Biggest Examples of Data Breaches
Data breaches are a distressingly common occurrence in the Digital Age. After all, a hacker only needs a broadband Internet connection, a willing accomplice on the inside, and a lazy network administrator and/or a careless worker with a laptop to gain access to gigabytes of information.
Whether you call these incidents data breaches or security breaches, the outcome is the same: A thief unlawfully accesses the names and personal information of everyone in the database, substantially increasing the risk that they'll become victims of identity theft.
The biggest examples of data breaches over the last several years include:
• Card Systems: 2005
Card Systems is a third-party processor of payment card transactions. In June 2005, hackers gained access to the database and the information of more than 40 million cardholders. This data breach led to hackers using 68,000 MasterCard accounts, 100,000 Visa accounts, and 30,000 other accounts.
• Laptop Stolen in Home Burglary: 2006
In May 2006, a thief broke into the home of a U.S. Veterans Affairs employee and took a laptop with the personal information of 17.5 million Veterans. This story had a rare happy ending, as the FBI recovered the laptop a month later and found that no one accessed the information.
• TJX Companies: 2006
In December 2006, retailer TJX Company, owner of HomeSense, Marshall's, TJ Maxx, and others, notified police that hackers stole more than 45 million customer records in 2003 and 2004. TJX told the public about the breaches the following month and spent more than $20 million dealing with the security breach.
• Certegy Check Services: 2007
In 2007, financial services company Certegy Check Services told police that an employee stole the account information of 8.5 million people, including credit card, bank, and other account information.
• TD Ameritrade: 2007
In 2007, this online trading and investment giant told investigators that hackers broke into their database and stole the information of more than 6.3 million clients, including names, e-mail addresses, phone numbers, home addresses, and other information.
• Bank of New York Mellon: 2008
In February 2008, Mellon officials told investigators that there was a lost box of data storage tapes containing the personal information of 12.5 million people. The security breach led to an undisclosed amount of stolen funds, and the bank agreed to pay for fraud alerts and monitoring for victims for 36 months.
• CheckFree Corporation: 2008
In 2008, this online bill-paying company told officials that hackers had used Internet domain redirects to send customers to a site hosted in the Ukraine that attempted to install malware on their computers. As many as five million people may have unknowingly had their PCs infected by the malware.
• Hannaford Brothers Supermarkets: 2008
In late 2008, this Maine-based chain of grocery stores reported that a security breach affected up to 4.2 million people. Thieves gained access to names, debit and credit card numbers, and other personal information.
• Heartland Payment Systems: 2009
In early 2009, credit-card payment processor Heartland Payment Systems told investigators that hackers had infiltrated its database and gained access to the more than 100 million credit card transactions it processes each month. The company paid more than $41.1 million to settle claims.
Each of these security breaches illustrates the importance of enrolling in an identity monitoring service. When a data breach provides access to personal information, the alerts and other tools these services offer can warn members about the use of their personal information so they can take appropriate action.