Data Breaches

September 19, 2019

February 19, 2019

CafePress, Inc.

Names, email addresses, and CafePress account passwords. For less than 1% of the affected individuals, the information also included Social Security Numbers or Tax Identification Numbers.

Approximately 23 million affected individuals including an unknown number of Wisconsin residents.

CafePress has reported they have recently discovered that an unidentified third party obtained customer information, without authorization, that was contained in a CafePress database on or about February 19, 2019.

For CafePress account holders, it is recommended by CafePress to log in to your online account which should prompt you to change your account password.

CafePress can be contacted at: 1-844-386-9557 Monday–Friday from 9:00 a.m. to 9:00 p.m. ET or Saturday–Sunday from 11:00 a.m. to 8:00 p.m. ET.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

August 14, 2019

December 14, 2018 to July 29, 2019

Hy-Vee, Inc.

Payment card: number, expiration date, and internal verification code

Unknown number of affected individuals including an unknown number of Wisconsin residents.

On July 29, 2019, Hy-Vee Inc. detected unauthorized activity on some of their payment processing systems. Hy-Vee conducted an investigation and found malware designed to access payment card data from cards used on point-of-sale (“POS”) devices at certain Hy-Vee fuel pumps, drive-thru coffee shops, and restaurants.

The general timeframe when data from cards used at Hy-Vee locations may have been accessed is December 14, 2018, to July 29, 2019 for fuel pumps and January 15, 2019, to July 29, 2019, for restaurants and drive-thru coffee shops.

Specific Wisconsin Hy-Vee locations and timeframes related to this incident:

Market Grille, 3801 E. Washington​, Madison, WI 53704  
January 15, 2019 - June 30, 2019

Market Grille, 675 S. Whitney Way, Madison, WI 53711​
January 15, 2019 - July 17, 2019

Hy-Vee can be contacted at (833) 967-1091 Monday through Friday between 8:00 a.m. and 8:00 p.m. CT.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

July 19, 2019

March 22-23, 2019

Capital One

Name, date of birth, address, zip code, phone number, email address, credit score, credit limits, account balances, payment history, and self-reported income. In some cases Social Security number and bank account number was accessed.

Approximately 100 million total affected individuals.

Including 140,000 individuals whose Social Security numbers were affected.

Including approximately 80,000 individuals whose bank account numbers were affected.

It is unknown how many Wisconsin residents are affected.

On July 19, 2019 Capital One announced that there was unauthorized access of its systems by an outside individual. The vulnerability was reported to the company by an external security researcher on July 17.

Capital One immediately fixed the issue and promptly began working with federal law enforcement. Capital One is reporting that The largest category of information accessed was information on consumers and small businesses as of the time they applied for a Capital One credit card product from 2005 through early 2019.

Capital One is notifying affected individuals by mail and is offering free credit monitoring and identity protection to everyone affected.

More information can be found at ​https://www.capitalone.com/facts2019/ or Capital One can be reached at 1-800-227-4825.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

June 21, 2019

August 25, 2010

Dominion National

Name, Social Security number, date of birth, bank account number, bank routing number, address, email address, member ID number, group number, and subscriber number.

Approximately 3.2 Million affected individuals including 2,964 Wisconsin residents.

On April 24, 2019, Dominion National determined that an unauthorized party may have accessed some of their computer servers. The data stored or potentially accessible from those computer servers may include enrollment and demographic information for current and former members of Dominion National and Avalon vision, and current and former members of plans Dominion National provides administrative services for.

Dominion National began notifying the potentially affected individuals on June 21, 2019. Additional information is available at www.DominionNationalFacts.com or by calling Dominion National’s incident response line at 877-503-8923 or 844-261-6819 (TTY/TDD). The incident response line is open Monday through Friday, 8:00 a.m. to 8:00 p.m. EST.

Dominion National is offering a two-year membership to ID Experts® MyIDCare™, which includes credit monitoring and fraud protection services, for any potentially affected individual.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

June 7, 2019

April 2, 2019

TenX Systems, LLC d/b/a ResiDex Software

Social Security numbers and medical records.

Unknown number of affected individuals including 1,296 Wisconsin residents.

On April 9, 2019, ResiDex became aware of a data security incident, including ransomware, which impacted its server infrastructure and took its systems offline. The data security incident may have resulted in unauthorized access to protected health information, including medical records that existed on ResiDex’s software as of April 9, 2019​.

ResiDex provides software for Presbyterian Homes and Services, which has 1,296 current WI residents. ResiDex began notifying potentially impacted individuals via written notice beginning on June 7, 2019.

ResiDex is providing free membership to TransUnion, myTrueIdentity, credit monitoring service to affected individuals.

ResiDex can be contacted with questions at 877-347-0184 or 866-512-8369 between 9:00 a.m. to 9:00 p.m. Eastern Time, Monday through Friday.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

May 24, 2019

October 15, 2018 through December 21, 2018

OS, Inc. on behalf of: Sauk Prairie Healthcare, Fort HealthCare, Inc., and Columbus Community Hospital.

Name, Social Security number (in the form of insurance identification numbers), hospital account number, name of insurer, summary of charges, and category of service.

Unknown number of affected individuals including an unknown number of Wisconsin residents.

OS, Inc. an organization which provides claims management services to certain healthcare providers (among which is Sauk Prairie Healthcare, Fort HealthCare, Inc., and Columbus Community Hospital), announced that a phishing email campaign may have resulted in unauthorized access to personal information contained within an OS employee’s email account. On April 8, 2019, OS, Inc. notified affected hospitals that their patient's personal identifying information may have been subject to this incident.

On May 24, 2019, OS, Inc. began mailing individual notifications to each patient impacted. OS, Inc. is offering free access to Kroll’s fraud consultation and identity theft restoration services. Kroll can be contracted at (866) 775-4209, Monday through Friday from 8:00 a.m. to 5:30 p.m. with any questions.

OS, Inc. can be contacted by mail at:
PO Box 311
Pewaukee, WI 53072

Columbus Community Hospital patients may contact Andrea Link, Privacy Officer at CCH by calling (920) 623-2200 with any questions related to this incident.

Fort Healthcare patients may call (920) 568-6583 or (877) 324-2175 Monday through Friday from 8:00 a.m. to 5:00 p.m. Central Time.

Sauk Prairie Healthcare patients may call (608) 643-3311.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

April 22, 2019

January 2019

Inmediata Health Group, Corp.

Name, address, date of birth, gender, dates of service, diagnosis codes, procedure codes, and treating physician.

Unknown number of affected individuals including an unknown number of Wisconsin residents.

In January 2019, Inmediata Health Group, Corp (Inmediata) became aware that some of its member patients’ electronic health information was publicly available online. When Inmediata became aware of this they immediately deactivated the publicly accessible website.

On April 22, 2019 Inmediata sent notification letters to patients who were affected by this data breach.

​Inmediata can be reached at 1-833-389-2392, Monday through Friday, 9:00am-6:30pm EST.

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

April 9, 2019

March 29, 2017, to January 9, 2019 and February 12-19, 2019.

Canyon Bakehouse LLC

Names, payment card numbers, expiration dates, and CVV codes.

Approximately 12,000 individuals were notified including 295 Wisconsin residents.

On March 1, 2019 Canyon Bakehouse LLC became aware of malware installed on their systems that affected payment card data. Canyon Bakehouse LLC reported that unknown third parties gained unauthorized access to their computer systems compromising some payment card information. Canyon Bakehouse LLC has temporarily disabled the ordering and account login functions on their website until the security can be upgraded.

On April 9, 2019 Canyon Bakehouse LLC mailed notification letters to those affected and is offering one year of credit monitoring and identity theft resolution services through Experian’s IdentityWorks.

Canyon Bakehouse LLC can be reached at (970) 461-3844 ​

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.

February 15, 2019

January 3, 2019 through January 24, 2019

North Country Business Products, Inc.

Cardholder's name, payment card number, expiration date, and CVV code.

Unknown number of affected individuals including an unknown number of Wisconsin residents.

On January 4, 2019, North Country Business Products, Inc. learned of suspicious activity occurring within certain client networks. North Country launched an investigation and on January 30, 2019, the investigation determined that an unauthorized party was able to deploy malware to certain North Country business partners and restaurants between January 3, 2019, and January 24, 2019, that collected credit and debit card information.

North Country can be reached at 1-877-204-9537, Monday through Friday (excluding U.S. holidays), 9:00 a.m. to 9:00 p.m. EST.

North Country’s business partners located in Wisconsin:

• Dunn Brothers Coffee of Hudson, WI (Transactions Occurring from 1/4/2019 to 1/10/2019)

• Dunn Brothers Coffee of New Richmond, WI (Transactions Occurring on 1/4/2019)

• Dunn Brothers Coffee of West Bend, WI (Transactions Occurring on 1/4/2019)

• East Bay Restaurant & Bar of Holcombe, WI (Transactions Occurring on 1/4/2019)

• Sconni’s Alehouse And Eatery of Schofield, WI (Transactions Occurring on 1/4/2019)

• The Ranch Supper Club of Hayward, WI (Transactions Occurring on 1/4/2019)

If you feel you are a victim of identity theft as a result of this breach, contact the Bureau of Consumer Protection at (800) 422-7128 or email us at DATCPWisconsinPrivacy@Wisconsin.gov.