Balloon Race: Data Breaches - Public Data
 Share
The version of the browser you are using is no longer supported. Please upgrade to a supported browser.Dismiss

 
View only
 
 
Still loading...
ABCDEFGHIJKLMNOPQRSTUVWXYZAAABACADAEAFAGAHAIAJAKALAMANAOAPAQARASATAUAVAWAXAYAZBABB
1
namealternativenamenotesprimaryvaluesubcategorycategorytypehighlightmetric_001metric_002metric_003metric_004excludefirstsourcesecondsourcethirdsource
2
Entityalternative namestoryYEARrecords lostORGANISATIONMETHOD OF LEAKinteresting storyNO OF RECORDS STOLENDATA SENSITIVITYUNUSEDUNUSEDExclude1st source link2nd source link3rd sourcesource nameUNUSEDUNUSEDUNUSEDUNUSEDUNUSEDUNUSED
3
Elaboration if there's an interesting story or detail behind ityears are encoded (0=2004, 8 = 2012, 9 = 2013, 10=2014, 11=2015, 12=latest)(use 3m, 4m, 5m or 10m to approximate unknown figures)(use 3m, 4m, 5m or 10m to approximate unknown figures)1. Just email address/Online information 20 SSN/Personal details 300 Credit card information 4000 Email password/Health records 50000 Full bank account detailsShow this item in the viz?
4
"Apple"Hacking group AntiSec claimed they hacked an FBI laptop in March 2012 accessing a file of more than 12 million Apple Unique Device Identifiers (UDIDs). Subsequently, it was discovered that app developer BlueToad was the source of the breach. The list contained personal information such as full names, phone numbers and addresses. AntiSec published a million of these UDIDs online.812,367,232tech, retailaccidentally publishedy1240000020http://news.cnet.com/8301-1009_3-57505330-83/antisec-claims-to-have-snatched-12m-apple-device-ids-from-fbi/http://news.cnet.com/8301-1009_3-57509595-83/udid-leak-source-idd-bluetoad-mobile-firm-says-it-was-hacked/
5
"Gmail"5 million Gmail account passwords leaked to a forum, alongside passwords from other email providers. Close inspection revealed the user details to be old (3+ years). Multiple individual targeted hacks of third party websites where people used their Gmail IDs, rather than one big dataleak, suspected to be the method. Gmail itself was not hacked. 105,000,000webhackedy50000001Xhttp://thenextweb.com/google/2014/09/10/4-93-million-gmail-usernames-passwords-published-google-says-evidence-systems-compromised/
6
178.comgaming website710,000,000webhacked100000001http://www.ehackingnews.com/2011/12/hackers-compromised-38-million-chinese.html
7
Accendo Insurance Co. Mismailed letters which allowed some lines of sensitive information (medication name, date of birth, and member ID) to be visible through the envelope window. The mailings were addressed correctly and, to the knowledge of the company, were received by the intended recipients.7175,350healthcarepoor security1800002000http://www.databreaches.net/?p=19198http://www.hhs.gov/ocr/privacy/hipaa/administrative/breachnotificationrule/breachtool.html
8
AdobeSep 17th 2013. Hackers obtained access to a large swathe of Adobe customer IDs and encrypted passwords & removed sensitive information (i.e. names, encrypted credit or debit card numbers, expiration dates, etc.). Approximately 36 million Adobe customers were involved: 3.1 million whose credit or debit card information was taken and nearly 33 million active users whose current, encrypted passwords were in the database taken. Correction Jan 2015: we previously reported 152m records were taking, but the remainder affected invalid, inactive, test accounts or had out-of-date passwords associated with them.936,000,000techhackedy3600000050000http://helpx.adobe.com/x-productkb/policy-pricing/customer-alert.htmlhttp://www.zdnet.com/adobe-admits-2-9m-customer-accounts-have-been-compromised-7000021546/http://krebsonsecurity.com/2013/10/adobe-breach-impacted-at-least-38-million-users/
9
Adult Friend FinderInternet dating & hookup siteSexual preferences, names, email addresses, usernames, dates of birth, postal codes113,900,000webhacked39000001http://www.channel4.com/news/adult-friendfinder-dating-hack-internet-dark-web
10
Advocate Medical Group4,000,000 patient names, addresses, dates of birth, and Social Security numbers were contained in four computers stolen from an administrative building. Second biggest security breach ever reported to the Department of Health and Human Services (HHS).94,000,000healthcarelost / stolen mediay400000020http://healthitsecurity.com/2013/08/27/advocate-medical-group-endures-massive-data-breach/http://datalossdb.org/latest_incidents_remote_sync
11
Affinity Health Plan, Inc.A rented photocopier used to copy health records did not have its hard-drive wiped before its return. 5344,579healthcarelost / stolen media y3000004000http://security-hack1.blogspot.com/2010/04/affinity-health-plan-alerts-public.htmlhttp://www.hhs.gov/ocr/privacy/hipaa/administrative/breachnotificationrule/breachtool.html
12
Ameritrade Inc.Computer backup tape containing personal information was lost. online broker1200,000financiallost / stolen media20000020http://www.nbcnews.com/id/7561268/
13
Ankle & foot Center of Tampa Bay, Inc.The information hacked included information such as patient names, social security numbers, date of birth, home addressees, account numbers, and healthcare services and related diagnostic codes.6156,000healthcarehacked1600004000http://www.phiprivacy.net/?p=5743http://www.hhs.gov/ocr/privacy/hipaa/administrative/breachnotificationrule/breachtool.html
14
Anthem Second-largest health insurer in the USFeb 2015: Names, dates of birth, member ID/ social security numbers, addresses, phone numbers, email addresses and employment information.1280,000,000healthcarehackedy8000000020http://www.anthemfacts.com/faq
15
AOL102,400,000webhacked240000001http://blog.aol.com/2014/04/28/aol-security-update/
16
AOLAmerican OnlineDurp. AOL VOLUNTARILY released search data for roughly 20 million web queries from 658,000 anonymized users of the service. No one is quite sure why.220,000,000webaccidentally publishedy200000001http://techcrunch.com/2006/08/06/aol-proudly-releases-massive-amounts-of-user-search-data/Tech Crunch
17
AOLAmerican Online A former America Online software engineer stole 92 million screen names and e-mail addresses and sold them to spammers who sent out up to 7 billion unsolicited e-mails.092,000,000webinside job, hacked920000001http://money.cnn.com/2004/06/23/technology/aol_spam/http://www.msnbc.msn.com/id/8985989/#.UFcN8RgUwaACNN
18
AppleDeveloper portal hacked. "Some" information about 275,000 3rd-party developers potentially stolen.9275,000techhacked3000001http://www.guardian.co.uk/technology/2013/jul/22/apple-developer-site-hacked
19
AshleyMadison.comUS ex-marital affairs site20th July 2015: DEVELOPING: Online hookup site for extra-marital affairs has been severely breached and the personal details of 37m users, as well as company financial records, threatened with release. Notorious hacking outfit The Impact Team has claimed responsibility. The hackers are demanding the shutdown of AM.com and other associated sites.1137,000,000webhacked370000001http://krebsonsecurity.com/2015/07/online-cheating-site-ashleymadison-hacked/
20
AT&TUS Telecoms companyDetails of iPad 3G users hacked from AT&T website, thought to include those of White House chief of staff Rahm Emanuel.6114,000telecomshackedy1000001http://www.guardian.co.uk/technology/2010/jun/10/apple-ipad-security-leak?INTCMP=SRCHGuardian
21
AT&TA laptop was stolen from a car containing unencrypted Social
Security numbers and bonus/salary info of AT&T employees.
4113,000telecomslost / stolen computery1000001http://www.idtheftcenter.org/artman2/publish/lib_survey/ITRC_2008_Breach_List.shtmlITRC
22
Auction.co.krSouth Korea's largest online shopping site418,000,000webhacked18000000300http://www.darkreading.com/security/perimeter-security/211201111/hacker-steals-data-on-18m-auction-customers-in-south-korea.html
23
Australian Immigration DepartmentAn employee of the agency inadvertently sent the passport numbers, visa details and other personal identifiers of all world leaders attending the G20 Brisbane summit to the organisers of the Asian Cup football tournament. Barack Obama, Vladimir Putin, Angela Merkel, Xi Jinping, Narendra Modi, David Cameron and many others.11500,000governmentaccidentally published50000050000http://www.theguardian.com/world/2015/mar/30/personal-details-of-world-leaders-accidentally-revealed-by-g20-organisers
24
Automatic Data ProcessingBusiness outsourcing, payrolls, benefits1125,000financialpoor security13000020http://abcnews.go.com/Technology/story?id=2160425&page=1#.UFcROxgUwaAABC
25
AvMed, Inc.Two company laptops containing names, addresses, dates of birth, Social Security numbers and health-related information. 51,220,000healthcarelost / stolen computer120000020http://www.governmentsecurity.org/latest-security-news/laptop-theft-exposes-private-info-of-avmed-health-plansaapos-customers.htmlhttp://www.hhs.gov/ocr/privacy/hipaa/administrative/breachnotificationrule/breachtool.html
26
Banner HealthHackers gained access to payment card data via food outlets at Banner Health locations.123,700,000private firmhacked3700000300https://www.bannerhealth.com/news/2016/08/banner-health-identifies-cyber-attack#
27
BetfairUK gambling siteBetfair waited 18 months to report the breach of their online gambling site, alarming banking institutions and security experts. Betfair's systems breach, which occurred in March and April 2010, was not uncovered until this past May, when a server crashed.62,300,000webhacked2300000300http://www.idtheftcenter.org/artman2/publish/lib_survey/ITRC_2008_Breach_List.shtmlITRC
28
Bethesda Game StudiosUS video game company (Elder Scrolls, Fallout 3)Hacking collective Lulzsec stole account information of 200,000 user.7200,000gaminghacked2000001http://www.pcworld.com/article/231215/lulzsec_a_short_history_of_hacking.htmlPC World
29
BlizzardActivision, Battle.netScrambled passwords, e-mail addresses, and personal security answers were knowingly stolen from Blizzard's internal network. Blizzard would not elaborate on the size of the hack ("millions"). 814,000,000gaminghacked1400000020https://us.battle.net/support/en/article/important-security-update-faq#5http://thehightechsociety.com/blizzard-battle-net-hack/
30
Blue Cross Blue Shield of TennesseeUS health insurance organizationA thief stole 57 hard drives from the closet of a BlueCross call center in Chattanooga, Tenn. Data on the stolen hard drives was encoded but not encrypted. Bluecross stated there was no evidence the information was accessed due to the specialized nature of the hardware stolen. 51,023,209healthcarelost / stolen media y100000020http://www.scmagazine.com/thief-steals-57-hard-drives-from-bluecross-blueshield-of-tennessee/article/162178/http://www.hhs.gov/ocr/privacy/hipaa/administrative/breachnotificationrule/breachtool.htmlITRC
31
BNY Mellon Shareowner ServicesWealth managementA back-up tape, containing over 12 million customers records were lost.412,500,000financiallost / stolen media 125000001http://www.wctv.tv/news/headlines/28132494.html?storySection=commentsITRC
32
BrazzersPorn siteSept. 'The data contains 790,724 unique email addresses, and also includes usernames and plaintext passwords. (The set has 928,072 entries in all, but many are duplicates.'13790724webhacked7907244000http://motherboard.vice.com/read/nearly-800000-brazzers-porn-site-accounts-exposed-in-forum-hackhttp://motherboard.vice.com/read/nearly-800000-brazzers-porn-site-accounts-exposed-in-forum-hack
33
British AirwaysFrequent flyer accounts11500,000retailhacked5000001http://www.theguardian.com/business/2015/mar/29/british-airways-frequent-flyer-accounts-hacked
34
California Department of Child Support ServicesCalifornia child support records were lost in transit during a disaster preparedness exercise.8800,000governmentlost / stolen media 80000020http://www.idtheftcenter.org/artman2/publish/lib_survey/ITRC_2008_Breach_List.shtmlhttp://articles.businessinsider.com/2012-04-03/news/31279254_1_major-data-breach-identity-theft-office-of-privacy-protectionITRC
35
Cardsystems Solutions Inc. Third-party payment processor for Visa, Mastercard, Amex, and DiscoverCardSystems was fingered by MasterCard after it spotted fraud on credit card accounts and found a common thread, tracing it back to CardSystems. An unauthorized entity put a specific code into CardSystems' network, enabling the person or group to gain access to the data. It's not clear how many of the 40 million accounts were actually stolen. 140,000,000financialhackedy40000000300http://www.msnbc.msn.com/id/8260050/ns/technology_and_science-security/t/million-credit-cards-exposed/#.UFiz7aRYtmgMSNBC
36
CarefirstBlue Cross, Blue Shield US medical insurerAttacked happened in June 2014. Was announced in June 2015.111,100,000healthcarehacked11000001http://carefirstanswers.com/
37
CarPhone WarehouseUK mobile phone supplier112,700,000webhacked270000050000http://www.theguardian.com/technology/2015/aug/10/carphone-warehouse-uk-data-watchdog-investigating-customer-hack
38
Central Hudson Gas & ElectricCustomer banking information and other personal information may have been accessed during the hack.9110,000energyhacked100000300http://www.privacyrights.org/data-breachPrivacy Rights
39
CheckFree CorporationProvider of online banking, online bill payment and electronic bill payment services for the financial services industryCustomers who went to CheckFree's Web sites between 12:35 a.m. and 10:10 a.m. on the day of the attack were redirected to a Ukrainian Web server that used malicious software to try and install a password-stealing program on the victim's computer.55,000,000financialhackedy50000001http://www.computerworld.com/s/article/9125078/CheckFree_warns_5_million_customers_after_hackComputer World
40
Chile Ministry Of EducationA computer hacker in Chile published confidential records belonging to six million people to illustrate the weakness of their security. 46,000,000governmentaccidentally published60000001http://news.bbc.co.uk/2/hi/americas/7395295.stmhttp://www.geek.com/articles/news/government-servers-in-chile-hacked-6-million-personal-records-made-public-20080514/BBC News
41
China Software Developer Network76,000,000webhacked60000001http://www.zdnet.com/blog/security/chinese-hacker-arrested-for-leaking-6-million-logins/11064
42
CitigroupThird big data breach from Citigroup."The personal information of 150,000 consumers who went into bankruptcy between 2007 and 2011 – including their social security numbers – were exposed after Citi failed to properly redact court records before they were put on the Public Access to Court Electronic Records (PACER) system."9150,000financialpoor securityy15000020http://news.softpedia.com/news/Citi-Exposes-Details-of-150-000-Individuals-Who-Went-into-Bankruptcy-369979.shtml
43
CitigroupLess than 1% of Citbank card holders' names, account numbers, and contact information such as e-mail addresses were stolen. Card security codes were not stolen. 7360,083financialhacked400000300http://www.pcworld.com/article/229891/Citigroup_Hack_Nets_Over_200k_in_Stolen_Customer_Details.htmlPC World
44
CitigroupBlame the messenger! A box of computer tapes containing information on 3.9 million customers was lost by United Parcel Service (UPS) while in transit to a credit reporting agency.13,900,000financiallost / stolen media y3900000300http://www.nytimes.com/2005/06/07/business/07data.html?pagewanted=all&_moc.semityn.wwwNY Times
45
City and Hackney Teaching Primary Care TrustHeavily encrypted disks containing details of children are lost by couriers.3160,000governmentlost / stolen media16000020http://www.computerweekly.com/news/2240104003/Hackney-NHS-trust-encrypts-IT-equipment-following-loss-of-child-data
46
Classified Iraq War documentsWikileaks6392,000governmentinside job40000020http://www.forbes.com/sites/andygreenberg/2010/10/22/wikileaks-reveals-the-biggest-classified-data-breach-in-history/
47
Clinton campaignThe campaign's network was hacked, but nobody knows what information they took.135,000,000governmenthacked500000020https://techcrunch.com/2016/07/29/clinton-campaign-reportedly-breached-by-hackers/
48
ClixSenseSept. The information stolen contains usernames, passwords, home addresses, payment histories, and other banking details.136600000webhack660000050000http://www.digitaltrends.com/computing/clixsense-hacked/
49
Code.orgNon-profit organisationVolunteer email addresses were left accessible via web browser. 1210webpoor security101http://blog.code.org/post/140938173013/some-volunteer-email-addresses-compromised
50
Colorado governmentDepartment of Health Care Policy & Financing6105,470healthcarelost / stolen computer10000020http://www.databreaches.net/?p=12611http://www.hhs.gov/ocr/privacy/hipaa/administrative/breachnotificationrule/breachtool.html
51
Community Health SystemsAug 2014: Community Health Systems, which operates 206 hospitals across the US, had patient data from the last 5 years breached. Details included names, addresses, social security numbers. Suspected "chinese hackers" were thought responsible. Goal: identity theft.104,500,000healthcarehackedy450000020http://money.cnn.com/2014/08/18/technology/security/hospital-chs-hack/
52
Compass BankA former employee stole a hardrive containing 1m account details from the bank, then used it to defraud cutomers of nearly $32,000.31,000,000financialinside joby1000000300http://www.idtheftcenter.org/artman2/publish/lib_survey/ITRC_2008_Breach_List.shtmlhttp://www.computerworld.com/s/article/9072198/Programmer_who_stole_drive_containing_1_million_bank_records_gets_42_monthsITRC
53
Countrywide Financial CorpEmployee convicted of downloading millions of borrower files and selling the information to other loan officers.mortgage lender72,500,000financialinside job250000020http://latimesblogs.latimes.com/money_co/2011/09/man-convicted-in-huge-countrywide-data-theft-gets-8-months-in-prison.html
54
Countrywide Financial CorpMortgage financer22,600,000financialinside job2600000300http://www.idtheftcenter.org/artman2/publish/lib_survey/ITRC_2008_Breach_List.shtmlITRC
55
Court VenturesExperianA Vietnamese identity theft service was sold personal records, including Social Security numbers, credit card data and bank account information, by Court Ventures, a company now owned by data brokerage firm Experian.8200,000,000financialinside job20000000020http://bits.blogs.nytimes.com/2013/10/24/senator-intensifies-probe-of-data-brokers/?_php=true&_type=blogs&_r=0http://www.experianplc.com/news/company-news/2014/04-04-2014.aspxNY Times / Experian
56
Crescent Health Inc., WalgreensNames, Social Security numbers, health insurance identification numbers, health insurance information, dates of birth, diagnoses, other medical information, disability codes, addresses, and phone numbers may have been exposed via a laptop theft.9100,000healthcarelost / stolen computer1000004000http://www.privacyrights.org/data-breachPrivacy Rights
57
D&B, AltegrityHackers stole millions of social security numbers from large US data brokers Dun & Bradstreet Corp and Kroll Background America Inc, owned by Altegrity. Correction 7 Jan 2015: we previously stated that records were stolen from LexisNexis. LexisNexis conducted a thorough investigation of the malware intrusion and found no evidence that the malware accessed or stole any customer or consumer data. 101,000,000techhacked1000000300http://www.usatoday.com/story/cybertruth/2013/09/26/lexisnexis-dunn--bradstreet-altegrity-hacked/2878769/http://www.reuters.com/article/2013/09/26/us-cyberattacks-databrokers-idUSBRE98P03220130926http://www.bbc.co.uk/news/technology-24284277USA Today; Reuters; BBC News
58
Dai Nippon PrintingJapanese printing companyA former contractor of Dai Nippon Printing Company in Tokyo, Japan stole 8.6 million records containing the personal data of customers of 43 of the company's clients. 38,637,405retailinside job86000001http://usatoday30.usatoday.com/tech/news/computersecurity/2007-12-30-data_n.htmUSA Today
59
Data Processors InternationalProvides merchant account establishment and Internet based credit card payment processing services45,000,000financialhacked50000001http://money.cnn.com/2003/02/18/technology/creditcards/CNN
60
Dominios Pizzas (France)10600,000webhacked6000001http://www.theguardian.com/technology/2014/jun/16/dominos-pizza-ransom-hack-data
61
Driving Standards AgencyHard disk with details of candidates for the driving theory test was lost in a premises in Iowa by subcontractors. Only names, addresses and phone numbers. 33,000,000governmentlost / stolen media300000020http://news.bbc.co.uk/1/hi/uk_politics/7147715.stm
62
Driving Standards Agency,Details of candidates for the driving theory test were on a hard drive that went missing in the US. 33,000,000governmentlost / stolen media300000020http://news.bbc.co.uk/1/hi/uk_politics/7147715.stm
63
DropboxWebsites stolen from other websites used to sign into a small number of Dropbox accounts. The hack was mainly used to send spam to users. 830,000webhacked300001http://www.informationweek.co.uk/security/client/dropbox-admits-hack-adds-more-security-f/240004697
64
DropboxUser credentials were stolen in a 2012 hack, but the number affected has only just come to light. 868,700,000webhacked687000001http://www.telegraph.co.uk/technology/2016/08/31/dropbox-hackers-stole-70-million-passwords-and-email-addresses/
65
Drupalopen-source content management platformMalicious files placed on association.drupal.org servers via a 3rd-party application. Exposed usernames, e-mail addresses, country information, and cryptographically hashed passwords.91,000,000webhacked10000001http://arstechnica.com/security/2013/05/drupal-org-resets-login-credentials-after-hack-exposes-password-data/Ars Technica
66
EbayThe company has said hackers attacked between late February and early March with login credentials obtained from “a small number” of employees. They then accessed a database containing all user records and copied “a large part” of those credentials.10145,000,000webhackedy1450000001http://my.chicagotribune.com/#section/-1/article/p2p-80265168/
67
Educational Credit Management CorpUS student loan guarantorA contractor for the US Department of Education stole the records of 3.3 million people. Data included names, addresses, Social Security numbers and dates of birth of borrowers, but no financial or bank account information.63,300,000financiallost / stolen mediay330000020http://www.foxnews.com/us/2010/03/26/student-loan-company-data-m-people-stolen/ITRC
68
Eisenhower Medical CenterCalifornia hospitalStolen computer contained data listing patients' names, ages, dates of birth, medical record numbers and the last four digits of their social security numbers.7514,330healthcarelost / stolen computer5000004000http://databreachinvestigation.blogspot.com/2011/04/thief-gets-away-with-eisenhower-medical.htmlhttp://www.hhs.gov/ocr/privacy/hipaa/administrative/breachnotificationrule/breachtool.html
69
Embassy CablesConfidential communications between 274 embassies in countries throughout the world and the State Department in Washington DC, between 1966-2010.Wikileaks6251,000governmentinside job30000050000http://wikileaks.org/cablegate.html
70
Emergency Healthcare Physicians, Ltd.A Chicago emergency physician groupThe stolen portable hard drive is believed to have contained records from 2003 to 2006 that included patient names, addressees, phone numbers, birth dates, Social Security numbers, and, in some cases, drivers' license numbers.6180,111healthcarelost / stolen media1800004000http://www.healthcareinfosecurity.com/chicago-breach-affects-180000-a-2496http://www.hhs.gov/ocr/privacy/hipaa/administrative/breachnotificationrule/breachtool.html
71
Emory Healthcarehospital system in Atlanta8315,000healthcarepoor security3000004000http://www.hhs.gov/ocr/privacy/hipaa/administrative/breachnotificationrule/breachtool.html
72
European Central Bank104,000,000financialhacked40000001http://www.cityam.com/1406190300/ecb-website-hacked
73
Evernoteonline note-taking siteEvernote asked its 50 million users to reset their passwords following an attempt to hack the note-taking network. The company said it’d found no evidence that any payment information for Evernote Premium or Evernote Business customers had been accessed, nor was there any indication that content stored by users had been accessed, changed or lost.950,000,000webhacked500000001http://www.wired.co.uk/news/archive/2013-03/04/evernote-hackedhttp://www.digitaltrends.com/mobile/evernote-hack-50-million-users-forced-to-reset-passwords/Wired; Digital Trends
74
Experian / T-mobileThe world's biggest data monitoring firm disclosed a massive breach of customers who applied for service with T-Mobile. Names, addresses, birth dates, Social Security numbers, drivers license numbers and passport numbers.1115,000,000webhacked15000000300http://www.reuters.com/article/2015/10/02/us-tmobile-dataprotection-idUSKCN0RV5PL20151002
75
FacebookUsing the network's "Download Your Information" tool, some Facebook members were inadvertently sent the phone numbers or email address of Facebook friends that were otherwise private. Facebook assured users that the bug was fixed within a day, and that there is no evidence that the information was used maliciously.96,000,000webaccidentally published60000001https://www.facebook.com/notes/facebook-security/important-message-from-facebooks-white-hat-program/10151437074840766
76
Fidelity National Information ServicesEmployee sold customer information to a data broker, including names, addresses, birth dates, bank account and credit card information.38,500,000financialinside job8500000300http://www.pcworld.com/article/135117/article.html
77
Florida CourtsFlorida Department of Juvenile Justice9100,000governmentlost / stolen computer10000020http://www.privacyrights.org/data-breachPrivacy Rights
78
Florida Department of Juvenile JusticeThree computers were stolen that contained both youth and employee records was reported stolen on January 2, 2013. Over 100,000 records were on the device and may have been exposed.9100,000governmentlost / stolen computer10000020http://www.privacyrights.org/data-breachPrivacy Rights
79
Formspring Interest-based social Q&A websiteFormspring was tipped off to a breach after 420,000 hashed passwords were posted to a security forum. 8420,000webaccidentally publishedy4000001http://news.cnet.com/8301-1009_3-57469944-83/formspring-disables-user-passwords-in-security-breach/?tag=mncol;txt
80
GamigoGerman gaming website88,000,000webhacked80000001http://www.forbes.com/sites/andygreenberg/2012/07/23/eight-million-passwords-spilled-from-gaming-site-gamigo-months-after-breach/
81
Gap IncStolen laptop which contained social security numbers, data on people who applied for positions at Gap stores, including Banana Republic and Old Navy, between July 2006 and June 2007.3800,000retaillost / stolen computer80000020http://www.pcworld.com/article/137865/article.htmlPC World
82
Gawker.comUS news and gossip blog network including Gawker.com Gizmodo.com Lifehacker.comHacked. 1.5 Million usernames, emails, passwords taken.61,500,000webhacked150000020http://www.guardian.co.uk/technology/2010/dec/13/gawker-hackers-passwords-twitter-wikileaks?INTCMP=SRCHhttp://www.mediaite.com/online/gawker-medias-entire-commenter-database-appears-to-have-been-hacked/Guardian
83
Global PaymentsCredit, debit and check processing for merchants (Visa, Mastercard, etc)1.5 million credit card numbers from its systems may have been exposed after detecting “unauthorized access” into its processing system. 87,000,000financialhacked1500000300http://www.washingtonpost.com/business/technology/faq-the-global-payments-hack/2012/04/02/gIQAIHLLrS_story.htmlITRChttp://money.cnn.com/2012/03/30/technology/credit-card-data-breach/index.htm
84
Greek governmentA computer programmer was arrested in Greece for allegedly stealing the identity information of what could amount to 83% of the country's population. The 35-year-old was found in possession of 9 million data files containing identification card data, addresses, tax ID numbers and licence plate numbers, which he was also suspected of trying to sell.89,000,000governmenthacked900000020http://www.wired.co.uk/news/archive/2012-11/22/greece-id-theftWired
85
GS CaltexPrivate oil companyTwo multimedia discs containing the names, social security numbers, addresses, cell phone numbers, email addresses and workplaces of Korean customers sorted by age were stolen. They were found by an office worker in a backstreet’s trash pile in Seoul. Experts say a GS Caltex employee likely stole the information for personal purposes given there were no signs of hacking.411,100,000energyinside job1110000020http://www.datalossdb.orghttp://english.donga.com/srv/service.php3?biid=2008090631088Data Loss Database
86
Hacking TeamItalian cybersecurity firm sells digital surveillance software to law enforcement and national security organisations. 400 GB of documents - including software source code, private messages & client databases - has been stolen and put online via BitTorrent. The documents show the company has sold products to repressive regimes.11500,000webhackedy50000050000http://www.theguardian.com/technology/2015/jul/06/hacking-team-hacked-firm-sold-spying-tools-to-repressive-regimes-documents-claimThe Guardian
87
Hannaford Brothers Supermarket ChainDelhaize Group: Hannaford Bros, Sweetbay, Food Lion, Bloom, Bottom Dollar, Harveys, Kash n' KarryAn estimated 4.2 million credit and debit card numbers were stolen.34,200,000retailhacked4200000300http://www.idtheftcenter.org/artman2/publish/lib_survey/ITRC_2008_Breach_List.shtmlITRC
88
Health Net Largest US publicly traded managed health care companyA portable hard drive with seven years of personal and medical information on about 1.5 million Health Net customers was lost for six months before being reported. 51,500,000healthcarelost / stolen media y15000004000http://www.idtheftcenter.org/artman2/publish/lib_survey/ITRC_2008_Breach_List.shtmlITRC
89
Health Net - IBMData lost from HN servers managed by IBMSeveral server drives, containing personal information of former and current employees, went missing.71,900,000healthcarelost / stolen media 1900000300http://www.idtheftcenter.org/artman2/publish/lib_survey/ITRC_2008_Breach_List.shtmlhttp://www.hhs.gov/ocr/privacy/hipaa/administrative/breachnotificationrule/breachtool.htmlITRC
90
HeartlandIndependent payment processorThe biggest credit card scam in history, Heartland eventually paid more than $110 million to Visa, MasterCard, American Express and other card associations to settle claims related to the breach.5130,000,000financialhackedy130000000300http://www.guardian.co.uk/technology/blog/2009/aug/24/hacking-law?INTCMP=SRCHhttp://money.cnn.com/2012/03/30/technology/credit-card-data-breach/index.htmGuardian
91
Hewlett PackardLaptop lost/stolen containing employee data: names, addresses, Social Security numbers, dates of birth and other employment-related information.2200,000tech, retaillost / stolen mediay20000020http://news.cnet.com/Laptop-with-HP-employee-data-stolen/2100-7348_3-6052964.html
92
Home DepotMalware installed on cash register system across 2,200 stores syphoned credit card details of up to 56 million customers. May be the same group of Russian and Ukrainian hackers responsible for the data breaches at Target, Sally Beauty and P.F. Chang’s, among others1056,000,000retailhackedy56000000300http://krebsonsecurity.com/2014/09/banks-credit-card-breach-at-home-depot/
93
Honda CanadaNames, addresses and vehicle identification numbers were taken from the company’s eCommerce websites myHonda and myAcura7283,000retailpoor securityy30000020http://www.guelphmercury.com/news-story/2200845-honda-canada-hit-by-online-security-breach-283-000-car-owners-personal-data-stolen/
94
Indiana UniversityStudents who attended the university between 2011 and 2014 may have had their data exposed after it was stored on an unprotected site. The data was accessed by three webcrawlers but there is not evidence it was accessed by any unauthorized individuals.9146,000academicpoor security15000020http://news.iu.edu/releases/iu/2014/02/data-exposure-disclosure.shtmlhttp://www.usatoday.com/story/news/nation/2014/02/26/indiana-university-data-breach/5830685/Indiana University
95
InterparkJuly. South Korean police are blaming North Korea for stealing data in an attempt to obtain foreign currency. 1310,000,000webhack1000000020http://www.nytimes.com/2016/07/29/world/asia/north-korea-hacking-interpark.html
96
Invest BankUnited Arab Emirates bankHacker breached a United Arab Emirates bank, demanding a ransom of $3m in bitcoin to stop tweeting data, mostly about corporate accounts. The hacker dumped files on the website of a basketball team, which he hacked for storage. The bank, Invest Bank, won't pay the ransom. 1140,000bankinghacked4000050000http://www.dailydot.com/politics/invest-bank-hacker-buba/
97
IRSUS Tax service"An unnamed cybermafia used an IRS app to download forms full of personal information. They posed as legitimate taxpayers, and tried to download forms on 200,000 people between February and May. They got away with half of them, the IRS said. The crooks used about 15,000 of them to claim tax refunds in other people's names."11100,000governmentpoor security1000001http://money.cnn.com/2015/05/26/pf/taxes/irs-website-data-hack/index.html
98
Japan AirlinesOct 2014: Japan Airlines confirmed the possible theft of information from up to around 750,000 frequent-flier programme members. Data that may have been stolen included names, genders, birth dates, addresses, email addresses and places of work.10750,000transporthacked80000020http://online.wsj.com/articles/japan-airlines-reports-hacker-attack-1412053828http://www.jal.co.jp/en/info/other/140924.html
99
Jefferson CountyWest Virginia, US"Jefferson County Clerk Jennifer Maghan said she unveiled a new online search tool that enabled residents and business professionals to access nearly 1.6 million documents that are stored in her office via their home computers"41,600,000governmentaccidentally publishedy160000020http://www.idtheftcenter.org/artman2/publish/lib_survey/ITRC_2008_Breach_List.shtmlhttp://www.journal-news.net/page/content.detail/id/511806.html?nav=5006ITRC
100
JP Morgan ChaseJuly 2014: The US's largest bank was compromised by hackers, stealing names, addresses, phone numbers and emails of account holders. The hack began in June but was not discovered until July, when the hackers had already obtained the highest level of administrative privilege to dozens of the bank’s computer servers.1076,000,000financialhackedy76000000300http://dealbook.nytimes.com/2014/10/02/jpmorgan-discovers-further-cyber-security-issues/?_php=true&_type=blogs&_r=0
Loading...
 
 
 
2016 Update
data breaches data
underground data costs
data-old
Sheet7