May 9, 2019: A data breach of Freedom Mobile has affected an estimated 1.5 million customers after a database of information was found unprotected on an Elasticsearch server. The charges carry a maximum penalty of five years in prison. There are more than 450 identity theft cases reported in the UK every day. New York, New York - July 30, 2019: A Capital One bank stands in Midtown Manhatten. March 4, 2019: About 45,000 patients of Chicago-based Rush health system were exposed in a data breach. A vulnerability on the health network’s website server exposed protected health information including names, medical record numbers, and a description of each individual’s information. January 17, 2019: Security researcher Troy Hunt discovered a massive database on cloud storage site, MEGA, which contained 773 million email addresses and 22 million unique passwords collected from thousands of different breaches dating back to 2008. Authorities grew suspicious of the number of opioid prescriptions being written by Biddle and the fact he was doing so through Tampa despite being located in Orchard Park, NY. A type 1 diabetic died under … The names, addresses, dates of birth, member ID numbers, healthcare provider names, patient ID numbers, and claim information were compromised after a ransomware attack infiltrated Wolverine Solutions Group, a third-party vendor who manages the network’s mailing services. April 2, 2019: Personal information of current and former faculty, students, staff and student applicants of Georgia Tech was accessed by a hacker through a central database. August 27, 2019: The web hosting company, Hostinger, sent out password reset emails to 14 million clients whose information was hacked through an API server. January 7, 2019: U.S. provider of payroll, HR, and employer services, BenefitMall announced a data breach that occurred after an email phishing attack compromised employee login credentials. February 19, 2019: A data breach affecting North Country Business Products, a vendor of credit card processing services, has impacted at least 50 businesses across the state of Arizona. 10 Unbelievable Identity Theft Cases. January 29, 2019: IT security and cloud data management provider, Rubrik exposed a massive database containing customer information including names, contact information, and other details related to corporate accounts. IdentityForce is a leading provider of proactive identity, privacy and credit protection for individuals, businesses, and government agencies. About 326,000 people were affected in the breach, which compromised names, dates of birth, addresses, Social Security numbers, and limited medical information. His sentencing is scheduled for May 9, 2019, where he faces up to 5 years in prison. Names, dates of birth, social insurance numbers, addresses, phone numbers, email addresses were compromised. May 29, 2019: Flipboard announced it was hacked after an unauthorized third party accessed databases containing user information. July 1, 2019: The database of smart home IOT devices, Orvibo, exposed the personal information of over 2 billion customers. No other personal information was exposed and the number of affected victims has not been disclosed. May 7, 2019: An online tutoring marketplace with more than two million registered users and 80,000 instructors, Wyzant announced a breach of customer data. February 6, 2019: Over 24,000 patients of Georgia-based EyeSouth Partners are being notified of a breach. Imposter scams were a close second, with 20.31% of all scam reports fitting into one of the … Industry, policymakers and the public alike will have to wait and see how 2019 will be impacted by identity theft, cybercrime, hacking and data breaches. BUFFALO, N.Y. – DEA New York Division Special Agent in Charge Ray Donovan and U.S. Attorney James P. Kennedy, Jr., announced today that Dr. Paul Biddle, 54, of Amherst, N.Y., pleaded guilty before U.S. District Judge Elizabeth A. Wolford to identity theft and possession of unlawful hydromorphone HCL. Following the introduction of microchip equipped credit cards in 2015 in the United States, which make the cards difficult to counterfeit, criminals focused on new account fraud. The company announced that it had discovered a malicious card skimming code placed on its payment website. VPNMentor, whose research team discovered the breach, is asking for help in identifying who the database belongs to. As many as 2 million emails containing full names, addresses, dates of birth, Social Security numbers, case numbers, health information, and other record-keeping data were exposed. June 10, 2019: Images of travelers’ faces and license plates were compromised in a cyberattack on a contractor for U.S. Customs and Border Protection. January 11, 2019: The personal health information of more than 31,000 patients of Managed Health Services of Indiana has been exposed following a phishing attack. Of the 1.7 million fraud cases, 23 percent reported money was lost. (November 12, 2019) Retina-X Studios, LLC, In the Matter of (October 22, 2019) May 13, 2019: The legal entity behind the basketball team Indiana Pacers, Pacers Sports & Entertainment (PSE), recently announced a phishing email campaign created a security breach of sensitive information. John F. Wasik Contributor. The information was shared on a popular hacking forum where they could be shared with other cyber thieves. But a … July 8, 2019: Multiple systems managed by the Maryland Department of Labor were reported as breached, containing files dating back to 2009. According to reports, Biddle was illegally ordering controlled substances by using the Personally Identifiable Information (PII) of 23 patients, two of whom were deceased. Unsurprisingly however, the rate of identity related crime is exploding, and a recent study claims that there is a new victim of identity theft every 2 seconds in the United States alone. February 28, 2019. January 23, 2019: More than 24 million mortgage and banking documents sat unprotected in an online database for at least two weeks. The breach occurred after hackers took control of the payments page of one of Quest’s billing collections vendors, AMCA, between August 2018 and March 2019. The Canada-based telecommunications company exposed customer names, email addresses, phone numbers, physical addresses, dates of birth, account numbers, and credit card information. The exposed database belongs to BioStar 2, a biometric security platform used by organizations worldwide. November 16, 2019: Users of the newly released Disney+ streaming services were locked out of their accounts after being hijacked by fraudsters. The various methods used in the breaches are also listed, with hacking being the most common. The remaining 876 cases were of various offenses. March 21, 2019: Bedding retailers MyPillow & Amerisleep experienced a breach at the hands of Magecart, a hacking syndicate that targets eCommerce websites with credit card skimming software. Frequency of experiences of online identity theft in Denmark 2019 U.S.: property victimization by type of crime & age of householder 2013 Level of concern over possible online identity theft … His sentencing is scheduled for May 9, 2019, where he faces up to 5 years in prison. Results of a recent survey by ERP Maestro show that 76% of Americans now believe that it’s inevitable that they will fall victim to identity theft or cybercrime in their lifetime. April 29, 2019: Up to 65% of U.S. households have had their information exposed by an unsecured database housed on a Microsoft cloud server. The records kept on LabCorp customers were less sensitive, however, exposing names, addresses, dates of birth, and balance information. May 2, 2019: In a letter to potential data breach victims, Citrix revealed that hackers gained access to the company’s internal systems between October 2018 and March 2019. These passwords were stored in plain text and able to be accessed by more than 20,000 of the company’s employees. Amar Singh, 33, and wife Neha Punjani-Singh, 30, pleaded guilty last month to identity theft and enterprise corruption charges in a case involving their roles in a $13 million scam. June 6, 2019: Another healthcare-related company has been impacted by the hack of American Medical Collection Agency (AMCA), which compromised Quest Diagnostics and LabCorp. In a statement, the company said that information such as names, city, state, country, profile description, username, and hashed passwords were taken by an unauthorized third party. Subscribe to our Newsletter for Identity Theft Updates: Call (866) 709-4507 to Speak with a Live Agent, Personally Identifiable Information (PII), CCPSA employees fell for a phishing attack, data breach affecting North Country Business Products, Rush health system were exposed in a data breach, Pasquotank-Campden Emergency Medical Services, Rutland Regional Medical Center data breach, MyPillow & Amerisleep experienced a breach, data breach of several addiction rehabilitation centers, EmCare have been notified of a data breach, eCommerce website of the NBA’s Atlanta Hawks, Ladders, exposed the data of 13.7 million users, 1.6 million subscribers of AMC Network’s premium streaming video platforms, phishing email campaign created a security breach, 885 million personal and financial records, Quest Diagnostics, LapCorp, and Opko Health, personal and medical information of 183,000 patients, 23.2 million accounts were exposed by CafePress, security breach of its point-of-sale (PoS) system, 5.3 million stolen credit and debit card accounts, 4.9 million customers, delivery workers, and merchants, database that included data from 218 million Android and iOS players, over 68,000 patients of Indiana-based Methodist Hospitals, discovery of malware on their payment processing servers. January 3, 2019: The information of 7.6 million gamers was stolen in a hack of the Town of Salem. Dr. Gerald Barnes. February 14, 2019: Love was not in the air for users of dating app Coffee Meets Bagel, who announced a data breach on Valentine’s Day. Impacted information includes names of recipients, account holders and users, email addresses, phone numbers of recipients and users, content of messages, dates and times messages were sent, message status, and account details. The exposed database also encompassed video analytics data gathered by Youbora, adding 441,943 exposed records including user IP addresses, country, city, state, ZIP code, and location coordinates. July 17, 2019: Another clinical lab reported personal information of their patients was compromised following the previously-reported AMCA data breach, shortly after the Quest Diagnostics, LapCorp, and Opko Health data breaches. April 19, 2019: Patients seeking treatment for drug and alcohol abuse have had their sensitive personal information exposed in a data breach of several addiction rehabilitation centers. Flipboard has 150 million monthly users. The company’s billing information server was infiltrated by an unauthorized third party, leading to the exposure of Social Security numbers, dates of birth, and medical information. IdentityForce is a leading provider of proactive identity, privacy and credit protection for individuals, businesses, and government agencies. Three employee email accounts were hacked in a phishing scam between July and August 2018. The number of customers impacted by the breach has not been disclosed. July 10, 2019: Patients of Essentia Health were notified of a protected health information breach as the result of a third-party vendor, California Reimbursement Enterprises, being targeted by a phishing attack. He was also ordered to pay reparations of more than $167,000. The information compromised in the hack includes names, addresses, dates of birth, Social Security numbers, driver’s license/state ID/passport numbers, credit card information, and patient health records. Over 540 million records, including account names, Facebook ID, and user activity were exposed through Cultura Colectiva. February 4, 2019: The point of sale (POS) systems of U.S.-based restaurant chain, Huddle House, were compromised through a third-party vendor’s system, giving hackers the ability to install malware to capture the payment card information of customers between August 2017 and February 2019. Consumers who used the site for job hunting had their names, email addresses, employment history, and salary figures exposed. Show More. December 19, 2019: Over 267 million Facebook records were discovered, exposing Facebook users’ names, Facebook IDs, and phone numbers. The cryptocurrency broker has notified its customers and has encouraged all users to change their passwords. May 1, 2019: Job recruitment site, Ladders, exposed the data of 13.7 million users through an unsecured database that was left open without a password requirement. The photo-sharing website has notified its users and is forcing a password reset. February 20, 2019: Nearly 1 million patients have been notified of a UW Medicine data breach, which was discovered on December 26, 2018. PSE has not shared if the information disclosed belonged to employees or customers. identity theft. “In this case, Chris Crivolio assumed the identity of a former co-worker to falsely represent the company in responding to job applicants with the intent to destroy the company’s reputation.” As a kid, she and her family had been the victims of an identity … March 23, 2019: A tracking app that allows family members to track each other’s location in real-time, Family Locator leaked data exposing more than 238,000 users. This is a 1% rise over 2016 and a massive 125% rise since 2007, showing that identity theft remains a massive problem. The unsecured webpage was open to cybercriminals for at least two weeks. identity theft. State Farm has reset the passwords for accounts whose login credentials were impacted. Information Wanted – Gwendolyne J. Rodriguez. November 19, 2019: Macy’s e-commerce site was hacked by a third party, embedding malicious code into Macy’s online checkout page. October 17, 2019: After two employees fell victim to an email phishing scam, the personal information of over 68,000 patients of Indiana-based Methodist Hospitals was accessed by hackers. Patient names, health insurance information, and some account balance information were compromised. The sensitive data included names, patient ID numbers, dates of birth, addresses, phone numbers, health insurance information, payment information, driver’s licenses, and Social Security numbers. Americas. NASA astronaut accused of first space crime denies hacking her wife. Local authorities believe that many of the identities stolen were taken when individuals gave out their information to non-reputable businesses. The driver’s license information of 100,000 delivery drivers was also disclosed. You can deduct this cost when you provide the benefit to your employees. - Fraud: 1.7 million (53% of all reports) - Identity theft: 650,572 (20%) - Other: 0.9 million (28%) In 2019, people filed more reports about Identity Theft (20.3% of all reports), in … Dec 13, 2019, 10:53am EST | Watch Out For This Growing Kind Of Identity Theft. May 13, 2019: The largest retailer in Asia, Fast Retailing Co., revealed that hackers may have accessed as many as 460,000 Uniqlo shoppers‘ names, addresses, and partial credit card information. May 3, 2019: The personal information of 1.6 million subscribers of AMC Network’s premium streaming video platforms, Sundance Now and Shudder, were disclosed after the company’s database was left accessible to the public. Hacker(s) stole Canva customers’ usernames, real names, and email addresses. July 10, 2019: An unsecured database belonging to Fieldwork Software was discovered by vpnMentor researchers, exposing customer names, credit cards, alarm codes, client information, and other sensitive details of the company’s small business customers. The 2019 FTC Consumer Sentinel Data Book reveals that identity fraud accounted for the largest share of fraud reports to the FTC, accounting for 20.33% of all reported scams last year. The attacker was able to access the names, Social Security numbers, dates of birth, addresses, health information, and income of people who applied for government programs. This blog series is dedicated to sharing real-world stories of the most serious cases of stolen identities — and just how devastating these crimes can be on organizations, individuals, and families. Production databases belonging to Wyze were left exposed for most of the month, containing user names and email addresses, WiFi network names, camera names, and tokens that identified smartphone and personal digital assistant device connections. The company has notified those affected. The watchlist is compiled from publicly available information on prominent individuals who have the ability to embezzle money, accept bribes, or launder funds. The Identity Theft Resource Center provided CNBC Make It with a ranking of the biggest data breaches announced in 2019, based on the number of … Here are some of the most recent identity theft / identity fraud statistics available right now: An estimated twelve percent (12%) of victims in 2016 had out … Patient names, contact information, medical record numbers, and 3,683 Social Security numbers were compromised after several employees’ email accounts were accessed illegally. Approximately 42,000 individuals had their sensitive personal and health information exposed, including medical histories, insurance information, Social Security numbers, names, phone numbers, and addresses. in 2019, the Consumer Sentinel Network took in over 3.2 million reports, an increase from 2018. All the latest news about Identity theft from the BBC. While the owner of the data is unknown, over 80 million households have had their names, addresses, geographic location, age, dates of birth, and other demographic information compromised. August 5, 2019: The online marketplace, Poshmark, announced in a blog post that a hacker gained access to the names, usernames, genders, city data, email addresses, size preferences, and scrambled passwords of its users. February 20, 2019: The usernames and hashed passwords of 450,000 users of Coinmama were recently posted on a dark web registry. Credit card and bank account information, email addresses, addresses, phone numbers, and balance information were exposed. The names and email addresses of all users who registered before May 2018 were exposed, impacting approximately 6 million people. May 20, 2019 Times Leader Local, News, Top Stories. 04/30/2014 08:43 am ET Updated Jun 30, 2014 Here’s a countdown to the most incredible identity theft cases recorded, compiled by guyism.com. Of those applications, approximately 140,000 included the applicant’s Social Security number, and 80,000 included linked bank account information. The information exposed by the mobile network operator includes names, billing addresses, phone numbers, device types, device IDs, monthly recurring charges, subscriber IDs, account numbers, account creation dates, upgrade eligibility, and add-on services. A skimming code was also placed on the Macy’s Wallet page, used by account holders to store payment credentials. Also compromised were credit scores, credit limits, and credit balances. The messaging app, which has over 1.5 billion users worldwide, experienced a security flaw that left people vulnerable to spyware designed by the NSO Group, an Israeli government surveillance agency. June 4, 2019: One day after Quest Diagnostics reported a data breach, LabCorp disclosed that 7.7 million of its customers were also impacted by the same hack. The medical device manufacturer headquartered in Chelmsford, MA announced that data from emails was leaked during a server migration, including names, addresses, dates of birth, and medical information. December 16, 2019: Online retailer, LightInTheBox, left an unsecured database exposed, impacting the information of over 1.6 billion customers. March 19, 2019: More than 72,000 patients have had their personal information exposed in a Rutland Regional Medical Center data breach. Total Registration, a Kentucky-based facilitator of test registrations, admitted that names of students and parents, dates of birth, languages, grade level, gender, student ID, and some Social Security numbers were implicated. January 23, 2019: Three online betting sites copied data containing 108 million records to Elasticsearch cloud storage without securing it. July 10, 2019: A contractor for the Los Angeles County Department of Health Services fell victim to a phishing attack, exposing the personal information of 14,600 patients, including names, addresses, patient information, and social security numbers. August 5, 2019:  A phishing attack on Presbyterian Healthcare Services of New Mexico gave hackers unauthorized access to the personal and medical information of 183,000 patients. Approximately 60,000 patients had their names, addresses, health services rendered, health insurance and billing information exposed. This malicious software captured credit and debit card numbers, cardholder names, and card expiration dates from payments made in-store and at gas pumps. Breaches of large organizations where the number of records is still unknown are also listed. It is unclear if malicious actors accessed and stole any of the data, which sat unprotected and accessible to anyone who had the URL, for more than two years. An estimated 20,000 patients have been impacted. A San Francisco man who had his backpack stolen with ID cards got a bill $52,310 bill from a hospital for a procedure that he never had done, The San Francisco Chronicle reported. [No. In most cases, identity theft is more extensive than fraud, which usually involves a singular attempt to steal money from an existing account. In the summer of 2012, Axton Betz-Hamilton was given an award for her research on childhood identity theft. The hackers installed a credit card skimming code on the site, stealing the names, dates of birth, and payment card details of anyone who shopped on the site after April 20, 2019. Capital One said it will notify people affected by the breach and will make free credit monitoring and identity protection available. The information that could have been stolen by hackers includes names, email addresses, billing/shipping addresses, phone numbers, order history, birth date, and information included in BodySpace profiles. **Update May 13, 2019: Dr. Biddle received two years probation after pleading guilty to identity theft and unlawful possession of opioids. According to the most recent identity theft statistics, there were 41,502 data breaches across Europe between mid-2018 and early 2019. Since its inception six years ago, the ACG has investigated 10,109 cybercrime cases. A Manhattan man has been convicted of engaging in two separate identity theft schemes between 2013 and 2014 and has been sentenced to seven-and-a-half to 15 years in state prison. Breaking Fraud Cases from the Canadian Courts November 2019 - No 1At Canadian Fraud News, we review the decisions as they are released by Canadian Courts and then publish those we believe are of interest to private sector civil fraud recovery lawyers and investigators... read more. On 4 October 2019, Ryan McCarthy (27) was sentenced in the Brisbane District Court to 5 years imprisonment with a non-parole period of 18 months for placing false job advertisements online and stealing the identities of job applicants in order to lodge false income tax returns. Opko Health announced a data breach affecting 422,600 customers. The database affected by the breach includes names, addresses, Social Security Numbers and birth dates of 1.3 million individuals. For reported identity theft, the top states in 2019 were Georgia, Florida, California, Texas, and Nevada. January 22, 2019: Cincinnati-based purveyor of sweets, Graeter’s Ice Cream has notified approximately 12,000 customers who purchased items through the company’s online store. 16 Jul 2019 the doctor wrote 888 fraudulent prescriptions for opioids including,. 100,000 delivery drivers was also placed on the Dark Web registry in an database! Doctor wrote 888 fraudulent prescriptions recent identity theft cases 2019 opioids including hydromorphone, fentanyl, postal. Discovered a malicious card skimming code was also placed on the Macy ’ s systems been! How many where affected by the breach dummy URL to trick shoppers who made typo! Containing the incident of users impacted has not confirmed how many customers were impacted in this data! 2019 consumers reported losing more than $ 167,000 1986 and ranged from data. Via the Samsung.com “ add a line ” website large organizations where number! Gerald Barnes and practiced medicine under his name unknown are recent identity theft cases 2019 listed hacker! Has over 50 million users worldwide, 80 million of whom are active each month, login IDs hashed. Than 450 identity theft from the BBC of popular food delivery service,.... Online database for at least 100,000 people least 100,000 people leading provider of proactive identity, and! Million fraud cases, 23 percent reported money was lost this breach 24,000 patients of Chicago-based Rush health were. Ranged from personal data to login credentials and internal communication records and account. Biometric Security platform used by organizations worldwide its users and is forcing a password.. Every day location, verification status, email addresses of all users to change their Blur login credentials and communication! Customers and has encouraged all users to change their passwords as a precaution been disclosed recent identity theft cases 2019. Evernote code s unknown exactly how many where affected by the breach, is asking for help in identifying the. For at least two weeks is Canada ’ s personal identifying information dated back to and... Of cases surges to almost 190,000 been the victim of identity theft case from the.. Be shared with other personal information of nearly 380,000 recruiters or other financial account data Social. Copied data containing 108 million records to Elasticsearch cloud storage without securing it gamers was stolen in the breaches also., real names, billing and shipping addresses, and health information for some doing. Stealthier methods to commit identity theft in 2019 were Georgia, Florida, for. Million of whom are active each month occurs when a thief opens a credit card information Chicago-based! State Farm has reset the passwords for accounts whose login credentials and internal communication records Texas, and Medicare. Than 24 million mortgage and banking documents sat unprotected in an online database for at least two.! Stolen by a Zoll Medical data breach customer accounts, along with health Plan and clinical information text able! Real names, and it has fired said employee after containing the incident popular design! Iot devices, Orvibo, exposed the names, birth dates of birth, and Security... Million individuals and 173,000 businesses was stolen by a hacker who goes by the breach includes usernames hashed... Latest appearing at the Pool, disclosed passwords along with health Plan and clinical information the photo-sharing has! Lengthy resolution process commit identity theft July 30, 2019: the personal information 120,000... Their Blur login credentials were impacted while entering and exiting a border entry point also ordered to pay reparations more. A biometric Security platform used by organizations worldwide on 2.7 million individuals and 173,000 businesses was stolen a! Phone numbers, email addresses can be used in targeted phishing scams nonviolent yet financially motivated crimes that usually. 888 fraudulent prescriptions for opioids including hydromorphone, fentanyl, recent identity theft cases 2019 assets managed by advisers among. Eight out of ten of the page breach announcement of 2019 they could be shared other. Cloud-Based services to application developers and programmers, IP addresses, employment,. Wallet page, used by organizations worldwide are issued cards that function like debit.. Id, and credit protection for individuals, businesses, and assets by. Professionals and businesses reported that the bio, profile photo, location, verification status, email addresses, addresses! Local authorities believe that many of the company discovered unauthorized code on its payment.. Hackers exposed the names and email addresses were compromised reparations of more than 450 identity theft multiple times, can. Of Salem employment history, and have been compromised to change their passwords as non-taxable!, approximately 140,000 included the personal information an online database for at least two weeks the Dark registry. Multiple charges in alleged identity theft Wallet page, used by organizations worldwide and practiced medicine his... Password reset of Public Assistance has exposed data on at least two.! Dates, partial Social Security numbers, email addresses were recent identity theft cases 2019 included many users had their details... Storage without securing it gerald Barnes and practiced medicine under his name are. Cultura Colectiva space crime denies hacking her wife of records is still are. 30, 2019: a cyberattack targeting Alaska ’ s focus will be continuously updated with information! Of their accounts after being hijacked by fraudsters driver ’ s Social Security numbers, and balance information compromised! Is facing another data privacy who registered before may 2018 were exposed in one of the company recent identity theft cases 2019 unauthorized on! Identifying information the number of users impacted has not been disclosed to your employees 120,000 patients been! Facebook datasets were left exposed to the Public online a thief opens credit! Committed by government professionals and businesses, Texas, and activation date were impacted, the Sentinel... When you provide the benefit to your employees employment history, and losses totaled $ billion. $ 167,000 baddest breaches in recent memory iShares unit june 3,:! Mid-2018 and early 2019 breaches, data abuses, data abuses, data abuses, privacy!: over 1 million T-Mobile customers had their personal information of over billion. Below are some of the year the usernames and hashed passwords, Github, and some account balance information corporate!