List of data breaches
This is a list of data breaches, using data compiled from various sources, including press reports, government news releases, and mainstream news articles. The list includes those involving the theft or compromise of 30,000 or more records, although many smaller breaches occur continually. Breaches of large organizations where the number of records is still unknown are also listed. The various methods used in the breaches are also listed, with hacking being the most common.
Most breaches occur in North America. It is estimated that the average cost of a data breach will be over $150 million by 2020, with the global annual cost forecast to be $2.1 trillion.[1][2] It is estimated that in first half of 2018 alone, about 4.5 billion records were exposed as a result of data breaches.[3] In 2019, a collection of 2.7 billion identity records, consisting of 774 million unique email addresses and 21 million unique passwords, was posted on the web for sale.[4]
Entity | Year | Records | Organization type | Method | Sources |
---|---|---|---|---|---|
21st Century Oncology | 2016 | 2,200,000 | healthcare | hacked | [5][6] |
500px | 2018 | 14,870,304 | social networking | hacked | [7] |
Accendo Insurance Co. | 2011 | 175,350 | healthcare | poor security | [8][9] |
Adobe Systems | 2013 | 152,000,000 | tech | hacked | [10][11] |
Adobe Inc. | 2019 | 7,500,000 | tech | poor security | [12] |
Advocate Medical Group | 2013 | 4,000,000 | healthcare | lost / stolen media | [13][14] |
AerServ (subsidiary of InMobi) | 2018 | 75,000 | advertising | hacked | [15] |
Affinity Health Plan, Inc. | 2009 | 344,579 | healthcare | lost / stolen media | [16] |
Airtel | 2019 | 320,000,000 | telecommunications | poor security | [17] |
Air Canada | 2018 | 20,000 | transport | hacked | [18] |
Amazon Japan G.K. | 2019 | unknown | web | accidentally published | [19][20] |
Ameritrade | 2005 | 200,000 | financial | lost / stolen media | [21] |
Ancestry.com | 2015 | 300,000 | web | poor security | [22] |
Ankle & Foot Center of Tampa Bay, Inc. | 2010 | 156,000 | healthcare | hacked | [23] |
Anthem Inc. | 2015 | 80,000,000 | healthcare | hacked | [24][25] |
AOL | 2004 | 92,000,000 | web | inside job, hacked | [26][27] |
AOL | 2006 | 20,000,000 | web | accidentally published | [28] |
AOL | 2014 | 2,400,000 | web | hacked | [29] |
Apple, Inc./BlueToad | 2012 | 12,367,232 | tech, retail | accidentally published | [30] |
Apple | 2013 | 275,000 | tech | hacked | [31] |
Apple Health Medicaid | 2016 | 91,000 | healthcare | poor security | [32] |
Ashley Madison | 2015 | 32,000,000 | web | hacked | [33] |
AT&T | 2008 | 113,000 | telecoms | lost / stolen computer | [34] |
AT&T | 2010 | 114,000 | telecoms | hacked | [35] |
Auction.co.kr | 2008 | 18,000,000 | web | hacked | [36] |
Australian Immigration Department | 2015 | G20 world leaders | government | accidentally published | [37] |
Automatic Data Processing | 2005 | 125,000 | financial | poor security | [38] |
AvMed, Inc. | 2009 | 1,220,000 | healthcare | lost / stolen computer | [39] |
Bailey's Inc. | 2015 | 250,000 | retail | hacked | [40] |
The Bank of New York Mellon | 2008 | 12,500,000 | financial | lost / stolen media | [41] |
Bank of America | 2005 | 1,200,000 | financial | lost / stolen media | [42] |
Barnes & Noble | 2012 | 63 stores | retail | hacked | [43][44] |
Bell Canada | 2017 | 1,900,000 | telecoms | poor security | [45] |
Bell Canada | 2018 | 100,000 | telecoms | hacked | [46] |
Betfair | 2010 | 2,300,000 | web | hacked | [34] |
Bethesda Game Studios | 2011 | 200,000 | gaming | hacked | [47] |
Bethesda Game Studios | 2018 | gaming | accidentally published | [48] | |
Betsson Group | 2020 | unknown | gaming | unknown | [49] |
Blank Media Games | 2018 | 7,633,234 | gaming | hacked | [50][51] |
Blizzard Entertainment | 2012 | 14,000,000 | gaming | hacked | [52][53] |
BlueCross BlueShield of Tennessee | 2009 | 1,023,209 | healthcare | lost / stolen media | [54] |
BMO and Simplii | 2018 | 90,000 | banking | poor security | [55] |
2018 British Airways cyberattack | 2018 | 500,000 | transport | hacked | [56][57][58] |
British Airways | 2015 | tens of thousands | retail | hacked | [59] |
2019 Bulgarian revenue agency hack | 2019 | over 5,000,000 | government | hacked | [60] |
California Department of Child Support Services | 2012 | 800,000 | government | lost / stolen media | [34][61] |
Canva | 2019 | 140,000,000 | web | hacked | [62][63][64] |
Capital One | 2019 | 106,000,000 | financial | unsecured S3 bucket | [65][66] |
CardSystems Solutions Inc.
(MasterCard, Visa, Discover Financial Services and American Express) |
2005 | 40,000,000 | financial | hacked | [67][68] |
Cathay Pacific Airways | 2018 | 9,400,000 | transport | hacked | [69] |
CareFirst BlueCross Blue Shield - Maryland | 2015 | 1,100,000 | healthcare | hacked | [70] |
Central Coast Credit Union | 2016 | 60,000 | financial | hacked | [71] |
Central Hudson Gas & Electric | 2013 | 110,000 | energy | hacked | [72] |
CheckFree Corporation | 2009 | 5,000,000 | financial | hacked | [73] |
CheckPeople | 2020 | 56,000,000 | background check | unknown | [74] |
China Software Developer Network | 2011 | 6,000,000 | web | hacked | [75] |
Chinese gaming websites (three: Duowan, 7K7K, 178.com) | 2011 | 10,000,000 | web | hacked | [76] |
Citigroup | 2005 | 3,900,000 | financial | lost / stolen media | [77] |
Citigroup | 2011 | 360,083 | financial | hacked | [78] |
Citigroup | 2013 | 150,000 | financial | poor security | [79] |
City and Hackney Teaching Primary Care Trust | 2007 | 160,000 | healthcare | lost / stolen media | [80] |
Clearview AI | 2020 | 3,000,000,000 (Number of photos obtained) | information technology | hacked | [81] |
Colorado government | 2010 | 105,470 | healthcare | lost / stolen computer | [82] |
Community Health Systems | 2014 | 4,500,000 | healthcare | hacked | [83] |
Philippines Commission on Elections | 2016 | 55,000,000 | government | hacked | |
Compass Bank | 2007 | 1,000,000 | financial | inside job | [34][84] |
Countrywide Financial Corp | 2006 | 2,600,000 | financial | inside job | [34] |
Countrywide Financial Corp | 2011 | 2,500,000 | financial | inside job | [85] |
Centers for Medicare & Medicaid Services | 2018 | 75,000 | healthcare | hacked | [86] |
Cox Communications | 2016 | 40,000 | telecoms | hacked | [87] |
Crescent Health Inc., Walgreens | 2013 | 100,000 | healthcare | lost / stolen computer | [72][88] |
CVS | 2015 | millions | retail | hacked | [89] |
Dai Nippon Printing | 2007 | 8,637,405 | retail | inside job | [90] |
Data Processors International (MasterCard, Visa, Discover Financial Services and American Express) | 2008 | 8,000,000 | financial | hacked | [91] |
Defense Integrated Data Center (South Korea) | 2017 | 235 GB | military | hacked | [92] |
Deloitte | 2017 | 350 clients emails | consulting, accounting | poor security | [93][94] |
Democratic National Committee | 2016 | 19,252 | political | [95] | |
US Department of Homeland Security | 2016 | 30,000 | government | poor security | [96][97] |
Desjardins | 2019 | 2,900,000 | financial | inside job | [98] |
Domino's Pizza (France) | 2014 | 600,000 | web | hacked | [99] |
DoorDash | 2019 | 4,900,000 | web | hacked | [100] |
UK Driving Standards Agency | 2007 | 3,000,000 | government | lost / stolen media | [101] |
Dropbox | 2012 | 68,648,009 | web | hacked | [102] |
Drupal | 2013 | 1,000,000 | web | hacked | [103] |
DSW Inc. | 2005 | 1,400,000 | retail | hacked | [104] |
Dubsmash | 2018 | 162 million | messaging app | hacked | [105][106] |
Dun & Bradstreet | 2013 | 1,000,000 | tech | hacked | [107][108] |
EasyJet | 2019-2020 | 9,000,000 (approx) - basic booking, 2208 (credit card details) | transport | hacked | [109][110] |
eBay | 2014 | 145,000,000 | web | hacked | [111] |
Earl Enterprises (Buca di Beppo, Earl of Sandwich, Planet Hollywood, Chicken Guy, Mixology, Tequila Taqueria) | 2018-2019 | 2,000,000 | restaurant | hacked | [112] |
Educational Credit Management Corporation | 2010 | 3,300,000 | financial | lost / stolen media | [113] |
Eisenhower Medical Center | 2011 | 514,330 | healthcare | lost / stolen computer | [114] |
ElasticSearch | 2019 | 108,000,000 | tech | poor security | [115] |
Embassy Cables | 2010 | 251,000 | government | inside job | [116] |
Emergency Healthcare Physicians, Ltd. | 2010 | 180,111 | healthcare | lost / stolen media | [114][117] |
Emory Healthcare | 2012 | 315,000 | healthcare | poor security | [114] |
Equifax | 2017 | 163,119,000 | financial, credit reporting | poor security | [118][119] |
European Central Bank | 2014 | unknown | financial | hacked | [120][121] |
Evernote | 2013 | 50,000,000 | web | hacked | [122][123] |
Exactis | 2018 | 340,000,000 | data broker | poor security | [124] |
Excellus BlueCross BlueShield | 2015 | 10,000,000 | healthcare | hacked | [125] |
Experian - T-Mobile US | 2015 | 15,000,000 | telecoms | hacked | [126][127] |
EyeWire | 2016 | unknown | tech | lost / stolen computer | [128] |
2013 | 6,000,000 | social network | accidentally published | [129] | |
2018 | 50,000,000 | social network | poor security | [130][131][132][133][134][135] | |
2019 | 540,000,000 | social network | poor security | [136] | |
2019 | 1,500,000 | social network | accidentally uploaded | [137] | |
2019 | 267,000,000 | social network | poor security | [138][139] | |
Federal Reserve Bank of Cleveland | 2010 | 400,000 | financial | hacked | [34] |
Fidelity National Information Services | 2007 | 8,500,000 | financial | inside job | [140] |
First American Corporation | 2019 | 885,000,000 | financial service company | poor security | [141] |
Florida Department of Juvenile Justice | 2013 | 100,000 | government | lost / stolen computer | [72] |
Friend Finder Networks | 2016 | 412,214,295 | web | poor security / hacked | [142][143] |
Formspring | 2012 | 420,000 | web | accidentally published | [144] |
Gamigo | 2012 | 8,000,000 | web | hacked | [145] |
Gap Inc. | 2007 | 800,000 | retail | lost / stolen computer | [146] |
Gawker | 2010 | 1,500,000 | web | hacked | [147][148] |
Global Payments | 2012 | 7,000,000 | financial | hacked | [149] |
Gmail | 2014 | 5,000,000 | web | hacked | [150] |
Google Plus | 2018 | 500,000 | social network | poor security | [151][152][153] |
Greek government | 2012 | 9,000,000 | government | hacked | [154] |
Grozio Chirurgija | 2017 | 25,000 | healthcare | hacked | [155][156][157] |
GS Caltex | 2008 | 11,100,000 | energy | inside job | [158][159] |
Gyft | 2016 | unknown | web | hacked | [160][161] |
Hannaford Brothers Supermarket Chain | 2007 | 4,200,000 | retail | hacked | [162] |
HauteLook | 2018 | 28,517,244 | retail | hacked | [163][164][165] |
Health Net | 2009 | 500,000 | healthcare | lost / stolen media | [166] |
Health Net — IBM | 2011 | 1,900,000 | healthcare | lost / stolen media | [167] |
Health Sciences Authority (Singapore) | 2019 | 808,000 | healthcare | poor security | [168] |
Heartland | 2009 | 130,000,000 | financial | hacked | [169][170] |
Heathrow Airport | 2017 | 2.5GB | transport | lost / stolen media | [171][172][173] |
Hewlett Packard | 2006 | 200,000 | tech, retail | lost / stolen media | [174] |
Hilton Hotels | 2014 and 2015 | 363,000 | hotel | hacked | [175][176] |
Home Depot | 2014 | 56,000,000 | retail | hacked | [177] |
Honda Canada | 2011 | 283,000 | retail | poor security | [178] |
Hyatt Hotels | 2015 | 250 locations | hotel | hacked | [179][180] |
Internal Revenue Service | 2015 | 720,000 | financial | hacked | [181][182] |
Inuvik hospital | 2016 | 6,700 | healthcare | inside job | [183] |
Iranian banks (three: Saderat, Eghtesad Novin, and Saman) | 2012 | 3,000,000 | financial | hacked | [184] |
JailCore | 2020 | 36,000 | government | poor security | [185] |
Jefferson County, West Virginia | 2008 | 1,600,000 | government | accidentally published | [34][186] |
JP Morgan Chase | 2010 | 2,600,000 | financial | lost / stolen media | [187] |
JP Morgan Chase | 2014 | 76,000,000 | financial | hacked | [188] |
Justdial | 2019 | 100,000,000 | local search | unprotected api | [189] |
KDDI | 2006 | 4,000,000 | telecoms | hacked | [190] |
Kirkwood Community College | 2013 | 125,000 | academic | hacked | [72][191] |
KM.RU | 2016 | 1,500,000 | web | hacked | [192] |
Koodo Mobile | 2020 | unknown | mobile carrier | hacked | [193] |
Korea Credit Bureau | 2014 | 20,000,000 | financial | inside job | [194] |
Kroll Background America | 2013 | 1,000,000 | tech | hacked | [107][108] |
KT Corporation | 2012 | 8,700,000 | telecoms | hacked | [195][196] |
LexisNexis | 2014 | 1,000,000 | tech | hacked | [107][108] |
Landry's, Inc. | 2015 | 500 locations | restaurant | hacked | [197][198] |
LifeLabs | 2019 | 15,000,000 | healthcare | hacked | [199] |
Lincoln Medical & Mental Health Center | 2010 | 130,495 | healthcare | lost / stolen media | [114][200] |
LinkedIn, eHarmony, Last.fm | 2012 | 8,000,000 | web | accidentally published | [201][202] |
Living Social | 2013 | 50,000,000 | web | hacked | [203][204] |
MacRumors.com | 2014 | 860,000 | web | hacked | [205] |
Mandarin Oriental Hotels | 2014 | 10 locations | hotel | hacked | [206][207] |
Marriott International | 2018 | 500,000,000 | hotel | hacked | [208][209] |
Marriott International | 2020 | 5,200,000 | hotel | poor security/inside job | [210] |
Massachusetts Government | 2011 | 210,000 | government | poor security | [34] |
Massive American business hack including 7-Eleven and Nasdaq | 2012 | 160,000,000 | financial | hacked | [211] |
US Medicaid | 2012 | 780,000 | government, healthcare | hacked | [34] |
Medical Informatics Engineering | 2015 | 3,900,000 | healthcare | hacked | [212] |
Memorial Healthcare System | 2011 | 102,153 | healthcare | lost / stolen media | [213][114] |
Michaels | 2014 | 3,000,000 | retail | hacked | [214] |
Microsoft | 2019 | 250,000,000 | tech | data exposed by misconfiguration | [215] |
Militarysingles.com | 2012 | 163,792 | web, military | accidentally published | [216] |
Ministry of Education (Chile) | 2008 | 6,000,000 | government | accidentally published | [217][218] |
Ministry of Health (Singapore) | 2019 | 14,200 | healthcare | poor security/inside job | [219][220] |
MongoDB | 2019 | 202,000,000 | tech | poor security | [221] |
MongoDB | 2019 | 275,000,000 | tech | poor security | [222] |
Mobile TeleSystems (MTS) | 2019 | 100,000,000 | telecommunications | misconfiguration/poor security | |
Monster.com | 2007 | 1,600,000 | web | hacked | [223] |
Morgan Stanley Smith Barney | 2011 | 34,000 | financial | lost / stolen media | [34] |
Mozilla | 2014 | 76,000 | web | poor security | [224] |
MyHeritage | 2018 | 92,283,889 | genealogy | unknown | [225] |
NASDAQ | 2014 | unknown | financial | hacked | [226] |
Natural Grocers | 2015 | 93 stores | retail | hacked | [227] |
Neiman Marcus | 2014 | 1,100,000 | retail | hacked | [228][229] |
Nemours Foundation | 2011 | 1,055,489 | healthcare | lost / stolen media | [114][230] |
Network Solutions | 2009 | 573,000 | tech | hacked | [231][232] |
New York City Health & Hospitals Corp. | 2010 | 1,700,000 | healthcare | lost / stolen media | [114] |
New York State Electric & Gas | 2012 | 1,800,000 | energy | inside job | [34] |
New York Taxis | 2014 | 52,000 | transport | poor security | [233] |
Nexon Korea Corp | 2011 | 13,200,000 | web | hacked | [234] |
NHS | 2011 | 8,300,000 | healthcare | lost / stolen media | [235] |
Nintendo (Club Nintendo) | 2013 | 240,000 | gaming | hacked | [236] |
Nintendo (Nintendo Account) | 2020 | 160,000 | gaming | hacked | [237] |
Nival Networks | 2016 | 1,500,000 | gaming | hacked | [238] |
Norwegian Tax Administration | 2008 | 3,950,000 | government | accidentally published | [239] |
Ofcom | 2016 | unknown | telecom | inside job | [240] |
US Office of Personnel Management | 2015 | 21,500,000 | government | hacked | [241][242] |
Office of the Texas Attorney General | 2012 | 6,500,000 | government | accidentally published | [243] |
Ohio State University | 2010 | 760,000 | academic | hacked | [34] |
Orbitz | 2018 | 880,000 | web | hacked | [244] |
Oregon Department of Transportation | 2011 | unknown | government | poor security | [34] |
OVH | 2013 | undisclosed | web | hacked | [245] |
Patreon | 2015 | 2,300,000 | web | hacked | [246] |
Popsugar | 2018 | 123,857 | fashion | hacked | [247] |
Premera | 2015 | 11,000,000 | healthcare | hacked | [248] |
Puerto Rico Department of Health | 2010 | 515,000 | healthcare | hacked | [114] |
Quest Diagnostics | 2019 | 11,900,000 | Clinical Laboratory | poor security | [249] |
Quora | 2018 | 100,000,000 | Question & Answer | hacked | [250] |
Rambler.ru | 2012 | 98,167,935 | web | hacked | [251][252] |
RBS Worldpay | 2008 | 1,500,000 | financial | hacked | [253] |
2018 | unknown | web | hacked | [254][255] | |
Restaurant Depot | 2011 | 200,000 | retail | hacked | [34] |
RockYou! | 2009 | 32,000,000 | web, gaming | hacked | [256] |
Rosen Hotels | 2016 | unknown | hotel | hacked | [257] |
San Francisco Public Utilities Commission | 2011 | 180,000 | government | hacked | [258] |
Scottrade | 2015 | 4,600,000 | financial | hacked | [259] |
Scribd | 2013 | 500,000 | web | hacked | [260][261] |
Seacoast Radiology, PA | 2010 | 231,400 | healthcare | hacked | [114][262] |
Sega | 2011 | 1,290,755 | gaming | hacked | [263] |
Service Personnel and Veterans Agency (UK) | 2008 | 50,500 | government | lost / stolen media | [264] |
SingHealth | 2018 | 1,500,000 | government, database | hacked | [265] |
Slack | 2015 | 500,000 | tech | poor security | [266] |
SlickWraps | 2020 | 377,428 | phone accessories | poor security | [267] |
SnapChat | 2013 | 4,700,000 | web, tech | hacked | [268] |
Sony Online Entertainment | 2011 | 24,600,000 | gaming | hacked | [269][270] |
Sony Pictures | 2011 | 1,000,000 | web | hacked | [271] |
Sony Pictures | 2014 | 100 terabytes | media | hacked | [272] |
Sony PlayStation Network | 2011 | 77,000,000 | gaming | hacked | [273] |
South Africa police | 2013 | 16,000 | government | hacked | [274] |
South Carolina Government | 2012 | 6,400,000 | healthcare | inside job | [114][275] |
South Shore Hospital, Massachusetts | 2010 | 800,000 | healthcare | lost / stolen media | [34] |
Southern California Medical-Legal Consultants | 2011 | 300,000 | healthcare | hacked | [34] |
Spartanburg Regional Healthcare System | 2011 | 400,000 | healthcare | lost / stolen computer | [114][276] |
Stanford University | 2008 | 72,000 | academic | lost / stolen computer | [34][277] |
Starbucks | 2008 | 97,000 | retail | lost / stolen computer | [34] |
Starwood Hotels including Westin Hotels and Sheraton Hotels | 2015 | 54 locations | hotel | hacked | [278][279] |
State of Texas | 2011 | 3,500,000 | government | accidentally published | [280] |
Steam | 2011 | 35,000,000 | web | hacked | [281] |
StockX | 2019 | 6,800,000 | retail | hacked | [282] |
Stratfor | 2011 | 935,000 | military | accidentally published | [283] |
Supervalu | 2014 | 200 stores | retail | hacked | [284] |
Sutter Medical Center | 2011 | 4,243,434 | healthcare | lost / stolen computer | [114][285] |
Syrian government (Syria Files) | 2012 | 2,434,899 | government | hacked | [286][287] |
Taobao | 2016 | 20,000,000 | retail | hacked | [288] |
Taringa! | 2017 | 28,722,877 | web | hacked | [289] |
Target Corporation | 2013 | 110,000,000 | retail | hacked | [290][291] |
TaxSlayer.com | 2016 | 8,800 | web | hacked | [292][293][294] |
TD Ameritrade | 2007 | 6,300,000 | financial | hacked | [295] |
TD Bank | 2012 | 260,000 | financial | hacked | [296][297] |
TerraCom & YourTel | 2013 | 170,000 | telecoms | accidentally published | [298][299] |
Tetrad | 2020 | 120,000,000 | market analysis | poor security | [300] |
Texas Lottery | 2007 | 89,000 | government | inside job | [34] |
Ticketfly (subsidiary of Eventbrite) | 2018 | 26,151,608 | ticket distribution | hacked | [301] |
Tianya Club | 2011 | 28,000,000 | web | hacked | [302] |
TK / TJ Maxx | 2007 | 94,000,000 | retail | hacked | [303][304] |
T-Mobile, Deutsche Telekom | 2006 | 17,000,000 | telecoms | lost / stolen media | [305][306] |
Tricare | 2011 | 4,901,432 | military, healthcare | lost / stolen computer | [34] |
Triple-S Salud, Inc. | 2010 | 398,000 | healthcare | lost / stolen media | [114] |
Truecaller | 2019 | 299,055,000 | Telephone directory | unknown | [307][308] |
Trump Hotels | 2014 | 8 locations | hotel | hacked | [309][310] |
Tumblr | 2013 | 65,469,298 | web | hacked | [311] |
Twitch | 2015 | unknown | tech | hacked | [312] |
2013 | 250,000 | web | hacked | [313] | |
Typeform | 2018 | unknown | tech | poor security | [69] |
Uber | 2014 | 50,000 | tech | poor security | [314] |
Uber | 2017 | 57,000,000 | transport | hacked | [315] |
Ubisoft | 2013 | unknown | gaming | hacked | [316] |
Ubuntu | 2013 | 2,000,000 | tech | hacked | [317] |
UCLA Medical Center, Santa Monica | 2015 | 4,500,000 | healthcare | hacked | [318] |
UK Home Office | 2008 | 84,000 | government | lost / stolen media | [319] |
UK Ministry of Defence | 2008 | 1,700,000 | government | lost / stolen media | [320] |
UK Revenue & Customs | 2007 | 25,000,000 | government | lost / stolen media | [321] |
Universiti Teknologi MARA | 2019 | 1,164,540 | academic | hacked | [322] |
Under Armour | 2018 | 150,000,000 | Consumer Goods | hacked | [323] |
University of California, Berkeley | 2009 | 160,000 | academic | hacked | [324] |
University of California, Berkeley | 2016 | 80,000 | academic | hacked | [325] |
University of Maryland, College Park | 2014 | 300,000 | academic | hacked | [326] |
University of Central Florida | 2016 | 63,000 | academic | hacked | [327] |
University of Miami | 2008 | 2,100,000 | academic | lost / stolen computer | [34] |
University of Utah Hospital & Clinics | 2008 | 2,200,000 | academic | lost / stolen media | [34] |
University of Wisconsin–Milwaukee | 2011 | 73,000 | academic | hacked | [34] |
United States Postal Service | 2018 | 60,000,000 | government | poor security | [328] |
UPS | 2014 | 51 locations | retail | hacked | [329] |
U.S. Army | 2011 | 50,000 | military | accidentally published | [34] |
U.S. Army (classified Iraq War documents) | 2010 | 392,000 | government | inside job | [330] |
U.S. Department of Defense | 2009 | 72,000 | military | lost / stolen media | [34] |
U.S. Department of Veteran Affairs | 2006 | 26,500,000 | government, military | lost / stolen computer | [331] |
U.S. law enforcement (70 different agencies) | 2011 | 123,461 | government | accidentally published | [332] |
National Archives and Records Administration (U.S. military veterans records) | 2009 | 76,000,000 | military | lost / stolen media | [333] |
U.S. government (United States diplomatic cables leak) | 2010 | 260,000 | military | inside job | [334] |
National Guard of the United States | 2009 | 131,000 | military | lost / stolen computer | [34] |
Verizon Communications | 2016 | 1,500,000 | telecoms | hacked | [335] |
Virgin Media | 2020 | 900,000 | mobile carrier | accidentally exposed | [336][337] |
Virginia Department of Health | 2009 | 8,257,378 | government, healthcare | hacked | [34] |
Virginia Prescription Monitoring Program | 2009 | 531,400 | healthcare | hacked | [34] |
Vodafone | 2013 | 2,000,000 | telecoms | inside job | [338] |
VTech | 2015 | 5,000,000 | retail | hacked | [339] |
Walmart | 2015 | 1,300,000 | retail | hacked | [89] |
Washington Post | 2011 | 1,270,000 | media | hacked | [340] |
Washington State court system | 2013 | 160,000 | government | hacked | [341][342] |
Wawa (company) | 2020 | 30,000,000 | retail | hacked | [343] |
Weebly | 2016 | 43,430,316 | web | hacked | [344][345] |
Wendy's | 2015 | unknown | restaurant | hacked | [346][347] |
Woodruff Arts Center | 2019 | unknown | arts group | poor security | [348] |
WordPress | 2018 | hacked | [349] | ||
Writerspace.com | 2011 | 62,000 | web | hacked | [350] |
Xat.com | 2015 | 6,054,459 | web | social engineering | [351] |
Yahoo | 2013 | 3,000,000,000 | web | hacked | [352][353] |
Yahoo | 2014 | 500,000,000 | web | hacked | [354][355][356][357][358] |
Yahoo Japan | 2013 | 22,000,000 | tech, web | hacked | [359] |
Yahoo! Voices | 2012 | 450,000 | web | hacked | [360][361] |
Yale University | 2010 | 43,000 | academic | accidentally published | [34] |
Zappos | 2012 | 24,000,000 | web | hacked | [362] |
Zynga | 2019 | 173,000,000 | social network | hacked | [363][364] |
Westpac | 2019 | 98,000 | financial | hacked | [365] |
Australian National University | 2019 | 19 years of data | academic | hacked | [366] |
Unknown agency (believed to be tied to United States Census Bureau) | 2020 | 200,000,000 | financial | accidentally published | [367] |
References
- "Data breach costs will soar to $2T: Juniper", CUNA, May 15, 2015
- "Data Breach Industry Forecast", Experian (2015)
- "Data breaches compromised 4.5bn records in half year 2018 – Gemalto", The Citizen, October 17, 2018
- Song, Victoria. "Mother of All Breaches Exposes 773 Million Emails, 21 Million Passwords". Gizmodo. Retrieved 2019-01-18.
- "21st Century Oncology notifies 2.2 million of hacking, data breach", CBS12, March 14, 2016
- "Oh No, Not Again...Chalk Up Yet Another Health Data Breach", National Law Review, March 14, 2016
- "620 million accounts stolen from 16 hacked websites now for sale on dark web, seller boasts". 2019-02-11.
- RxAmerica (24 June 2011). "Accendo Insurance Company Addresses Patient Information Issue". PR Newswire.
- "RxAmerica and Accendo Insurance notify 175,000 Medicare beneficiaries that mailing error exposed their medication name, date of birth, and member ID". DataBreaches.net.
- Welch, Chris (7 November 2013). "Over 150 million breached records from Adobe hack have surfaced online". The Verge. Vox Media.
- King, Rachel. "Adobe admits 2.9M customer accounts have been compromised". ZDNet. Retrieved 2019-09-30.
- "7 million Adobe Creative Cloud accounts exposed to the public". comparitech. 25 October 2019.
- HealthITSecurity (2013-08-27). "Advocate Medical Group endures massive data breach". HealthITSecurity.
- HealthITSecurity (2013-08-27). "Advocate Medical Group endures massive data breach". HealthITSecurity.
- "AerServ Submitted Breach Information". justice.oregon.gov.
- "HHS settles with health plan in photocopier breach case". HHS.gov.
- Nazmi, Shadab (2019-12-07). "India phone giant fixes bug 'affecting 300m users'". BBC News. Retrieved 2020-08-15.
- "Air Canada says 20,000 mobile app users affected by data breach - National | Globalnews.ca". globalnews.ca. 2018-08-29. Retrieved 2019-08-09.
- "アマゾンで他人の"注文履歴"が見えてしまう状態に". 2019-09-26.
- "Amazon.co.jpの注文履歴や住所氏名が他人のアカウントに表示される不具合". 2019-09-26.
- "Ameritrade warns 200,000 of lost data". NBC News. 2005-04-19.
- "RootsWeb Security Update". blogs.ancestry.com. 2017-12-23. Retrieved 2018-07-13.
- "» Ankle + Foot Center of Tampa Bay security breach affects 156,000 patients? (updated)". phiprivacy.net.
- "2015 Cyber Attack Settlement Agreement Reached". 2017-07-25. Archived from the original on 2017-02-11. Retrieved 2018-09-30.
- "Welcome to In re Anthem, Inc. Data Breach Litigation Settlement Website". 2018-08-15. Retrieved 2018-09-30.
- "AOL employee arrested and charged with stealing list - Jun. 23, 2004". cnn.com.
- "Ex-AOL worker who stole e-mail list sentenced". NBC News. 2005-08-17.
- "AOL Proudly Releases Massive Amounts of Private Data". TechCrunch. AOL. 6 August 2006.
- "AOL Security Update". AOL Blog.
- "UDID leak source ID'd: BlueToad mobile firm says it was hacked". CNET. Retrieved 1 February 2016.
- Arthur, Charles (2013-07-22). "Apple Developer site hack: Turkish security researcher claims responsibility". The Guardian.
- "91,000 state Medicaid clients warned of data breach", The Seattle Times, Feb. 9, 2016
- "Hackers Finally Post Stolen Ashley Madison Data". WIRED. 18 August 2015.
- ID Theft Resource Center. "2008 Data Breaches - ITRC Surveys & Studies - ID Theft Blog". idtheftcenter.org.
- Arthur, Charles (2010-06-10). "Security leak leaves US Apple iPad owners at risk". the Guardian.
- "Auction Slammed Over Data Theft". 26 March 2010.
- Farrell, Paul (2015-03-30). "Personal details of world leaders accidentally revealed by G20 organisers". the Guardian.
- "Payroll Giant Gives Scammer Personal Data of Hundreds of Thousands of Investors". ABC News.
- "$3M Data Breach Settlement Approved for AvMed Customers Unaffected by Identity Theft". Winston & Strawn.
- "Attacker compromises information of 250K in Bailey's data breach", SC Magazine, March 16, 2016
- Bennett, Lanetra. "Attorney General McCollum Urges Consumers to Monitor Credit and Debit Activity". wctv.tv. Archived from the original on 2016-03-08. Retrieved 2016-01-31.
- "Bank of America loses customer data". msnbc.com. 2005-03-01. Retrieved 2017-01-09.
- "Credit Card Data Breach at Barnes & Noble Stores". The New York Times. 24 October 2012.
- Riley, Charles (24 October 2012). "Barnes & Noble customer data stolen". CNNMoney.
- "Bell apologizes to customers after data breach hits 1.9 million e-mail addresses".
- Jan 23, Rajeshni Naidu-Ghelani · CBC News · Posted; January 23, 2018 1:16 PM ET | Last Updated; 2018. "Hackers steal more customer data from Bell | CBC News". CBC. Retrieved 2019-02-08.CS1 maint: numeric names: authors list (link)
- "Lulzsec: A Short History of Hacking". PCWorld. 27 June 2011.
- "Bethesda leaked Fallout 76 customer names, addresses, contact details". EuroGamer. 6 December 2018.
- "Jackpot247 Suffers Data Breach". Casino Listings Online. 21 January 2020. Retrieved 29 January 2020.
- "TOWN OF SALEM: BLANKMEDIAGAMES - HACKED". DeHashed. 2019-01-01. Retrieved 2018-01-06.
- Winder, Davey (2019-01-03). "Town Of Salem Hacked Leaving More Than 7.6M With Compromised Data". Forbes. Retrieved 2019-01-06.
- "Important Security Update". blizzard.com.
- "Blizzard Battle.net Security Breached, Passwords Accessed". Dark Reading.
- "Thief steals 57 hard drives from BlueCross BlueShield of Tennessee". SC Magazine. 2017-02-28.
- "Hackers threaten to reveal personal data of 90,000 Canadians caught in bank hack". CBC. 29 May 2018.
- "Customer Data Theft".
- "BA apologizes after 380,000 customers hit in cyber attack". Reuters. 2018-09-07.
- "British Airways faces record £183m fine for data breach". BBC. 2019-07-09.
- "British Airways frequent-flyer accounts hacked". the Guardian. 2015-03-29.
- "In systemic breach, hackers steal millions of Bulgarians' financial data". Reuters. 2019-07-16.
- "California Doesn't Know What It Did with 800,000 Child Support Records".
- CISOMAG (2019-05-28). "Nearly 140 million user data leaked in Canva hack". CISO MAG | Cyber Security Magazine. Retrieved 2019-05-29.
- "Online graphic-design tool Canva hacked; 139 million accounts stolen". HackRead. 2019-05-28. Retrieved 2019-05-29.
- "Canva hacked - user details accessed, but passwords safe". CRN Australia. Retrieved 2019-05-29.
- Business, Rob McLean, CNN. "A hacker gained access to 100 million Capital One credit card applications and accounts". CNN. Retrieved 2019-07-30.
- "Facts 2019". capitalone.com. Retrieved 2019-07-30.
- "40 million credit cards exposed". NBC News.
- "Credit card breach exposes 40 million accounts". CNET. Retrieved 2017-01-09.
- hermesauto (2018-10-24). "Cathay Pacific flags data breach affecting 9.4 million passengers". The Straits Times. Retrieved 2018-12-17.
- "Cyberattack affects 1.1 million CareFirst customers". Baltimore Sun. 20 May 2015.
- "Breached Credit Union Comes Out of its Shell", Krebs on Security, Feb. 25, 2016
- "Privacy Rights Clearinghouse". privacyrights.org.
- McMillan, Robert (6 January 2009). "CheckFree warns 5 million customers after hack". Computerworld.
- "Why is a 22GB database containing 56 million US folks' personal details sitting on the open internet using a Chinese IP address? Seriously, why?". The Register. 9 January 2020.
- Protalinski, Emil. "Chinese hacker arrested for leaking 6 million logins". ZDNet.
- "Hackers compromised 38 million Chinese users data by hacking Game sites". Retrieved 1 February 2016.
- "U.P.S. Loses A Shipment Of Citigroup Client Data". The New York Times. 7 June 2005.
- "Citigroup Hack Nabs Data from 210k Customers". PCWorld. 9 June 2011.
- Kovacs, Eduard (22 July 2013). "Citi Exposes Details of 150,000 Individuals Who Went into Bankruptcy". softpedia.
- "Hackney NHS trust encrypts IT equipment following loss of child data". ComputerWeekly.
- Valinsky, Jordan (February 26, 2020). "Clearview AI has billions of our photos. Its entire client list was just stolen". CNN. Retrieved February 26, 2020.
- "RxAmerica and Accendo Insurance notify 175,000 Medicare beneficiaries that mailing error exposed their medication name, date of birth, and member ID". Retrieved 1 February 2016.
- Pagliery, Jose (18 August 2014). "Hospital network hacked, 4.5 million records stolen". CNNMoney.
- Vijayan, Jaikumar (26 March 2008). "Programmer who stole drive containing 1 million bank records gets 42 months". Computerworld.
- "Money & Company". latimes.com. 2011-09-27.
- "US CMS says 75,000 individuals' files accessed in data breach". Deccan Chronicle. October 20, 2018. Retrieved October 20, 2018.
- "Cox Communications Investigates Data Breach Affecting 40K Employees", Info Security Magazine, March 7, 2016
- "Walgreens company announces data breach". Healthcare IT News. 2013-02-25.
- "CVS and Walmart Canada Are Investigating a Data Breach". The New York Times. 18 July 2015.
- "Reports of data breaches reached new heights in 2007 - USATODAY.com". usatoday.com.
- "Hacker may have stolen information on up to 8M credit cards - Feb. 27, 2003". cnn.com.
- "North Korea hackers stole South Korea-U.S. military plans to wipe out North Korea leadership: lawmaker". Reuters. 2017-10-11.
- "Deloitte Gets Hacked: What We Know So Far".
- Hopkins, Nick (2017-10-30). "Deloitte hack hit server containing emails from across US government". The Guardian. Retrieved 2019-11-15.
- Tumulty, Karen & Tom Hamburger (July 22, 2016). "WikiLeaks releases thousands of documents about Clinton and internal deliberations". Washington Post.
- "Breach Exposes Data From Thousands of DHS Employees", PC Magazine, Feb. 8, 2016
- "Hackers Get Employee Records at Justice and Homeland Security Depts.", New York Times, Feb. 8, 2016
- "Desjardins announces personal data of 2.9 million members improperly shared". cbc.ca. 20 June 2019.
- Gibbs, Samuel (2014-06-16). "The €30k data takeaway: Domino's Pizza faces ransom demand after hack". the Guardian.
- Whittaker, Zach (September 26, 2019). "DoorDash confirms data breach affected 4.9 million customers, workers and merchants". Techcrunch. Retrieved September 26, 2019.
- "BBC NEWS - UK - UK Politics - Millions of L-driver details lost". bbc.co.uk.
- "Dropbox Admits Hack, Adds More Security Features". Dark Reading.
- "Drupal.org resets login credentials after hack exposes password data". Ars Technica.
- "1.4 million exposed in shoe data breach". msnbc.com. 2005-04-19. Retrieved 2017-01-09.
- "How to Check if Your Dubsmash Account Is Compromised". 2019-02-25.
- "620 million accounts stolen from 16 hacked websites now for sale on dark web, seller boasts". 2019-02-11.
- Byron Acohido, USA TODAY (26 September 2013). "LexisNexis, Dunn (sic) & Bradstreet, Altegrity hacked". USA TODAY.
- Finkle, Jim (26 September 2013). "Data brokers D&B, LexisNexis, Altegrity report cyber attacks". Reuters.
- Wakefield, Jane (19 May 2020). "EasyJet admits data of nine million hacked". BBC News. Retrieved 20 May 2020.
- Calder, Simon (19 May 2020). "EasyJet hack: what does it mean for me and my personal data?". The Independent. Retrieved 20 May 2020.
- Peterson, Andrea (21 May 2014). "eBay asks 145 million users to change passwords after data breach". Washington Post.
- "Hackers steal credit card data from Planet Hollywood, Buca di Beppo customers". USA TODAY. 2019. Retrieved 2 April 2019.
- "Student Loan Company: Data on 3.3M People Stolen". Fox News.
- "Breach Notification Rule". HHS. 2009-09-14. Retrieved 2018-09-30.
- "Online casino group leaks information on 108 million bets, including user details". zdnet.
- "Full-text search". wikileaks.org.
- "Chicago Breach Affects 180,000". healthcareinfosecurity.com.
- "Equifax data breach may affect nearly half the US population", Sept 7, 2017
- "Equifax had patch 2 months before hack and didn't install it, security group says", Sept 14, 2017
- Clinch, Matt (24 July 2014). "ECB hacked: Data stolen from central bank".
- Ehrenberg, Billy (24 July 2014). "Update: Blackmailer hacks European Central Bank website, steals email addresses and contact details". City A.M.
- "Evernote hacked, forces millions of users to reset their passwords". Wired UK. 2013-03-04.
- Mogg, Trevor (4 March 2013). "Evernote hack: 50 million users forced to reset passwords". Digital Trends.
- "Marketing Firm Exactis Leaked a Personal Info Database With 340 Million Records". WIRED. 27 June 2018.
- "Cyber breach hits 10 million Excellus customers". USA TODAY. 10 September 2015.
- "Massive Data Breach At Experian Exposes Personal Data For 15 Million T-Mobile Customers", Huffington Post, Oct. 2, 2015
- "Experian data breach affects 15 million people including T-Mobile customers", Fortune, Oct. 1, 2015
- "Security: Data Breach & Old Password Expiration", Eyewire, Feb. 23, 2016
- "Important Message from Facebook's White Hat Program". facebook.com.
- "Everything you need to know about Facebook's data breach affecting 50M users".
- "Everything We Know About Facebook's Massive Security Breach". Wired.
- "Facebook says 50 million user accounts were exposed to hackers". 2018-09-28.
- "Zuckerberg says Facebook working with FBI to investigate security breach". CNBC.
- "Facebook Security Breach Exposes Accounts of 50 Million Users".
- Wong, Julia Carrie (29 September 2018). "Facebook says nearly 50m users compromised in huge security breach". the Guardian.
- "Hundreds of millions of Facebook user records were exposed on Amazon cloud server". cbsnews.com. 4 April 2019.
- "Facebook says it 'unintentionally uploaded' 1.5 million people's email contacts without their consent". Businessinsider.com. 19 April 2019.
- "Millions of Facebook user phone numbers exposed online, security researchers say". Cnet.
- "Over 267 Million Facebook Users Have Account Info Exposed On Dark Web In Massive Data Breach". CBS.
- "Fidelity National Data Theft Affects 8.5 Million Customers". PCWorld. 27 July 2007.
- "885 Million Records Exposed Online: Bank Transactions, Social Security Numbers, and More". Gizmodo.com. 25 May 2019.
- "Over 300 million AdultFriendFinder accounts have been exposed in a massive breach". The Verge. Retrieved 13 November 2016.
- "AdultFriendFinder network hack exposes 412 million accounts". ZDNet. Retrieved 14 November 2016.
- "Formspring disables user passwords in security breach". CNET. CBS Interactive. 11 July 2012.
- Greenberg, Andy. "Eight Million Email Addresses And Passwords Spilled From Gaming Site Gamigo Months After Hacker Breach". Forbes.
- "Gap Contractor Blamed for Data Breach". PCWorld. 29 September 2007.
- Arthur, Charles. "Gawker falls victim to hackers". the Guardian.
- "Gawker Hacked - Gawker Commenter Database Hacked - Mediaite". mediaite.com. 12 December 2010.
- Tsukayama, Hayley (2 April 2012). "FAQ: The Global Payments hack". Washington Post.
- Protalinski, Emil. "5 Million Gmail Passwords Leak, Google Says No Compromise". The Next Web.
- "Google+ shutting down after data leak affecting 500,000 users". Ars Technica. 9 October 2018.
- "Google Plus Will Be Shut Down After User Information Was Exposed".
- "Google is shutting down Google+ for consumers following security lapse".
- "Hacker arrested for allegedly stealing ID info of most of Greece". Wired UK.
- Alex Hern (1970-01-01). "Hackers publish private photos from cosmetic surgery clinic". The Guardian. Retrieved 2017-05-31.
- "Plastic surgery clinics hacked; 25,000 photos, data online". The Seattle Times. Retrieved 2017-05-31.
- "Plastic surgery clinics hacked; 25,000 photos, data online". Abcnews.go.com. Retrieved 2017-05-31.
|archive-url=
is malformed: timestamp (help) - "GS Caltex - Stratigos Security".
- "The 15 Most Massive Data Breaches in History".
- "Gyft Notifies Users of Data Breach", Low Cards, Feb. 8, 2016
- "Gyft Notifies Affected Users of Security Incident", BusinessWire, Feb. 5, 2016
- Messmer, Ellen (28 March 2008). "Details emerging on Hannaford data breach". Network World.
- "Hautelook.com Data Breach". We Leak Info. 2019-02-20. Retrieved 2019-05-09.
- Williams, Chris; at 23:55, Editor in Chief 11 Feb 2019. "620 million accounts stolen from 16 hacked websites now for sale on dark web, seller boasts". theregister.co.uk. Retrieved 2019-05-09.CS1 maint: extra text: authors list (link)
- Pwned, Have I. Been (2019-03-21). "New breach: HauteLook had 28M unique email addresses breached in August including names, genders, dates of birth and bcrypt password hashes. 82% were already in @haveibeenpwned". @haveibeenpwned. Retrieved 2019-05-09.
- "Health Net Fined Second Time for Breach". databreachtoday.com.
- HCPro, Inc. (1 February 2016). "CA Investigating Latest Health Net Data Breach". healthleadersmedia.com.
- "Personal data of 808,000 blood donors compromised for nine weeks; HSA lodges police report". TODAYonline. Retrieved 2019-03-16.
- Johnson, Bobbie. "Heartland hackers also behind $750,000 cash machine strike". the Guardian.
- "'Massive' credit card data breach involves all major brands". CNNMoney.
- Warburton, Dan (2017-10-28). "Terror threat as Heathrow Airport security files found dumped in the street". mirror. Retrieved 2017-11-02.
- "USB stick found in West London contained Heathrow security data".
- "Heathrow probe over 'security USB stick find'". bbc.co.uk. 29 October 2017.
- "Laptop with HP employee data stolen". CNET. CBS Interactive.
- Hackett, Robert (25 November 2015). "Hilton Hotels Confirms Data Breach Following Starwood and Trump". Fortune.
- Stempel, Jonathan (2017-10-31). Craft, Diane (ed.). "Hilton to pay $700,000 over credit card data breaches". Reuters. New York. Retrieved 2019-11-15.
- "Banks: Credit Card Breach at Home Depot". Krebs on Security.
- "Honda Canada hit by online security breach; 283,000 car owners' personal data stolen". guelphmercury.com.
- "Hyatt Reveals Data Breach Impacted About 250 Hotels". ABC News.
- "Protecting Customer Information". hyatt.com.
- "IRS: Thieves May Have Stolen Info From 220,000 Additional Tax Accounts". ABC News.
- "IRS taxpayer data theft seven times larger than originally thought", CNN, Feb. 26, 2016
- "Inuvik hospital confirms potential data breach by employees". Canadian Broadcasting Corporation. 5 February 2016.
- Protalinski, Emil. "3 million bank accounts hacked in Iran". ZDNet.
- "Report: Inmates' Prescriptions & PII Leaked in Breach Spanning Multiple Jailhouses". 10 February 2020.
- "Web error fallout ongoing - Journal News - News, sports, jobs, community information for Martinsburg - The Journal". Archived from the original on 2016-02-07. Retrieved 2016-01-31.
- "J.P. Morgan Chase Probing Possible Data Breach". PCWorld. 1 May 2007.
- Perlroth, Jessica Silver-Greenberg, Matthew Goldstein and Nicole. "JPMorgan Chase Hacking Affects 76 Million Households".
- "Data breach at JustDial leaks 100 million user details". The Economic Times. 18 Apr 2019.
- Williams, Martyn (13 June 2006). "KDDI suffers massive data breach". Computerworld.
- "Data Breach At Kirkwood Community College Exposes SS#'s". Data Breach Watch.
- "A Teen Hacker Is Targeting Russian Sites as Revenge for the MH17 Crash".
- "Telus Says Koodo Suffered Data Breach Leaking Account and Phone Numbers". 2020-03-06.
- "20 Million People Fall Victim to South Korea Data Leak - SecurityWeek.Com". securityweek.com.
- "Police arrest two in KT data leak case". 29 July 2012.
- "Hackers accused of stealing data from 9M Korean mobile users". CNET. CBS Interactive. 30 July 2012.
- "Restaurant chains hit with data breach - Bankrate.com". bankrate.com. Archived from the original on 2016-02-01. Retrieved 2016-02-01.
- "Data security critical as menu of breaches grows".
- "LifeLabs pays ransom after cyberattack exposes information of 15 million customers in B.C. and Ontario". CBC.
- "New York hospital loses data on 130,000 via FedEx". PC World from IDG. 30 June 2010. Retrieved 2018-09-30.
- Mills, Elinor (8 June 2012). "What the password leaks mean to you (FAQ)". CNET. CBS Interactive. Archived from the original on 30 December 2018. Retrieved 30 December 2018.
- Goodin, Dan (6 June 2012). "8 million leaked passwords connected to LinkedIn, dating website". Ars Technica. Archived from the original on 30 December 2018. Retrieved 30 December 2018.
- "50,000,000 usernames and passwords lost as LivingSocial "special offers" site hacked – Naked Security". Naked Security.
- Perlroth, Nicole. "LivingSocial Hack Exposes Data for 50 Million Customers".
- "Hack of MacRumors forums exposes password data for 860,000 users". Wired UK.
- "Mandarin Oriental says 10 properties impacted in credit card breach". SC Magazine.
- "Press Release And Notice Regarding Mandarin Oriental Credit Card Breach". mandarinoriental.com.
- "Marriott Data Breach Is Traced to Chinese Hackers as U.S. Readies Crackdown on Beijing", New York Times, Dec. 11, 2018
- "Starwood Guest Reservation Database Security Incident". starwoodhotels.com/.
- "Marriott Says New Data Breach Affects 5.2 Million Guests", New York Times, Mar. 31, 2020
- "Hackers hit Nasdaq, 7-Eleven, others for $300 million: feds".
- "Update: Hackers hit business associate, swipe PHI and Social Security numbers". Healthcare IT News.
- "SUBSTITUTE NOTIFICATION: AN IMPORTANT NOTICE REGARDING PATIENT INFORMATION AND CONFIDENTIAL" (PDF). Archived from the original (PDF) on 2012-10-12. Retrieved 2018-09-30.
- Jayakumar, Amrita (19 April 2014). "Michaels says 3 million customers hit by data breach". Washington Post.
- Bonifacic, Igor (January 22, 2020). "Microsoft accidently [sic] exposed 250 million customer service records". Engadget. Retrieved January 22, 2020.
- "Reborn LulzSec Claims Hack of Dating Site for Military Personnel". PCWorld. 27 March 2012.
- "BBC NEWS - Americas - Hacker leaks 6m Chileans' records". bbc.co.uk.
- "Government servers in Chile hacked, 6 million personal records made public - News - Geek.com". @geekdotcom. 2008-05-14.
- Low, Youjin (12 February 2019). "Timeline of events leading up to HIV data breach". TODAYonline. Retrieved 2019-03-13.
- James Griffiths. "HIV status of over 14,000 people leaked online, Singapore authorities say". CNN. Retrieved 2019-03-13.
- "NO MORE PRIVACY: 202 MILLION PRIVATE RESUMES EXPOSED". hacken.
- "Over 275 Million Records Exposed by Unsecured MongoDB Database". Bleeping Computer.
- "BBC NEWS - Technology - Monster attack steals user data". bbc.co.uk.
- Hern, Alex. "Mozilla confirms leak of 76,000 developer email addresses". the Guardian.
- "MyHeritage Genealogy Site Announces Mega Breach Affecting 92 Million Accounts". Bleeping Computer. 5 June 2018.
- McCrank, John (18 July 2013). "Nasdaq forum website hacked, passwords compromised". Reuters.
- "There's Another Possible Payment Data Breach At Natural Grocers – Consumerist". Consumerist.
- "Neiman Marcus Data Breach Worse Than First Said". The New York Times. 24 January 2014.
- "Stealthy, Razor Thin ATM Insert Skimmers — Krebs on Security". krebsonsecurity.com.
- "ZeroSecurity - Information Security & Technology News". Zerosecurity. Archived from the original on 2012-11-07. Retrieved 2016-01-31.
- Keizer, Gregg (19 April 2010). "Network Solutions sites hacked again". Computerworld.
- "Security Fix - Network Solutions Hack Compromises 573,000 Credit, Debit Accounts". washingtonpost.com.
- Pandurangan, Vijay (2014-06-27). "On Taxis and Rainbows". Medium.
- Reuters Editorial (26 November 2011). "Data of 13 million South Korean online game subscribers hacked". Reuters.
- "NHS Researchers Lose Laptop With 8m Patient Records". TechWeekEurope UK.
- "Club Nintendo Japan hacked". Engadget. Archived from the original on July 8, 2013.
- Phillips, Tom (April 24, 2020). "Nintendo confirms up to 160,000 accounts accessed in huge privacy breach". Eurogamer. Retrieved April 24, 2020.
- "Teen "Cyber Anakin" hacker wants revenge on Russia after the MH17 crash". news.com.au. 2016-03-05. Retrieved 2018-07-17.
- "Largest Data Leak in Norway: data on 4 million Norwegians sent to media". infowatch.com.
- "Ofcom tackles mass data breach of TV company information", The Guardian, March 10, 2016
- "Hacking of Government Computers Exposed 21.5 Million People". The New York Times. 10 July 2015.
- "US government hack stole fingerprints of 5.6 million federal employees". the Guardian. Associated Press. 2015-09-23.
- "Texas attorney general exposes millions of voters' Social Security numbers". rawstory.com.
- "Orbitz, AmexTravel; Victims of Latest Data Breach Effecting 880,000 Customers". strategicrevenue.com. 2018-03-22.
- "OVH Tasks". ovh.net.
- "HACKERS RELEASE DATA OF 2.3 MILLION PATREON USERS". October 2, 2015.
- "Notice of Data Breach" (PDF). June 14, 2018.
- "About the Cyberattack". premeraupdate.com.
- "Nearly 12,000,000 Quest Diagnostics Patients' Medical Info Exposed In New Data Breach Of Third-Party Billing Collections Vendor". The Published Reporter. 2019-06-05. Retrieved 2019-06-05.
- "Quora data breach affected 100 million user". TOI. 2018-12-04. Retrieved 2018-12-04.
- Gallagher, Sean. "More passwords, please: 98 million leaked from 2012 breach of "Russia's Yahoo"". Ars Technica. Retrieved 30 September 2016.
- "LeakedSource: Rambler.ru breach". Archived from the original on 9 September 2016. Retrieved 30 September 2018.
- "RBS WorldPay breach exposes 1.5 million". theregister.co.uk.
- "Reddit user data compromised in sophisticated hack". theguardian.com. 2018-08-02. Retrieved 2018-12-05.
- "Everything you need to know about the Reddit data breach". siliconrepublic.com. 2018-08-02. Retrieved 2018-12-05.
- Cubrilovic, Nik (14 December 2009). "RockYou Hack: From Bad To Worse". TechCrunch. AOL.
- "Rosen Hotels warns customers of 18-month data breach", Orlando Sentinel, March 8, 2016
- "SF utilities agency warns of potential breach". CNET. CBS Interactive. 2 June 2011.
- Hackett, Robert (2 October 2015). "Scottrade Data Breach Affects 4.6 Million Customers". Fortune.
- "Scribd, "world's largest online library," admits to network intrusion, password breach". Naked Security. 2013-04-05.
- "Archived copy". Archived from the original on 2014-02-04. Retrieved 2016-01-31.CS1 maint: archived copy as title (link)
- "Gamers hack server to patient records: 230,000 clients of Seacoast Radiology in Rochester affected; no info believed compromised". fosters.com.
- Cohen, Peter. "Sega: 1.3 million customer records hacked, LulzSec promises retribution". ZDNet.
- "BBC NEWS - UK - England - Gloucestershire - Personnel records stolen from MoD". bbc.co.uk.
- "Hackers stole data of PM Lee and 1.5 million patients in 'major cyberattack' on SingHealth". TODAYonline. 20 July 2018.
- "Slack gets hacked – rolls out two-factor authentication after user database breach – Naked Security". Naked Security. 2015-03-30.
- "I hacked SlickWraps. This is how". Medium. 21 February 2020.
- Fung, Brain. "A Snapchat security breach affects 4.6 million users. Did Snapchat drag its feet on a fix?". The Washington Post.
- McMillan, Robert (3 May 2011). "Sony cuts off Sony Online Entertainment service after hack". Computerworld.
- "Sony hack: Can Sony's brand recover from massive breach? - May. 10, 2011". CNNMoney.
- Warren, Christina (2 June 2011). "Sony Pictures Website Hacked, 1 Million Accounts Exposed". Mashable.
- "A Look Through The Sony Pictures Data Hack: This Is As Bad As It Gets". BuzzFeed.
- Kessler, Sarah (31 May 2011). "Sony Promises All PlayStation Services Will Return This Week (Again)". Mashable.
- "Anonymous hacks police site, releases list of South African whistleblowers". Wired UK. 2013-05-22.
- "Personal data for 228,000 in SC compromised". thestate. Archived from the original on 2013-10-03. Retrieved 2016-01-31.
- "Archived copy". Archived from the original on 2013-04-25. Retrieved 2016-01-31.CS1 maint: archived copy as title (link)
- Ilana DeBare, Chronicle Staff Writer (8 June 2008). "Stanford employees' data on stolen laptop". SFGate.
- "Starwood Hotels Malware Data Breach: What You Need to Know". ABC News.
- "Starwood data breach: See which hotels were hacked". cbsnews.com. 20 November 2015.
- "Texas Data Breach Exposed 3.5 Million Records". Dark Reading.
- "Valve's online game service Steam hit by hackers". BBC News. 2011-11-11.
- Whittaker, Zack. "StockX was hacked, exposing millions of customers' data".
- Perlroth, Nicole (2011-12-27). "Questions About Motives Behind Stratfor Hack".
- Tom Huddleston, Jr. (29 September 2014). "Supervalu announces another possible data breach at grocery store chain - Fortune". Fortune.
- "Industry News Archives -". simplysecurity.com.
- "Syria files: Wikileaks releases 2m 'embarrassing' emails". BBC News. 5 July 2012. Archived from the original on 10 July 2012. Retrieved 5 July 2012.
- Greenberg, Andy (5 July 2012). "WikiLeaks Announces Massive Release With The 'Syria Files': 2.4 Million Emails From Syrian Officials And Companies". Forbes. Archived from the original on 10 July 2012. Retrieved 5 July 2012.
- "Data breach in China: 100 million records used to hack 20 million Taobao users". Naked Security. 2016-02-05.
- "Taringa: Over 28 Million Users' Data Exposed in Massive Data Breach". The Hacker News. Retrieved 2017-09-04.
- "Broker cuts Target earnings outlook after data theft". tribunedigital-chicagotribune. Archived from the original on 2013-12-25. Retrieved 2016-01-31.
- "Target Hacked: Retailer Confirms 'Unauthorized Access' Of Credit Card Data". The Huffington Post. 19 December 2013.
- Saunders, Laura. "Tax software firm warns of data breach". MarketWatch.
- "Operator of Online Tax Preparation Service Agrees to Settle FTC Charges That it Violated Financial Privacy and Security Rules" (Press release). United States Federal Trade Commission. August 29, 2017. Retrieved 2019-11-15.
- Schifferle, Lisa (August 29, 2017). "TaxSlayer: File this one under authentication". United States Federal Trade Commission Consumer Information Blog. United States Federal Trade Commission. Retrieved 2019-11-15.
- "Ameritrade Hack Settlement: $2 Per Victim, $1.8 Million for Lawyers". WIRED. 11 July 2008.
- Payne, Mark (9 December 2014). "TD Bank reaches data breach settlement with Massachusetts".
- "TD Bank Pays $625,000 in Mass. Data Breach Settlement". American Banker.
- "TerraCom and YourTel threaten journalists who exposed massive personal data breach". Boing Boing. 2013-05-23.
- "Reporters sued as 'hackers' for finding a security hole with Google". Wired UK. 2013-05-23.
- "Retail Customer Data Exposure Spotlights Cloud Security Risk". 2020-02-20.
- "Hacker Stole 26 Million Email And Home Addresses Of Ticketfly Users". Motherboard. 4 June 2018.
- Pauli, Darren (10 July 2013). "28 million clear text passwords found after Tianya hack". iTnews.
- Espiner, Tom. "Wi-Fi hack caused TK Maxx security breach". ZDNet.
- "T.J. Maxx theft believed largest hack ever". NBC News. 2007-03-30.
- http://www.datalossdb.org%5B%5D
- "Attacks & Breaches News, Analysis, Discussion, & Community".
- "Truecaller Exposes Indian Users' Data, Shows Cracks In Cyber Security Infrastructure". Analytics India Magazine. 22 May 2019.
- Krishnan, Raghu (22 May 2019). "Truecaller data available for sale". The Economic Times.
- "Trump Hotel Collection™ – Data Security Notice". trumphotelcollection.com. Archived from the original on 2016-01-21. Retrieved 2016-02-01.
- "Trump Hotel Collection Confirms Card Breach — Krebs on Security". krebsonsecurity.com.
- Franceschi-Bicchierai, Lorenzo (30 May 2016). "Hackers Stole 65 Million Passwords From Tumblr, New Analysis Reveals". Motherboard. Vice Media.
- "Twitch warns users of possible data breach". USA TODAY. 24 March 2015.
- "Twitter hacked: 250,000 accounts believed compromised". Wired UK. Archived from the original on 2013-02-04.
- "Uber Suffers Data Breach Affecting 50,000". Forbes. February 28, 2015.
- "2016 Data Security Incident". Uber. November 21, 2017.
- "Security update regarding your Ubisoft account - please create a new password - Forums". ubi.com.
- "Hack exposes e-mail addresses, password data for 2 million Ubuntu Forum users". Ars Technica. 2013-07-21.
- "Hackers swipe data of 4.5M at UCLA Health System in massive cyberattack". Healthcare IT News. 2015-07-17.
- "BBC NEWS - UK - UK Politics - Home Office guilty of data breach".
- "Up to 1.7m people's data missing". BBC News.
- "Data lost by Revenue and Customs". BBC News.
- "Over 1 Million UiTM Students and Alumni Personal Details Leaked Online". Lowyat. 2019-01-25.
- Lee, Dave (2018-03-29). "MyFitnessPal breach affects millions of Under Armour users". bbc.com.
- "Hackers breach UC Berkeley computers". NBC News. 2009-05-08.
- "Data breach affects 80,000 UC Berkeley faculty, students and alumni", Fox News, Feb. 28, 2016
- "University of Maryland computer security breach exposes 300,000 records", Washington Post, Feb. 19, 2014
- "63K Social Security numbers compromised in UCF data breach". The Washington Times.
- "USPS Site Exposed Data on 60 Million Users". Krebs on Security.
- Rogers, Alex. "UPS: We've Been Hacked". TIME.com.
- Greenberg, Andy. "Wikileaks Reveals The Biggest Classified Data Breach In History". Forbes.
- "VA settlement demonstrates just how costly lax security can be". gcn.com.
- "AntiSec Breach Yields Huge Amount of Law Officers' Personal Data". PCMAG.
- "Probe Targets Archives' Handling of Data on 70 Million Vets". WIRED. 1 October 2009.
- Rogers, Simon (2010-12-03). "WikiLeaks embassy cables: download the key data and see how it breaks down". The Guardian.
- "Verizon's Data Breach Fighter Gets Hit With, Well, a Data Breach", Fortune magazine, March 24, 2016
- "Virgin Media Data Breach Exposes Nearly One Million Customer Details". 2020-03-06.
- "Like a Virgin, hacked for the very first time... UK broadband ISP spills 900,000 punters' records into wrong hands from insecure database". 2020-03-06.
- "Insider Steals Data of 2 Million Vodafone Germany Customers". securityweek.com.
- "Security Breach at Toy Maker VTech Includes Data on Children". The New York Times. 1 December 2015.
- "June Hack of Washington Post Netted 1.27M User Account Details". PCMAG.
- Porterfield, Elaine (9 May 2013). "Washington State system hacked, data of thousands at risk". Reuters.
- "Washington State Courts - Data Breach Information - Home Page". wa.gov.
- "Wawa data breach: Hacker is selling 30 million credit cards on the dark web". 29 January 2020.
- Ashok, India (2016-10-21). "Weebly confirms hack affecting over 40 million users, Foursquare accounts also exposed". International Business Times. Retrieved 25 October 2016.
- "Weebly hacked, 43 million credentials stolen". TechCrunch. Retrieved 25 October 2016.
- "Wendy's Probes Reports of Credit Card Breach". Krebs on Security.
- Martha C. White. "Wendy's Investigates Possible Data Breach". MONEY.com.
- "Security breach shuts down network for Woodruff Arts Center, High Museum".
- Cimpanu, Catalin. "Thousands of WordPress sites backdoored with malicious code". ZDNet.
- "LulzSec on Hacks: 'We Find it Entertaining'". PCMAG.
- "Data Breach". xat.com. Retrieved 2017-12-27.
- "Yahoo Discloses New Breach of 1 Billion User Accounts". The New York Times. Retrieved 15 December 2016.
- McMillan, Robert; Knutson, Ryan (3 October 2017). "Yahoo Triples Estimate of Breached Accounts to 3 Billion". The New York Times. Retrieved 3 October 2017.
- "Yahoo confirms data breach affecting at least 500 million accounts". Washington Post. September 22, 2016. Retrieved 22 September 2016.
- "Are you a Yahoo user? Do this right now".
- "Yahoo hit in worst hack ever, 500 million accounts swiped".
- Perlroth, Nicole. "Yahoo Says Hackers Stole Data on 500 Million Users in 2014". The New York Times. Retrieved 22 September 2016.
- "Yahoo Says at Least 500 Million Accounts Breached in Attack". Bloomberg. Retrieved 22 September 2016.
- Reuters Editorial (17 May 2013). "Yahoo Japan suspects 22 million user IDs leaked: Kyodo". Reuters.
- "Nearly Half a Million Yahoo Passwords Leaked [Updated] - Slashdot". slashdot.org.
- "Yahoo Voices Breach Exposes 453,000 Passwords", PC Magazine, July 12, 2012
- Greenberg, Andy. "Zappos Says Hackers Accessed 24 Million Customers' Account Details". Forbes.
- Takahashi, Dean (September 30, 2019). "Words With Friends player data allegedly stolen for 218 million users". Venture Beat. Retrieved September 30, 2019.
- "Zynga hack affected 170 million accounts". The Verge. December 19, 2019. Retrieved December 19, 2019.
- "Almost 100,000 Westpac customers exposed after cyber security breach". 9Finance. 4 June 2019.
- "Australian National University suffers massive data breach dating back 19 years". 9News. 17 May 2019.
- Spadafora, Anthony (March 21, 2020). "Major data breach exposes database of 200 million users". TechRadar. Retrieved March 22, 2020.
- "In systemic breach, hackers steal millions of Bulgarians' financial..." Reuters. 2019-07-16. Retrieved 2019-07-16.