Most Expensive Data Breaches In History
Most expensive breaches
10 most costly data breaches in computer history
Some of the facts and figures may have changed since the writing of this article. Please double check all facts before acting on them. Better yet, contact the companies in question for the full story.
If you see any details that are inaccurate or out-of-date, please notify us for the correction.
Large scale data breaches seem to be in the news constantly, resulting in increased financial losses by a company as well as loss of customers. The average data breach is about $202 per record, resulting in some major costs to large corporations. The following are the ten largest breaches to date.
1. TJX Industries loses 94 million credit card numbers and transaction details to hackers on January 17, 2007. An arrest was made in connection.
2. Visa, MasterCard, and American Express have 40 million records hacked. This occurred June 19, 2005. No arrests have been made.
3. America Online was the victim of fraud when 92 million email addresses for 30 million subscribers were sold to spammers in June 2004. No arrests have been made.
4. A stolen computer from the US Dept of Veteran Affairs results in the loss of names, social security numbers, and dates of birth for 26.5 million U.S. military veterans May 2006. No arrests have been made.
5. HM Revenue and Customs in the United Kingdom loses media containing the names, social security numbers, and date of births of 25 million records in October 2007. There are no arrests on record.
6. T-Mobile lost a disk containing the data of 16 million customers October 6, 2008. There are no known arrests on record.
7. Archive Systems, Inc and Bank of New York Mellon lost data tapes containing the names and social security numbers of 12.5 million customers in May 2008. Lawsuits have been filed, no arrests have been made.
8. GS Caltex in South Korea reported the loss of 11 million records of names and social security numbers in September 2008. The data was recovered and arrests were made in connection.
9. The Dai Nippon Printing Company lost nearly 9 million pieces of customer data in March 2007. Arrests have been made.
10. Fidelity National Information Services and Certegy Check Services reported 2.3 consumer records containing bank account and credit card information missing in March 2007. The data was not recovered but an arrest was made.
Clearly the bigger incidents have occurred just within the last four years. One of the most significant findings for this data was that the breaches occurred with third parties. Because of the declining economy, many companies now outsource and off-shore IT functions in order to save costs. It is creating more risks and proving to be more expensive in the long run because of the security breaches.
The Ponemon Institute recently released a study containing this information, and noted that companies reporting a data breach for the first time will face more severe financial penalties than those that have had repeated breaches. Some of this is due to the fact that companies that have experienced a breach are more familiar with the processes. The average cost of a first time breach is $242 per record, vs. $192 for those that have experienced data loss prior. The Ponemon study was based upon a group of 43 companies, with data breaches that ranged from 4,200 to more than 113,000 records.