IdentityForce LogoIdentityForce Logo
Protect What Matters Most.
Recent Data Breaches November 2018
Posted on November 30, 2018 by in Data Breach & Technology, Identity & Privacy, Personal

No industries were spared from data breaches in November 2018. In fact, we saw the worst breach of 2018 (thus far). Read below to see if you or the people you care about may have been affected by this month’s most publicized data breaches.

Here are the recent data breaches that made headlines in November 2018:


Approximately 14,000 U.S. account holders had their names, addresses, phone numbers, email addresses, dates of birth, account numbers, account types, balances, and transaction history exposed in a credential-stuffing attack of HSBC Bank. The attack occurred between October 4th and 14th, but was reported in early November.

Huntsville Hospital

An Alabama-based hospital discovered a data breach involving Jobscience, Inc., a vendor it used to process job applications dating back to 2006. The personal information of an estimated 15,000 individuals was compromised as a result.

Bankers Life

The names, addresses, dates of birth, insurance information, and last four digits of Social Security numbers of 566,000 customers were exposed in a Bankers Life data breach. A hacker captured employee credentials, allowing them to access company systems.


The popular retailer, Nordstrom experienced a data breach after a contract worker accessed employee files. The information exposed included names, SSNs, dates of birth, checking account and routing numbers, salaries, and more. Nordstrom has about 72,500 employees.

Health First

In the first healthcare data breach of the month, Florida-based Health First reported a data breach after employees fell victim to a phishing scam. It’s estimated that 42,000 patients had their Social Security numbers, addresses, and dates of birth exposed as a result.

US Postal Service (USPS)

USPS’ Informed Delivery service has been compromised by identity thieves. An estimated 60 million users were impacted, allowing cybercriminals to track and intercept package deliveries, in addition to opening new credit cards in their names.


Online shoppers received a cryptic email message from Amazon stating that their information had been disclosed. The number of victims in this data breach has not been revealed.

Atrium Health

The second major healthcare data breach of the month came at the hands of Atrium Health’s billing vendor AccuDoc Solutions. About 2.65 million patients had their names, dates of birth, insurance information, medical record numbers, and payment records exposed. Of those victims, 700,000 also had their Social Security numbers compromised.

Dunkin’ Donuts

If you’re a DD Perks member, your username and password, name, email address, account number, and QR code may have been accessed by hackers. Dunkin’ Donuts alerted its members and forced a password reset.


In the largest data breach of the year, Marriott has exposed the personal information of 500 million guests. An unauthorized third party was able to access Marriott’s Starwood guest reservation database all the way back to 2014. That means, for the past four years, guests of Marriott hotels had their names, physical and email addresses, dates of birth, phone numbers, gender, passport numbers, loyalty account numbers, travel details, and communication preferences exposed. An additional, undisclosed number of travelers had their payment card number and expiration date compromised as well.

Be sure to check back next month for the latest major data breaches in 2018.