Listed below are data breaches which were either reported to DATCP, or have been identified as affecting Wisconsin consumers, within this calendar year. Information is gathered on each breach and posted to this page in order to inform consumers of any services or resources that are being offered. To find details on past data breaches (2012-2023), refer to DATCP's
data breach archive.
If you are concerned about being or becoming a victim of identity theft as a result of a data breach, contact the Bureau of Consumer Protection at (800) 422-7128 or DATCPHotline@wisconsin.gov.
October 2024
Company Name: Change Healthcare (CHC) a unit of UnitedHealthcare Group (UHG)
Date of Incident: February 17-20, 2024
Date Public Notified: June 20, 2024
Data Accessed: May have included contact information (such as first and last name, address, date of birth, phone number, and email) and one or more of the following:
- Health insurance information (such as primary, secondary or other health plans/policies, insurance companies, member/group ID numbers, and Medicaid/Medicare/government payer ID numbers)
- Health information (such as medical record numbers, providers, diagnoses, medicines, test results, images, care and treatment
- Billing, claims and payment information (such as claim numbers, account numbers, billing codes, payment cards, financial and banking information, payments made, and balance due)
- Other personal information such as Social Security numbers, driver’s licenses or state ID numbers, or passport numbers
Who is Affected: Customers and individuals
Number of Individuals Affected: Could cover a substantial proportion of people in America
Number of Wisconsin Residents Affected: Unknown
Who and how to contact if consumers have any questions or need additional information (i.e. phone, email, website/link): A call center is available at: 1-866-262-5342, available Monday through Friday, 8 a.m. to 8 p.m. CT. There is also a link for more information at: https://www.changehealthcare.com/hipaa-substitute-notice.
September 2024
Company Name: Compex Legal Services
Date of Incident: Between April 9, 2024 and April 17, 2024
Date Public Notified: July 24, 2024
Data Accessed: Social Security numbers; Financial account information; Biometric data
Who is Affected: Individuals whose medical and legal records are held by Compex Legal Services
Number of Individuals Affected: 1,000+
Number of Wisconsin Residents Affected: 109
Who and how to contact if consumers have any questions or need additional information (i.e. phone, email, website/link): Compex Legal Services is offering credit monitoring and credit protection education for affected customers. Questions should be directed to 1-833-215-2896.
August 2024
Company Name: National Public Data
Date of Incident: December 2023, with potential leaks of certain data in April 2024 and summer 2024
Date Public Notified: August 12, 2024
Data Accessed: Names, email addresses, phone numbers, Social Security numbers, and mailing addresses
Who is Affected: U.S. residents
Number of Individuals Affected: 1,350,684
Number of Wisconsin Residents Affected: 6,410
Who and how to contact if consumers have questions or need additional information: Find more on National Public Data's website
Company Name: Ascension
Date of Incident: May 8, 2024
Date Public Notified: May 9, 2024
Data Accessed: A cybersecurity incident occurred on May 8, 2024. An investigation is still ongoing and it is unconfirmed if any patient data was accessed.
Who is Affected: Ascension will notify any affected individuals when the investigation and analysis has been completed.
Number of Individuals Affected: Unknown at this time
Number of Wisconsin Residents Affected: Unknown at this time
Who and how to contact if consumers have questions or need additional information: Ascension is offering complimentary credit monitoring and identity theft protection services to any Ascension patient or associate who requests it, free of charge, and regardless of whether their data was involved in this incident. Individuals who wish to enroll in free credit monitoring and identity theft protection services should call Ascension at (1-888) 498-8066.
Company Name: Power Test LLC
Date of Incident: April 29, 2024
Date Public Notified: June 13, 2024
Data Accessed: Internal commercial information, and some Social Security records
Who is Affected: Current and former employees
Number of Individuals Affected: 1,165
Number of Wisconsin Residents Affected: 975
Who and how to contact if consumers have questions or need additional information: Complementary identify protection, credit monitoring, and restoration services are being offered. Individuals with questions can call (866) 898-5471.
Company Name: First Choice Dental
Date of Incident: October 22, 2023
Date Public Notified: July 12, 2024
Data Accessed: Names, dates of birth, Social Security numbers, passport numbers, driver’s license numbers, government ID numbers, credit/debit card numbers, financial account numbers, and health information.
Who is Affected: First Choice Dental customers
Number of Individuals Affected: 228,287
Number of Wisconsin Residents Affected: Unknown
Who and how to contact if consumers have questions or need additional information: For more information, please call (608) 308-2941 between the hours of 8:00 am to 8:00 pm Eastern Time, Monday through Friday (excluding U.S. national holidays).
May 2024
Company Name: AT&T
Date of Incident: June 2022
Date Public Notified: March 30, 2024
Data Accessed: The information varied by individual and account, but may have included full name, email address, mailing address, phone number, social security number, date of birth, AT&T account number and AT&T passcode
Who is Affected: Current and former customers
Number of Individuals Affected: 7.6 million current customers and 65 million former customers
Number of Wisconsin Residents Affected: Unknown
Who and how to contact if consumers have questions or need additional information: Complementary credit monitoring, identity theft detection and resolution services are being offered. AT&T asks customers with questions to call (1-866) 346-0416 Monday through Friday, 8 a.m. to 9 p.m. CST, or visit
att.com/accountsafety.
Company Name: Group Health Cooperative of South Central Wisconsin (GHC-SCW)
Date of Incident: On or before January 25, 2024
Date Public Notified: February 9, 2024
Data Accessed: Names, Social Security numbers, addresses, telephone numbers, e-mail addresses, dates of birth and/or death, member numbers, and Medicare and/or Medicaid numbers.
Who is Affected: Current and past members and patients of its providers
Number of Individuals Affected: 533,809
Number of Wisconsin Residents Affected: Unknown
Who and how to contact if consumers have questions or need additional information: Consumers with questions can call member services at (800) 605-4327. Consumers who think they may have been affected but did not receive a notification letter can contact
privacy@ghcscw.com or call (608) 662-4899.
January 2024
Company Name: Navvis & Company
Date of Incident: Between July 12 and July 25, 2023
Date Public Notified: Rolling notices beginning September 22, 2023
Data Accessed: Names, account numbers, birthdates, diagnoses/clinical information, health insurance policy numbers, medical date of service, medical provider names, medical treatment/procedure information, and patient account numbers.
Who is Affected: Patients
Number of Individuals Affected: Unknown
Number of Wisconsin Residents Affected: 316,043
Who and how to contact if consumers have questions or need additional information: Credit monitoring for 12 months through IDX is being offered. Call (1-888) 996-4022 or visit the IDX website.