Summary:
Everyone is at risk of falling victim to a data breach, and the threat isn’t going anywhere. We are here to keep you up-to-date on the data breaches of 2023 that could harm your digital safety and security.
Note: This post will be continuously updated with new information as additional 2023 data breaches are reported. Breaches appear in descending order, with the most recent appearing at the bottom of the page.
T-Mobile
January 19, 2023: U.S.-based wireless carrier, T-Mobile, experienced a data breach that affected 37 million of their customers. Data such as name, email, billing address, phone number and date of birth were exposed. T-Mobile has clarified that no other sensitive data, such as financial information, was exposed in the breach.
Breach Risk Score: 3
SOURCE | United States Securities and Exchange Commission
PeopleConnect, Inc
January 19, 2023: Background check service, People Connect, experienced a data breach that potentially exposed the data of 20.2 million people. A representative confirmed that a company data base file from 2019 was released and leaked information including first and last name, emails, phone numbers and hashed passwords.
Breach Risk Score: 2
SOURCE | Bleeping Computer
Wee! Inc
February 1, 2023: Wee! Grocery is the leading delivery service for Hispanic and Asian foods in North America. The company confirmed over 1.1 million customers have had their information exposed in a recent data breach. Breached information includes first and last names, email addresses, phone numbers, device types and order information, but no personal payment information or methods were released.
Breach Risk Score: 2
SOURCE | Tech Radar
NCB Management Services, Inc
February 1, 2023: Accounts receivable management solutions provider, NCB Management Services, notified 494,969 customers of a data breach that resulted in the exposure of sensitive data. Impacted information includes addresses, dates of birth, Social Security numbers, addresses, phone numbers, email addresses, account numbers, credit card numbers, routing numbers and other financial information.
Breach Risk Score: 9
SOURCE | Turke & Strauss LLP
Celebral, Inc.
March 1, 2023: Healthcare service, Celebral, which specializes in telehealth mental health services has notified 3.18 million patients of a data breach that occurred via pixel trackers in October of 2019. Sensitive leaked information includes names, email addresses, phone numbers, dates of birth, IP addresses, Celebral client numbers, demographic information, self-assessment responses, health information, treatment details, health insurance and pharmacy or benefit information.
Breach Risk Score: 4
SOURCE | Bleeping Computer
Zoll Medical Corporation
March 10, 2023: Zoll Medical Corporation has notified one million consumers of a data breach that occurred via an unauthorized third party accessing their database. Exposed information includes names, addresses, date of birth and Social Security numbers.
Breach Risk Score: 4
SOURCE | JD Surpa
Svanaco, Inc.
March 29, 2023: Svanaco, Inc. the company who owns the AmericaEagle.com retail website, suffered a data breach as a result of an unauthorized third party gaining access to their systems. Svanaco notified 105,008 customers who made purchases on www.berreta.com between July 2022 and December 2022 that sensitive financial information such as credit and debit card numbers, expiration dates, cardholder names, security codes or checking and saving account numbers may have been exposed.
Breach Risk Score: 5
SOURCE | Wolf Haldenstein Adler Freeman & Herz LLP
TMX Finance Corporate Services, Inc
March 29, 2023: Consumer lending service, TMX Finance, fell victim to a data breach that exposed the data of 4.8 million customers. The sensitive information disclosed includes dates of birth, Social Security numbers, passport numbers, driver’s license numbers, federal/state identification numbers, tax identification numbers, financial account information, addresses and phone numbers.
Breach Risk Score: 9
SOURCE | PR Newswire
Carvin Software, LLC
May 2, 2023: Arizona-based software and consulting company Carvin Software experienced a data breach when an unauthorized party successfully made a copy of files that contained confidential consumer information. Carvin Software notified 187,360 customers who may be impacted. The accessed data included names, Social Security numbers and financial account information.
Breach Risk Score: 5
SOURCE | JDSurpa
MCNA Insurance
May 3, 2023: Atlanta-based dental insurance provider MCNA Insurance experienced a ransomware attack in early March of 2023. The investigation to determine what information was compromised in the breach took nearly two months to complete. The hack affected 8.9 million of MCNA’s clients, with information such as names, addresses, dates of birth, phone numbers, email addresses, Social Security numbers, drivers’ licenses numbers and other government-issued identification numbers being potentially exposed in the attack.
Breach Risk Score: 7
SOURCE | TechCrunch
Albany EMT & Allergy Services
May 25, 2023: Healthcare provider Albany ENT & Allergy Services (AENT) detected suspicious activity on their private servers and learned an unauthorized party gained access to their systems. AENT notified 224,486 customers that their names and Social Security numbers could have been exposed in the breach.
Breach Risk Score: 3
SOURCE | JDSurpa
Lansing Community College of Michigan
June 30, 2023: Lansing Community College (LCC) of Michigan experienced a data breach when an unauthorized party acquired sensitive information of 757,832 students, employees and vendors. LCC notified individuals that their full names and Social Security numbers may have been accessed in the attack.
Breach Risk Score: 3
SOURCE | BusinessWire
Talcott Resolution
July 3, 2023: Connecticut-based life insurance company, Talcott Resolution, was affected by a third-party data breach. Talcott notified 552,821 individuals that sensitive data impacted in the breach included names, dates of birth and Social Security numbers..
Breach Risk Score: 3
SOURCE | PR Newswire
Precision Anesthesia Billing (PAB)
July 7, 2023: PAB has notified 209,200 patients that an unauthorized party was able to access their private patient data in a recent data breach. Exposed information included names, Social Security numbers, demographic information, protected health information and health insurance information.
Breach Risk Score: 4
SOURCE | JDSurpa
HCA Healthcare
July 11, 2023: Tennessee-based healthcare company, HCA Healthcare, believes that the private information of 11 million patients may have been exposed in a recent data breach. HCA Healthcare owns and operates 180 hospitals between the United States and Britain, and victims from the breach span across 20 different states. Stolen information reportedly included names, addresses, dates of birth and phone numbers.
Breach Risk Score: 2
SOURCE | AP News
Phoenician Medical Center
July 17, 2023: Arizona-based, Phoenician Medical Center (PMC), has determined that a data incident involving their IT systems exposed the private information of 162,500 patients. PMC notified customers that the compromised files may have contained their name, contact information, demographic information, state identification, date of birth, treatment and prescription information, Medical Record Number, provider information and health insurance information.
Breach Risk Score: 4
SOURCE | PhoenicianMedicalCare.com
Oregon Health Plan
July 25, 2023: Members of the Oregon Health Plan are encouraged to monitor their credit accounts after a data breach with vendor PH Tech exposed the information of 1.7 million individuals. PH Tech notified the affected customers. The exposed information reportedly varies from person to person, but may include name, date of birth, Social Security number (SSN), address, member ID number, plan ID number, email address, authorization information, diagnosis code, procedure code and claim information.
Breach Risk Score: 5
SOURCE | Fierce Healthcare
Chattanooga Health Institute
July 28, 2023: Chattanooga Health Institute notified 170,450 customers that their information was involved in a data breach involving the company’s computer network. Exposed information included names, Social Security numbers, mailing addresses, email addresses, phone numbers, dates of birth, driver’s license numbers, account information, health insurance information, diagnosis and condition information, lab results and medications.
Breach Risk Score: 7
SOURCE | JDSurpa