Data Breaches

​​​​​​​​​​​​​​​​​​​Bureau Home​​​   /   Identity The​ft   /   Data Breaches


Listed below are data breaches which were either reported to DATCP, or have been identified as affecting Wisconsin consumers, within this calendar year. Information is gathered on each breach and posted to​ this page in order to inform consumers of any services or resources that are being offered. To find details on past data breaches (2012-2023), refer to DATCP's data breach archive.

If you are concerned about being or becoming a victim of identity theft as a result of a data breach, contact the Bureau of Consumer Protection at (800) 422-7128 or​ DATCPHotline@wisconsin.gov.

October 2024​

Company Name: Change Healthcare (CHC) a unit of UnitedHealthcare Group (UHG)

Date of Incident: February 17-20, 2024

Date Public Notified: June 20, 2024

Data Accessed: May have included contact information (such as first and last name, address, date of birth, phone number, and email) and one or more of the following:

  • Health insurance information (such as primary, secondary or other health plans/policies, insurance companies, member/group ID numbers, and Medicaid/Medicare/​government payer ID numbers)
  • Health information (such as medical record numbers, providers, diagnoses, medicines, test results, images, care and treatment
  • Billing, claims and payment information (such as claim numbers, account numbers, billing codes, payment cards, financial and banking information, payments made, and balance due)
  • ​Other personal information such as Social Security numbers, driver’s licenses or state ID numbers, or passport numbers

Who is Affected: Customers and individuals

Number of Individuals Affected: Could cover a substantial proportion of people in America

Number of Wisconsin Residents Affected: Unknown

Who and how to contact if consumers have any questions or need additional information (i.e. phone, email, website/link): ​A call center is available at: 1-866-262-5342, available Monday through Friday, 8 a.m. to 8 p.m. CT. There is also a link for more information at: https://www.changehealthcare.com/hipaa-substitute-notice.



September 2024​

Company Name: Compex Legal Services

Date of Incident: Between April 9, 2024 and April 17, 2024

Date Public Notified: July 24, 2024

Data Accessed: Social Security numbers; Financial account information; Biometric data

Who is Affected: Individuals whose medical and legal records are held by Compex Legal Services

Number of Individuals Affected: 1,000+

Number of Wisconsin Residents Affected: 109

Who and how to contact if consumers have any questions or need additional information (i.e. phone, email, website/link): ​Compex Legal Services is offering credit monitoring and credit protection education for affected customers. Questions should be directed to 1-833-215-2896.


August 2024

Company Name: National Public Data

Date of Incident: December 2023, with potential leaks of certain data in April 2024 and summer 2024

Date Public Notified: ​August 12, 2024

Data Accessed: Names, email addresses, phone numbers, Social Security numbers, and mailing addresses

Who is Affected: U.S. residents​

Number of Individuals Affected: ​1,350,684

Number of Wisconsin Residents Affected: 6,410

Who and how to contact if consumers have questions or need additional information: Find more on National Public Data's website


Company Name: Ascension

Date of Incident: May 8, 2024

Date Public Notified: ​May 9, 2024

Data Accessed: A cybersecurity incident occurred on May 8, 2024.  An investigation is still ongoing and it is unconfirmed if any patient data was accessed.

Who is Affected: Ascension will notify any affected individuals when the investigation and analysis has been completed.

Number of Individuals Affected: Unknown at this time​

Number of Wisconsin Residents Affected: Unknown at this time

Who and how to contact if consumers have questions or need additional information: Ascension is offering complimentary credit monitoring and identity theft protection services to any Ascension patient or associate who requests it, free of charge, and regardless of whether their data was involved in this incident. Individuals who wish to enroll in free credit monitoring and identity theft protection services should call Ascension at (1-888) 498-8066.


Company Name: Power Test LLC

Date of Incident: April 29, 2024

Date Public Notified: ​June 13, 2024

Data Accessed: Internal commercial information, and some Social Security records

Who is Affected: Current and former employees

Number of Individuals Affected: 1,165

Number of Wisconsin Residents Affected: 975

Who and how to contact if consumers have questions or need additional information: Complementary identify protection, credit monitoring, and restoration services are being offered.​ Individuals with questions can call (866) 898-5471.


Company Name: First Choice Dental

Date of Incident: October 22, 2023

Date Public Notified: ​July 12, 2024

Data Accessed: Names, dates of birth, Social Security numbers, passport numbers, driver’s license numbers, government ID numbers, credit/debit card numbers, financial account numbers, and health information.

Who is Affected: First Choice Dental customers

Number of Individuals Affected: 228,287

Number of Wisconsin Residents Affected: Unknown

Who and how to contact if consumers have questions or need additional information: For more information, please call (608) 308-2941 between the hours of 8:00 am to 8:00 pm Eastern Time, Monday through Friday (excluding U.S. national holidays).


May ​​2024

Company Name: AT&T

Date of Incident: June 2022

Date Public Notified: ​March 30, 2024

Data Accessed: The information varied by individual and account, but may have included full name, email address, mailing address, phone number, social security number, date of birth, AT&T account number and AT&T passcode

Who is Affected: Current and former customers

Number of Individuals Affected: 7.6 million current customers and 65 million former customers

Number of Wisconsin Residents Affected: Unknown

Who and how to contact if consumers have questions or need additional information: Complementary credit monitoring, identity theft detection and resolution services are being offered. AT&T asks customers with questions to call (1-866) 346-0416 Monday through Friday, 8 a.m. to 9 p.m. CST, or visit att.com/accountsafety.


Company Name: Group Health Cooperative of South Central Wisconsin (GHC-SCW)

Date of Incident: On or before January 25, 2024

Date Public Notified: February 9, 2024

Data Accessed: Names, Social Security numbers, addresses, telephone numbers, e-mail addresses, dates of birth and/or death, member numbers, and Medicare and/or Medicaid numbers.

Who is Affected: Current and past members and patients of its providers

Number of Individuals Affected: ​533,809

Number of Wisconsin Residents Affected: Unknown

Who and how to contact if consumers have questions or need additional information: Consumers with questions can call member services at (800) 605-4327. Consumers who think they may have been affected but did not receive a notification letter can contact privacy@ghcscw.com or call (608)​ 662-4899.


Janua​ry 2​​024

Company Name: Navvis & Company

Date of Incident: Between July 12 and July 25, 2023

Date Public Notified: Rolling notices beginning September 22, 2023​

Data Accessed: Names, account numbers, birt​hdates, diagnoses/clinical information, health insurance policy numbers, medical date of service, medical provider names, medical treatment/procedure information, and patient account numbers.

Who is Affected: Patients

Number of Individuals Affected: Unknown

Number of Wisconsin Residents Affected: 316,043

Who and how to contact if consumers have questions or need additional information: Credit monitoring for 12 months through IDX is being offered. Call (1-888) 996-4022 or visit the IDX website.​