Skip to content ↓ | Skip to navigation ↓

In the field of InfoSec, there is only one thing that is for sure. There will never be a dull moment. The following is a timeline of some of the significant data breaches that occurred in the month of May.

May 31: Lockheed Martin announced that it suffered a “significant and tenacious attack” on May 21st. This attack has been linked to the RSA breach that took place in March, and reportedly involved the use of RSA SecurID tokens. Lockheed Martin acknowledges ‘significant’ cyberattack – Computerworld

May 29: Hacker group “LulzSec” attacked the PBS website and posted false news about late rapper, Tupac Shakur in retaliation for the Frontline episode about WikiLeaks. PBS website hacked with fake news – Information Week

May 26: Global Sign published its report surveying 107 IT administrators, managers and C-level executives in healthcare organizations. It found that 34% of respondents’ organizations suffered a breach within the last two years, and 10% or respondents believe that data breaches costing $100,000 per incident occur daily. $100K healthcare breaches occur daily, survey finds – Healthcare IT News

May 18: Four thousand Security and Exchange Commission (SEC) workers were affected by a data breach on May 4th. A contractor at the SEC’s National Business Center sent an unencrypted email with the employees’ Social Security numbers and payroll information. The contractor failed to encrypt the data, and the software used to detect unencrypted emails did not function properly. Data breach involving SEC workers: Data breach affects about 4,000 SEC workers – LA Times

May 17: Approximately 210,000 people were affected by a data breach at the Department of Unemployment Assistance and the Department of Career Services.  Information compromised by the W32.QAKBOT computer virus may have included names, Social Security numbers, email addresses, residential or business addresses, Employer Identification Numbers and employer bank information. Qakbot virus causes possible data breach at Massachusetts Agencies – Threat Post

May 11: Michael’s stores announced that PIN pads had been compromised at a number of its Chicago locations. Since then, investigators have disclosed that more than 70 point-of-sale devices altered for skimming credit card and Pin data have been found nationwide. Breach at Michael’s Stores extends nationwide – Krebs on Security

May 10: Hackers from the LulzSec group stole usernames and passwords for over 364 employees and used the information to vandalize some of the LinkedIn accounts of those affected by the breach. hackers steal login info, deface LinkedIn accounts – eWeek Security Watch

May 9: Personal information for 1,007 Assurant Employee Benefits policyholders in the Kansas City area was compromised due to human error. Customer names, address, dates of birth, Social Security numbers and types of insurance coverage were made available to another business client other than the employer of the policy holders. Assurant reports breach in customer information – THE STAR

May 7: Officials from Central Oregon Community College (COCC) disclosed that some information such as student ID numbers and email addresses of scholarship and nursing program applicants may have been exposed due to an unauthorized intrusion. COCC hackers may have compromised student information

May 6: A breach that occurred on April 22nd at a third-party vendor exposed Best Buy customer emails for the second month in a row following the Epsilon data breach in March. Best Buy Hit with Another email Breach – cnet News

May 4: An undisclosed number of customer names and credit card information were purloined over a two-month period by a Netflix call center employee. Netflix fires call center worker for stealing data – Computerworld

May 2: A receptionist at Chicago clinic, Woman to Woman Healthcare stole 26 patient identities. The information was used to steal money using the patients’ personal data. Police shut down identity theft operation at clinic – Chicago Press Release Services