Information is Beautiful: Data Breaches (public)
 Share
The version of the browser you are using is no longer supported. Please upgrade to a supported browser.Dismiss

 
View only
 
 
Still loading...
ABCDEFGHIJKLMNOPQRSTUVWXYZAAABACADAEAFAGAHAIAJAKALAMANAOAPAQARASATAUAVAWAXAYAZBABB
1
2
Entityalternative namestoryYEARrecords lostORGANISATIONMETHOD OF LEAKNO OF RECORDS STOLENDATA SENSITIVITY1st source link2nd source link3rd sourcesource name
3
Elaboration if there's an interesting story or detail behind ityears are encoded (0=2004, 8 = 2012, 9 = 2013, 10=2014, 11=2015, 12=2016, 13 = latest)(use 3m, 4m, 5m or 10m to approximate unknown figures)(use 3m, 4m, 5m or 10m to approximate unknown figures)1. Just email address/Online information 20 SSN/Personal details 300 Credit card information 4000 Email password/Health records 50000 Full bank account details
4
Netflix Twitter accountDec. 'OurMine' hacked Netflix's Twitter account & sent out mocking tweets. 131webhacked11http://www.reuters.com/article/us-netflix-cyber-idUSKBN14A1GRReuters
5
Tesco BankNov. £2.5m stolen from 9000 customer accounts. 139,000bankinghacked900050000http://www.theregister.co.uk/2016/11/30/tesco_bank_breach_former_insider_breach_theory/The Register
6
Quest DiagnosticsNov. The stolen data contained names, DOBs, lab results and some telephone numbers.1334,000healthcarehacked340004000http://newsroom.questdiagnostics.com/2016-12-12-Quest-Diagnostics-Provides-Notice-of-Data-Security-Incident#assets_129Quest
7
ThreeThree mobile company in the UKHackers broke into Three's customer database with the intention of fraudulently ordering handsets to sell on. They stole personal details, but no financial records or passwords were stored on the hacked system. 13200,000telecomshacked20000020http://www.threemediacentre.co.uk/news/2017/handsetfraud-update.aspxThree
8
WongaApr. Customers from the UK and Poland look to have been affected. 13270,000financialhacked27000050000https://www.theguardian.com/business/2017/apr/09/wonga-data-breach-could-affect-250000-uk-customers?CMP=Share_iOSApp_Other
9
PayAsUGymDec. Fitness website hacked & email address published online.13300,000webhacked3000001http://www.bbc.co.uk/news/technology-38350987BBC
10
Red Cross Blood ServiceInfo leaked includes data about 'at risk sexual behaviours'13550,000healthcareaccidentally published5500004000http://www.abc.net.au/news/2016-10-28/red-cross-blood-service-admits-to-data-breach/7974036ABC
11
BrazzersPorn siteSept. 'The data contains 790,724 unique email addresses, and also includes usernames and plaintext passwords. (The set has 928,072 entries in all, but many are duplicates.'13790,724webhacked7907244000http://motherboard.vice.com/read/nearly-800000-brazzers-porn-site-accounts-exposed-in-forum-hackhttp://motherboard.vice.com/read/nearly-800000-brazzers-porn-site-accounts-exposed-in-forum-hackMotherboard
12
Waterly by MGAR LtdApp for paying water billsJan. Israel-based app contained a vulnerability in the sign-in process that could potentially expose user account details. The problem was fixed within 2 weeks of being identifiied. 131,000,000appvulnerability1000000300https://www.databreaches.net/waterly-app-potentially-exposed-up-to-1-million-israelis-details-researcher/Databreaches
13
SnapchatApr. Indian hackers apparently leaked data they stole last year in response to Snapchat CEO allegedly stating they had no plans to expand to 'poor countries' like India. Snapchat have yet to confirm any leak.131,700,000apphacked17000001http://www.bgr.in/news/indian-hacker-group-leaks-data-of-1-7-million-snapchat-users-after-ceos-poor-country-comments-report/
14
CellebriteCellebrite's main product is a device that rips data from mobile phones. 900GB of data was stolen from Cellebrite. The hackers got hacked. The number of records taken is unknown. Motherboard quotes the hacker as stating “I can't say too much about what has been done. It's one thing to slap them, it's a very different thing to take pictures of [their] balls hanging out.”

133,000,000techhacked300000020http://motherboard.vice.com/read/hacker-steals-900-gb-of-cellebrite-dataMotherboard
15
Clinton campaign135,000,000governmenthacked500000020https://techcrunch.com/2016/07/29/clinton-campaign-reportedly-breached-by-hackers/TechCrunch
16
ClixSenseSept. The information stolen contains usernames, passwords, home addresses, payment histories, and other banking details.136,600,000webhacked660000050000http://www.digitaltrends.com/computing/clixsense-hacked/DigitalTrends
17
Lynda.comowned by LinkedInHackers breached a database that held records of contact info and courses viewed. No official statement yet on how many records were actually stolen, and no evidence yet of them having been published anywhere.139,500,000webhacked95000001https://www.neowin.net/news/microsoft-owned-linkedin-is-sending-emails-to-users-about-a-lyndacom-data-breachNeowin
18
InterparkJuly. South Korean police are blaming North Korea for stealing data in an attempt to obtain foreign currency. 1310,000,000webhacked1000000020http://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.htmlNYTimes
19
Telegram Instant messaging serviceDespite Telegram's claims of super security, they've been hacked by a group called Rocket Kitten. 1315,000,000techhacked150000001http://venturebeat.com/2016/08/02/hackers-break-into-telegram-revealing-15-million-users-phone-numbers/VentureBeat
20
YahooUser accounts have been hacked using forged cookies to log in without a password over a 2 year period. 1332,000,000webhacked320000004000https://www.cnet.com/news/yahoo-says-forged-cookie-attack-accessed-about-32m-accounts/CNET
21
WeeblyFeb. Usernames, passwords and IP addresses stolen, although passwords secured with bcrypt. 1343,000,000webhacked430000004000https://techcrunch.com/2016/10/20/weebly-hacked-43-million-credentials-stolen/TechCrunch
22
Dailymotionvideo sharing site85.2m email addresses extracted, but only 18.3m had associated passwords.1385,200,000webhacked852000001http://www.zdnet.com/article/dailymotion-hack-exposes-millions-of-accounts/ZDNet
23
Friend Finder NetworkParent company of Adult Friend Finder , Cams.com and Penthouse.comUsernames, email addresses, passwords for sites including Adult Friend Finder and Penthouse.com. Passwords encrypted, but LeakedSource claims to be able to crack 99% of them.13412,000,000webhacked4120000001http://www.zdnet.com/article/adultfriendfinder-network-hack-exposes-secrets-of-412-million-users/https://www.leakedsource.com/blog/friendfinderZDNet, LeakedSource
24
River City MediaSpam operatorA dodgy backup has allegedly resulted in over a billion leaked email addresses, plus other personal info in some cases, and has exposed RCM's business plans & operations. 131,370,000,000webleak137000000020https://betanews.com/2017/03/06/river-city-media-spam-database-leak/Beta News
25
Code.orgNon-profit organisationVolunteer email addresses were left accessible via web browser. 1210webpoor security101http://blog.code.org/post/140938173013/some-volunteer-email-addresses-compromisedCode
26
Wendy'sRestaurant chainMalware has been used in 1025 of Wendy's restaurants to steal credit card data from customers. It's currently unknown how many individuals have been impacted.121,025retailhacked1025300http://abcnews.go.com/Technology/wireStory/wendys-1000-restaurants-affected-hack-40407208ABC
27
National Childbirth TrustCharityLondon-based charity hacked for user information. 1215,000webhacked150001https://thestack.com/security/2016/04/08/childbirth-charity-hack-leaks-15000-expectant-parents-data/TheStack
28
uTorrent It's unclear what data has been breached, exactly, but uTorrent has advised passwords are probably compromised. 1235,000webhacked350001https://torrentfreak.com/utorrent-forums-hacked-passwords-compromised-160608/TorrentFreak
29
VerizonSecurity servicesCustomer database and information about company's security flaws stolen and put up for sale. 12100,000webhacked100001http://arstechnica.com/security/2016/03/after-verizon-breach-1-5-million-customer-records-put-up-for-sale/Arstechnica
30
Mutuelle Generale de la PoliceFrench police health insuranceFiles uploaded to Google Drive by a 'malicious' employee. Data included home addresses. The leak came two weeks after a French police officer was murdered by ISIS-inspired attack.12112,000healthcareleak11200050000http://www.bbc.co.uk/news/world-europe-36645519BBC
31
Syrian governmentHacking outfit calling itself 'Cyber Justice Team' leaked 10GB of data from the government and private websites. Seems to be just data from old leaks, though.12274,477governmenthacked2744771http://news.softpedia.com/news/syrian-government-hacked-43-gb-of-data-spilled-online-by-hacktivists-502765.shtmlSoftpedia
32
Linux Ubuntu forums122,000,000webhacked20000001http://betanews.com/2016/07/15/ubuntu-linux-forums-hacked/Betanews
33
World CheckRun by Thompson Reuters2014 version of World-Check, a database of suspected terrorists and criminals, leaked online. It's unclear what data the records include.122,200,000medialeak2200000300https://thestack.com/security/2016/06/29/2-million-person-terror-database-leaked-online/TheStack
34
Banner HealthHackers gained access to payment card data via food outlets at Banner Health locations.123,700,000healthcarehacked3700000300https://www.bannerhealth.com/news/2016/08/banner-health-identifies-cyber-attack#BannerHealth
35
Privatization Agency of the Republic of SerbiaA text file with personal data and financial documents were made publically available on their website. 125,190,396governmentleak51939620http://www.shareconference.net/en/defense/personal-data-more-5-million-citizens-serbia-unlawfully-publishedShareConference
36
MinecraftLifeboat' communityPlayers using the Lifeboat servers have had their email addresses and passwords leaked.127,000,000webhacked70000001http://motherboard.vice.com/read/another-day-another-hack-7-million-emails-and-hashed-passwords-for-minecraftMotherboard
37
Mossack FonsecaPanamanian law firm 2.6TB of data on politicians, criminals, professional athletes etc leaked from law firm Mossack Fonseca, including emails, contracts, scanned documents, transcripts...1211,500,000legalleak1150000050000http://panamapapers.sueddeutsche.de/articles/56febff0a1bb8d3c3495adf4/SuddeutscheZeitung
38
Mail. ruGame-related forumsTwo hackers attacked three game-related forums hosted by Russian company Mail.ru. 1225,000,000webhacked2500000020http://www.zdnet.com/article/over-25-million-accounts-stolen-after-mail-ru-forums-raided-by-hackers/ZDNet
39
FlingDating siteA hacker claims to be selling info on sexual desires & preferences, as well as generic personal info, stolen from the dating site Fling. 1240,000,000webhacked400000004000https://www.europol.europa.eu/iocta/2016/data-breach.htmlEuropol
40
Turkish citizenship databaseTurkish citizenship database has allegedly been hacked and leaked online.1249,611,709governmentleak4961170920http://www.businessinsider.com/turkish-citizenship-database-allegedly-hacked-and-leaked-2016-4?r=UK&IR=TBusiness Insider
41
Philippines’ Commission on ElectionsCOMELECAfter a message was posted on the COMELEC website by hackers from Anonymous, warning the government not to mess with the elections, the entire database was stolen and posted online. 1255,000,000governmenthacked5500000050000http://blog.trendmicro.com/trendlabs-security-intelligence/55m-registered-voters-risk-philippine-commission-elections-hacked/TrendMicro
42
Anthem Second-largest health insurer in the USFeb 2015: Names, dates of birth, member ID/ social security numbers, addresses, phone numbers, email addresses and employment information.1280,000,000healthcarehacked8000000020http://www.anthemfacts.com/faqAnthemfacts
43
VKRussia's FacebookOver 100m user accounts were hacked and the data put up for sale online. A VK spokesperson has denied that the site was breached, claiming the data for sale is old details no longer in use.12100,544,934webhacked1005449344000http://motherboard.vice.com/read/another-day-another-hack-100-million-accounts-for-vk-russias-facebookMotherboard
44
MySpaceThe same hacker who was selling LinkedIn user data now claims to have MySpace user data too, and lots of it. 12164,000,000webhacked1640000001http://motherboard.vice.com/read/427-million-myspace-passwords-emails-data-breachMotherboard
45
Invest BankUnited Arab Emirates bankHacker breached a United Arab Emirates bank, demanding a ransom of $3m in bitcoin to stop tweeting data, mostly about corporate accounts. The hacker dumped files on the website of a basketball team, which he hacked for storage. The bank, Invest Bank, won't pay the ransom. 1140,000financialhacked4000050000http://www.dailydot.com/politics/invest-bank-hacker-buba/DailyDot
46
UberOccured Sep 2014. Revealed Feb 2015. Names & license plates of 50,000 driver partners.1150,000techpoor security500001http://blog.uber.com/2-27-15Uber
47
IRSUS Tax service"An unnamed cybermafia used an IRS app to download forms full of personal information. They posed as legitimate taxpayers, and tried to download forms on 200,000 people between February and May. They got away with half of them, the IRS said. The crooks used about 15,000 of them to claim tax refunds in other people's names."11100,000governmentpoor security1000001http://money.cnn.com/2015/05/26/pf/taxes/irs-website-data-hack/index.htmlCNN
48
TalkTalkTelecoms provider157k customers had personal details stolen, including 15,600 account numbers. 11157,000webhacked16000020http://www.bbc.co.uk/news/uk-34784980http://www.bbc.co.uk/news/uk-34611857http://www.theguardian.com/business/2015/oct/22/talktalk-customer-data-hackers-website-credit-card-details-attackBBC, Guardian
49
MSpykid & partner tracking serviceData dump to the dark web "includes Apple IDs and passwords, tracking data, and payment details on some 145,000 successful transactions", photos and very private conversations.11400,000techhacked40000020http://krebsonsecurity.com/2015/05/mobile-spy-software-maker-mspy-hacked-customer-data-leaked/Krebson Security
50
Australian Immigration DepartmentAn employee of the agency inadvertently sent the passport numbers, visa details and other personal identifiers of all world leaders attending the G20 Brisbane summit to the organisers of the Asian Cup football tournament. Barack Obama, Vladimir Putin, Angela Merkel, Xi Jinping, Narendra Modi, David Cameron and many others.11500,000governmentaccidentally published50000050000http://www.theguardian.com/world/2015/mar/30/personal-details-of-world-leaders-accidentally-revealed-by-g20-organisersGuardian
51
British AirwaysFrequent flyer accounts11500,000retailhacked5000001http://www.theguardian.com/business/2015/mar/29/british-airways-frequent-flyer-accounts-hackedGuardian
52
Hacking TeamItalian cybersecurity firm sells digital surveillance software to law enforcement and national security organisations. 400 GB of documents - including software source code, private messages & client databases - has been stolen and put online via BitTorrent. The documents show the company has sold products to repressive regimes.11500,000webhacked50000050000http://www.theguardian.com/technology/2015/jul/06/hacking-team-hacked-firm-sold-spying-tools-to-repressive-regimes-documents-claimThe Guardian
53
Slacksoftware for remote working11500,000techpoor security5000001http://techcrunch.com/2015/03/27/slack-got-hacked/TechCrunch
54
CarefirstBlue Cross, Blue Shield US medical insurerAttacked happened in June 2014. Was announced in June 2015.111,100,000healthcarehacked11000001http://carefirstanswers.com/Carefirstanswers
55
CarPhone WarehouseUK mobile phone supplier112,700,000webhacked270000050000http://www.theguardian.com/technology/2015/aug/10/carphone-warehouse-uk-data-watchdog-investigating-customer-hackGuardian
56
SanrioHello Kitty and other franchisesSecurity researcher was able to access a database of 3.3m of Sanrio's Sanriotown.com accounts, with links to other Sanrio Hello Kitty portals.113,300,000webconfiguration error330000020http://www.csoonline.com/article/3017171/security/database-leak-exposes-3-3-million-hello-kitty-fans.htmlCSOonline
57
Adult Friend FinderInternet dating & hookup siteSexual preferences, names, email addresses, usernames, dates of birth, postal codes113,900,000webhacked39000001http://www.channel4.com/news/adult-friendfinder-dating-hack-internet-dark-webChannel4
58
US Office of Personnel Management"The intruders... gained access to...employees’ Social Security numbers, job assignments, performance ratings and training information"114,000,000governmenthacked400000020http://www.washingtonpost.com/world/national-security/chinese-hackers-breach-federal-governments-personnel-office/2015/06/04/889c0e52-0af7-11e5-95fd-d580f1c5d44e_story.html?tid=hpModule_04941f10-8a79-11e2-98d9-3012c1cd8d1eWashingtonPost
59
VTechToymaker companySoftware used to download games to children's computer tablets was hacked, with personal info and photos stolen. 116,400,000webhacked640000050000http://www.theguardian.com/technology/2015/dec/02/vtech-hack-us-hong-kong-investigate-children-exposedhttp://www.troyhunt.com/2015/11/when-children-are-breached-inside.htmlGuardian, TroyHunt
60
PremeraUS healthcare providerDetected 29th Jan 2015. Occured May 2014. "C could include names, date of birth, email address, address, telephone number, Social Security number, member identification numbers, bank account information, and claims information, including clinical information"1111,000,000healthcarehacked1100000050000http://premeraupdate.com/Premera
61
KromtechMacKeeper softwareA security researcher stumbled on a leak, which exposed usernames, email addresses and passwords of users. He notified Kromtech, who patched it quickly. 1113,000,000webhacked130000001https://thestack.com/security/2015/12/15/mackeeper-discloses-13-million-mac-users-details-with-poor-hash-protection/https://www.reddit.com/r/apple/comments/3wq9fc/massive_data_breach/TheStack, Reddit
62
Experian / T-mobileThe world's biggest data monitoring firm disclosed a massive breach of customers who applied for service with T-Mobile. Names, addresses, birth dates, Social Security numbers, drivers license numbers and passport numbers.1115,000,000webhacked15000000300http://www.reuters.com/article/2015/10/02/us-tmobile-dataprotection-idUSKCN0RV5PL20151002Reuters
63
US Office of Personnel Management (2nd Breach)attackers have targeted the forms submitted by intelligence and military personnel for security clearances. The document includes personal information - everything from eye colour, to financial history, to past substance abuse, as well as contact details for the individual's friends and relatives1121,500,000governmenthacked2150000050000http://www.bbc.co.uk/news/world-us-canada-33120405http://www.reuters.com/article/2015/07/09/us-cybersecurity-usa-idUSKCN0PJ2M420150709?feedType=RSS&feedName=topNews&utm_source=twitterBBC, Reuters
64
AshleyMadison.comUS ex-marital affairs site20th July 2015: DEVELOPING: Online hookup site for extra-marital affairs has been severely breached and the personal details of 37m users, as well as company financial records, threatened with release. Notorious hacking outfit The Impact Team has claimed responsibility. The hackers are demanding the shutdown of AM.com and other associated sites.1137,000,000webhacked370000001http://krebsonsecurity.com/2015/07/online-cheating-site-ashleymadison-hacked/Krebson Security
65
Securus TechnologiesPrison phone service providerAnonymous hacker leaked records of over 70m phone calls, plus links to recordings. Recording/storing attorney-client calls potentially violates constitutional protections.1170,000,000webhacked7000000050000https://theintercept.com/2015/11/11/securus-hack-prison-phone-company-exposes-thousands-of-calls-lawyers-and-clients/TheIntercept
66
Deep Root AnalyticsA database of 198 million US voters has been exposed as a result of incorrect configuration. 11198,000,000webconfiguration error19800000020http://uk.reuters.com/article/us-usa-voters-breach-idUKKBN0UB1E020151229https://www.upguard.com/breaches/the-rnc-filesReuters, UpGuard
67
New York TaxisA freedom of information request resulted in the release of data on all 173 million journeys undertaken by New York taxis in one year. Unfortunately, the data was incorrectly anonymised and relatively easy to decode, revealing the driver IDs, pickup & dropoff times, and GPS routes taken for every single cab journey.1052,000transportpoor security520001https://medium.com/@vijayp/f6bc289679a1Medium
68
Mozilla1076,000webpoor security80000020http://www.theguardian.com/technology/2014/aug/05/mozilla-leak-developer-email-addresses-passwords-firefoxGuardian
69
NASDAQNasdaq OMX GroupNasdaq forum website hacked by hacking ring, email addresses and passwords compromised10500,000financialhacked5000001http://www.reuters.com/article/2013/07/18/net-us-nasdaq-cybercrime-website-idUSBRE96H1F520130718Reuters
70
Dominios Pizzas (France)10600,000webhacked6000001http://www.theguardian.com/technology/2014/jun/16/dominos-pizza-ransom-hack-dataGuardian
71
Japan AirlinesOct 2014: Japan Airlines confirmed the possible theft of information from up to around 750,000 frequent-flier programme members. Data that may have been stolen included names, genders, birth dates, addresses, email addresses and places of work.10750,000transporthacked80000020http://online.wsj.com/articles/japan-airlines-reports-hacker-attack-1412053828http://www.jal.co.jp/en/info/other/140924.htmlWall Street Journal, Japan Airlines
72
MacRumours.com10860,000webhacked9000001http://www.wired.co.uk/news/archive/2013-11/13/mac-rumours-forums-hackedWired
73
D&B, AltegrityHackers stole millions of social security numbers from large US data brokers Dun & Bradstreet Corp and Kroll Background America Inc, owned by Altegrity. Correction 7 Jan 2015: we previously stated that records were stolen from LexisNexis. LexisNexis conducted a thorough investigation of the malware intrusion and found no evidence that the malware accessed or stole any customer or consumer data. 101,000,000techhacked1000000300http://www.usatoday.com/story/cybertruth/2013/09/26/lexisnexis-dunn--bradstreet-altegrity-hacked/2878769/http://www.reuters.com/article/2013/09/26/us-cyberattacks-databrokers-idUSBRE98P03220130926http://www.bbc.co.uk/news/technology-24284277USA Today; Reuters; BBC News
74
Neiman MarcusUS retailer101,100,000retailhacked110000020http://www.nytimes.com/2014/01/24/business/neiman-marcus-breach-affected-1-1-million-cards.htmlhttp://krebsonsecurity.com/2014/08/stealthy-razor-thin-atm-insert-skimmers/NYTimes, Krebson Security
75
Staples101,160,000retailhacked1200000300http://fortune.com/2014/12/19/staples-cards-affected-breach/Fortune
76
AOL102,400,000webhacked240000001http://blog.aol.com/2014/04/28/aol-security-update/AOL
77
European Central Bank104,000,000financialhacked40000001http://www.cityam.com/1406190300/ecb-website-hackedCity am
78
UPSMalware was discovered in the credit & debit card processing systems at 51 branches in 24 states.104,000,000retailhacked4000000300http://time.com/3151681/ups-hack/Time
79
Community Health SystemsAug 2014: Community Health Systems, which operates 206 hospitals across the US, had patient data from the last 5 years breached. Details included names, addresses, social security numbers. Suspected "chinese hackers" were thought responsible. Goal: identity theft.104,500,000healthcarehacked450000020http://money.cnn.com/2014/08/18/technology/security/hospital-chs-hack/CNN
80
"Gmail"5 million Gmail account passwords leaked to a forum, alongside passwords from other email providers. Close inspection revealed the user details to be old (3+ years). Multiple individual targeted hacks of third party websites where people used their Gmail IDs, rather than one big dataleak, suspected to be the method. Gmail itself was not hacked. 105,000,000webhacked50000001http://thenextweb.com/google/2014/09/10/4-93-million-gmail-usernames-passwords-published-google-says-evidence-systems-compromised/Thenextweb
81
Sony PicturesWide-ranging hack of potentially every piece of data held by the company, including: unreleased films & scripts, employee social security numbers, salaries and health check results, as well as sensitive internal business documents relating to lay-offs, restructures and executive salaries. Lead suspects are "North Korean hackers" perhaps related to the Seth Rogen film, "The Interview" which mocks the North Korean dictator, Kim Jong Un.1010,000,000mediahacked1000000020http://www.buzzfeed.com/tomgara/sony-hackBuzzfeed
82
Twitch.tvGaming siteMarch 23rd. Details unknown at this point. All Twitch's 10 million users have been requested to change their passwords.1010,000,000healthcarehacked100000001http://blog.twitch.tv/2015/03/important-notice-about-your-twitch-account/Twitch
83
Korea Credit Bureau1020,000,000financialinside job2000000050000http://www.securityweek.com/20-million-people-fall-victim-south-korea-data-leakSecurityWeek
84
Home DepotMalware installed on cash register system across 2,200 stores syphoned credit card details of up to 56 million customers. May be the same group of Russian and Ukrainian hackers responsible for the data breaches at Target, Sally Beauty and P.F. Chang’s, among others1056,000,000retailhacked56000000300http://krebsonsecurity.com/2014/09/banks-credit-card-breach-at-home-depot/Krebson Security
85
TargetInvestigators believe the data was obtained via software installed on machines that customers use to swipe magnetic strips on their cards when paying for merchandise at Target stores. Originally 40m customers. Now 70m!1070,000,000retailhacked7000000020http://www.chicagotribune.com/news/sns-rt-us-target-breach-20131218,0,3434295.storyhttp://www.huffingtonpost.com/2013/12/19/target-hacked-customer-credit-card-data-accessed_n_4471672.html?utm_hp_ref=mostpopularhttp://techcrunch.com/2014/01/10/targets-data-breach-gets-worse-70-million-customers-had-info-stolen-including-names-emails-and-phones/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Techcrunch+%28TechCrunch%29&utm_content=NetvibesITRC
86
JP Morgan ChaseJuly 2014: The US's largest bank was compromised by hackers, stealing names, addresses, phone numbers and emails of account holders. The hack began in June but was not discovered until July, when the hackers had already obtained the highest level of administrative privilege to dozens of the bank’s computer servers.1076,000,000financialhacked76000000300http://dealbook.nytimes.com/2014/10/02/jpmorgan-discovers-further-cyber-security-issues/?_php=true&_type=blogs&_r=0Dealbook
87
EbayThe company has said hackers attacked between late February and early March with login credentials obtained from “a small number” of employees. They then accessed a database containing all user records and copied “a large part” of those credentials.10145,000,000webhacked1450000001http://my.chicagotribune.com/#section/-1/article/p2p-80265168/Chicago Tribune
88
YahooHappened in 2014, but no. records stolen was originally thought to be much smaller. Yahoo recently revealed the real numbers.10500,000,000webhacked50000000020http://uk.businessinsider.com/yahoo-hack-by-state-sponsored-actor-biggest-of-all-time-2016-9?r=US&IR=TBusiness Insider
89
South Africa policeSouth Africa Police Service's anonymous whistleblowing websiteHacker collective 'Anonymous' hacked an anonymous whistleblowing website run by the South Africa Police Service (SAPS), revealing the identities of thousands of its users. The hack was in response to the massacre of 34 protesting miners at Marikana in August 2012.916,000governmenthacked 1600020http://www.wired.co.uk/news/archive/2013-05/22/south-africa-whistleblower-leakWired
90
Crescent Health Inc., WalgreensNames, Social Security numbers, health insurance identification numbers, health insurance information, dates of birth, diagnoses, other medical information, disability codes, addresses, and phone numbers may have been exposed via a laptop theft.9100,000healthcarelost / stolen computer1000004000http://www.privacyrights.org/data-breachPrivacy Rights
91
Florida CourtsFlorida Department of Juvenile Justice9100,000governmentlost / stolen computer10000020http://www.privacyrights.org/data-breachPrivacy Rights
92
Florida Department of Juvenile JusticeThree computers were stolen that contained both youth and employee records was reported stolen on January 2, 2013. Over 100,000 records were on the device and may have been exposed.9100,000governmentlost / stolen computer10000020http://www.privacyrights.org/data-breachPrivacy Rights
93
Central Hudson Gas & ElectricCustomer banking information and other personal information may have been accessed during the hack.9110,000energyhacked100000300http://www.privacyrights.org/data-breachPrivacy Rights
94
Kirkwood Community CollegeHacked online database9125,000academichacked13000020http://www.privacyrights.org/data-breachhttp://www.databreachwatch.org/community-college-data-breach-leaks-125000-ssns/Privacy Rights
95
Indiana UniversityStudents who attended the university between 2011 and 2014 may have had their data exposed after it was stored on an unprotected site. The data was accessed by three webcrawlers but there is not evidence it was accessed by any unauthorized individuals.9146,000academicpoor security15000020http://news.iu.edu/releases/iu/2014/02/data-exposure-disclosure.shtmlhttp://www.usatoday.com/story/news/nation/2014/02/26/indiana-university-data-breach/5830685/Indiana University
96
CitigroupThird big data breach from Citigroup."The personal information of 150,000 consumers who went into bankruptcy between 2007 and 2011 – including their social security numbers – were exposed after Citi failed to properly redact court records before they were put on the Public Access to Court Electronic Records (PACER) system."9150,000financialpoor security15000020http://news.softpedia.com/news/Citi-Exposes-Details-of-150-000-Individuals-Who-Went-into-Bankruptcy-369979.shtmlSoftpedia
97
Washington State court systemAdministrative officesUp to 160,000 Social Security numbers and a million driver's license numbers may have been accessed by hackers exploiting old versions of Adobe Cold Fusion software on the server. 9160,000governmenthacked16000020http://www.reuters.com/article/2013/05/09/us-usa-hack-washingtonstate-idUSBRE9480YY20130509http://www.privacyrights.org/data-breachReuters; Privacy Rights
98
TerraCom & YourTelThe telecom firms TerraCom and YourTel have branded reporters for Scripps News as "hackers" after journalists discovered that the personal data of over 170,000 customers - including social security numbers and other identifying data that could be used for identity theft - were sitting on a publicly accessible server.9170,000telecomsaccidentally published18000020http://boingboing.net/2013/05/23/terracom-and-yourtel-threaten.htmlhttp://www.wired.co.uk/news/archive/2013-05/23/reporter-google-breach-hackerBoing Boing; Wired
99
NintendoJapan's Club Nintendo serviceJapan's Club Nintendo service was hacked following thousands of unauthorized accesses. Customer information compromised in the attack includes full names, phone numbers, home and email addresses.9240,000gaminghacked25000020http://www.joystiq.com/2013/07/05/club-nintendo-japan-hacked/JoyStiq
100
TwitterHackers had access to limited user information -- usernames, email addresses, session tokens and encrypted/salted versions of passwords -- for approximately 250,000 users.9250,000webhacked 2500001http://www.wired.co.uk/news/archive/2013-02/02/twitter-hackedWired
Loading...
 
 
 
2017 update
Jan 2015 update
July 2013 update (old)