May 19 – United Health Services of Delaware (UHS of Delaware) reported a data breach to the Montana Attorney General’s office on May 17, 2023, after discovering that a third-party vendor had fallen victim to a cyberattack that exposed sensitive patient data. According to the company’s formal statement, the event led to an unauthorized party acquiring access to consumers’ first and last names, diagnoses, medical record numbers,

May 19 – Luxottica Group S.p.A. (“Luxottica”) acknowledged on May 19, 2023, that a data breach of a vendor’s computer network occurred in 2021, exposing the confidential information of as many as 70 million individuals. Third-party sources indicate that the breach exposed the names, birth dates, addresses, and email addresses of consumers to a third party. When it became clear that consumer information had been compromised,

May 19 – Northwest Health-La Porte (formerly La Porte Hospital) reported a data breach to the Office for Civil Rights of the U. S. Department of Health and Human Services on May 2, 2023 after discovering that patient information had been stolen from shredder bins at an abandoned building. According to the company’s report, those actions led to the exposure of consumers’ names, Social Security numbers,

May 19 – On May 1, 2023, the Heritage Group notified the Office of the Maine Attorney General of a data breach involving the theft or unlawful disclosure of personal information of current and former workers, as well as members of their immediate families. According to the report filed by the firm, the event led to an outsider having access to the full names, Social Security numbers

May 18 – Fertility Specialists Medical Group confirmed on May 15, 2023, that an unauthorized third party had gained unlawful access to personal patient data kept on the company’s computer network, prompting the company to submit a notification of data breach with the Montana Attorney General. According to the company’s report, the event led to a third party acquiring access to the names, protected health information, dates

May 18 – On May 15, 2023, rumors started spreading regarding a possible data breach at Academy Mortgage when the firm was added to the list of victims by a notorious ransomware outfit. Hackers claim to have stolen confidential information from Academy Mortgage, but the company has not confirmed these claims. Academy Mortgage must start delivering data breach notification letters to all persons affected by the event

May 18 – Conner Strong & Buckelew notified the Vermont Attorney General of a data breach on May 10, 2023, after finding that a third party had gained access to sensitive consumer information by hacking the email accounts of multiple employees. CBS may have reported the current data breach, but the company has not said what information was compromised. CSB started mailing data breach notification letters to

May 17 – Asian Health Services (AHS) notified the California Attorney General’s office of a data breach on May 5, 2023, after discovering that sensitive patient information had been stolen due to the hacking of an employee email account. According to the company’s report, the event led to the disclosure of consumers’ names, protected health information, medical record numbers, phone numbers, and birth dates. After it was

May 17 – R&B Corporation of Virginia, doing business as Credit Control Corporation (CCC), informed the Maine Attorney General of a data breach on May 15, 2023, after discovering that an unauthorized user had stolen data from the company’s server. According to the company’s official report, the event led to a third party acquiring access to the personal information of some of its consumers, including their names

May 17 – Brightly Software, Inc. reported a data breach to the Office of the Maine Attorney General on May 11, 2023, after discovering that a third party had access to sensitive account holder information housed in the SchoolDude user database. According to the official report filed by the firm, the breach led to the exposure of consumers’ names, school districts, phone numbers, account passwords, and email

May 17 – After discovering that a third party had acquired access to an employee email account containing private information about certain persons on May 12, 2023, Retirement Clearinghouse notified the Attorney General of Maine of a data breach. A third party gained access to the names, Social Security numbers, and Matrix Trust Company IRA account numbers of clients, according to the company’s official declaration. Retirement

May 16 – Following notification by NCB Management Services, Inc. of a data incident compromising the security of certain TD Bank customers, the bank filed a notice of data breach with the Office of the Maine Attorney General on May 12, 2023. According to the company’s report, the event led to the exposure of customers’ personal information, including names, Social Security numbers, birthdays, addresses, and account

May 16 – After verifying on May 12, 2023 that a security event affecting the company’s IT network resulted in an unauthorized person getting access to private customer data, Renewal by Andersen (Renewal) submitted a notification of data breach with the Office of the Maine Attorney General. According to the company’s report, the breach exposed the names, addresses, credit card numbers, bank account information, and Social Security

May 16 – Whitworth University discovered on April 28, 2023 that a ransomware attack had compromised the security of sensitive student data and promptly notified the Attorney General of Maine of the incident. According to the company’s complaint, the breach exposed full names, student ID numbers, passport numbers, health information, Social Security numbers, and birth dates of students. After discovering a compromise of consumer information, Whitworth

May 14 – After Gaston College announced on March 3, 2023 that it had been the target of a ransomware attack, the college warned students and staff that their personal data may have been compromised. Gaston College is now evaluating all impacted data to identify what kind of information was compromised and whose it was as part of its ongoing investigation into the issue. Gaston College will