity on the Adams County computer system and network. An investigation confirmed a data breach had occurred from January 1, 2013 through March 28, 2018.

On June 29, 2018, Adams County received a forensic report that there is evidence of unauthorized access and/or unauthorized acquisition of Personally Identifiable Information, Personal Health Information and/or Tax Intercept Information that was on the Adams County computer network and system during the time of this data breach.

You may contact Adams County with questions and concerns:

1. by calling County Administrator Casey Bradley at (833) 236-0173 between the hours of 8:00 a.m. and 4:30 p.m.,

2. sending an e-mail message to databreach@co.adams.wi.us, or

3. addressing a letter to Adams County PO Box 102, Friendship WI 53934.

A notification letter can be viewed at the Adams County website http://www.co.adams.wi.us/data_breach/index.php.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

July 30, 2018

March 14, 2018 through April 3, 2018

UnityPoint Health

Name, address, date of birth, Social Security number, driver’s license number, payment card, and bank account numbers, medical record numbers, insurance, medical, treatment, and surgical information, diagnoses, lab results, medications, providers, and dates of service.

Approximately 1.4 million individuals affected, an unknown number of these individuals are Wisconsin residents.

On May 31, 2018, UnityPoint Health discovered a second phishing email attack this year that compromised its business email system. This attack may have resulted in unauthorized access to protected health information and other personal information for some patients. Upon learning of this attack, UnityPoint Health informed law enforcement agencies and launched an investigation to determine the size and scope of the attack, as well as the number of people potentially impacted.

On July 30, 2018, UnityPoint Health notified all impacted individuals by letter of the incident to their last known address.

UnityPoint Health will offer credit-monitoring services for one year to individuals whose Social Security number and/or driver’s license number were included in the compromised email accounts. UnityPoint Health has established a dedicated and confidential toll-free response line at (888) 266-9285 to answer additional questions.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

July 13, 2018

April 20, 2018 through May 22, 2018

ComplyRight, Inc.

Name, address, telephone number, email address, and Social Security number.

662,000 including 12,155 Wisconsin residents.

On May 22, 2018, ComplyRight, Inc. became aware of a potential issue with their website. Upon learning of this issue, ComplyRight, Inc. disabled the platform and remediated the issue on the website. ComplyRight, Inc. initiated an investigation and concluded that there was unauthorized access to their website, which occurred between April 20, 2018 and May 22, 2018. The forensic investigation determined that personally identifiable information was accessed and/or viewed on the website.

On July 13, 2018, ComplyRight, Inc. notified affected individuals by mail and is providing credit monitoring services for 12 months through TransUnion.

ComplyRight, Inc. has set up a dedicated response line at 1-844-299-7772 that is staffed Monday through Friday 9:00am to 9:00pm (EST)

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

July 3, 2018

April 26, 2018

Macy's Inc.

First and last names; full addresses; phone numbers; email addresses; birthdays (not including year); and debit and credit card numbers with expiration dates.

Unknown – it is undetermined at this time the number of individuals affected by this breach.

On June 11, 2018, Macy’s became aware of suspicious login activities related to Macys.com customer profiles. Macy’s believes that an unauthorized third party, from April 26, 2018, through June 12, 2018, used valid customer usernames and passwords to login into customer profiles. Macy’s believes the third party obtained these usernames and passwords from a source other than Macy’s. On June 12, 2018, Macy’s blocked profiles with suspicious logins and purged all payment card data.

On July 3, 2018, Macys notified affected customers by mail of this incident and is providing credit monitoring services to affected individuals for 12 months through www.allclearid.com.

Macy’s Support Agents can be contacted at 1-855-861-4018 to answer questions.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

June 22, 2018

January 14, 2018

Manitowoc County, WI

First name, last name, Social Security number, address, date of birth, phone number, email address, health insurance information, diagnoses, prescription information, and client identification number.

Approximately 450 Wisconsin residents.

On April 24, 2018, Manitowoc County became aware of unauthorized access to their email system. Manitowoc County suspects that a phishing attack on January 14, 2018, allowed an unauthorized third party access to county emails. Some of these emails contained personal protected health information related to treatment services.

Upon becoming aware of the incident, Manitowoc County immediately blocked access to the third party and initiated an investigation to determine what information had been disclosed.

Manitowoc County sent individual notices to all affected individuals that had updated contact information on file. An additional notice was posted to their website at http://www.co.manitowoc.wi.us/media/6336/notice-of-data-breach.pdf. Manitowoc County provided credit-monitoring services for one year to individuals whose Social Security number was included in the compromised emails.

For further information and assistance, please contact the Manitowoc County Corporation Counsel, Peter Conrad, at (888) 811-5636 between 9:00 a.m. - 4:00 p.m. CT

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

June 20, 2018

First week of May 2018

Educational Employees' Supplementary Retirement System of Fairfax County

Names, addresses, and Social Security numbers.

3,332 affected individuals including 9 Wisconsin residents.

On May 7, 2018, the Educational Employees’ Supplementary Retirement system (ERFC) became aware of a data security incident that occurred in connection with the mailing of ERFC’s Spring 2018 Newsletters to certain retirees. The retiree’s Social Security numbers were included in the mailing label above the name and address.

Upon learning of the security incident, ERFC confirmed that the printing company, Master Print., destroyed all documents containing Social Security numbers. ERFC notified affected individuals by mail and has provided credit-monitoring services for one year through Experian IdentityWorks.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

June 7, 2018

April 8, 2018

RISE Wisconsin Inc.

Name, address, date of birth, Social Security number, and for some, limited health information.

3,731 affected individuals, according to RISE Wisconsin the majority of these individuals are Wisconsin residents.

On April 8, 2018, RISE Wisconsin discovered that they had been the target of a ransomware attack. RISE Wisconsin immediately took action and took their systems offline. RISE Wisconsin engaged independent computer forensics experts to determine how the incident occurred and if an unauthorized intruder had accessed information. Although the investigation did not identify any evidence of access to anyone’s information, RISE Wisconsin could not rule out that personally identifiable information may have been compromised.

RISE Wisconsin has notified law enforcement and is cooperating with their investigation.

On June 7, 2018, RISE Wisconsin mailed letters to individuals potentially impacted by this event. RISE Wisconsin is offering identity protection services through Kroll to potentially impacted individuals at no cost.

RISE Wisconsin has established a toll-free call center to answer questions about the incident and related concerns. The call center is available Monday through Friday from 8:00 AM to 5:00 PM, Central Time at 1-800-733-9212.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

April 2018

March 23, 2018

Access Group Education Lending

Names, driver's license numbers, and Social Security numbers.

Approximately 16,500 borrowers (unknown if any Wisconsin residents are affected).

On March 28, 2018, Access Group Education Lending became aware of a data breach that occurred on March 23, 2018 when one of its vendors sent out files containing personally identifiable information to another business. Access Group Education Lending is assured that the vendor who received the files deleted them and did not retain copies.

Access Group Education Lending notified those individuals affected by letter, and is offering free credit monitoring services for one year.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

April 16, 2018

November 1, 2017 through February 7, 2018

UnityPoint Health

Social Security Numbers, dates of birth, medical record numbers, treatment & surgical information, insurance, and other financial information.

Approximately 16,000 individuals affected, an unknown number of these individuals are Wisconsin residents.

On February 15, 2018, UnityPoint Health discovered their email system was the victim of a phishing attack that compromised some employee email accounts.

Upon learning of the incident, UnityPoint Health promptly took action to secure the impacted email accounts, changed passwords, and engaged external cybersecurity professionals to analyze what information might have been contained in the impacted accounts.

On April 16, 2018, UnityPoint Health notified all impacted individuals by letter of the incident.

UnityPoint Health has established a dedicated and confidential toll-free response line at 855-331-3612 to answer additional questions.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

April 5, 2018

September 27 - October 12, 2017

Best Buy Co., Inc.

Payment card information.

An unknown number of Best Buy customers, whether or not they used the computer chat support.

Best Buy announced that in late March a third-party vendor had notified them of an intrusion that occurred in the vendor’s system. The third-party vendor, [24]7.ai Inc, provides phone and computer chat support for Best Buy.

Malicious code was inserted into the third-party vendor’s system on September 26, 2017. The third-party vendor discovered and contained the code on October 17, 2017. The code may have allowed unauthorized users to gain access to payment information of consumers who shopped online during that time, regardless of whether or not the consumers used the computer chat support.

Best Buy is collaborating with their third-party vendor and have notified law enforcement. They are working to identify and notify affected consumers. Free credit monitoring services will be available to the impacted individuals.

Best Buy recommends consumers review their payment card account statements closely, and contact their card issuer if they notice any fraudulent charges. Consumers who have further questions can contact at 247incident@bestbuy.com.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

April 4, 2018

September 26, 2017 - October 12, 2017

Delta Airlines and [24]7.ai

Name, address, payment card number, CVV number, and expiration date.

Unknown number of affected individuals.

On March 28, Delta was notified by [24]7.ai, a company that provides online chat services for Delta and many other companies, that [24]7.ai had been involved in a cyber-incident. The incident occurred at [24]7.ai from Sept. 26 to Oct. 12, 2017. During this time certain customer payment information for [24]7.ai clients, including Delta, may have been accessed.

Upon being notified of [24]7.ai’s incident, Delta immediately began working with [24]7.ai to understand the impact of the incident and has since confirmed that the incident was resolved by [24]7.ai last October.

Delta has established the following website to address customer questions and concerns: www.delta.com/response

Delta has partnered with AllClear ID to offer a suite of credit monitoring services to those who may be impacted, for two years, starting on April 7, 2018. Delta customers who believe they made a purchase on the delta.com desktop platform between Sept. 26 and Oct. 12, 2017 should visit delta.allclearid.com to enroll in the free protection services being offered.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

April 4, 2018

September 27 - October 12, 2017

Sears Holding Corp.

Payment card information.

Less than 100,000 customers who completed an online order on Sears.com or Kmart.com.

Sears Holdings Corp announced that in late March a third-party vendor had notified them of an intrusion that occurred in the vendor’s system. The third-party vendor, [24]7.ai Inc, provides phone and computer chat support for Sears and Kmart.

Malicious code was inserted into the third-party vendor’s system on September 26, 2017. The third-party vendor discovered and contained the code on October 17, 2017. The code may have allowed unauthorized users to gain access to payment information of consumers who shopped online during that time, regardless of whether or not the consumers used the computer chat support.

Sears sent emails to affected consumers on April 6, 2017, and will follow up with a notification through the mail. Free credit monitoring services will be available to the impacted individuals.

Consumers who have further questions can find information at Searsholdings.com/update, or by calling toll-free at 888-488-5978.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

April 3, 2018

February 5, 2018

The Management Group working as a consultant for the Wisconsin Department of Health Services IRIS (Include, Respect, I Self-Direct) Program

Laptop which may have contained names, addresses, dates of birth, Medicaid numbers, financial information, and Social Security numbers.

779 IRIS Program participants.

On February 5, 2018, a laptop with a workbag was stolen from a consultant for The Management Group. The Management Group is a business associate of the Wisconsin Department of Health Services and serves as a consultant agency for the IRIS Program. The laptop may have contained personal information for IRIS Program participants. While the laptop was encrypted to protect the information, the password to the laptop was in the stolen workbag.

Affected participants will be provided one year of complimentary identity theft protection services.

Participants who have additional questions can call (844) 864-8987 from 8 AM to 5 PM, Monday through Friday, or email ComplianceGuide@tmgwisconsin.com.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

April 1, 2018

Unknown

Hudson's Bay Company dba Saks Fifth Avenue, Saks OFF 5TH, and Lord & Taylor

Payment card data

Consumers who used credit or debit cards to make purchases at certain Saks Fifth Avenue, Saks OFF 5TH, and Lord & Taylor stores in North America. There are no indications that it affected their e-commerce platform.

Hudson’s Bay Company says that payment card data may have been affected by a security incident.

Authorities and payment processors were notified about the incident. They are working with a data security investigators to obtain the information to accurately notify their customers of what information was affected. They will offer those customers impacted free identity theft protection services.

Hudson’s Bay Company is establishing a dedicated call center that will start on April 4, 2018. The call center’s phone number will be (855) 270-9187, and it will be staffed from 8 AM to 8 PM Central time, Monday-Saturday.

Individuals should review their statements and notify their financial institutions if they see unauthorized charges.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

March 29, 2018

Late February 2018

UnderArmour dba MyFitnessPal

Usernames, email addresses, and hashed passwords

Approximately 150 million user accounts.

On Thursday, March 25, 2018, Under Armour Inc dba MyFitnessPal discovered an unauthorized user acquired data associated with user accounts including user names, email addresses, and hashed passwords.

Under Armour Inc is conducting an ongoing investigation to determine the extent of the issue. They are working with a data security firm, and cooperating with law enforcement. Under Armour Inc is emailing affected users information on how to protect their data, and requiring affected users to change their passwords.

Consumers can visit https://content.myfitnesspal.com/security-information/notice.html for the most up to date information.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

February 22, 2018

February 1, 2018

UW-Superior Alumni Association

Name, home address and Social Security number.

1,758 Wisconsin residents who were members of the UW-Superior Alumni Association.

On Thursday, February 1, 2018, the UW-Superior Alumni Association sent out a Mississippi River Cruise brochure to its members. On February 5, 2018, the UW-Superior Alumni Association discovered that the ID number for our alumni who graduated during a certain time might have been the same as the student ID number (social security number) used while in attendance at UW-Superior. The personal information that may have been viewable on the brochure included first and last names, home addresses and social security numbers.

After learning of this situation, UW-Superior Alumni Association began cleaning the alumni and friend database and replacing "old" ID numbers, and worked with their travel vendor to delete all mailing data used for the brochure. UW-Superior Alumni Association is also providing one year of complimentary identify theft protection and credit monitoring services.

Any additional questions regarding the breach can be directed to UW-Superior Alumni Association at 715-394-8452.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

January 31, 2018

Between October 3rd and December 22nd, 2017

Travelocity

Payment card number and CVV.

Three Wisconsin residents who used the travel rewards redemption program were affected by the breach.

On Friday January 5th, 2018 RBC-a travel rewards redemption platform operated by Travelocity, observed increased fraudulent payment activity on RBC-issued cards that were processed on the platform. The unauthorized access of the platform resulted in the exposure of payment card information and CVV numbers.

Upon learning of the incident, Travelocity took immediate steps to investigate with the assistance of a leading cybersecurity firm, contacted law enforcement and payment card processors and enhanced the security of the affected platform.

Travelocity has established a hotline at 1-800-204-4048 to address additional questions or concerns about the incident.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

December 28, 2017

May 10, 2017

The Department of Homeland Security

Names, Social Security numbers, dates of birth, positions, grades, duty stations, alien registration numbers, email addresses, phone numbers and addresses.

Approximately 246,167 current (and former) federal government employees, who were employed directly by DHS during 2014. As well as subjects, witnesses, and complainants who were both DHS employees and non-DHS employees. The number of Wisconsin residents who were impacted is unknown.

On Wednesday, May 10, 2017, as part of an ongoing criminal investigation conducted by The Department of Homeland Security (DHS) Office of the Inspector General (OIG) and the U.S. Attorney’s Office, DHS OIG discovered an unauthorized copy of its investigative case management system in the possession of a former DHS OIG employee. The compromised information included names, Social Security numbers, dates of birth, positions, grades, duty stations, alien registration numbers, email addresses, phone numbers and addresses contained in the DHS OIG case management system.

DHS is working to protect the information of affected employees and prevent similar incidents from occurring in the future. DHS OIG has implemented a number of security precautions to further secure the DHS OIG network, and is providing AllClear ID protection services to affected individuals for 18 months at no cost.

Affected individuals may contact AllClear ID at (855) 260-2767 and a dedicated investigator will assist with any questions or issues.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

December 8, 2017

November 20, 2017

Village of Nashotah

Names, addresses, dates of birth and drivers license numbers.

Between 980 and 1000 Wisconsin residents who were registered voters with the Village of Nashotah.

On Monday, November 20, 2017, the Village of Nashotah’s computer system was infected with Ransomware, which may have exposed the personal information of village residents listed on the voter registration rolls. The voter registration rolls include the voter’s name, address, date of birth and driver’s license number. The voter registration rolls do not include the voter’s social security numbers or any credit card information.

Upon learning of the incident, the Village of Nashotah immediately notified law enforcement officials who launched a criminal investigation, and computer specialists to halt further damage. The Village of Nashotah also notified the three nationwide consumer reporting agencies. The Village is working with two IT firms to develop additional measures that can help prevent this type of incident from happening again.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

November 17, 2017

Between July 21 and July 28, 2017

Medical College of Wisconsin

Patients’ names, home addresses, dates of birth, medical record numbers, health insurance information, date(s) of service, surgical information, diagnosis/condition, and/or treatment information. A limited number of Social Security numbers and bank account information.

7,289 Wisconsin residents who were patients of the Medical College of Wisconsin during the time of the breach.

Between July 21 and July 28, 2017, the Medical College of Wisconsin (MCW) learned that a small number of faculty and staff were victims of a spear phishing attack to their email system. An unauthorized third party accessed a limited number of email accounts that contained patients’ protected health information. The compromised information included patients’ names, home addresses, dates of birth, medical record numbers, health insurance information, date(s) of service, surgical information, diagnosis/condition, and/or treatment information. Social Security numbers and bank account information for a very small number of patients were also contained within the affected email accounts.

Upon discovering the issue, MCW promptly disabled the impacted email accounts, required password changes, and commenced an investigation with a computer forensic firm to analyze the extent of any compromise to the email accounts and the security of the emails and attachments contained within them. MCW is offering credit monitoring and identity theft restoration services to those individuals whose Social Security numbers were potentially compromised.

The Medical College of Wisconsin has established a call center for patients at 1-844-666-7416, to answer additional questions.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

November 15, 2017

October 18, 2017

Saris Cycling Group

Names, addresses and Social Security numbers.

An unknown number of Wisconsin residents who are current or former employees of Saris Cycling Group.

On Wednesday, October 18, 2017, Saris discovered that they had become the target of a phishing email campaign and that an employee had clicked on phishing emails and entered their credentials. An unknown actor gained access to an employee’s email account containing names, addresses and Social Security numbers.

Upon learning of the incident, Saris immediately took steps to secure the employee’s email account and launched an in-depth forensic investigation to determine whether any sensitive information was accessed or acquired. Additionally, Saris is providing free credit monitoring through Kroll to all of those affected by the breach.

Saris has established a dedicated hotline though Kroll at 1-866-599-4455 between 9:00 am and 6:00 pm ET, Monday through Friday, excluding major holidays, to answer additional questions.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

November 22, 2017

October 2016

Uber Technologies Inc.

Names, phone numbers, email addresses and, in some cases, driver license numbers.

2,703 Wisconsin residents who were employees of Uber during the time of the breach.

Uber disclosed on Tuesday, November 21st that hackers had stolen 57 million driver and rider accounts. The hackers stole information from an Amazon Web Services account that housed data about the company’s riders and drivers. The driver’s license numbers of 2,703 Uber employees in Wisconsin, were compromised. Additionally names, phone numbers and email addresses of Uber clients were compromised.

At the time of the incident, Uber took immediate steps to secure the data and shut down further unauthorized access by the individuals. Uber also implemented security measures to restrict access to and strengthen controls on their cloud-based storage accounts. Uber has hired the cybersecurity firm, Mandiant, to investigate the hack.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

October 31, 2017

May 15, 2017

Home Box Office, Inc. (HBO)

Social Security numbers.

Three Wisconsin residents who were customers of HBO during the time of the breach.

In late July 2017, HBO became aware of an incident in which an unauthorized third party claimed to have accessed HBO’s information technology network. The intruder illegally accessed HBO’s network, including the personally identifiable information of customers. The compromised data included customer Social Security numbers.

Upon learning of the breach, HBO responded immediately and is currently cooperating with law enforcement. HBO is working to decrease the chance of a similar occurrence in the future, including implementing additional security measures, internal controls, and safeguards. Additionally, HBO is offering 12 months of free identity theft prevention and mitigation services from AllClear ID.

HBO has established an identity repair assistance line at 1-855-742-6218 through AllClear ID, to address questions Monday through Saturday, 8 a.m. to 8 p.m. Central Time. You may also email AllClear ID’s support center at support@allclearid.com.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

October 30, 2017

October 18, 2017

Kimberly-Clark

Name, date of birth, e-mail address, and child name and date of birth (if provided).

500 Wisconsin residents who had Kimberly-Clark brand online accounts during the time of the breach.

On Friday, October 20th, 2017 Kimberly-Clark identified an organized unauthorized attempt to access registered accounts on their website application. The account profile information that was potentially exposed includes name, date of birth, e-mail address, and child name and date of birth (if provided). No financial information or social security numbers were compromised.

Upon learning of the breach, Kimberly-Clark took immediate action to block the unauthorized access. Kimberly-Clark is conducting maintenance work on the Huggies Rewards app, and locked all Kimberly-Clark user accounts between October 20, 2017 and October 25, 2017. Kimberly-Clark required all affected consumers to reset their passwords.

For more information on Huggies Rewards contact Kimberly-Clark at support@huggiesrewards.zendesk.com. For questions on all other brands, please visit http://www.kimberly-clark.com/contact-us.aspx or 1-888-525-8388.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

October 13, 2017

October 5, 2017

Beer Capitol Distributing

W-2 statement including name, address, Social Security number, and wages.

475 current and former employees of Beer Capitol Distributing who received a W-2 for 2016.

On Thursday October 5, 2017, Beer Capitol Distributing was the target of a criminal email phishing scam. The company received a fraudulent email from an imposter who was posing as an executive of the company. As a result of the cyber scam, the personal information of current and former employees of Beer Capitol Distributing, including name, address, social security number, and wages earned during the reporting period, was compromised.

Upon learning of the incident, Beer Capitol Distributing immediately began an investigation with the assistance of a forensic IT consulting firm and law enforcement agencies. Beer Capitol Distributing has notified the FBI, the Internal Revenue Service and the Wisconsin Department of Revenue so that they are aware of the possibility of the filing of fraudulent tax returns based on the disclosed information. Beer Capitol Distributing is also offering Experian identity and credit protection and restoration services at no cost to affected individuals.

Employees with additional concerns or questions may contact Beer Capitol Distributing directly by directing inquiries to Karen Garlock at 262-932-2346 or Karen.garlock@beercapitol.com.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

October 3, 2017

Thursday, September 28, 2017

Whole Foods Market

Credit and debit card data.

An unknown number of Wisconsin residents who made a purchase with their debit or credit cards at Whole Foods Market in Wauwatosa, WI during the time of the breach.

On Thursday, September 28, Whole Foods Market discovered unauthorized access of payment card information used at certain venues such as taprooms and full table-service restaurants located within some stores. These venues use a different point of sale system than the company’s primary store checkout systems, and payment cards used at the primary store checkout systems were not affected.

Upon learning of the incident, Whole Foods Market launched an investigation, obtained the help of a leading cyber security forensics firm, contacted law enforcement, and is taking appropriate measures to address the issue. Whole Foods Market is conducting an ongoing investigation and will provide updates as more information is acquired.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

October 3, 2017

Wednesday, September 27, 2017

Sonic Drive-In

Credit and debit card data.

An unknown number of Wisconsin residents who made a purchase with their debit or credit card at a Sonic restaurant during the time of the breach.

On Wednesday, September 27, Sonic Drive-In discovered that credit and debit card numbers may have been acquired without authorization as part of a malware attack experienced at certain Sonic Drive-In locations.

Upon learning of the incident, Sonic immediately contacted law enforcement and began working with experienced third-party forensics firms to help in the investigation of the data breach. Sonic is offering affected customers 24 months of free fraud detection and identity theft protection through Experian’s IdentityWorks program.

Sonic has set up a hotline that affected consumers may contact with additional questions at 877-534-7032.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

September 29, 2017

July 25-28, 2017

Briggs & Stratton

Name, address, phone number, email address, account login credentials, employee ID, state ID number, driver’s license number, ITIN number, medical and health insurance information, passport number, date of birth and Social Security number.

An unknown number of Wisconsin residents who are current or former employees of Briggs & Stratton or health care dependents and insurance beneficiaries of those employees.

On Tuesday July 25, 2017 Briggs & Stratton discovered a malware attack of the computer systems at their Milwaukee, WI and Munnsville, NY locations. The potentially compromised information included name, address, phone number, email address, account login credentials, employee ID, state ID number, driver’s license number, ITIN number, medical and health insurance information, passport number, date of birth and Social Security number.

Upon learning of the incident, Briggs & Stratton immediately notified the FBI, the Department of Homeland Security and the Wisconsin Department of Justice. Briggs & Stratton has hired forensic consultants to eradicate the malware. Additionally, Briggs & Stratton is offering one year of free credit monitoring to all affected individuals.

Briggs & Stratton has established a dedicated incident response line at 1-888-396-9514 or visit https://www.basco.com to answer additional questions.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

September 22, 2017

51,232 members of Network Health.

In early August, two Network Health staff members were identified as the victims of a sophisticated email phishing attack by an unauthorized party which resulted in the potential exposure of their company emails. The potentially exposed information includes member names and IDs, provider information, addresses, phone numbers and dates of birth.

Upon discovering the attack, Network Health took prompt action to secure the affected email accounts, to contain the impact and prevent further threats from the intruder. A forensic security expert was engaged to assess the attack and federal law enforcement officials were notified and are investigating the matter. Additionally, Network Health is offering one year of free identity theft protection and monitoring to affected individuals.

Network Health has established a dedicated call center at 855-609-5849 to answer any questions regarding the incident.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

September 7, 2017

Between mid-May and July 29th, 2017

Equifax

Names, Social Security numbers, birth dates, addresses, some credit card numbers and the numbers of some driver's licenses.

As many as 145.5 million U.S. consumers (updated from 143 million on 10/3/17).

On Thursday, September 7th, Equifax discovered a cybersecurity incident that exploited a U.S. website application vulnerability to gain access to certain files. The information accessed primarily includes names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. In addition, credit card numbers for approximately 209,000 U.S. consumers, and certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers, were accessed. There is no evidence of unauthorized access to core consumer or commercial credit reporting databases.

Upon learning of the incident, Equifax hired an independent cybersecurity firm that has been conducting a comprehensive forensic review to determine the scope of the intrusion, including the specific data impacted. Equifax is conducting an ongoing investigation and is working with law enforcement and authorities. Additionally, Equifax is offering free credit monitoring through TrustedID Premier to all U.S. consumers. Consumers can log into www.equifaxsecurity2017.com to determine if their information has been potentially impacted and to sign up for credit file monitoring and identity theft protection. Equifax is working with a leading cybersecurity firm to help prevent this type of incident from happening again.

Equifax has established a dedicated call center at 866-447-7559, to assist consumers. The call center is open every day (including weekends) from 7:00 a.m. – 1:00 a.m. Eastern Time.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

August 17, 2017

August 7, 2017

Fiduciary Management, Inc.

Name, organization or trust name, Social Security number or Taxpayer Identification number, and custodial bank or brokerage account number.

966 Wisconsin residents who had accounts with Fiduciary Management, Inc. were potentially impacted.

On Monday, August 7, 2017, Fiduciary Management Inc. discovered that the email account of one of their employees was subject to unauthorized access. Compromised information included names, organization or trust’s names, Social Security numbers or Taxpayer Identification numbers, and custodial bank or brokerage account numbers.

Upon learning of the incident, Fiduciary Management Inc. immediately terminated the unauthorized access, began an investigation with the assistance of a third party forensic investigator and reported the incident to the police. Fiduciary Management Inc. is reviewing their data security policies, procedures and staff privacy training, as well as identifying potential improvements to existing security to reduce the risk of a similar incident occurring in the future. Additionally, Fiduciary Management Inc. is offering two years of credit monitoring and identity restoration services from Experian.

For additional questions, affected consumers should contact President John Brandser at 414- 226-4545.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

August 16, 2017

Between April 2015 and June 23, 2017

Native Canada Footwear Ltd.

Customer name, address, email, telephone number and credit or debit card information.

148 Wisconsin residents who made Visa or MasterCard purchases through the Native Shoes website during the time of the breach.

On Friday, June 23, 2017, Native Shoes became aware of a potential vulnerability in the security of its website. Native Shoes learned that malware infected the Native Shoes website as early as April 2015 and resided in the website until the system was taken offline on June 23, 2017.The compromised information included customer names, addresses, emails, telephone numbers and credit or debit card information.

Upon learning of the incident, Native Shoes immediately took the system offline and hired well-respected forensics firms to conduct a full investigation into what had happened. Native Shoes is conducting a thorough review of its electronic systems, including those not involved in this incident. Additionally, Native Shoes is offering consumers a year of free credit monitoring services.

Native Shoes has launched a dedicated website, at https://www.nativeshoes.com/08-08-17/breach-help, and a dedicated telephone hotline, at (866) 685-6159, to answer customers’ questions about this incident.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

July 24, 2017

April 12, 2017

Anthem, Inc./Launchpoint Ventures

Medicare ID numbers (which includes a Social Security number), health plan ID numbers (HCID), Medicare contract numbers, dates of enrollment, and a limited number of last names and birthdates.

223 Wisconsin residents who were Medicare beneficiaries that had a Medicare Advantage plan.

On April 12, 2017, Anthem’s Medicare insurance coordination services vendor, LaunchPoint learned an employee was likely involved in identity theft-related activities. LaunchPoint found that the employee emailed a file with protected health information (PHI) to his personal email address on July 8, 2016. The personal information that was compromised included Medicare ID numbers, (which includes a Social Security number), health plan ID numbers (HCID), Medicare contract numbers, dates of enrollment and a limited numbers of last names and birthdates.

Upon learning of the incident, LaunchPoint terminated the employee, hired a forensic expert to investigate, and is working with law enforcement. The employee is in prison and is under investigation by law enforcement for matters unrelated to the emailed Anthem file. LaunchPoint is also offering affected members two years of credit monitoring and identity theft restoration services with AllClear ID at no cost.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

July 16, 2017

May 30, 2017

Dow Jones & Company

Names, addresses, account information, email addresses, and last four digits of credit card.

An unknown number of Wisconsin residents who were customers of Dow Jones & Company during the time of the breach.

On May 30th, 2017 Dow Jones & Company discovered that their cloud-based file repository was configured to allow semi-public access to the sensitive personal and financial details of millions of the company’s customers. The exposed data included the names, addresses, account information, email addresses, and last four digits of credit card numbers of millions of subscribers to Dow Jones publications like The Wall Street Journal and Barron's. The details of 1.6 million entries in a suite of databases known as Dow Jones Risk and Compliance, a set of subscription-only corporate intelligence programs used largely by financial institutions for compliance with anti-money laundering regulations, were also exposed.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

July 12, 2017

June 13, 2017

Verizon

Customer name, account PIN numbers, and a limited number of cell phone numbers.

An unknown number of Wisconsin residents who had accounts with Verizon during the time of the breach.

Verizon recently discovered that an employee of a third party vendor put information into a cloud storage area and incorrectly set the storage to allow external access. The compromised data included customer names, account PIN numbers, and a limited number of cell phone numbers. Verizon confirmed that the only access to the cloud storage area by a person other than Verizon or its vendor was a researcher.

Verizon was alerted of the incident on June 13th, and the leak was closed on June 22. Customers are encouraged to update their PIN number, and never use the same PIN twice.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

July 5, 2017

May 31, 2017

QBE North America

Login credentials.

3 Wisconsin residents who are current and former employees of QBE North America.

On Wednesday, May 31, 2017 QBE North America was the victim of a phishing attack that targeted employee email accounts. The suspicious activity was reported by one of the victims on June 1, 2017. The compromised information included employee login credentials. An investigation concluded that credentials were obtained from five email accounts, and a successful attempt to access the mailboxes was made from Lagos, Nigeria.

QBE is conducting an ongoing investigation and has taken steps to contain the incident and further understand its impact. The employees who accessed the phishing site have been identified and have had their passwords reset. QBE is continuing their efforts to inform and educate users of phishing techniques and train employees on how to properly identify and react to suspicious email behavior.

Additional questions or concerns in regards to the data breach may be directed towards Jennifer Vernon, Privacy Official for QBE North America at 608-825-5827.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

June 30, 2017

May 31, 2017

Community Link, Inc.

First name, last name, Social Security number.

5,500 Wisconsin residents who were members of Community Link, Inc. during the time of the breach.

On Wednesday, May 3, 2017 Community Link, Inc. discovered that an unauthorized party gained access to an employee work email account. An email in the employee’s account contained a limited number of members’ information, including member names, social security numbers, and member identification numbers, which are social security numbers.

Upon learning of the incident, Community Link immediately locked down the email account and began an investigation. Community Link is offering one free year of Experian’s ProtectMyId Alert. Community Link is implementing additional security measures for the access of email accounts, use of mobile devices, additional password protection and training for staff on privacy and security policies and procedures.

For additional questions or concerns in regards to the data breach, please contact 1-855-878-8555 between 8:00am and 5:00pm Central time Monday through Friday.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

June 22, 2017

April 2017

U.S. Cellular

Username and password, Social Security number, name, address and cellular telephone number.

An unknown number of Wisconsin residents who had accounts with U.S. Cellular during the time of the breach.

U.S. Cellular recently discovered unusual activity on their My account login system. The attack indicated that hackers obtained user names and passwords from a third-party source to access U.S. Cellular accounts. Compromised information included user name and password, Social Security number, name, address and cellular telephone number.

Upon learning of the incident, U.S. Cellular expired current passwords and disabled accounts of former customers. U.S. Cellular also introduced additional technical control to protect My account from unauthorized access. Additionally, U.S. Cellular reported the incident to law enforcement as well as certain state agencies. Finally, U.S. Cellular is offering 12 months of free credit monitoring services through Equifax Credit Watch Gold.

Contact the customer service department of U.S. Cellular at 1-888-944-9400 to change your PIN.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

June 18, 2017

May 26, 2017

Bed Bath & Beyond

Username and password

Potentially 35 Wisconsin residents who have online accounts with Bed Bath & Beyond.

Bed Bath & Beyond recently discovered suspicious website activity. An unauthorized individual was attempting to login into Bed Bath & Beyond accounts by guessing commonly used passwords or by obtaining usernames and passwords from another source. The compromised information included usernames and passwords of online account holders.

Upon learning of the incident, Bed Bath & Beyond promptly investigated the suspicious activity. Bed Bath & Beyond then blocked the source of the unauthorized logins from any future access. For additional protection, Bed Bath & Beyond also locked all affected accounts, disabled passwords and will require new passwords for future account access.

For more information about this incident, or for additional questions or concerns about this incident, affected consumers may contact Bed Bath & Beyond at 1-844-268-5469.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

May 25, 2017

Prior to June 2013

Allrecipes.com

Email addresses and passwords.

An unknown number of Wisconsin residents who were registered members of Allrecipes.com during the time of the breach.

Allrecipes.com recently determined that the email address and password typed into allrecipes.com by members when they created or logged into their accounts prior to June 2013 may have been intercepted by an unauthorized third party. The compromised information included email addresses and allrecipes.com passwords created prior to June 2013.

Allrecipes.com recommends that all members who registered or logged into allrecipes.com prior to June 2013 promptly change their password. Allrecipes.com is taking other steps as well and will continue to work diligently to deter unauthorized activity.

For additional questions about this matter, consumers may visit the website at http://allrecipes.com/.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

May 25, 2017

March 16, 2017

UW Health

Patient's name; address; date of birth; date of service; provider's name; reason for visit; medical history and conditions; medications; diagnostic results; and/or social history.

2,036 Wisconsin residents who were patients of UW Health.

On Tuesday March 28, 2017, UW Health became aware that patient information was compromised after an employee's email account was used by an unauthorized user. The compromised information included patient’s name, address, date of birth, date of service, provider’s name, reason for visit, medical history and conditions, medications; diagnostic results and/or social history. UW Health says patients’ medical records, Social Security numbers, credit card numbers, health insurance numbers, or other financial information were not included in the emails.

Upon learning of the incident, UW Health says they immediately started an investigation and disabled the account and password.

UW Health has established a call center to answer questions. If you feel you may be impacted and did not get a letter by June 8, or have questions about this incident call 1-888-742-9174 Monday through Friday between 1 a.m. and 8 p.m. Central Time.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

May 24, 2017

May 15, 2017

BMO Harris Bank

Names, addresses, last four digits of the Social Security numbers, account numbers, IRA contributions for 2016, and Fair Market Value of the IRA.

13,581 Wisconsin residents who had accounts with BMO Harris Bank during the time of the breach.

On Monday, May 15, 2017, BMO Harris Bank discovered an error in the production of 2016 IRS Form 5498 for BMO Harris Bank IRA accounts through which some customers received their own Form 5498 along with another customer’s Form 5498, while other customers did not receive any form. The compromised information included name, address, the last four digits of the Social Security number, account number, IRA contributions for 2016, and Fair Market Value of the IRA as of December 31, 2016.

Upon learning of the incident, BMO Harris has made every effort to ensure forms received in error were destroyed or returned to the Bank, and customers who did not receive their form will receive it by mail no later than May 31, 2017. Additionally, BMO Harris is offering one free year of identity theft protection and credit monitoring to impacted customers.

For more information about this incident, or for additional questions or concerns, affected consumers may contact BMO Harris Bank directly at (202) 257-2762 or phank@ballardspahr.com.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

May 15, 2017

March 7, 2017

Capital First Trust Company

User email accounts; shared files; names; addresses; account numbers; driver's license numbers; and Social Security numbers.

16 Wisconsin residents who had online accounts with Capital First Trust Company.

On March 7, 2017 Capital First Trust detected suspicious activity related to Capital First's online accounts. Capital First began an internal investigation and on April 7, 2017, and confirmed that an unauthorized user had gained access to Capital First user accounts. Compromised information included email accounts, shared files, names, addresses, account numbers, driver's license numbers, and Social Security numbers.

Upon learning of the incident, Capital First began working with a computer forensics company to further enhance security, including adding new, stronger password and encryption measures to its systems. Capital First will offer 12 months of credit monitoring and identity theft protection through Kroll to its clients at no cost.

Capital First remains dedicated to protecting the sensitive information of its systems. For questions or additional information, please do not hesitate to contact MVentrone@ThompsonCoburn.com or (312) 580-2219.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

May 15, 2017

Between December 20, 2016 and March 3, 2017

Kuru

Cardholder's name, addresss, card number, expiration data and CVV.

An unknown number of Wisconsin residents who made a purchase at Kuru’s online website during the time of the breach.

On Thursday, February 22, 2017 Kuru discovered that they were the victim of a sophisticated cyber-attack that resulted in the potential compromise of customer debit and credit card data used at www.kurufootwear.com. The compromised information included cardholder’s name, address, card number, expiration date and CVV.

Upon learning of the incident, Kuru immediately began to work with third-party forensic experts to investigate and implement procedure to further protect customer credit and debit card information. Kuru removed the malware to prevent additional unauthorized access. The FBI is conducting an ongoing investigation, and Kuru continues to work with third-party forensic investigators as well as law enforcement to ensure the security of their systems. At this time consumers can safely use their payment cards on the website.

Kuru has established a dedicated assistance line at 888-738-0532 to answer any additional questions about the incident.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

May 12, 2017

Between April 4, 2016 and March 1, 2017

Brooks Brothers

Payment card data including name, payment card account number, card expiration data, and card verification code.

An unknown number of Wisconsin residents were affected by the breach. Three Brooks Brothers locations were affected in Wisconsin. They are located in Glendale, Pleasant Prairie, and Oshkosh.

Brooks Brothers was recently alerted that an unauthorized individual was able to gain access to and install malicious software designed to capture payment card information on some of their payment processing systems at retail and outlet locations. The compromised information included name, payment card account number, card expiration date, and card verification code. The incident did not affect Social Security numbers, customer addresses, or any other sensitive personal information.

Upon learning of the incident, Brooks Brothers took immediate action including initiating an internal review, engaging independent forensic experts to assist in the investigation, remediation of their systems and alerting law enforcement. Brooks Brothers continues to review and enhance their security measures and confirms that this issue has been resolved and is no longer impacting transactions.

For more information about this incident, or for additional questions or concerns about this incident, affected consumers may contact Brooks Brothers directly at 888-735-5927.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

April 25, 2017

Between March 24th, 2017 and April 18th, 2017

Credit and debit card data.

An unknown number of Wisconsin residents who made a purchase with their debit or credit card at a Chipotle restaurant during the time of the breach.

Chipotle recently detected unauthorized activity on their network that supports payment processing for purchases made in Chipotle restaurants. Potentially compromised personal information includes credit and debit card numbers.

Upon learning of the incident, Chipotle immediately began an investigation with the help of leading cyber security firms, law enforcement, and their payment processor. Chipotle has taken steps to stop the unauthorized activity, and has implemented additional security enhancements. Chipotle is conducting an ongoing investigation, and will provide further notification to any affected customers as they obtain clarity about the specific timeframes and restaurant locations that may have been affected.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

April 10, 2017

March 31, 2016 - December 9, 2016

Payless Décor LLC

Payment card data.

122 Wisconsin residents who had customer accounts with Payless Décor LLC.

From March 31, 2016, through December 9, 2016, there was illegal and unauthorized access to customer account information. An unauthorized individual may have used the Internet to gain access to customer payment card data. No CVV information associated with payment cards was accessed.

Upon initial discovery of the breach, the Payless Décor LLC platform provider immediately disabled the ability of the altered code to capture payment card and other data, quarantined malicious files it discovered, created alerts to detect and block traffic from suspicious IP addresses and changed administrative passwords. Payless Décor LLC is implementing additional internal controls and safeguards to prevent a recurrence of such an attack.

For further information and assistance, consumers may contact Seth Roseman or Jennifer Lord at 800-925-4635 at Payless Décor LLC.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

April 7, 2017

Mid-September 2016 - February 2017

GameStop

Customer card number, expiration date, name, address and card verification value (CVV).

An unknown number of Wisconsin residents who made a purchase with a payment card on the GameStop.com website during the time of the breach.

GameStop recently received notification from a third party that it believed payment card data from cards used on the GameStop.com website was being offered for sale on a website. The compromised personal information may include customer card numbers, expiration dates, names, addresses and card verification values (CVV).

Upon initial discovery of the breach, GameStop hired a leading security firm to investigate. GameStop has and will continue to work non-stop to address the data breach and take appropriate measures to eradicate any issue that may be identified.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

March 29, 2017

March 28, 2017

W-2 information including name, address, Social Security number and earnings information for 2016.

8 Wisconsin residents who are current and former employees of Toole Design Group LLC and received a W-2 for 2016.

On Tuesday, March 28, 2017 Toole Design Group LLC was the target of a phishing email scam, which asked an employee to forward 2016 W-2 information to a fraudulent email address. The compromised information included employees’ names, addresses, Social Security numbers and earning information for 2016.

Upon learning of the incident, Toole Design Group LLC took all of the necessary steps to address the incident and to prevent it from happening again. Toole Design Group LLC is offering a 36-month membership to EXPERIAN IDENTITYWORKS for all affected employees.

If employees have any additional questions, they may contact Eric, RJ or Jennifer Toole at 301-927-1900, or by email.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

March 10, 2017

November 28, 2016

Patient first and last name, procedure codes, dates of service, patient account number or patient control number, provider identification number and Social Security number in some cases.

An unknown number of Wisconsin residents who were patients of Metropolitan Urology Group between 2003 and 2010.

On Tuesday, January 10, 2017, Metropolitan Urology Group was made aware that a ransomware attack that occurred on November 28, 2016 exposed certain patient health information to the hackers who infected two servers with the ransomware virus. The compromised information included patient first and last name, procedure codes, dates of service, patient account number or patient control number, provider identification number and less than five patients also had their social security numbers exposed.

Metropolitan Urology Group has been working with a premier, international information technology firm to remove the ransomware virus and is taking steps to ensure that such attacks never occur again. Information technology vendor, Digicorp, will be working with Metropolitan Urology Group to provide training on information security.

Metropolitan Urology Group has established a hotline for patients to call,1-844-856-0331 between 9 am and 9 pm, Monday through Friday, Eastern Standard Time, to answer additional questions.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

March 8, 2017

December 14, 2016 to February 6, 2017

prAna

Customer name, address, phone number, email address, payment card number, expiration date and security code (CVV), username and website account password.

7,569 Wisconsin residents who used prAna’s e-commerce website between December 14, 2016 and February 6, 2017.

On Tuesday, February 6, 2017 prAna detected that an unauthorized third party may have obtained access to the servers that operate its e-commerce website, www.prana.com. An unauthorized third party installed code that was designed to capture information as it was being entered on the site during the checkout process between December 14, 2016 and February 6, 2017. The compromised information included customer name, address, phone number, email address, payment card number, expiration date and security code (CVV), username and account password for the website.

Upon learning of the incident, prAna quickly began an investigation and hired a leading cybersecurity firm to investigate and remediate the website. PrAna also notified the FBI who is conducting an ongoing investigation. PrAna is requiring users to change their account passwords, and continues to strengthen the security of its e-commerce website.

PrAna has established a toll free number to contact at 1-844-685-5625, Monday through Friday from 9am to 9pm for additional questions.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

March 7, 2017

February 13, 2017

QualiChem Inc.

2016 W-2 information.

1 Wisconsin resident who is an employee of QualiChem Inc. and received a W-2 for 2016.

On Monday, February 13, 2017 an employee of QualiChem Inc. fell victim to a fraudulent email phishing scheme requesting W-2 wage information. The QualiChem employee sent the W-2 information of QualiChem’s approximately 84 employees. QualiChem did not learn of the incident until March 6, 2017 when fraudulent tax returns were filed.

Upon learning of the incident, QualiChem Inc. immediately took steps to notify law enforcement and the IRS. QualiChem Inc. is planning to work with the FBI to bring the perpetrators to justice.

If employees have any additional questions or need assistance, they may contact Buddy Hill, QualiChem CFO at 540-375-6700 x 1027 or email jhill@qualichem.com.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

March 14, 2017

August 2014

Science Mobile LLC, DBA the Wishbone App

User names, email addresses, telephone numbers and dates of birth.

46 Wisconsin residents who have accounts with the Wishbone app.

On March 14, 2017 Wishbone became aware that unknown individuals may have had access to an API without authorization and were able to obtain account information of its users. The information involved in the incident included Wishbone users’ user names, email addresses, and telephone numbers, and in certain cases, dates of birth. However, no passwords, user communications or financial account information were compromised in the incident.

Upon learning of the incident, Wishbone immediately acted to investigate and initiate precautionary measures. Although no passwords were compromised in the incident, users may wish to consider changing their password as a preventative measure.

Affected users may contact info@getwishboneapp.com with additional questions.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

March 7, 2017

February 9, 2017

Dairy Management Inc.

W-2 information including name, address, Social Security number and current earnings.

3 Wisconsin residents who are current and former employees of Dairy Management Inc. and received a W-2 for 2016.

On Thursday, February 9, 2017 Dairy Management Inc. was the target of a data breach involving employees’ W-2 information. Compromised information included employees’ names, addresses, Social Security numbers and current earnings.The breach was discovered when two employees attempted to electronically file their 2016 tax returns, and they were rejected by the IRS.

Upon learning of the incident, Dairy Management Inc. immediately reported the breach to the police, ADP their bank and the IRS. Dairy Management Inc. will provide a credit monitoring service for each affected employee.

If employees have any additional questions, they may contact Bob Stone at bob.stone@dairy.org or 847-627-3231, or Bill Cusick at bill.cusick@dairy.org or call 847-627-3267.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

February 23, 2017

January 24, 2017

John Deere Financial

Name, Social Security number, John Deere financial account number and balance information.

2 Wisconsin residents with John Deere financial accounts.

On January 24, 2017 an incident occurred in which John Deere Financial sent a misdirected email that included the personal information of clients. The compromised personal information included names, Social Security numbers, John Deere financial account numbers and balance information. John Deere is confident that no bank account information was disclosed and there is no evidence to suggest that the personal information was misused.

Upon learning of the incident, John Deere Financial immediately identified and notified the three unintended recipients to request that the information be destroyed. John Deere is conducting an ongoing investigation.

Any further questions related to the data breach incident may be directed to Aaron E. Swenson, Division Manager, Privacy at (608) 821-2266.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

February 21, 2017

February 3, 2017

InterMountain Management LLC

W-2 information including name, address, Social Security number and wage information.

124 Wisconsin residents who are current and former employees of InterMountain Management LLC and received a W-2 for 2016.

On Friday, February 3, 2017 InterMountain Management LLC was the victim of an email spoofing attack by an individual pretending to be the owner of the company. A request was made for all 2016 W-2 forms prepared by InterMountain. The compromised information included employee’s names, addresses, Social Security numbers and wage information.

Upon learning of the incident, InterMountain Management LLC coordinated with the IRS and state tax authorities to better monitor for tax-related fraud against individuals impacted by this event. InterMountain Management LLC has arranged to provide AllClear ID identity protection services for 24 months free of cost to all affected employees.

If employees have any additional questions, they may contact the assistance line at 1-855-725-5775 (toll free), Monday through Saturday, 9:00 a.m. to 9:00 p.m. ET.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

February 17, 2017

Between September 22, 2016 and February 18, 2017

Cloudflare

Encryption keys, cookies, passwords, private messages and other sensitive data.

An unknown number of Wisconsin residents were affected by the breach.

On February 17, 2017, Cloudflare -- a company that provides a content delivery network used by more than 5.5 million websites, along with Internet security services and distributed domain name server services -- accidentally leaked customers' personal and sensitive information for several months. An error in Cloudflare’s code caused user data including encryption keys, cookies, passwords and private messages, from millions of affected domains to be randomly inserted into other public webpages.

Upon discovering the breach, an international team of engineers was able to stop the bug in Cloudflare’s code in less than 7 hours. Cloudflare disabled several new features that caused the problem to occur, but it took about a week for its team to fully fix the issue and then announce the breach to the public.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

February 17, 2017

February 16, 2017

Premium Aluminum LLC and Watry Industries LLC

2016 W-2 information, name, address, Social Security number and wage information.

495 Wisconsin residents who were employees of Premier Aluminum LLC or Watry Industries LLC and received a W-2 for 2016.

On Thursday, February 16, 2017, Premier Aluminum LLC and Watry Industries LLC were the target of data theft. The information that was disclosed was a file containing 2016 W-2 forms, which included name, address, social security number and wage and associated information from calendar year 2016.

Upon learning of the incident, Premier Aluminum LLC and Watry Industries LLC took immediate action to investigate the incident thoroughly. Premier Aluminum LLC and Watry Industries LLC are in the process of revising policies and procedures and implementing a re-education program for staff who have access to personal information of employees, on how to spot scams and other attempts to impermissibly acquire personal information. The Companies will provide one year of the LIfeLock Standard Identity protection package to all affected employees.

For further information, employees may contact Shelly Hewitt, HR Manager at 262-554-2100 x 111 or email shelly.hewitt@premieraluminum.com. Employees may also contact 262-554-2100 X 114 or email kathy.zdanowski@premieraluminum.com.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

February 15, 2017

February 7, 2017

TAB Products Co. LLC

Name, address, Social Security number and W-2 information.

96 Wisconsin residents who are current and former employees of TAB Products Co. LLC and received a W-2 for 2016.

On Tuesday, February 7, 2017, TAB discovered that it had been the victim of an email phishing scam that led a TAB employee to inadvertently release to a third party certain 2016 W-2 forms of TAB employees. The phishing scam resulted in the disclosure of employee personal information, including names, addresses, Social Security numbers and W-2 information.

Upon learning of the incident, TAB hired experts to assist in the investigation, has been in contact with local law enforcement, the FBI and the Criminal Investigation Division of the IRS. TAB is offering free credit monitoring services through Equifax to all affected employees.

TAB has established a call center at 1-844-305-1930 that affected employees can contact Monday through Saturday from 8:00am to 8:00pm for further information.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

February 9, 2017

Between October 25, 2016 and January 19, 2017

Arby's

Credit and debit card data.

At this time it is undetermined whether Wisconsin residents were affected by the breach, however there are four corporate locations in Wisconsin. They are located in Hudson, Menominee, Rice Lake and Superior.

In mid-January, Arby’s first became aware of malicious software installed on payment card systems at hundreds of its restaurant locations nationwide resulting in thousands of compromised debit and credit card numbers. Arby’s said the breach involved malware placed on payment systems inside Arby’s corporate stores, and that Arby’s franchised restaurant locations were not impacted.

Upon learning of the incident, Arby’s immediately notified law enforcement and enlisted the expertise of leading security experts, including Mandiant, to conduct an ongoing investigation. The FBI requested that Arby’s delay notification due to the ongoing investigation. Arby’s took measures to contain the incident and eradicate the malware from systems at the impacted restaurants.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

February 2, 2017

February 2, 2017

Dutchland Plastics

W-2 information including name, address, Social Security number, payroll and tax withholding information.

424 current and former employees of Dutchland Plastics who received a W-2 for 2017.

On Thursday, February 2, 2017 Dutchland Plastics discovered that it was the victim of a phishing cyber-scam which resulted in a data breach. As a result of the phishing scam, the personal information of current and former employees of Dutchland Plastics, who received a W-2 for 2017, was compromised.

Upon learning of the incident, Dutchland Plastics launched an ongoing internal investigation and notified local and federal law enforcement. Additionally, Dutchland Plastics is conducting a thorough review of their security measures to prevent future incidents. Dutchland Plastics is offering a 12-month gold subscription through “Identity Guard” for all affected employees.

Additional questions or concerns in regards to the data breach may be directed towards Dutchland Plastics Human Resources Department at (920) 564-3633.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

February 1, 2017

January 30, 2017

Dental Services Group

Name, address, Social Security number, wages and tax information.

32 Wisconsin residents who are current and former employees of Dental Services Group and received a W-2 for 2016.

On January 30, 2017 an individual fraudulently posing as the CEO of Dental Services Group requested the 2016 W-2 forms of employees. The phishing scam resulted in the inadvertent disclosure of employee personal information, including names, addresses, Social Security numbers, wages and tax information.

The error was discovered within 30 minutes. Dental Services Group launched an investigation, notified the executive team and IT department and confirmed no other breaches occurred. Dental Services Group contacted the FBI and the IRS to flag employee files for security, and is currently revising the internal procedure for the transmission of personal information. Affected employees will be offered 24 months of the LifeLock Standard membership free of charge.

For additional information or assistance, please contact: Suzy Hansmann, VP of Human Resources at shansmann@dentalservices.net or (952) 345-6329.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

January 19, 2017

January 18, 2017

School District of Black River Falls

W-2 information including name, address, Social Security number, tax filing status and salary.

478 current and former employees of the School District of Black River Falls who received a W-2 for 2017.

On January 18, 2017 the School District of Black River Falls was the target of a phishing scandal, sending all staff W-2s to an unknown source. A staff member received an email from someone posing as the district’s director of business services. As a result of the phishing scam, the personal information of current and former employees of the School District of Black River Falls, who received a W-2 for 2017, was compromised.

Upon learning of the incident, the School District of Black River Falls immediately notified local law enforcement and the FBI, who are conducting an ongoing investigation. The School District of Black River Falls is offering 24 months of free credit monitoring services through CyberScout.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

January 19, 2017

January 18, 2017

Barron Area School District

W-2 information including name, address, Social Security number and current earnings.

431 current and former employees of the Barron Area School District who received a W-2 for 2017.

On January 18, 2017 a Barron Area School District employee was the target of an isolated email phishing scam. Identity thieves sent a fraudulent email requesting the W-2 information of district employees. As a result of the phishing scam, the personal information of current and former employees of the Barron Area School District, who received a W-2 for 2017, was compromised.

Upon learning of the incident, the Barron Area School District immediately notified local law enforcement and the FBI, who are conducting an ongoing investigation. The Barron Area School District is offering free credit monitoring services through MyIDTheft.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

December 6, 2016

November 3, 2016

UW Law School

Names and Social Security numbers

An unknown number of Wisconsin residents who were applicants of the UW Law School from 2005-2006.

On Thursday November 3, 2016, the University of Wisconsin-Madison became aware that a UW Law School database was the target of computer hacking. The personal information that may have been compromised includes names and Social Security numbers of UW Law student applicants from 2005-2006. No other personal information was compromised.

In response to the incident, the university removed the compromised server. The university has taken additional security measures including implementing vulnerability identification programs, evaluating current applications, stricter access credentials and additional network intrusion detection. The university has also contacted law enforcement to investigate the hacker. Affected individuals can register for free identity theft protection services at www.idexpertscorp.com/protect.

Affected individuals can contact Jennifer Hanrahan at the UW Law School at (608) 890-0202.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

November 23, 2016

November 3, 2016

Wisconsin National Guard Association (WINGA)

Names, addresses, date of birth and Social Security numbers

10,344 Wisconsin residents who are currently insured, or were previously insured, under the WINGA group life insurance program.

On Thursday November 3, 2016, the Wisconsin National Guard Association became aware of an unauthorized intrusion into the database used for their group life insurance program. The insurer is New York Life, and is administered by WINGA. The personal information that may have been compromised includes names, addresses, date of birth and Social Security numbers.

In response to the incident, all affected individuals were immediately notified and offered one year of free credit monitoring from Equifax Credit Watch Gold Service. A forensic investigation of the compromised system is currently underway to determine the cause of the incident.

The Wisconsin National Guard Association and New York Life Insurance Company have established a hotline at (877) 695-8438 to answer additional questions.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

November 8, 2016

November 8, 2016

DealerBuilt

Names, addresses, phone numbers, and Social Security numbers

5,102 Wisconsin residents who were both customers and employees of Van's Honda in Wisconsin.

The centralized record systems of 128 car dealerships managed by DealerBuilt, an Iowa database software company, leaked the personal information of customers and employees online. Hundreds of dealers across the country backed up information on DealerBuilt’s central system without any encryption or security. The personal information that may have been compromised includes names, addresses, phone numbers, and Social Security numbers of employees and customers. Van’s Honda in Green Bay, Wisconsin was one of the dealers affected by the breach.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

November 9, 2016

September 7 - October 24, 2016

Eileen Fisher

Name, shipping and billing address and credit card number

202 Wisconsin residents who made a purchase at eileenfisher.com during the time of the breach.

Between September 7 and October 24, 2016, Eileen Fisher confirmed that a malicious code was added to their website allowing unauthorized individuals to capture personal information during the checkout process. The personal information that may have been compromised includes name, shipping and billing address and credit card number.

Eileen Fisher has removed the malicious code and blocked unauthorized individuals from their website. There is an ongoing investigation and Eileen Fisher is offering 12 months of Identity Repair and Identity Monitoring services with AllClear ID.

Eileen Fisher has hired AllClear ID to provide a protection support services hotline at 1-855-231-9570, to answer additional questions.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

September 30, 2016

July 29 - August 2, 2016

UW Health

Name of provider

6,923 Wisconsin residents who were patients of UW Health and recently received care at a UW clinic or facility.

On Wednesday August 3, 2016, UW Health became aware that satisfaction surveys were mistakenly sent to the parents or legal guardians of patients, rather than directly to the patient. Not all patients were affected, only those who recently visited a facility or clinic and received a letter.

UW Health apologizes for the error and is providing training to all staff involved to prevent future incidents.

UW Health has established a hotline at 1-844-607-1694, to answer additional questions.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

September 22, 2016

Late 2014

Yahoo! Inc.

Names, email addresses, telephone numbers, birth dates, encrypted passwords and security questions.

An unknown number of Wisconsin residents who were Yahoo users during the time of the breach.

A recent investigation by Yahoo! Inc. confirmed that user account information was stolen from the company's network in late 2014 by what it believes is a state-sponsored actor. The account information may have included names, email addresses, telephone numbers, and dates of birth, passwords and, in some cases, encrypted or unencrypted security questions and answers. The incident did not impact unprotected passwords, payment card data or bank account information.

Yahoo is notifying potentially affected users, and has taken steps to secure their accounts. There is an ongoing investigation and Yahoo is working closely with law enforcement.

Additional information is available on the Yahoo Security Issue FAQs page at https://yahoo.com/security-update.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.