IdentityForce LogoIdentityForce Logo
Protect What Matters Most.
women on computer find out they were breached
Posted on December 28, 2018 by in Data Breach & Technology, Identity & Privacy, Personal

Major jewelry companies, social media sites, health networks, school districts, municipalities, and beyond experienced data breaches in December 2018. Read on below to see if you or someone you know may have been impacted by December’s biggest security breaches.

Here are the recent data breaches that made headlines in December 2018:

Signet Jewelers

The company that owns Jared and Kay Jewelers announced a data leak impacting all online customers. By slightly modifying the confirmation link received via email after placing an order, anyone could see the order history of other customers. That data included names, billing addresses, shipping addresses, phone numbers, email addresses, delivery dates, tracking links, and the last four digits of credit/debit card numbers.


Personal data of 100 million Quora users was exposed in a data breach after a malicious third party accessed the information sharing site’s systems. Names, email addresses, and encrypted passwords were all exposed in addition to publicly shared content like questions, answers, and comments.


For the second time in five months, Google announced a security bug that exposed 52.5 million users’ name, email and physical address, occupation, and some additional profile information. Google had planned to shut down Google Plus in August 2019, but have accelerated that timeline to April 2019.

Baylor Scott and White Medical Center – Frisco

A hack of the credit card processing system of this Texas-based hospital revealed the payment information of approximately 48,000 patients. Other data included patient names, dates of service, medical record numbers, insurance information, and invoice numbers.


In the latest Facebook data breach, the social media giant announced a security bug that allowed third-party app developers to access the private photos of 6.8 million users. The bug also granted visibility into users’ Facebook Stories and Marketplace photos.

Wright County, Minnesota

A Wright County IT worker who took his work home with him has been fired for not following policy regarding protecting citizen data. As many as 72,000 people’s information had their Social Security numbers and financial information put in jeopardy.

UVM Health Network – Elizabethtown

About 32,000 people have had their personal information exposed after a data breach at the University of Vermont Health Network. The breach occurred after an employee’s email account was accessed by an unauthorized, remote third party. Social Security numbers were among the information at risk for at least a portion of victims.

Warby Parker

Up to 198,000 customers of eyewear retailer, Warby Parker, were affected by a data breach. Hackers used credentials stolen from data breaches at other organizations to try to access online customer accounts, and may have gained access to names, email addresses, last four digits of payment cards, and prescription information.

San Diego Unified School District

Over 500,000 students and staff have been impacted in a data breach of San Diego Unified School District after a hacker made off with personal data dating back 10 years. More than 50 staff members fell victim to a widespread phishing email attack, giving the hacker access to school systems. These systems contained the names, addresses, Social Security numbers, dates of birth, phone numbers, payroll and compensation information, and health benefits enrollment information.


Online shoppers at BevMo!, an alcohol retailer, had their name, credit/debit card numbers, expiration dates, security codes, billing addresses, shipping addresses, and phone numbers exposed after hackers installed malicious code into the website’s checkout page. More than 14,000 customer accounts were compromised.

Be sure to read up on all of the major data breaches in 2018.

Data Breach Response Plan