Skip to content

Major Data Breaches of Q2

With data starting to be treated more like a commodity, companies are spending more time and money attempting to secure the data they have. Some organizations aren’t successful. In 2018, over 446.5 million records were exposed, even as data breaches dropped by 23 percent to 1,244.

Back in early May we took a look at data breaches over the first four months of the year. Today, we update this list.


Citrix – May 2, 2019

Citrix, a conferencing and digital workplace software company revealed that hackers gained access to the company’s internal systems between October 2018 and March 2019. Data stolen included Social Security numbers, financial information, and data of current and former employees.

AMC Networks – May 3, 2019

Names, email addresses, subscription details and other information of 1.6 million users of AMC Network’s Sundance Now and Shudder streaming services were left exposed through a database that was left unsecured.

Freedom Mobile – May 9, 2019

Canadian mobile provider Freedom Mobile had an estimated 1.5 million customers’ personal and financial information left exposed on a third-party server. The types of data left exposed included names, email addresses, mailing addresses, dates of birth, and credit card information.

Indiana Pacers – May 13, 2019

The business team behind the National Basketball Association’s Indiana Pacers was the victim of a phishing attack. The information that was exposed included names, addresses, dates of birth, Social Security numbers, passport numbers, driver’s license numbers, medical insurance information, card numbers, digital signatures and login information. No number of affected individuals has been given by the team.

WhatsApp – May 14, 2019

The Facebook-owned app WhatsApp has experienced a security flaw that provided access to an Israeli government surveillance agency, NSO Group. NSO Group had limited access to the microphone, camera, and WhatsApp message text of the app’s 1.5 billion users.

Instagram – May 20, 2019

Another Facebook-owned property, Instagram had a breach that exposed more than 49 million Instagram influencers, celebrities, and brands’ Instagram information when an Indian-based social media marketing company left it exposed.

Canva – May 24, 2019

139 million users of Canva, a cloud-based graphic design tool, had their names, usernames, and email addresses exposed when hackers infiltrated their server.

First American Financial Corp. – May 24, 2019

A leading title insurer for the U.S. real estate market, First American Financial Corp. had 885 million customers’ Social Security numbers, bank account numbers, mortgage and tax records, wire transaction receipts, and driver’s license images exposed for all customers as far as back as 2003.

Other May breaches: Inmediata Health Group, Uniqlo, Wyzant, Flipboard, Checkers (the fast food chain).


Quest Diagnostics – June 3, 2019

Almost 12 million patient records have been compromised when hackers took control of the payments page of AMCA, a major payment vendor for Quest Diagnostics. Data such as financial account data, Social Security numbers, and health information (ePHI) were left exposed.

LabCorp – June 4, 2019

In the same hack, LabCorp announced that 7.7 million of its customers were impacted.

Emuparadise – June 10, 2019

The gaming website Emuparadise had their users’ IP addresses, usernames, and passwords exposed in a data breach.

Evite – June 11, 2019

More than 100 million users of the Evite event planning app have had their information put up for sale on the dark web. Information that was stolen included names, email addresses, IP addresses, and cleartext passwords. Some even had their dates of birth, phone number, or postal address exposed.

Total Registration – June 11, 2019

Kentucky-based Total Registration, a facilitator of scholastic test registrations had their entire service compromised. Victims, who were mainly students who had registered for PSAT and Advanced Placement tests, had their names, dates of birth, grade level, gender, and Social Security number exposed.

Evernote (June 12, 2019)

A security vulnerability in Evernote’s Web Clipper Chrome extension gave hackers access to the online data of over 4.5 million users. Exposed data includes authentication, financial, all private communications, and more.

Oregon Department of Human Services – June 18, 2019

A phishing attack was the cause of around two million emails being exposed to the hacker. Information included names, addresses, dates of birth, Social Security numbers, case numbers, and health information.

Desjardins – June 20, 2019

2.7 million individuals and 173,000 businesses had data stolen by a Desjardins employee. Some of the data stolen from the company, Canada’s largest credit union, include names, dates of birth, social insurance numbers, addresses, phone numbers, and email addresses.

Other June breaches: Opko Health, U.S. Customs and Border Protection, EatStreet, Dominion National


Clinical Pathology Laboratories – July 17, 2019

Due to the AMCA breach that affected Quest Diagnostics, Opko Health, and Labcorp, Clinical Pathology Laboratories had 2.2 million patients’ personal and medical information exposed with an additional 34,500 patients’ credit card or banking information breached.

Sprint – July 18, 2019

A still unknown number of Sprint customer accounts were hacked through’s “add a line” website. Some exposed information includes names, billing addresses, phone numbers, device types, device IDs, monthly recurring charges, account numbers, and more.

Other July breaches: Maryland Department of Labor, Los Angeles County Department of Health Service, Essentia Health, Fieldwork Software, Los Angeles Personnel Department


Poshmark – August 5, 2019

The online marketplace, Poshmark, has announced that they’ve been hacked. Usernames and email addresses of an unreported amount of clients have been exposed in the breach. Poshmark has nearly 50 million users.

Stock X – August 5, 2019

The online fashion-trading platform had its over 6.8 million user accounts exposed. Data that was out there included customer names, email addresses, usernames and passwords, shipping addresses, and purchase histories.

CafePress – August 9, 2019

A data breach at CafePress, a custom T-shirt and merchandise company, exposed the names, email addresses, physical addresses, phone numbers, and passwords of over 23.2 million customers.

Other August breaches: Presbyterian Healthcare Services, State Farm

If these companies can get hacked, yours can too. That’s why it is important to be diligent about your business’ network security. To learn how WheelHouse IT can help you keep your employees’ and customers’ data safe call us today at (877) 771-2384.

Contact Us Today and Check Out Our Blog!

a woman in a business suit is using a laptop

Reliable Network Monitoring Support

Reliable Network Monitoring Support Ensure network security and operational efficiency with robust network monitoring. A strong monitoring system is indispensable

a man holding a computer case with many wires

How to Protect Your Electronics Against Disaster

Know how to protect your business technology and electronics against natural disasters. It’s important for companies to develop a game plan that will ensure employees are able to communicate with others before, during, as well as after a natural disaster to keep the business running.

Let's Start a Conversation

Watch the video below and find out why you should fill out this form and start a conversation today.

"*" indicates required fields

This field is for validation purposes and should be left unchanged.