Listed below are data breaches which have either been reported to the Wisconsin Department of Agricultural, Trade and Consumer Protection (DATCP) or have been identified as affecting Wisconsin consumers. Information is gathered on each breach and posted to this page in order to inform consumers of any services or resources that are being offered.
2022 Data Breaches
If you are concerned about being or becoming a victim of identity theft as a result of a data breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@wi.gov.
September 2022
Company Name: Southwest Health Center
Date of Incident: 1/11/2022
Date Public Notified: 7/5/2022
Data Accessed: Names, dates of birth, Social Security numbers, financial account numbers, medical information, and/or health insurance information.
Who is Affected: Current and former employees and their dependents and individuals who sought medical treatment or services at Southwest Health.
Number of Individuals Affected: Unknown
Number of Wisconsin Residents Affected: Unknown
Who and how to contact if consumers have any questions or need additional information: Southwest Health has established a toll-free call center to answer questions about the incident and to address related concerns. Call center representatives are available Monday through Friday from 8:00 am – 8:00 pm Central Time and can be reached at 1-833-423-2983.
August 2022
Company Name: Nelnet Servicing, LLC
Date of Incident: June 2022 through July 22, 2022
Date Public Notified: 8/26/2022
Data Accessed: Social Security numbers, names, addresses, email addresses, phone numbers
Who is Affected: Students with loans from Oklahoma Student Loan Authority
Number of Individuals Affected: 2.5 million
Number of Wisconsin Residents Affected: Unknown
Who and how to contact if consumers have any questions or need additional information: Questions can be directed to (833) 559-0246, Monday through Friday, from 6 a.m. to 8 p.m. PST; Saturday and Sunday, from 8 a.m. to 5 p.m. PST (excluding major US holidays).
Company Name: RR Donnelly
Date of Incident: December 23, 2021
Date Public Notified: August 5, 2022
Who is Affected: Customers
Number of Individuals Affected: Unknown
Number of Wisconsin Residents Affected: Unknown
Who and how to contact if consumers have any questions or need additional information: RR Donnelly is offering credit monitoring through Experian with enrollment through October 15, 2022. If you have questions about the product, need assistance with identity restoration, or would like an alternative to enrolling in Experian IdentityWorks online, please contact Experian's customer care team at 877-890-9332 by October 15, 2022.
January 2022
Company Name: Lakeview Loan Servicing, LLC
Date of Incident: October 27, 2021 to December 7, 2021
Date Public Notified: after January 31, 2022
Data Accessed: Name, address, loan number, Social Security number, and, for some, information provided in connection with a loan application, loan modification, or other items regarding loan servicing.
Who is affected: Customers
Number of Individuals Affected: Unknown
Number of Wisconsin Residents Affected: Unknown
Who and how to contact if consumers have any questions or need additional information (i.e. phone, email, website/link): If you have questions about this notice, please call (855) 541-3564 from 8:00 a.m. – 5:30 p.m. Central Time, Monday through Friday (excluding major U.S. holidays).
Company Name: Horizon Actuarial Services, LLC
Date of Incident: November 10 and 11, 2021
Date Public Notified: January 13, 2022
Data Accessed: Name, address, Social Security number, bank account number, health insurance plan information, and date of birth
Who is Affected: Customers
Number of Individuals Affected: Unknown
Number of Wisconsin Residents Affected: 271
Who and how to contact if consumers have any questions or need additional information (i.e. phone, email, website/link): Horizon Actuarial Services, LLC can be contacted at 1-855-541-3574, Monday through Friday, 8:00 a.m. to 5:30 p.m., central time, excluding major U.S. holidays.
2021 Data Breaches
If you are concerned about being or becoming a victim of identity theft as a result of a data breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at
datcpwisconsinprivacy@wi.gov.
November 2021
Company: PAL Card Minnesota, LLC (Pawn America)
Date of Incident: September 28, 2021
Date Public Notified: November 19, 2021
Who is Affected: 166,689 customers, with an unknown number of Wisconsin residents impacted.
Data Accessed: Names, addresses, phone number and email address; PAL account number; and driver’s license number, social security number, passport number or other identification numbers.
The telephone number for the call center is 855-675-3117 and is available between the hours of 9am and 9pm Eastern Time, Monday through Friday.
Company: ISO Claims Services, Inc.
Date of Incident: July 5, 2021 – September 27, 2021
Date Public Notified: November 4, and November 19, 2021
Who is Affected: Approximately 180,000 Customers, with 838 Wisconsin residents impacted.
Data Accessed: Motor vehicle reports containing drivers’ names, dates of birth, addresses, driver’s license numbers and drivers’ violation information.
ISO has engaged with IDX to assist consumers who were impacted by this incident. IDX representatives are available at (833) 989-3931 Monday through Friday from 9 am - 9 pm Eastern Time to answer questions and provide additional information.
Consumers can visit
https://app.idx.us/account-creation/protect and use the Enrollment Code provided at the top of the notification letter they received in the mail.
Company: Robinhood Markets, Inc.
Date of Incident: November 3, 2021
Date Public Notified: November 8, 2021
Who is Affected: Approximately 7 million individuals, with Approximately 58,121 Wisconsin residents impacted.
Data Accessed: Full names, email addresses, or telephone number. (For a subset of 310 individuals, 2 of whom are Wisconsin residents: personal information including dates of birth, cities, states and zip codes, and telephone/text numbers. For 10 within that group of 310, none of whom are Wisconsin residents, “more extensive account details.”)
Robinhood offers 24/7 phone support in-app. Account > Help > Contact Us. In addition, Robinhood’s blog (https://blog.robinhood.com) contains information about this incident.
Robinhood Announces Data Security Incident — Under the Hood
September 2021
Company: Neiman Marcus Group
Date of Incident: May 2020
Date Public Notified: September 30, 2021
Who is Affected: 4.6 million Neiman Marcus online Customers, with an unspecified number of Wisconsin residents impacted.
Data Accessed: Names and contact information; payment card numbers and expiration dates (without CVV numbers); Neiman Marcus virtual gift card numbers (without PINs); and usernames, passwords, and security questions and answers associated with Neiman Marcus online accounts.
NMG has set up a dedicated call center at (866) 571-9725, which is open seven days a week (Monday through Friday, 8 a.m. to 10 p.m. CST; Saturday and Sunday, 10 a.m. to 7 p.m. CST (excluding major U.S. holidays)). Callers should be prepared to provide engagement number B01920.
https://www.neimanmarcus.com/2021-customer-online-account-info
Company: GateHub Ltd
Date of Incident: 2019 – The Bureau of Consumer Protection became aware of the incident following a complaint that was filed in July, 2021.
Date Public Notified: Unspecified
Who is Affected: 18,473 GateHub Customers.
Data Accessed: email addresses, hashed passwords, hashed recovery keys, encrypted XRP ledger wallets secret keys (non-deleted wallets only), first names (if provided), last names (if provided).
August 2021
Company: Forefront Dermatology
Date of Incident: Between May 28, 2021 and June 4, 2021
Date Public Notified: July 8, 2021 – July 20, 2021
Who is Affected: Employees, Healthcare Providers, Patients. There are 2,413,553 individuals affected, including 646,367 Wisconsin Residents Affected.
Data Accessed: Employees' and healthcare providers' names and Social Security numbers; patients' name, address, date of birth, patient account numbers, health insurance plan member ID numbers, medical record numbers, dates of service, accession numbers, provider names, and/or medical and clinical treatment information; provider's name, accession number (a certain number assigned to identify pathology slides) and status as a Forefront patient.
If consumers have any questions about this incident, please contact Forefront Dermatology's dedicated, toll-free incident response line at 855-899-4166, Monday through Friday, between 8:00am to 8:00pm, Central Time.
Company: Jefit, Inc.
Date of Incident: February 2021
Date Public Notified: March 2021
Who is Affected: Jefit users. Unspecified number of Wisconsin residents affected.
Data Accessed: Jefit account username, email address (associated with the account), encrypted password (hashed with unique salt to each account), IP address when creating the account
Who and how to contact if consumers have any questions or need additional information:
If consumers have additional questions,
they should contact Jefit, Inc. via privacy@jefit.com.
Company: Cohen Milstein Sellers & Toll PLLC
Date of Incident: January 23, 2021
Date Public Notified: Unspecified
Who is Affected: Unspecified
Data Accessed: Personally identifying information or personal health information. Unspecified number of Wisconsin residents affected.
Should individuals have questions regarding this event, they may call Cohen Milstein's dedicated assistance line at 855-535-1837 (toll free), Monday through Friday, from 9:00 am to 9:00 pm Eastern Time. Individuals may write to Cohen Milstein at 1100 New York Avenue NW, Suite 500, Washington, DC 20005. Additional information can be found on Cohen Milstein's website, https://www.cohenmilstein.com/.
Company: T-Mobile USA, Inc.
Date of Incident: August 13, 2021
Date Public Notified: August 16, 2021
Who is Affected: Current, former and prospective customers. Approximately 53.7 million individuals with an unspecified number of Wisconsin Residents Affected
Data Accessed: Names, drivers' licenses, government identification numbers, Social Security numbers, dates of birth, phone numbers, IMEI and IMSI information (the typical identifier numbers associated with a mobile phone), addresses, and T-Mobile account PINs.
If consumers have additional questions, they can contact T-Mobile online, in a store, or through their Customer Care team by phone at 611 or 1-800-937-8997.
July 2021
Company: Arnoff Moving & Storage
Date of Incident: June 3, 2021
Date Public Notified: June 10, 2021
Who is Affected: Approximately 600 customers including 1 Wisconsin resident
Data Accessed: Name, address, & credit card info of 600 customers
If consumers have any questions or need additional information Dan Arnoff can be contacted at:
dan@arnoff.com
If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at
DATCPWisconsinPrivacy@wi.gov.
Company: Progrexion ASG, Inc.
Date Public Notified: June 16, 2021
Date of Breach: April 8, 2021
Who is affected: 173 Wisconsin consumers
Data Accessed: FICO score, account numbers, name of financial institution including account details.
If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at
DATCPWisconsinPrivacy@wi.gov.
Company: Volkswagen Group of America, Inc.
Date Public Notified: June 11, 2021
Date of Breach: August 2019 – May 2021
Who is affected: 3.3 million individuals, including 25,738 Wisconsin consumers whose contact and vehicle information was impacted and 1,024 Wisconsin consumers with more sensitive information impacted.
Data Accessed: Information gathered for sales and marketing purposes from 2014 to 2019.
Contact and vehicle information includes first and last name, personal or business mailing address, email address, or phone number. In some instances, the data also included information about a vehicle purchased, leased, or inquired about, such as the Vehicle Identification Number (VIN), make, model, year, color and trim packages.
For 90,000 of the affected individuals, including 1,024 Wisconsin consumers, the data also includes more sensitive information relating to eligibility for a purchase, loan, or lease. Nearly all of the more sensitive data (over 95%) consists of driver's license numbers. There were also a very small number of dates of birth, Social Security or social insurance numbers, account or loan numbers, and tax identification numbers.
Audi of America is offering IDX identity theft protection services to the individuals whose more sensitive information was included, such as driver's license number, date of birth or Social Security number, the deadline to enroll is September 11, 2021.
If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at
DATCPWisconsinPrivacy@wi.gov.
June 2021
Company: Herff Jones, LLC
Date Public Notified: 06/15/2021 - 06/18/2021
Date of Breach: 01/11/2021 - 04/19/2021
Who is affected: approximately 1,091,049 consumers affected, including 9,003 Wisconsin residents
Data Accessed: payment card information. In addition, it may have included one or more of the following: name, address, phone number, email address, and limited information related to the transaction.
If consumers have any questions or need additional information: Please contact Herff Jones, LLC at (855) 535-1795.
If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at
DATCPWisconsinPrivacy@wi.gov.
May 2021
Company: Ultratec Inc./Captel Inc.
Date Public Notified: 5/5/2021
Date of Breach: 10/9/2020
Who is affected: 36,020 former and current employees, business associates, and customers of Ultratec Inc./Captel Inc., including 16,877 Wisconsin residents
Data Accessed: Name, address, telephone number, date of birth, social security number, government or state issued ID, passport number, alien registration number, tribal ID number, military DOD ID number, driver's license number, student ID number, financial account number, PIN/access Code/password, payment card number, payment card CVV/expiration, payment card type, email address and password type, username and password account, health insurance member number, health insurance group number, and personal health information.
If consumers have any questions or need additional information: Please contact Ultratec Inc. at privacyreports@ultrec.com or a toll-free dedicated assistance line (855) 654-0887, Monday through Friday, 9:00 am to 9:00 pm EST.
If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at
DATCPWisconsinPrivacy@wi.gov.
April 2021
Company Name: “GEICO" - Government Employees Insurance Company
Date Public Notified: 4/9/2021
Date of Breach affecting WI
driver's license numbers: 1/27/21 to 3/1/21
Who is Affected: Both policyholders and non-policyholders
Number of Individuals Affected: 131,043, including 499 Wisconsin residents
Data Accessed: individual's driver's license number.
If consumers have any questions or need additional information: Please contact GEICO at
privacyrequests@geico.com or (855) 265-1097, Monday through Friday, 10:00 am to 6:30 pm EST.
Statement: On March 1, 2021, GEICO was alerted to the possible existence of a vulnerability in the Website, which purportedly allowed for the extraction of driver's license numbers. This responsible disclosure was immediately referred internally for investigation. GEICO's investigation revealed that hackers had submitted certain personal information about individuals – which they had obtained elsewhere – to begin the online sales quote process and then exploited a vulnerability in the Website that allowed for the extraction of the impersonated individuals' driver's license numbers. GEICO disabled the affected part of the system until a fix was implemented on the evening of March 1, 2021.
If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at
DATCPWisconsinPrivacy@wi.gov.
|
Date Public Notified |
Date of Breach |
Company |
Data Accessed |
March 15, 2021
| January 22, 2021
| Flagstar Bank, FSB
| Name, address, Social Security Number/tax ID number, date of birth, and/or financial account number without any password or security code that may have provided access to the account.
|
Who's Affected
| Details
|
Unknown number of individuals, including an unknown number of Wisconsin residents.
| On January 22, 2021, Accellion informed Flagstar that its third-party file sharing platform had a vulnerability, which prompted Flagstar to discontinue its use of the Accellion platform. Flagstar subsequently learned on January 24, 2021, that an unauthorized party was able to access some of Flagstar's information on the Accellion platform.
After being informed of the incident on January 24, 2021, Flagstar reported the incident to federal law enforcement and initiated its own forensic investigation to review the potential scope and impact of the incident.
Flagstar started contacting potentially impacted customers and employees via USPS mail on March 15, 2021, to inform them of the incident. Flagstar is offering free credit monitoring to all impacted individuals.
Visit the link below to access Flagstar's Accellion Incident Information Center:
https://www.flagstar.com/customer-support/accellion-information-center.html
If you have additional questions about the incident, you can call Flagstar's dedicated call center at 1 (855) 907-046 between 9:00 AM – 6:30 PM ET (Monday through Friday). If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@wi.gov
|
|
Date Public Notified |
Date of Breach |
Company |
Data Accessed |
| February 19, 2021 | January 23, 2021 | The Kroger Co. | Associate Human Resources data, certain pharmacy records, and certain money services records have been affected. Non-sensitive information, including information about Kroger's loyalty program for coupons and product discounts was also impacted. |
Who's Affected
|
Details
|
An unknown number of affected individuals, including an unknown number of Wisconsin residents.
| On January 23, 2021, Kroger was informed that their customers and associates were affected by the Accellion data security incident. Accellion is a vendor used by Kroger for data file transfers. After being informed of the incident's effect on January 23, 2021, Kroger discontinued the use of Accellion's services, reported the incident to federal law enforcement, and initiated its own forensic investigation to review the potential scope and impact of the incident. Kroger started contacting potentially impacted customers and associates via USPS mail on February 19, 2021, to inform them of the incident. Kroger is offering free credit monitoring to all impacted individuals. Visit the link below for Kroger's statement:
https://www.kroger.com/i/accellion-incident If you have additional questions about the incident, you can call Kroger's dedicated call center at 1 (855) 558-2999 between 6:00 AM – 8:00 PM PT (Monday through Friday) and 8:00 AM – 5:00 PM PT (Saturday and Sunday). If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at
DATCPWisconsinPrivacy@wi.gov.
|
2020 Data Breaches
August 2020
|
Date Public Notified |
Date of Breach |
Company |
Data Accessed |
| August 14, 2020 | June 24, 2020 through July 1, 2020 | EyeMed Vision Care, LLC | Full name, address, date of birth, phone number, email address, vision insurance account/identification number, health insurance account/identification number, Medicaid or Medicare number, driver's license or other government identification number, and birth or marriage certificate. For some individuals, partial or full social security numbers and/or financial information were implicated and, in a few cases, medical diagnoses and conditions, and treatment information, and/or passport numbers were implicated. |
Who's Affected
|
Details |
| An unknown number of affected individuals, including an unknown number of Wisconsin residents. | On July 1, 2020, EyeMed discovered that unauthorized access was gained to an EyeMed email mailbox and phishing emails were sent to their members. EyeMed blocked the unauthorized access and secured the mailbox. EyeMed hired a cybersecurity firm and launched an investigation into the incident. EyeMed is mailing letters to affected individuals and offering free credit monitoring and identity protection services for a duration of two years. EyeMed established a dedicated call center to answer any questions individuals may have. If you believe you have been affected and do not receive a letter by December 12, 2020, please call 888-974-0076, Monday through Friday from 8:00 a.m. to 5:30 p.m. Central Time to learn if your information was involved in the breach. Visit the link below for EyeMed's statement:
https://eyemed.com/en-us/notice If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at
DATCPWisconsinPrivacy@wi.gov. |
July 2020
|
Date Public Notified |
Date of Breach |
Company |
Data Accessed |
| July 16, 2020 | May 2020 | Blackbaud, Inc.
| See Blackbaud's statement via link below
|
|
Who's Affected |
Details |
An unknown number of affected individuals including an unknown number of Wisconsin residents.
| For more information, visit the link below for Blackbaud's statement.
https://www.blackbaud.com/securityincident If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at
DATCPWisconsinPrivacy@wi.gov. |
June 2020
Date Public Notified |
Date of Breach |
Company |
Data Accessed |
| June 15, 2020 | April 11, 2020 | Magellan Health, Inc. | Names and one or more of the following: social security numbers. treatment information, health insurance account information, member ID, other health-related information, email addresses, phone numbers and physical addresses |
|
Who's Affected |
Details |
| An unknown number of affected individuals including four (4) Wisconsin residents. | On April 11, 2020, Magellan Health, Inc. discovered that they were the target of a ransomware attack that may have affected their members' personal information. Magellan reported the incident to law enforcement and the FBI, implemented additional security protocols and hired a cybersecurity forensics firm to conduct an investigation.
Magellan notified affected individuals by mail on a rolling basis beginning June 15, 2020. Magellan recommends that members review their health plan benefits statements carefully and report any discrepancies by calling the number on their member ID card. If you have any questions or need additional information Magellan can be contacted at 888-451-6558. Visit the link below for Magellan's statement.
https://www.magellanhealth.com/news/security-incident/ If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at
DATCPWisconsinPrivacy@wi.gov. |
April 2020
|
Date Public Notified |
Date of Breach |
Company |
Data Accessed |
| April 13, 2020 | March 25, 2020 | U.S. Small Business Administration, (SBA) | Social security number, tax identification number, date of birth, address, email, phone number, marital status, citizenship status, household size, income, disclosure inquiry, financial and insurance information |
Who's Affected
|
Details
|
| 7,913 affected individuals including an unknown number of Wisconsin residents. Currently there is no geographical information related to this breach. | On March 25, 2020, the SBA discovered their loan application website may have disclosed personally identifiable information to other applicants. The SBA disabled their website and is offering identity theft protection services to those affected.
ID Experts can be contacted for questions or assistance in enrolling at (833) 968-1684 or (866) 405-2133 (TTY) Monday through Friday 9:00am-9:00pm EST. The deadline to enroll is September 13, 2020.
If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at
DATCPWisconsinPrivacy@wi.gov.
|
March 2020
|
Date Public Notified |
Date of Breach |
Company |
Data Accessed |
| March 31, 2020 | January-February, 2020 | Marriott International, Inc. | Name, mailing address, email address, phone number, loyalty account number and points balance, company, gender, birthday day and month, linked airline loyalty programs and numbers, stay/room preferences, and language preference. |
Who's Affected
|
Details
|
Approximately 5.2 Million affected individuals including an unknown number of Wisconsin residents.
| At the end of February 2020, Marriott identified that an unexpected amount of guest information may have been accessed using the login credentials of two employees at a franchise property. Marriott believes this activity started in mid-January 2020. Upon discovery, Marriott confirmed that the login credentials were disabled, immediately began an investigation, implemented heightened monitoring, and arranged resources to inform and assist guests. On March 31, 2020, Marriott sent emails about the incident to guests involved. The email was sent from
marriott@email-marriott.com. Marriott has set up a self-service online portal for guests to be able to determine whether their information was involved in the incident and, if so, what categories of information were involved. This portal can be accessed through a link found at
https://mysupport.marriott.com/ Marriott has established a dedicated call center for guests to obtain more information at: (United States/Canada) (800) 598-9655. Call center resources will be staffed 8:00am-8:00pm EDT Monday through Friday. If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at
DATCPWisconsinPrivacy@wi.gov.
|
|
Date Public Notified |
Date of Breach |
Company |
Data Accessed |
March 17, 2020
| January 17, 2020 | Tandem Diabetes Care, Inc. | Names, contact information, information related to those customers' use of Tandem's products or services, clinical data regarding diabetes therapy, and in a few limited instances, Social Security numbers. |
Who's Affected
|
Details
|
140,781 number of affected individuals including an unknown number of Wisconsin residents.
| On January 17, 2020, Tandem Diabetes Care, Inc. (Tandem) learned that an unauthorized person gained access to a Tandem employee's email account through a security incident commonly known as “phishing." Tandem immediately secured the account and a cyber-security firm was engaged to assist in the investigation. The investigation determined that a limited number of Tandem employee email accounts may have been accessed by an unauthorized user between January 17, 2020 and January 20, 2020. For those individuals whose Social Security numbers were affected, Tandem is offering a complimentary membership of credit monitoring and identity protection services. Tandem has established a dedicated call center for patients to call with questions, 1-844-971-0675, Monday through Friday, between 6:00 a.m. and 3:30 p.m. Pacific Time, excluding major U.S. holidays. If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at
DATCPWisconsinPrivacy@wi.gov.
|
February 2020
Date Public Notified |
Date of Breach |
Company |
Data Accessed |
February 20, 2020
| Approximately January 1, 2020 to January 9, 2020 | Advocate Aurora Health | First and/or last name; maiden name; marital status; date of birth; street address, email address and phone number(s); date(s) of admission, discharge or treatment; social security number; medical record number; health insurance account number(s); medical device number(s); driver's license number; passport number; bank or financial account number(s); or full face photographs. |
|
Who's Affected |
Details |
Unknown number of affected individuals including an unknown number of Wisconsin residents.
| On or about Jan. 1, 2020, an unauthorized individual(s) used an email phishing campaign to gain access to the email credentials of several Advocate Aurora Health employees at Aurora Medical Center - Bay Area. Advocate Aurora learned of this intrusion on or about Jan. 9, 2020, and promptly initiated an internal investigation. Through its investigation, Advocate Aurora confirmed that the intruder(s) did not access Advocate Aurora's or Aurora Medical Center - Bay Area's electronic health record systems. The investigation revealed that the intruder(s) may have accessed without authorization the emails of certain employees during a period from approximately Jan. 1, 2020 to Jan. 9, 2020. While Advocate Aurora cannot confirm that the intruder(s) used the email credentials to access the emails of these employees, Advocate Aurora's review of these email accounts determined that the personal and/or health information of certain Aurora Medical Center - Bay Area patients may have been included in accessible email messages. Advocate Aurora is providing free credit monitoring services through Experian to affected individuals for one year. Advocate Aurora can be contacted with questions at
www.aah.org/patient-cybersecurity or (866) 242-1807. If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at
DATCPWisconsinPrivacy@wi.gov.
|
2019 Data Breaches
November 2019
|
Date Public Notified |
Date of Breach |
Company |
Data Stolen |
November 22, 2019
| Early November
| T-Mobile USA, Inc.
| Name, billing address, phone number, account number, rate, plan, and calling features.
|
|
Who's Affected |
Details |
Unknown number of affected individuals including an unknown number of Wisconsin residents.
| In early November T-Mobile reported that their cybersecurity team discovered and shut down malicious unauthorized access to some information related to T-Mobile prepaid wireless accounts. T-Mobile has reported this to authorities.
The official T-Mobile statement can be found at
https://www.t-mobile.com/customers/6305378822. If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at
DATCPWisconsinPrivacy@wi.gov.
|
October 2019
|
Date Public Notified |
Date of Breach |
Company |
Data Stolen |
August 19, 2019
| June 26 - 28, 2019
| Cornerstone, Inc. | Name, address, Social Security number, date of birth, driver’s license information, and telephone number.
|
|
Who's Affected |
Details |
Unknown number of affected individuals including an unknown number of Wisconsin residents.
| On or around July 9, 2019, Cornerstone learned that an unauthorized third party may have obtained a Cornerstone applicant’s online rental application, which contained that individual’s personal information. Cornerstone conducted an investigation and cannot rule out that an unauthorized actor may have gained access to the database which stores rental applications.
Cornerstone has identified which individuals’ information may have been affected by any potential unauthorized access and notification letters have been sent.
Cornerstone is offering potentially affected tenants and applicants complimentary credit monitoring and identity protection services for at least one year through TransUnion®.
If you have questions concerning this incident, the Cornerstone response line can be contacted at 855-683-4611, Monday through Friday, 8:00 a.m. to 8:00 p.m. Central Time. More information can also be found at
https://www.rentatcornerstone.com/documents/cornerstone-data-security-2019-08-18.pdf.
If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at
DATCPWisconsinPrivacy@wi.gov.
|
September 2019
|
Date Public Notified |
Date of Breach |
Company |
Data Stolen |
September 12, 2019
| September 2-12, 2019
| Zynga Inc.
| Name, email address, and account login information for certain players of Draw Something adn Words With Friends which may include passwords
|
|
Who's Affected |
Details |
Approximately 200 million affected individuals including an unknown number of Wisconsin residents
| On September 12, 2019, Zynga Inc. announced they recently discovered that certain player account information may have been illegally accessed by outside hackers.
Zynga has taken steps to protect certain players’ accounts from invalid logins, including but not limited to where they believe that passwords may have been accessed. Zynga has begun the process of sending individual notices to players.
If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at
DATCPWisconsinPrivacy@wi.gov.
|
|
Date Public Notified |
Date of Breach |
Company |
Data Stolen |
September 26, 2019
| May 4, 2019
| DoorDash
| Name, email address, delivery address, order history, phone number, as well as hashed & salted passwords.
For some consumers, the last four digits of consumer payment cards.
For some Dashers and merchants, the last four digits of their bank account number.
For approximately 100,000 Dashers, their driver’s license numbers were also accessed.
|
|
Who's Affected |
Details |
4.9 million consumers, Dashers, and merchants were affected including an unknown number of Wisconsin residents.
| DoorDash announced that earlier in September they became aware of unusual activity involving a third-party service provider. DoorDash launched an investigation and were subsequently able to determine that an unauthorized third party accessed some DoorDash user data on May 4, 2019.
Consumers, Dashers, and merchants who joined on or before April 5, 2018, are affected. Users who joined after April 5, 2018 are not affected. DoorDash can be contacted at 855-646-4683 for 24/7 suppport If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@wi.gov.
|
|
Date Public Notified |
Date of Breach |
Company |
Data Stolen |
September 19, 2019
| February 19, 2019
| CafePress, Inc.
| Names, email addresses, and CafePress account passwords. For less than 1% of the affected individuals, the information also included Social Security Numbers or Tax Identification Numbers.
|
|
Who's Affected |
Details |
Approximately 23 million affected individuals including an unknown number of Wisconsin residents. | CafePress has reported they have recently discovered that an unidentified third party obtained customer information, without authorization, that was contained in a CafePress database on or about February 19, 2019. For CafePress account holders, it is recommended by CafePress to log in to your online account which should prompt you to change your account password.
CafePress can be contacted at: 1-844-386-9557 Monday–Friday from 9:00 a.m. to 9:00 p.m. ET or Saturday–Sunday from 11:00 a.m. to 8:00 p.m. ET.
If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at
DATCPWisconsinPrivacy@Wisconsin.gov.
|
August 2019
|
Date Public Notified |
Date of Breach |
Company |
Data Stolen |
August 14, 2019
| December 14, 2018 to July 29, 2019
| Hy-Vee, Inc.
| Payment card: number, expiration date, and internal verification code
|
|
Who's Affected |
Details |
Unknown number of affected individuals including an unknown number of Wisconsin residents. | On July 29, 2019, Hy-Vee Inc. detected unauthorized activity on some of their payment processing systems. Hy-Vee conducted an investigation and found malware designed to access payment card data from cards used on point-of-sale (“POS”) devices at certain Hy-Vee fuel pumps, drive-thru coffee shops, and restaurants.
The general timeframe when data from cards used at Hy-Vee locations may have been accessed is December 14, 2018, to July 29, 2019 for fuel pumps and January 15, 2019, to July 29, 2019, for restaurants and drive-thru coffee shops.
Specific Wisconsin Hy-Vee locations and timeframes related to this incident: Market Grille, 3801 E. Washington, Madison, WI 53704
January 15, 2019 - June 30, 2019
Market Grille, 675 S. Whitney Way, Madison, WI 53711
January 15, 2019 - July 17, 2019
Hy-Vee can be contacted at (833) 967-1091 Monday through Friday between 8:00 a.m. and 8:00 p.m. CT.
If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at
DATCPWisconsinPrivacy@Wisconsin.gov.
|
|
Date Public Notified |
Date of Breach |
Company |
Data Stolen |
August 3, 2019
| May 14, 2019
| StockX LLC
| Name, email address, username, hashed password, address and purchase history.
|
|
Who's Affected |
Details |
Unknown number of affected individuals including an unknown number of Wisconsin residents. | On July 26, 2019, StockX was alerted to suspicious activity potentially involving customer data. StockX launched a forensic investigation and learned an unknown third party gained unauthorized access to certain customer data on or around May 14, 2019. StockX deployed a system-wide update and implemented a full password reset of all customer passwords. On August 3, 2019, StockX notified affected customers by email and a letter was mailed out on August 8 as a follow up to the email. StockX is offering 12 months of fraud detection and identity theft protection from ID Experts®. StockX or ID Experts® can be contacted at (833) 300-6935 (US), +1-971-317-8411 (International), or
https://ide.myidcare.com/stockx If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at
DATCPWisconsinPrivacy@Wisconsin.gov.
|
July 2019
|
Date Public Notified |
Date of Breach |
Company |
Data Stolen |
July 19, 2019
| March 22-23, 2019
| Capital One
| Name, date of birth, address, zip code, phone number, email address, credit score, credit limits, account balances, payment history, and self-reported income. In some cases Social Security number and bank account number was accessed.
|
|
Who's Affected |
Details |
Approximately 100 million total affected individuals. Including 140,000 individuals whose Social Security numbers were affected. Including approximately 80,000 individuals whose bank account numbers were affected. It is unknown how many Wisconsin residents are affected. | On July 19, 2019 Capital One announced that there was unauthorized access of its systems by an outside individual. The vulnerability was reported to the company by an external security researcher on July 17. Capital One immediately fixed the issue and promptly began working with federal law enforcement. Capital One is reporting that The largest category of information accessed was information on consumers and small businesses as of the time they applied for a Capital One credit card product from 2005 through early 2019. Capital One is notifying affected individuals by mail and is offering free credit monitoring and identity protection to everyone affected. More information can be found at
https://www.capitalone.com/facts2019/ or Capital One can be reached at 1-800-227-4825. If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at
DATCPWisconsinPrivacy@Wisconsin.gov.
|
June 2019
|
Date Public Notified |
Date of Breach |
Company |
Data Stolen |
June 21, 2019
| August 25, 2010
| Dominion National
| Name, Social Security number, date of birth, bank account number, bank routing number, address, email address, member ID number, group number, and subscriber number.
|
|
Who's Affected |
Details |
Approximately 3.2 Million affected individuals including 2,964 Wisconsin residents.
| On April 24, 2019, Dominion National determined that an unauthorized party may have accessed some of their computer servers. The data stored or potentially accessible from those computer servers may include enrollment and demographic information for current and former members of Dominion National and Avalon vision, and current and former members of plans Dominion National provides administrative services for. Dominion National began notifying the potentially affected individuals on June 21, 2019. Additional information is available at
www.DominionNationalFacts.com or by calling Dominion National’s incident response line at 877-503-8923 or 844-261-6819 (TTY/TDD). The incident response line is open Monday through Friday, 8:00 a.m. to 8:00 p.m. EST. Dominion National is offering a two-year membership to ID Experts® MyIDCare™, which includes credit monitoring and fraud protection services, for any potentially affected individual. If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at
DATCPWisconsinPrivacy@Wisconsin.gov.
|
|
Date Public Notified |
Date of Breach |
Company |
Data Stolen |
June 7, 2019
| April 2, 2019
| TenX Systems, LLC d/b/a ResiDex Software
| Social Security numbers and medical records.
|
|
Who's Affected |
Details |
Unknown number of affected individuals including 1,296 Wisconsin residents.
| On April 9, 2019, ResiDex became aware of a data security incident, including ransomware, which impacted its server infrastructure and took its systems offline. The data security incident may have resulted in unauthorized access to protected health information, including medical records that existed on ResiDex’s software as of April 9, 2019. ResiDex provides software for Presbyterian Homes and Services, which has 1,296 current WI residents. ResiDex began notifying potentially impacted individuals via written notice beginning on June 7, 2019. ResiDex is providing free membership to TransUnion, myTrueIdentity, credit monitoring service to affected individuals. ResiDex can be contacted with questions at 877-347-0184 or 866-512-8369 between 9:00 a.m. to 9:00 p.m. Eastern Time, Monday through Friday. If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at
DATCPWisconsinPrivacy@Wisconsin.gov.
|
May 2019
|
Date Public Notified |
Date of Breach |
Company |
Data Stolen |
May 24, 2019
| October 15, 2018 through December 21, 2018
| OS, Inc. on behalf of: Sauk Prairie Healthcare, Fort HealthCare, Inc., and Columbus Community Hospital.
| Name, Social Security number (in the form of insurance identification numbers), hospital account number, name of insurer, summary of charges, and category of service.
|
|
Who's Affected |
Details |
|
Unknown number of affected individuals including an unknown number of Wisconsin residents.
| OS, Inc. an organization which provides claims management services to certain healthcare providers (among which is Sauk Prairie Healthcare, Fort HealthCare, Inc., and Columbus Community Hospital), announced that a phishing email campaign may have resulted in unauthorized access to personal information contained within an OS employee’s email account. On April 8, 2019, OS, Inc. notified affected hospitals that their patient's personal identifying information may have been subject to this incident. On May 24, 2019, OS, Inc. began mailing individual notifications to each patient impacted. OS, Inc. is offering free access to Kroll’s fraud consultation and identity theft restoration services. Kroll can be contracted at (866) 775-4209, Monday through Friday from 8:00 a.m. to 5:30 p.m. with any questions. OS, Inc. can be contacted by mail at:
PO Box 311
Pewaukee, WI 53072 Columbus Community Hospital patients may contact Andrea Link, Privacy Officer at CCH by calling (920) 623-2200 with any questions related to this incident. Fort Healthcare patients may call (920) 568-6583 or (877) 324-2175 Monday through Friday from 8:00 a.m. to 5:00 p.m. Central Time. Sauk Prairie Healthcare patients may call (608) 643-3311. If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at
DATCPWisconsinPrivacy@Wisconsin.gov.
|
|
Date Public Notified |
Date of Breach |
Company |
Data Stolen |
April 22, 2019
| January 2019
| Inmediata Health Group, Corp.
| Name, address, date of birth, gender, dates of service, diagnosis codes, procedure codes, and treating physician.
|
|
Who's Affected |
Details |
Unknown number of affected individuals including an unknown number of Wisconsin residents.
| In January 2019, Inmediata Health Group, Corp (Inmediata) became aware that some of its member patients’ electronic health information was publicly available online. When Inmediata became aware of this they immediately deactivated the publicly accessible website. On April 22, 2019 Inmediata sent notification letters to patients who were affected by this data breach. Inmediata can be reached at 1-833-389-2392, Monday through Friday, 9:00am-6:30pm EST. If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at
DATCPWisconsinPrivacy@Wisconsin.gov.
|
April 2019
|
Date Public Notified |
Date of Breach |
Company |
Data Stolen |
April 9, 2019
| March 29, 2017, to January 9, 2019 and February 12-19, 2019.
| Canyon Bakehouse LLC
| Names, payment card numbers, expiration dates, and CVV codes.
|
|
Who's Affected |
Details |
Approximately 12,000 individuals were notified including 295 Wisconsin residents.
| On March 1, 2019 Canyon Bakehouse LLC became aware of malware installed on their systems that affected payment card data. Canyon Bakehouse LLC reported that unknown third parties gained unauthorized access to their computer systems compromising some payment card information. Canyon Bakehouse LLC has temporarily disabled the ordering and account login functions on their website until the security can be upgraded. On April 9, 2019 Canyon Bakehouse LLC mailed notification letters to those affected and is offering one year of credit monitoring and identity theft resolution services through Experian’s IdentityWorks. Canyon Bakehouse LLC can be reached at (970) 461-3844 If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at
DATCPWisconsinPrivacy@Wisconsin.gov.
|
January 2019
|
Date Public Notified |
Date of Breach |
Company |
Data Stolen |
February 15, 2019
| January 3, 2019 through January 24, 2019
| North Country Business Products, Inc.
| Cardholder's name, payment card number, expiration date, and CVV code.
|
|
Who's Affected |
Details |
Unknown number of affected individuals including an unknown number of Wisconsin residents.
| On January 4, 2019, North Country Business Products, Inc. learned of suspicious activity occurring within certain client networks. North Country launched an investigation and on January 30, 2019, the investigation determined that an unauthorized party was able to deploy malware to certain North Country business partners and restaurants between January 3, 2019, and January 24, 2019, that collected credit and debit card information. North Country can be reached at 1-877-204-9537, Monday through Friday (excluding U.S. holidays), 9:00 a.m. to 9:00 p.m. EST. North Country’s business partners located in Wisconsin: Dunn Brothers Coffee of Hudson, WI (Transactions Occurring from 1/4/2019 to 1/10/2019) Dunn Brothers Coffee of New Richmond, WI (Transactions Occurring on 1/4/2019) Dunn Brothers Coffee of West Bend, WI (Transactions Occurring on 1/4/2019) East Bay Restaurant & Bar of Holcombe, WI (Transactions Occurring on 1/4/2019) Sconni’s Alehouse And Eatery of Schofield, WI (Transactions Occurring on 1/4/2019) The Ranch Supper Club of Hayward, WI (Transactions Occurring on 1/4/2019)
If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at
DATCPWisconsinPrivacy@Wisconsin.gov.
|