Bureau Home / Identity Theft / Data Breaches
Listed below are data breaches which were either reported to DATCP, or have been identified as affecting Wisconsin consumers, within this calendar year. Information is gathered on each breach and posted to this page in order to inform consumers of any services or resources that are being offered. To find details on past data breaches (2012-2023), refer to DATCP's
data breach archive.
If you are concerned about being or becoming a victim of identity theft as a result of a data breach, contact the Bureau of Consumer Protection at (800) 422-7128 or DATCPHotline@wisconsin.gov.
May 2025
Company Name: Engelson & Associates, Ltd.
Date of Incident: February 28, 2025
Date Public Notified: April 25, 2025
Data Accessed: Names and Social Security numbers
Who is Affected: Unknown
Number of Individuals Affected: 2,078
Number of Wisconsin Residents Affected: Unknown
Who and how to contact if consumers have any questions or need additional information (i.e. phone, email, website/link): Privacy Solutions representatives are available at 855-260-0055 Monday through Friday from 10:00 AM to 6:30 PM Central Time.
February 2025
Company Name: PowerSchool
Date of Incident: Between December 19 and December 28, 2024
Date Public Notified: January 7, 2025
Data Accessed: Individuals' names, contact information, dates of birth, limited medical alert information, Social Security numbers, and other related information.
Who is Affected: Current and former students, parents, guardians, and educators.
Number of Individuals Affected: Unknown
Number of Wisconsin Residents Affected: Unknown
Who and how to contact if consumers have any questions or need additional information (i.e. phone, email, website/link): If you have any questions or concerns about this notice, please call 833-918-9464, Monday through Friday, 8:00 a.m. through 8:00 p.m. Central Time (excluding major US holidays) or visit https://www.powerschool.com/security/sis-incident/notice-of-united-states-data-breach. You may also contact your school district for more information.
January 2025
Company Name: Green Bay Packers, Inc.
Date of Incident: September 23-24, 2024 and October 3-23, 2024
Date Public Notified: January 6, 2025
Data Accessed: Information that may have been accessed or acquired included certain information entered on the Pro Shop website when making a purchase, and may have included name, address (billing and shipping), email address, credit card type, credit card number, credit card expiration date, and credit card verification number.
Purchases on the Pro Shop website using a gift card, Pro Shop website account, Paypal, or Amazon Pay were not compromised.
Who is Affected: Customers who made a credit card purchase on the Green Bay Packer’s Pro Shop website between September 23-24, 2024 or October 3-23, 2024.
Number of Individuals Affected: 8,514
Number of Wisconsin Residents Affected: Unknown
Who and how to contact if consumers have any questions or need additional information (i.e. phone, email, website/link): The Green Bay Packers are providing all affected individuals with free credit monitoring and identity theft protection for three (3) years through Experian IdentityWorks. Affected customers can call Experian’s Customer Care Team at 833-931-4653, Monday through Friday from 8:00am to 8:00pm Central Time (excluding major US holidays).
October 2024
Company Name: Insurance Agency Marketing Services, Inc.
Date of Incident: March 1, 2024 through May 3, 2024
Date Public Notified: Stage one – June 2024; Stage two – September 20, 2024
Data Accessed: Name, birthdate, Social Security numbers, driver's license numbers, passport information, EINs, banking information, health insurance information, and medical information.
Who is Affected: Insurance Agency Marketing Services' employees and agents; and agents' customers and their beneficiaries.
Number of Individuals Affected: 68,219
Number of Wisconsin Residents Affected: 2,045
Who and how to contact if consumers have any questions or need additional information (i.e. phone, email, website/link): Credit monitoring is being offered through CyEx – 1-866-499-1221
Company Name: Change Healthcare (CHC) a unit of UnitedHealthcare Group (UHG)
Date of Incident: February 17-20, 2024
Date Public Notified: June 20, 2024
Data Accessed: May have included contact information (such as first and last name, address, date of birth, phone number, and email) and one or more of the following:
- Health insurance information (such as primary, secondary or other health plans/policies, insurance companies, member/group ID numbers, and Medicaid/Medicare/government payer ID numbers)
- Health information (such as medical record numbers, providers, diagnoses, medicines, test results, images, care and treatment
- Billing, claims and payment information (such as claim numbers, account numbers, billing codes, payment cards, financial and banking information, payments made, and balance due)
- Other personal information such as Social Security numbers, driver’s licenses or state ID numbers, or passport numbers
Who is Affected: Customers and individuals
Number of Individuals Affected: Could cover a substantial proportion of people in America
Number of Wisconsin Residents Affected: Unknown
Who and how to contact if consumers have any questions or need additional information (i.e. phone, email, website/link): A call center is available at: 1-866-262-5342, available Monday through Friday, 8 a.m. to 8 p.m. CT. There is also a link for more information at: https://www.changehealthcare.com/hipaa-substitute-notice.
September 2024
Company Name: Compex Legal Services
Date of Incident: Between April 9, 2024 and April 17, 2024
Date Public Notified: July 24, 2024
Data Accessed: Social Security numbers; Financial account information; Biometric data
Who is Affected: Individuals whose medical and legal records are held by Compex Legal Services
Number of Individuals Affected: 1,000+
Number of Wisconsin Residents Affected: 109
Who and how to contact if consumers have any questions or need additional information (i.e. phone, email, website/link): Compex Legal Services is offering credit monitoring and credit protection education for affected customers. Questions should be directed to 1-833-215-2896.
August 2024
Company Name: National Public Data
Date of Incident: December 2023, with potential leaks of certain data in April 2024 and summer 2024
Date Public Notified: August 12, 2024
Data Accessed: Names, email addresses, phone numbers, Social Security numbers, and mailing addresses
Who is Affected: U.S. residents
Number of Individuals Affected: 1,350,684
Number of Wisconsin Residents Affected: 6,410
Who and how to contact if consumers have questions or need additional information: Find more on National Public Data's website
Company Name: Ascension
Date of Incident: May 8, 2024
Date Public Notified: May 9, 2024
Data Accessed: A cybersecurity incident occurred on May 8, 2024. An investigation is still ongoing and it is unconfirmed if any patient data was accessed.
Who is Affected: Ascension will notify any affected individuals when the investigation and analysis has been completed.
Number of Individuals Affected: Unknown at this time
Number of Wisconsin Residents Affected: Unknown at this time
Who and how to contact if consumers have questions or need additional information: Ascension is offering complimentary credit monitoring and identity theft protection services to any Ascension patient or associate who requests it, free of charge, and regardless of whether their data was involved in this incident. Individuals who wish to enroll in free credit monitoring and identity theft protection services should call Ascension at (1-888) 498-8066.
Company Name: Power Test LLC
Date of Incident: April 29, 2024
Date Public Notified: June 13, 2024
Data Accessed: Internal commercial information, and some Social Security records
Who is Affected: Current and former employees
Number of Individuals Affected: 1,165
Number of Wisconsin Residents Affected: 975
Who and how to contact if consumers have questions or need additional information: Complementary identify protection, credit monitoring, and restoration services are being offered. Individuals with questions can call (866) 898-5471.
Company Name: First Choice Dental
Date of Incident: October 22, 2023
Date Public Notified: July 12, 2024
Data Accessed: Names, dates of birth, Social Security numbers, passport numbers, driver’s license numbers, government ID numbers, credit/debit card numbers, financial account numbers, and health information.
Who is Affected: First Choice Dental customers
Number of Individuals Affected: 228,287
Number of Wisconsin Residents Affected: Unknown
Who and how to contact if consumers have questions or need additional information: For more information, please call (608) 308-2941 between the hours of 8:00 am to 8:00 pm Eastern Time, Monday through Friday (excluding U.S. national holidays).
May 2024
Company Name: AT&T
Date of Incident: June 2022
Date Public Notified: March 30, 2024
Data Accessed: The information varied by individual and account, but may have included full name, email address, mailing address, phone number, social security number, date of birth, AT&T account number and AT&T passcode
Who is Affected: Current and former customers
Number of Individuals Affected: 7.6 million current customers and 65 million former customers
Number of Wisconsin Residents Affected: Unknown
Who and how to contact if consumers have questions or need additional information: Complementary credit monitoring, identity theft detection and resolution services are being offered. AT&T asks customers with questions to call (1-866) 346-0416 Monday through Friday, 8 a.m. to 9 p.m. CST, or visit
att.com/accountsafety.
Company Name: Group Health Cooperative of South Central Wisconsin (GHC-SCW)
Date of Incident: On or before January 25, 2024
Date Public Notified: February 9, 2024
Data Accessed: Names, Social Security numbers, addresses, telephone numbers, e-mail addresses, dates of birth and/or death, member numbers, and Medicare and/or Medicaid numbers.
Who is Affected: Current and past members and patients of its providers
Number of Individuals Affected: 533,809
Number of Wisconsin Residents Affected: Unknown
Who and how to contact if consumers have questions or need additional information: Consumers with questions can call member services at (800) 605-4327. Consumers who think they may have been affected but did not receive a notification letter can contact
privacy@ghcscw.com or call (608) 662-4899.
January 2024
Company Name: Navvis & Company
Date of Incident: Between July 12 and July 25, 2023
Date Public Notified: Rolling notices beginning September 22, 2023
Data Accessed: Names, account numbers, birthdates, diagnoses/clinical information, health insurance policy numbers, medical date of service, medical provider names, medical treatment/procedure information, and patient account numbers.
Who is Affected: Patients
Number of Individuals Affected: Unknown
Number of Wisconsin Residents Affected: 316,043
Who and how to contact if consumers have questions or need additional information: Credit monitoring for 12 months through IDX is being offered. Call (1-888) 996-4022 or visit the IDX website.