July 19, 2019

March 22-23, 2019

Capital One

Name, date of birth, address, zip code, phone number, email address, credit score, credit limits, account balances, payment history, and self-reported income. In some cases Social Security number and bank account number was accessed.

Approximately 100 million total affected individuals.

Including 140,000 individuals whose Social Security numbers were affected.

Including approximately 80,000 individuals whose bank account numbers were affected.

It is unknown how many Wisconsin residents are affected.

On July 19, 2019 Capital One announced that there was unauthorized access of its systems by an outside individual. The vulnerability was reported to the company by an external security researcher on July 17.

Capital One immediately fixed the issue and promptly began working with federal law enforcement. Capital One is reporting that The largest category of information accessed was information on consumers and small businesses as of the time they applied for a Capital One credit card product from 2005 through early 2019.

Capital One is notifying affected individuals by mail and is offering free credit monitoring and identity protection to everyone affected.

More information can be found at ​https://www.capitalone.com/facts2019/ or Capital One can be reached at 1-800-227-4825.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

June 21, 2019

August 25, 2010

Dominion National

Name, Social Security number, date of birth, bank account number, bank routing number, address, email address, member ID number, group number, and subscriber number.

Approximately 3.2 Million affected individuals including 2,964 Wisconsin residents.

On April 24, 2019, Dominion National determined that an unauthorized party may have accessed some of their computer servers. The data stored or potentially accessible from those computer servers may include enrollment and demographic information for current and former members of Dominion National and Avalon vision, and current and former members of plans Dominion National provides administrative services for.

Dominion National began notifying the potentially affected individuals on June 21, 2019. Additional information is available at www.DominionNationalFacts.com or by calling Dominion National’s incident response line at 877-503-8923 or 844-261-6819 (TTY/TDD). The incident response line is open Monday through Friday, 8:00 a.m. to 8:00 p.m. EST.

Dominion National is offering a two-year membership to ID Experts® MyIDCare™, which includes credit monitoring and fraud protection services, for any potentially affected individual.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

June 7, 2019

April 2, 2019

TenX Systems, LLC d/b/a ResiDex Software

Social Security numbers and medical records.

Unknown number of affected individuals including 1,296 Wisconsin residents.

On April 9, 2019, ResiDex became aware of a data security incident, including ransomware, which impacted its server infrastructure and took its systems offline. The data security incident may have resulted in unauthorized access to protected health information, including medical records that existed on ResiDex’s software as of April 9, 2019​.

ResiDex provides software for Presbyterian Homes and Services, which has 1,296 current WI residents. ResiDex began notifying potentially impacted individuals via written notice beginning on June 7, 2019.

ResiDex is providing free membership to TransUnion, myTrueIdentity, credit monitoring service to affected individuals.

ResiDex can be contacted with questions at 877-347-0184 or 866-512-8369 between 9:00 a.m. to 9:00 p.m. Eastern Time, Monday through Friday.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

May 24, 2019

October 15, 2018 through December 21, 2018

OS, Inc. on behalf of: Sauk Prairie Healthcare, Fort HealthCare, Inc., and Columbus Community Hospital.

Name, Social Security number (in the form of insurance identification numbers), hospital account number, name of insurer, summary of charges, and category of service.

Unknown number of affected individuals including an unknown number of Wisconsin residents.

OS, Inc. an organization which provides claims management services to certain healthcare providers (among which is Sauk Prairie Healthcare, Fort HealthCare, Inc., and Columbus Community Hospital), announced that a phishing email campaign may have resulted in unauthorized access to personal information contained within an OS employee’s email account. On April 8, 2019, OS, Inc. notified affected hospitals that their patient's personal identifying information may have been subject to this incident.

On May 24, 2019, OS, Inc. began mailing individual notifications to each patient impacted. OS, Inc. is offering free access to Kroll’s fraud consultation and identity theft restoration services. Kroll can be contracted at (866) 775-4209, Monday through Friday from 8:00 a.m. to 5:30 p.m. with any questions.

OS, Inc. can be contacted by mail at:
PO Box 311
Pewaukee, WI 53072

Columbus Community Hospital patients may contact Andrea Link, Privacy Officer at CCH by calling (920) 623-2200 with any questions related to this incident.

Fort Healthcare patients may call (920) 568-6583 or (877) 324-2175 Monday through Friday from 8:00 a.m. to 5:00 p.m. Central Time.

Sauk Prairie Healthcare patients may call (608) 643-3311.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

April 22, 2019

January 2019

Inmediata Health Group, Corp.

Name, address, date of birth, gender, dates of service, diagnosis codes, procedure codes, and treating physician.

Unknown number of affected individuals including an unknown number of Wisconsin residents.

In January 2019, Inmediata Health Group, Corp (Inmediata) became aware that some of its member patients’ electronic health information was publicly available online. When Inmediata became aware of this they immediately deactivated the publicly accessible website.

On April 22, 2019 Inmediata sent notification letters to patients who were affected by this data breach.

​Inmediata can be reached at 1-833-389-2392, Monday through Friday, 9:00am-6:30pm EST.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

April 9, 2019

March 29, 2017, to January 9, 2019 and February 12-19, 2019.

Canyon Bakehouse LLC

Names, payment card numbers, expiration dates, and CVV codes.

Approximately 12,000 individuals were notified including 295 Wisconsin residents.

On March 1, 2019 Canyon Bakehouse LLC became aware of malware installed on their systems that affected payment card data. Canyon Bakehouse LLC reported that unknown third parties gained unauthorized access to their computer systems compromising some payment card information. Canyon Bakehouse LLC has temporarily disabled the ordering and account login functions on their website until the security can be upgraded.

On April 9, 2019 Canyon Bakehouse LLC mailed notification letters to those affected and is offering one year of credit monitoring and identity theft resolution services through Experian’s IdentityWorks.

Canyon Bakehouse LLC can be reached at (970) 461-3844 ​

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

February 15, 2019

January 3, 2019 through January 24, 2019

North Country Business Products, Inc.

Cardholder's name, payment card number, expiration date, and CVV code.

Unknown number of affected individuals including an unknown number of Wisconsin residents.

On January 4, 2019, North Country Business Products, Inc. learned of suspicious activity occurring within certain client networks. North Country launched an investigation and on January 30, 2019, the investigation determined that an unauthorized party was able to deploy malware to certain North Country business partners and restaurants between January 3, 2019, and January 24, 2019, that collected credit and debit card information.

North Country can be reached at 1-877-204-9537, Monday through Friday (excluding U.S. holidays), 9:00 a.m. to 9:00 p.m. EST.

North Country’s business partners located in Wisconsin:

• Dunn Brothers Coffee of Hudson, WI (Transactions Occurring from 1/4/2019 to 1/10/2019)

• Dunn Brothers Coffee of New Richmond, WI (Transactions Occurring on 1/4/2019)

• Dunn Brothers Coffee of West Bend, WI (Transactions Occurring on 1/4/2019)

• East Bay Restaurant & Bar of Holcombe, WI (Transactions Occurring on 1/4/2019)

• Sconni’s Alehouse And Eatery of Schofield, WI (Transactions Occurring on 1/4/2019)

• The Ranch Supper Club of Hayward, WI (Transactions Occurring on 1/4/2019)

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

December 20, 2018

Between August 28, 2018 and December 3, 2018

Caribou Coffee Co.

Name, payment card number, expiration date, and card security code.

Unknown number of affected individuals including an unknown number of Wisconsin residents.

On November 28, 2018 Caribou Coffee Company identified unusual activity on their network. Caribou Coffee Co. conducted an investigation and determined there was unauthorized access to their point of sale systems exposing some customers’ data. Caribou Coffee Co. is reporting that the unauthorized access was stopped and the breach has been contained.

A full list of affected locations can be viewed at https://assets.coffeeandbagels-static.com/cariboucoffee/Data-Security-Notice.pdf

Caribou Coffee Co can be reach at (877) 698-3760, Monday through Friday, from 9:00 a.m. to 9:00 p.m. EST and weekends from 9:00 a.m. to 5:00 p.m. EST or by email at inquiries@cariboucoffee.com.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

December 20, 2018

Between August 28, 2018 and December 3, 2018

Bruegger’s Bagels

Name, payment card number, expiration date, and card security code.

Unknown number of affected individuals including an unknown number of Wisconsin residents.

On November 28, 2018 Bruegger’s identified unusual activity on their network. Bruegger’s conducted an investigation and determined there was unauthorized access to their point of sale systems exposing some customers’ data. Bruegger’s is reporting that the unauthorized access was stopped and the breach has been contained.

A full list of affected locations can be viewed at https://assets.coffeeandbagels-static.com/brueggers/Data-Security-Notice.pdf

Bruegger’s can be reach at (877) 698-3760, Monday through Friday, from 9:00 a.m. to 9:00 p.m. EST and weekends from 9:00 a.m. to 5:00 p.m. EST or by email at inquiries@brueggers.com

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

December 20, 2018

Between August 28, 2018 and December 3, 2018

Coffee and Bagel Brands

Name, payment card number, expiration date, and card security code.

Unknown number of affected individuals including an unknown number of Wisconsin residents.

On November 28, 2018 Coffee and Bagel Brands identified unusual activity on their network. Coffee and Bagel Brands conducted an investigation and determined there was unauthorized access to their point of sale systems exposing some customers’ data. Coffee and Bagel Brands is reporting that the unauthorized access was stopped and the breach has been contained.

A full list of affected locations can be viewed at https://assets.coffeeandbagels-static.com/coffeeandbagels/Data-Security-Notice.pdf.

Coffee and Bagel Brands can be reach at (877) 698-3760, Monday through Friday, from 9:00 a.m. to 9:00 p.m. EST and weekends from 9:00 a.m. to 5:00 p.m. EST or by email at inquiries@coffeeandbagels.com

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

November 30, 2018

Since 2014

Marriott International

Name, date of birth, address, phone number, email address, passport number, Starwood Preferred Guest account information, gender, arrival and departure information, reservation date, payment card numbers and payment card expiration dates.

Approximately 500 million affected individuals including an unknown number of Wisconsin residents.

On September 8, 2018, Marriott received an alert from an internal security tool regarding an attempt to access the Starwood guest reservation database. Marriott engaged leading security experts to help determine what occurred. Marriott learned during the investigation that there had been unauthorized access to the Starwood network since 2014.

On November 30, 2018, Marriott started notifying affected individuals by email. Marriott is providing affected individuals one year of WebWatcher monitoring.

Marriott has set up a dedicated website to answer questions at https://Info.starwoodhotels.com and they can be reached at their call center at 877-273-9481.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

November 7, 2018

October 16, 2018

Healthcare.gov

Name, date of birth, address, sex, last four digits of the Social Security number, expected income, tax filing status, immigration document types and numbers, employer, insurance plan, premium, and dates of coverage.

75,000 affected individuals including an unknown number of Wisconsin residents.

On October 16, 2018, Healthcare.gov found that a number of agent and broker accounts engaged in excessive searching for consumers, and through those searches, had access to the personal information of people who are listed on Marketplace applications. Healthcare.gov immediately shut off these accounts, and shut off the entire agent and broker function while changes were made to improve security.

Healthcare.gov is continuing to investigate this breach and putting additional security measures in place.

Healthcare.gov is offering 12 months of identity theft protection services through ID Experts® who can be contacted by calling toll-free (877) 916-8382 / International (616) 425-8364 / TTY (866) 405-2133 or going to https://secure.myidcare.com/enrollment/1?RTN=90000216. Agents are available Monday through Saturday from 9:00am – 9:00pm Eastern Time. The deadline to enroll is February 7, 2019.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

November 2, 2018

May 23, 2018

Five Guys Holdings, Inc.

Name, date of birth, Social Security number, address, hire date, termination date, and 401K contribution information.

Approximately 19,000 affected individuals including approximately 600 Wisconsin residents.

On August 6, 2018, Five Guys learned they were a victim of a phishing email incident that resulted in unauthorized access to an employee’s email account. Five Guys immediately secured the email account and conducted an internal investigation, which determined the email inbox contained personally identifiable employee information.

Five Guys is offering a one year membership for Experian’s® IdentityWorks to affected individuals.

Five Guys can be contacted with questions at 1-888-842-3153, Monday through Friday between 9:00am and 9:00pm Eastern Time.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

October 8, 2018

April 2018

Roadrunner Transportation Systems

Name, address, date of birth, and financial account number.

Unknown number of affected individuals including an unknown number of Wisconsin residents.

On July 2, 2018, Roadrunner Transportation Systems became aware they were the target of a phishing attack and that several employees clicked on phishing emails. Roadrunner Transportation Systems conducted an investigation and determined there was unauthorized access to several employee email accounts in April 2018.

Roadrunner Transportation Systems notified all affected individuals by letter on October 8, 2018 and are offering 12 months of credit monitoring services through Kroll.

Roadrunner Transportation Systems can be contacted at 1-833-228-5713 Monday through Friday 9:00am to 6:00pm (EST).

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

August 23, 2018

August 20, 2018

T-Mobile USA Inc.

Name, phone number, email address, account number, account type, and billing zip code.

Unknown number of affected individuals including an unknown number of Wisconsin residents.

On August 20, 2018, T-Mobile USA Inc. discovered and shut down what it describes as unauthorized access to certain information. In an online statement, T-Mobile USA Inc. confirmed that Social Security numbers, financial data, and passwords were not involved in this breach.

T-Mobile USA Inc. customers can contact Customer Care by dialing 611 from your mobile phone. T-Mobile USA Inc. has posted an online disclosure at: https://www.t-mobile.com/customers/6305378821.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

August 10, 2018

January 1, 2013 through March 28, 2018

Adams County, WI

Name, Social Security number, Driver’s license number, date of birth, address, telephone number, email address, medical and health plan numbers, license plate numbers, fingerprints, full-face photos and more.

258,120 affected individuals, an unknown number of these individuals are Wisconsin residents.

On March 28, 2018, Adams County became aware of questionable activity on the Adams County computer system and network. An investigation confirmed a data breach had occurred from January 1, 2013 through March 28, 2018.

On June 29, 2018, Adams County received a forensic report that there is evidence of unauthorized access and/or unauthorized acquisition of Personally Identifiable Information, Personal Health Information and/or Tax Intercept Information that was on the Adams County computer network and system during the time of this data breach.

You may contact Adams County with questions and concerns:

1. by calling County Administrator Casey Bradley at (833) 236-0173 between the hours of 8:00 a.m. and 4:30 p.m.,

2. sending an e-mail message to databreach@co.adams.wi.us, or

3. addressing a letter to Adams County PO Box 102, Friendship WI 53934.

A notification letter can be viewed at the Adams County website http://www.co.adams.wi.us/data_breach/index.php.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

July 30, 2018

March 14, 2018 through April 3, 2018

UnityPoint Health

Name, address, date of birth, Social Security number, driver’s license number, payment card, and bank account numbers, medical record numbers, insurance, medical, treatment, and surgical information, diagnoses, lab results, medications, providers, and dates of service.

Approximately 1.4 million individuals affected, an unknown number of these individuals are Wisconsin residents.

On May 31, 2018, UnityPoint Health discovered a second phishing email attack this year that compromised its business email system. This attack may have resulted in unauthorized access to protected health information and other personal information for some patients. Upon learning of this attack, UnityPoint Health informed law enforcement agencies and launched an investigation to determine the size and scope of the attack, as well as the number of people potentially impacted.

On July 30, 2018, UnityPoint Health notified all impacted individuals by letter of the incident to their last known address.

UnityPoint Health will offer credit-monitoring services for one year to individuals whose Social Security number and/or driver’s license number were included in the compromised email accounts. UnityPoint Health has established a dedicated and confidential toll-free response line at (888) 266-9285 to answer additional questions.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

July 13, 2018

April 20, 2018 through May 22, 2018

ComplyRight, Inc.

Name, address, telephone number, email address, and Social Security number.

662,000 including 12,155 Wisconsin residents.

On May 22, 2018, ComplyRight, Inc. became aware of a potential issue with their website. Upon learning of this issue, ComplyRight, Inc. disabled the platform and remediated the issue on the website. ComplyRight, Inc. initiated an investigation and concluded that there was unauthorized access to their website, which occurred between April 20, 2018 and May 22, 2018. The forensic investigation determined that personally identifiable information was accessed and/or viewed on the website.

On July 13, 2018, ComplyRight, Inc. notified affected individuals by mail and is providing credit monitoring services for 12 months through TransUnion.

ComplyRight, Inc. has set up a dedicated response line at 1-844-299-7772 that is staffed Monday through Friday 9:00am to 9:00pm (EST)

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

July 3, 2018

April 26, 2018

Macy's Inc.

First and last names; full addresses; phone numbers; email addresses; birthdays (not including year); and debit and credit card numbers with expiration dates.

Unknown – it is undetermined at this time the number of individuals affected by this breach.

On June 11, 2018, Macy’s became aware of suspicious login activities related to Macys.com customer profiles. Macy’s believes that an unauthorized third party, from April 26, 2018, through June 12, 2018, used valid customer usernames and passwords to login into customer profiles. Macy’s believes the third party obtained these usernames and passwords from a source other than Macy’s. On June 12, 2018, Macy’s blocked profiles with suspicious logins and purged all payment card data.

On July 3, 2018, Macys notified affected customers by mail of this incident and is providing credit monitoring services to affected individuals for 12 months through www.allclearid.com.

Macy’s Support Agents can be contacted at 1-855-861-4018 to answer questions.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

June 22, 2018

January 14, 2018

Manitowoc County, WI

First name, last name, Social Security number, address, date of birth, phone number, email address, health insurance information, diagnoses, prescription information, and client identification number.

Approximately 450 Wisconsin residents.

On April 24, 2018, Manitowoc County became aware of unauthorized access to their email system. Manitowoc County suspects that a phishing attack on January 14, 2018, allowed an unauthorized third party access to county emails. Some of these emails contained personal protected health information related to treatment services.

Upon becoming aware of the incident, Manitowoc County immediately blocked access to the third party and initiated an investigation to determine what information had been disclosed.

Manitowoc County sent individual notices to all affected individuals that had updated contact information on file. An additional notice was posted to their website at http://www.co.manitowoc.wi.us/media/6336/notice-of-data-breach.pdf. Manitowoc County provided credit-monitoring services for one year to individuals whose Social Security number was included in the compromised emails.

For further information and assistance, please contact the Manitowoc County Corporation Counsel, Peter Conrad, at (888) 811-5636 between 9:00 a.m. - 4:00 p.m. CT

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

June 20, 2018

First week of May 2018

Educational Employees' Supplementary Retirement System of Fairfax County

Names, addresses, and Social Security numbers.

3,332 affected individuals including 9 Wisconsin residents.

On May 7, 2018, the Educational Employees’ Supplementary Retirement system (ERFC) became aware of a data security incident that occurred in connection with the mailing of ERFC’s Spring 2018 Newsletters to certain retirees. The retiree’s Social Security numbers were included in the mailing label above the name and address.

Upon learning of the security incident, ERFC confirmed that the printing company, Master Print., destroyed all documents containing Social Security numbers. ERFC notified affected individuals by mail and has provided credit-monitoring services for one year through Experian IdentityWorks.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

June 7, 2018

April 8, 2018

RISE Wisconsin Inc.

Name, address, date of birth, Social Security number, and for some, limited health information.

3,731 affected individuals, according to RISE Wisconsin the majority of these individuals are Wisconsin residents.

On April 8, 2018, RISE Wisconsin discovered that they had been the target of a ransomware attack. RISE Wisconsin immediately took action and took their systems offline. RISE Wisconsin engaged independent computer forensics experts to determine how the incident occurred and if an unauthorized intruder had accessed information. Although the investigation did not identify any evidence of access to anyone’s information, RISE Wisconsin could not rule out that personally identifiable information may have been compromised.

RISE Wisconsin has notified law enforcement and is cooperating with their investigation.

On June 7, 2018, RISE Wisconsin mailed letters to individuals potentially impacted by this event. RISE Wisconsin is offering identity protection services through Kroll to potentially impacted individuals at no cost.

RISE Wisconsin has established a toll-free call center to answer questions about the incident and related concerns. The call center is available Monday through Friday from 8:00 AM to 5:00 PM, Central Time at 1-800-733-9212.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

April 2018

March 23, 2018

Access Group Education Lending

Names, driver's license numbers, and Social Security numbers.

Approximately 16,500 borrowers (unknown if any Wisconsin residents are affected).

On March 28, 2018, Access Group Education Lending became aware of a data breach that occurred on March 23, 2018 when one of its vendors sent out files containing personally identifiable information to another business. Access Group Education Lending is assured that the vendor who received the files deleted them and did not retain copies.

Access Group Education Lending notified those individuals affected by letter, and is offering free credit monitoring services for one year.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

April 16, 2018

November 1, 2017 through February 7, 2018

UnityPoint Health

Social Security Numbers, dates of birth, medical record numbers, treatment & surgical information, insurance, and other financial information.

Approximately 16,000 individuals affected, an unknown number of these individuals are Wisconsin residents.

On February 15, 2018, UnityPoint Health discovered their email system was the victim of a phishing attack that compromised some employee email accounts.

Upon learning of the incident, UnityPoint Health promptly took action to secure the impacted email accounts, changed passwords, and engaged external cybersecurity professionals to analyze what information might have been contained in the impacted accounts.

On April 16, 2018, UnityPoint Health notified all impacted individuals by letter of the incident.

UnityPoint Health has established a dedicated and confidential toll-free response line at 855-331-3612 to answer additional questions.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

April 5, 2018

September 27 - October 12, 2017

Best Buy Co., Inc.

Payment card information.

An unknown number of Best Buy customers, whether or not they used the computer chat support.

Best Buy announced that in late March a third-party vendor had notified them of an intrusion that occurred in the vendor’s system. The third-party vendor, [24]7.ai Inc, provides phone and computer chat support for Best Buy.

Malicious code was inserted into the third-party vendor’s system on September 26, 2017. The third-party vendor discovered and contained the code on October 17, 2017. The code may have allowed unauthorized users to gain access to payment information of consumers who shopped online during that time, regardless of whether or not the consumers used the computer chat support.

Best Buy is collaborating with their third-party vendor and have notified law enforcement. They are working to identify and notify affected consumers. Free credit monitoring services will be available to the impacted individuals.

Best Buy recommends consumers review their payment card account statements closely, and contact their card issuer if they notice any fraudulent charges. Consumers who have further questions can contact at 247incident@bestbuy.com.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

April 4, 2018

September 26, 2017 - October 12, 2017

Delta Airlines and [24]7.ai

Name, address, payment card number, CVV number, and expiration date.

Unknown number of affected individuals.

On March 28, Delta was notified by [24]7.ai, a company that provides online chat services for Delta and many other companies, that [24]7.ai had been involved in a cyber-incident. The incident occurred at [24]7.ai from Sept. 26 to Oct. 12, 2017. During this time certain customer payment information for [24]7.ai clients, including Delta, may have been accessed.

Upon being notified of [24]7.ai’s incident, Delta immediately began working with [24]7.ai to understand the impact of the incident and has since confirmed that the incident was resolved by [24]7.ai last October.

Delta has established the following website to address customer questions and concerns: www.delta.com/response

Delta has partnered with AllClear ID to offer a suite of credit monitoring services to those who may be impacted, for two years, starting on April 7, 2018. Delta customers who believe they made a purchase on the delta.com desktop platform between Sept. 26 and Oct. 12, 2017 should visit delta.allclearid.com to enroll in the free protection services being offered.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

April 4, 2018

September 27 - October 12, 2017

Sears Holding Corp.

Payment card information.

Less than 100,000 customers who completed an online order on Sears.com or Kmart.com.

Sears Holdings Corp announced that in late March a third-party vendor had notified them of an intrusion that occurred in the vendor’s system. The third-party vendor, [24]7.ai Inc, provides phone and computer chat support for Sears and Kmart.

Malicious code was inserted into the third-party vendor’s system on September 26, 2017. The third-party vendor discovered and contained the code on October 17, 2017. The code may have allowed unauthorized users to gain access to payment information of consumers who shopped online during that time, regardless of whether or not the consumers used the computer chat support.

Sears sent emails to affected consumers on April 6, 2017, and will follow up with a notification through the mail. Free credit monitoring services will be available to the impacted individuals.

Consumers who have further questions can find information at Searsholdings.com/update, or by calling toll-free at 888-488-5978.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

April 3, 2018

February 5, 2018

The Management Group working as a consultant for the Wisconsin Department of Health Services IRIS (Include, Respect, I Self-Direct) Program

Laptop which may have contained names, addresses, dates of birth, Medicaid numbers, financial information, and Social Security numbers.

779 IRIS Program participants.

On February 5, 2018, a laptop with a workbag was stolen from a consultant for The Management Group. The Management Group is a business associate of the Wisconsin Department of Health Services and serves as a consultant agency for the IRIS Program. The laptop may have contained personal information for IRIS Program participants. While the laptop was encrypted to protect the information, the password to the laptop was in the stolen workbag.

Affected participants will be provided one year of complimentary identity theft protection services.

Participants who have additional questions can call (844) 864-8987 from 8 AM to 5 PM, Monday through Friday, or email ComplianceGuide@tmgwisconsin.com.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

April 1, 2018

Unknown

Hudson's Bay Company dba Saks Fifth Avenue, Saks OFF 5TH, and Lord & Taylor

Payment card data

Consumers who used credit or debit cards to make purchases at certain Saks Fifth Avenue, Saks OFF 5TH, and Lord & Taylor stores in North America. There are no indications that it affected their e-commerce platform.

Hudson’s Bay Company says that payment card data may have been affected by a security incident.

Authorities and payment processors were notified about the incident. They are working with a data security investigators to obtain the information to accurately notify their customers of what information was affected. They will offer those customers impacted free identity theft protection services.

Hudson’s Bay Company is establishing a dedicated call center that will start on April 4, 2018. The call center’s phone number will be (855) 270-9187, and it will be staffed from 8 AM to 8 PM Central time, Monday-Saturday.

Individuals should review their statements and notify their financial institutions if they see unauthorized charges.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

March 29, 2018

Late February 2018

UnderArmour dba MyFitnessPal

Usernames, email addresses, and hashed passwords

Approximately 150 million user accounts.

On Thursday, March 25, 2018, Under Armour Inc dba MyFitnessPal discovered an unauthorized user acquired data associated with user accounts including user names, email addresses, and hashed passwords.

Under Armour Inc is conducting an ongoing investigation to determine the extent of the issue. They are working with a data security firm, and cooperating with law enforcement. Under Armour Inc is emailing affected users information on how to protect their data, and requiring affected users to change their passwords.

Consumers can visit https://content.myfitnesspal.com/security-information/notice.html for the most up to date information.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

February 22, 2018

February 1, 2018

UW-Superior Alumni Association

Name, home address and Social Security number.

1,758 Wisconsin residents who were members of the UW-Superior Alumni Association.

On Thursday, February 1, 2018, the UW-Superior Alumni Association sent out a Mississippi River Cruise brochure to its members. On February 5, 2018, the UW-Superior Alumni Association discovered that the ID number for our alumni who graduated during a certain time might have been the same as the student ID number (social security number) used while in attendance at UW-Superior. The personal information that may have been viewable on the brochure included first and last names, home addresses and social security numbers.

After learning of this situation, UW-Superior Alumni Association began cleaning the alumni and friend database and replacing "old" ID numbers, and worked with their travel vendor to delete all mailing data used for the brochure. UW-Superior Alumni Association is also providing one year of complimentary identify theft protection and credit monitoring services.

Any additional questions regarding the breach can be directed to UW-Superior Alumni Association at 715-394-8452.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

January 31, 2018

Between October 3rd and December 22nd, 2017

Travelocity

Payment card number and CVV.

Three Wisconsin residents who used the travel rewards redemption program were affected by the breach.

On Friday January 5th, 2018 RBC-a travel rewards redemption platform operated by Travelocity, observed increased fraudulent payment activity on RBC-issued cards that were processed on the platform. The unauthorized access of the platform resulted in the exposure of payment card information and CVV numbers.

Upon learning of the incident, Travelocity took immediate steps to investigate with the assistance of a leading cybersecurity firm, contacted law enforcement and payment card processors and enhanced the security of the affected platform.

Travelocity has established a hotline at 1-800-204-4048 to address additional questions or concerns about the incident.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.