Consumers who shopped at one of Bebe’s 200 retail stores between November 8 and November 26, 2014.

Approximately 3 million Michael’s Stores customers and approximately 400,000 Aaron Brother’s customers.

Nationwide arts and crafts chain Michaels Stores Inc. has released information on two separate eight-month-long security breaches at its stores last year may have exposed as many as 3 million customer credit and debit cards; including Wisconsin stores in Janesville, Madison and Middleton.

The company discovered evidence confirming that systems of Michael’s stores in the United States and its subsidiary, Aaron Brothers, were attacked by criminals using highly sophisticated malware that had not been encountered previously.

Regarding Aaron Brothers, Michaels Stores said it has confirmed that between June 26, 2013 and February 27, 2014, 54 Aaron Brothers stores were affected by this malware, noting that the locations for each affected Aaron Brothers store are listed here.

Yahoo, Inc. email users

Yahoo has announced that it has detected a security breach of some of their email customers. The information accessed was customer user names and passwords. So if you're a Yahoo Mail user, you may be receiving a notification to reset your password.

Yahoo didn't say how many accounts were affected, but it is the second-largest webmail provider in the world, with well over a quarter of a billion accounts.

41,437 Unity Health Insurance members may have been affected by the breach..

Neiman Marcus confirmed Saturday that its customers are at risk after hackers breached the company’s servers and accessed the payment information of those who visited its stores.The company said that the malware had been put into its system and had stolen payment data off cards used from July 16 to Oct. 30. During those months, approximately 1,100,000 customer payment cards could have potentially been visible to the malware capable of fraudulently obtaining payment card information.

Customers can sign up for free credit monitoring by visiting www.protectmyid.com/nm. For enrollment issues, contact Experian’s ProtectMyID at 1-866-579-2216. Customers who want to take advantage of the free credit monitoring offer must do so by June 15, 2014.

For consumers that are concerned about their Neiman Marcus or Bergdorf card, they can call the credit office at 1-800-685-6695.

For additional information on this breach, Neiman Marcus has a FAQ section on their website.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

Approximately 4.6 million Snapchat users.

Consumers whose data was included in the leak should change their password and watch for any weird activity on their account. (No passwords were included in the leak)

The private messaging app Snapchat has reported a data breach. Security researchers were able to expose basic identifying information on 4.6 million users, connecting their usernames with phone numbers.

Although the exposed information isn’t of high security (like a Social Security or credit card number), experts say the breach should still be taken seriously.

There is a tool consumers can use to check if their account was compromised; GS Lookup - Snapchat, will ask them to enter only their username. If your account info was compromised, you'll see your phone number (minus the last two digits) on the Web page. If your account wasn't included in the leak, you'll see a "You're Safe" message.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

Approximately 40 million customers who made purchases using credit or debit cards at its U.S. stores between November 27 and December 15, 2013.

Target says about 40 million credit and debit card accounts may have been affected by a data breach. Target says about 40 million credit and debit card accounts may have been affected by a data breach.

The chain said Thursday that the accounts may have been impacted between Nov. 27 and Dec. 15, 2013.

Authorities and financial institutions were immediately notified once the company became aware of the breach. They worked with a third-party forensics firm to investigate the matter and it has been identified and resolved.

Approximately two million Facebook, LinkedIn, Twitter, Gmail and Yahoo users.

Security firms are reporting that hackers have stolen usernames and passwords for nearly two million accounts at Facebook, Gmail, Twitter, LinkedIn, and Yahoo.

The security firm, Trustwave believes it was the result of keylogging software that has been capturing passwords of people whose computers were infected.

Facebook, LinkedIn and Twitter are now emailing members whose passwords have been compromised.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

On October 22, 2013, Dynacare learned that a flash drive inside a car stolen from a Dynacare employee contained patient information. The theft occurred overnight and was immediately reported to the Milwaukee Police Department the morning of October 22, 2013. After a thorough Investigation, it was determined that the stolen flash drive contained a database with patient demographic information, this included patient names, addresses, dates of birth, Social Security numbers, and gender. No financial information, medical records, or test results were included in the database.

This incident did not affect all Dynacare patients, but only a group who received testing from Dynacare Laboratories between August and October 2013.

As a precaution, Dynacare will begin notifying affected patients on November 18, 2013. They have also established a call center for patients to call with any questions.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

Patients who received care/services at Memorial Hospital of Lafayette County that date back to 2001 through the present.

On August 6, 2013 Memorial Hospital of Lafayette County discovered a potential breach of unsecured patient health information involving financial statements that were inadvertently sent to some third parties. While most of the approximately 8,000 notices mailed were sent to the patients themselves or their authorized representatives, in some cases they may have been mailed to third parties who were not authorized to receive the information.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

They have identified 629 patients who may have been affected and are notifying each of the patients or their guardians by letters mailed September 30, 2013. These patients received care at St. Mary’s Janesville Hospital in the emergency department between January 1 and August 26, 2013.

St. Mary’s Janesville Hospital has reported a data breach. On August 27, 2013, they received a report that an SSM Health Care laptop was stolen from an employee’s car during a break-in.

St. Mary’s states that they have no reason to believe the laptop was stolen to gain access to patient information, or that this information has been accessed or misused in any way. They also state that the computer was configured in such a way that information could not be written to the hard drive but Email information was stored on the hard drive and password protected but not encrypted, which is a violation of St. Mary’s Janesville Hospital policy.

St. Mary’s Janesville Hospital has partnered with ID Experts for patient identity monitoring and protection at their expense. Through ID Experts, they have arranged for affected patients to opt for a free one-year identity theft monitoring.

St. Mary’s Janesville Hospital posted the notice to its site on October 1, 2013. Click here to view.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

Approximately 2.9 million Adobe customers.

Adobe confirmed that 2.9 million customers have had their private information stolen during a sophisticated cyber attack on its website.

The attackers accessed customer names, passwords.and payment card numbers. They also accessed the source code for Adobe products.

Adobe has reset the passwords for the customers’ accounts it believes were compromised, and that those customers will receive an email alerting them of the change. Adobe is also recommending as a precaution, that customers who are affected should change their passwords and user information. Adobe has set up a page for customers on how to reset their passwords.

For those customers whose debit or credit card information is suspected of being accessed, Adobe is offering a complimentary one-year subscription to a credit monitoring program.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

Vendini provides box office and online ticketing services to hundreds of entertainment venues, which includes tour, casino, sports, and arts organizations across the U.S. and Canada. For those who have used a credit card to make a purchase for an event that was processed through Vendini’s service, their information may have been compromised.

On April 25, 2013, Vendini, Inc. detected an unauthorized intrusion into its systems.

Personal information that may have been accessed includes name, mailing address, email address, phone number and credit card numbers & expiration dates. The company does not collect credit card security access codes (e.g., CVV, CVV2, PINs), social security numbers, usernames or passwords.

For customers requesting more information the company provided the following contact information: 1-800-836-0473, or visit www.vendini.com/info

Vendini has also offered a resource guide to those who may have additional questions: https://www.vendini.com/e/a.php?id=1563&v=7efcbbb137

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

Approximately 6 million Facebook users had email addresses or telephone numbers shared in a download at least one or two times.

A Facebook security bug exposed users’ personal contact information (email or phone number) to other users who were connected to them; the bug has affected 6 million accounts.

Facebook’s security team described that the breach is related to the contact list/address book upload feature on the platform. When people used the DYI (Download Your Information) tool, it’s possible that they also received the additional email addresses and phone numbers for their contacts and even people with whom they have no connection.

Additionally, no other types of personal or financial information were included and only people on Facebook – not developers or advertisers – have access to the DYI tool.

You can review the full message from Facebook’s security blog page here: https://www.facebook.com/notes/facebook-security/important-message-from-facebooks-white-hat-program/10151437074840766

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

On April 26, 2013, TerraCom learned of a security breach involving unauthorized access to personal data and downloaded files related to over 150,000 individuals. The data was stored on the computer servers of TerraCom’s IT contractor, Call Centers India, Inc. d/b/a VCare Corporation ("VCare") and belonged to applicants seeking enrollment in the federal Lifeline telephone program administered by the Federal Communications Commission (FCC). Approximately 875 of the 150,000 are Wisconsin residents

TerraCom has initiated immediate corrective action to secure and protect compromised data files and further safeguard the personal data of applicants from future attacks by hackers.

TerraCom has mailed notice of the security breach to those persons whose records were individually accessed. Additionally, TerraCom will provide these applicants whose personal information was put at risk with instructions and the opportunity to enroll in a credit bureau monitoring service at no cost to the applicant.

A toll free number has been provided to assist applicants whose personal information was accessed about what they should do. (1-855-297-0243)

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

Hackers using an international IP address unlawfully accessed the Kirkwood website on March 13, 2013.

Specifically, the hackers gained access to archived application information for approximately 125,000 individuals who applied for college-credit courses from February 2005 through March 13, 2013. This may have included applicant names, birthdates, race, contact information and social security numbers.

Those who have been affected by the breach will be notified in writing by Kirkwood administrators.

For those who haven’t received a letter, but believe they applied to take Kirkwood college-credit classes between the specified times can contact verify@kirkwood.edu.

This breach affects all Kirkwood locations.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

A public notice is available on their website (listed directly below) along with letters that were sent out to those affected--and to clarify, there are three different notices:

• 1)Froedtert Medical’s website: General Public notice: http://www.froedterthealth.org/computer-security-incident Patients with questions regarding this breach can contact Froedtert Health; a call-center has been set up to handle these specific calls: 1-855-770-0006; when prompted, customers need to enter 10-digit reference code: 5764020813.
• 2)Notice to patients whose SSN was on the employee’s computer along with the other PII – Credit Monitoring is being offered for one-year with TransUnion Patients who receive this letter will need to contact TransUnion directly at 1-800-242-5181; when prompted, customers need to say or enter the telephone pass code: 623817.
• 3)Notice to patients whose PII was on the employee’s computer, but not their SSN – No Credit Monitoring Offered. Patients who receive this letter can contact the call-center at 1-855-770-0006; when prompted, enter the following 10-digit code: 5763020813.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

River Falls Medical Clinic has notified about 2,400 clients of a breach of unsecured personal information.

The breach occurred after clinic officials reported stolen equipment to the River Falls Police in the summer of 2012.

Police investigated and found the stolen equipment, as well as paper documents containing patient-identifying information in the suspect’s home on Nov. 28.

An employee of a cleaning service is the main suspect. The items were found in the employee's home and he was charged with felonies associated with theft and drug possession.

All these records were returned to the clinic.

According to clinic administrator Jon Pedersen, clinic officials have concluded that the overall risk of harm to patients is low. Out of caution, affected patients were still contacted by letter.

The clinic is offering help from AllClearID at no cost. Individuals who have further questions or concerns can call 877-676-0371.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

On Friday, February 01, 2013, Twitter, Inc. announced that it was a target of an attack. The company says 250,000 users may have been affected.

The company reports it detected unusual access patterns earlier during the week and found that user information—usernames, email addresses and encrypted passwords for about 250,000 users may have been accessed.

Twitter’s director of information security wrote that they discovered one live attack and were able to shut it down while in process; however, their investigation has thus far indicated that the attackers may have had access to this limited user information.

Jim Prosser, spokesman for Twitter, the social network known for its 140-character messages, could not speculate on the origin of the attacks as its investigation was ongoing.

Prosser also stated that Twitter was working with government and federal law enforcement to track down the source of attacks. For now, he said the company had reset passwords for, and notified every compromised user.

For more information about making your Twitter account more secure, go to: https://support.twitter.com/articles/76036-keeping-your-account-secure# .

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

On November 29, 2012 the Skagit Valley Casino Resort learned that an incident involving one of its vendors, Bally Technologies, Inc., ("Bally") may have involved customer’s personal data. Electronic equipment in Bally’s possession in the normal course of business for the purposes of performing services for Skagit Valley Casino Resort was stolen from a Bally employee’s home office and may have contained data of customers.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

On October 1, 2012. ADPI learned that one of their employees stole information associated with Grady EMS ambulance service and disclosed certain patient account information in connection with a scheme to file false federal tax returns. The accessed account information included names, dates of birth, Social Security numbers and record identifiers.About 900 Grady EMS patients had their information exposed between June 15, 2012 and October 12, 2012.

The company sent letters by first class mail, dated November 29, 2012, to affected individuals and has posted a notice on its website with links to information regarding the incident and resources to aid affected individuals.

The employee has been apprehended by authorities and was immediately terminated by the company and no longer has access to the company’s system.

To help detect possible misuse of the patients’ personal information, the company offered a complimentary one year membership of Experian’s ProtectMyID Alert.Individuals have 90 days to activate this membership, which will then continue for 1 year.An activation code was provided on the letter they received.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

Pinnacle Foods learned that an employee’s laptop was stolen from her home in Clinton, WI on October 11, 2012.Company operations and systems weren’t involved; the breach affected only information residing on the stolen laptop, which was password protected Personal information of up to 1,818 individuals in up to 13 states, including Mexico may have been affected by a theft of the company’s laptop from an employee’s home. The company isn’t offering any free credit monitoring or identity theft services; however, in the following press release they have a list of steps the affected individuals should follow to protect themselves against identity theft. Pinnacle Foods Group, LLC issues a press release that can be obtained directly from their website: http://www.pinnaclefoods.com/Media+Relations/Press+Releases If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

Nationwide Insurance Company confirmed that on October 3, 2012, a portion of their computer network that is used by Nationwide Insurance and Allied Insurance was attacked.

On November 2, 2012, Nationwide received confirmation of the identities and addresses of the individuals whose personal information was compromised.

Nationwide began sending letters to those affected on November 16, 2012, and is offering free credit monitoring and identity theft protection product for one year as a precaution. Individuals who enroll in this service, offered through Equifax, will be notified of changes to their credit information and will receive $1-million in identity theft insurance with a $0 deductible.

Nationwide will remain committed to enhancing its defenses against these kinds of attacks. They promptly reported this criminal attack to law enforcement, including the FBI, who are still investigating the incident.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

A car belonging to an Alere Home Monitoring employee was burglarized on September 23, 2012, and one of the items stolen from the car was the employee’s laptop.

Although the laptop was password protected, it did contain a file with personal information that included name, address, date of birth, Social Security Number and diagnosis; all of which was not encrypted.

Alere Home Monitoring has arranged for customers to receive identity protection from Experian Security Assistance at no cost for one full year from the date the customer registers.

The customer must register in order to receive this complimentary identity protection service.