May 7 – McPherson Hospital, Inc. (McPherson Center for Health) reported a data breach to the Attorney General of Maine on May 4, 2023, after discovering that sensitive patient data had been compromised by a ransomware attack. According to the company’s lawsuit, the breach exposed consumers’ names, birth dates, Social Security numbers, health insurance information, medical billing information, and treatment information to an outside entity. After

May 7 – After discovering that a hacker had compromised their online membership application system on May 3, 2023, Veridian Credit Union notified the Attorney General of Maine of the data breach. According to the company’s report, the breach exposed consumers’ names, dates of birth, residences, loan information, account numbers at other financial institutions, and Social Security numbers. Veridian started sending letters to everyone affected by

May 6 – After discovering that a third party had gained access to the company’s computer network and viewed sensitive customer data, The Metropolitan Opera (the Met) filed a notice of data breach with the Attorney General of Maine on May 3, 2023. According to a corporate filing, a third party gained access to the personal details of some of its customers, including their names, Social Security

May 6 – When Optima Tax Relief, LLC (“Optima”) discovered on May 2, 2023 that sensitive client information had been compromised in a data breach, it immediately notified the Attorney General of Montana of the breach. According to the company’s report, the data breach allowed an unauthorized third party to access the names, Social Security numbers, birth dates, and addresses of some company consumers. After determined

May 6 – Pinnacle Propane (Pinnacle) confirmed on April 28, 2023, that customer information in its possession was compromised in a recent hack, prompting the business to submit a notification of data breach with the Montana Attorney General. According to the company’s official report, the incident led to the disclosure of customers’ names and Social Security numbers to a third party. Pinnacle began distributing data breach notification

May 5 – Carvin Software, LLC reported a data breach to the Maine Attorney General on May 2, 2023, after discovering that a third party had stolen customer records from the company’s server. According to the company’s report, the breach led to the exposure of consumers’ names, financial account numbers, and Social Security numbers. Carvin Software began mailing data breach notification letters to all persons affected

May 5 – Berlin Packaging discovered on April 28, 2023 that sensitive human resources data housed on the firm’s computer network had been breached in a recent hack, prompting the company to submit a notification of data breach with the Massachusetts Office of Consumer Affairs and Business Regulation. According to the company’s report, the event led to the exposure of consumers’ personal information, including names, addresses, financial 

May 4 – After discovering they were the target of a cyberattack, Murfreesboro Medical Clinic & SurgiCenter (MMC) issued a warning on May 2, 2023. Patients were warned to monitor their data for suspicious activity in light of the company’s notification, but no leak was yet confirmed. MMC claims that this breach may have exposed consumers’ names, ages, phone numbers, driver’s license numbers, Social Security numbers,

May 4 – A message notifying students and staff of a system outage was issued on April 28, 2023 at Montana State University. MSU’s letter was limited in information, but the university has been added to the victim list of a well-known ransomware group. Data breach notification letters will be sent to all persons affected by the latest data security issue; however, MSU has not yet confirmed

May 3 – After discovering that sensitive customer data in its possession had been compromised by malware, HealthPlan Services, Inc. (HPS) notified the Attorney General of Maine on April 28, 2023. According to the company’s report, the breach exposed consumers’ names, dates of birth, Social Security numbers, identifying information, bank account information, and health and medical insurance information. After it was determined that customer information had

May 3 – On May 1, 2023, UnitedHealthCare Services, Inc. (UnitedHealthCare) announced that it had discovered suspicious behavior on its computer network that might have resulted in the leak of member information, prompting concerns of a data breach. UnitedHealthCare has not disclosed what kinds of data were compromised since the investigation into the issue is ongoing. The UnitedHealthCare hack may be substantial, though, due to the abundance

May 3 – Charter Foods, Inc. reported a data breach to the Maine Attorney General on April 7, 2023, after it was the victim of a malicious cyberattack that exposed sensitive consumer data. According to the company’s report, the event led to the disclosure of consumers’ names, Social Security numbers, birth dates, and addresses to a third party. Charter Foods began mailing data breach notification letters

May 1 – After discovering on April 28, 2023 that a security breach had compromised the privacy of some of the company’s consumer information, NextGen Healthcare, Inc. (NextGen) notified the Montana Attorney General of the breach. A third party gained access to the personal information of some of the firm’s consumers, including their names, Social Security numbers, mailing addresses, and birth dates, according to an official

April 29 – On April 26, 2023, Alvaria, Inc. filed a notice of data breach with the Massachusetts Attorney General, naming Carrington Mortgage Services (Carrington) in the report as the company that was breached. It was Carrington’s consumers whose information was involved in the breach. After it was determined that customer information had been compromised, Alvaria immediately began notifying all Carrington consumers who had been affected by

April 27 – IMA Financial Group, Inc. (IMA) reported a data breach to the Texas Attorney General on April 19, 2023, after an incident involving confidential consumer information was exposed to a third party. According to the company’s official report, the breach exposed the names, Social Security numbers, government ID numbers, driver’s license numbers, residences, dates of birth, insurance claims information, and health information of consumers.