19. Evernote. Number of records compromised: 50 million
Date reported: 03/02/13
How it happened: A company network intrusion
Evernote is a commonly used note taking service available on smartphones, tablets and PCs.
The Evernote breach saw a hacker successfully compromise over 50 million Evernote account holders’ usernames, email addresses, and encrypted passwords. It led Evernote to roll out a forced password reset command to its customers.
18. LivingSocial. Number of records compromised: 50 million
17. The Republic of Turkey. Number of records compromised: 50 million
Date reported: 01/12/15
How it happened: A coordinated hacking assault on government networks
Government departments in Turkey are a common target for cyber attacks. This started in 2011 when the Anonymous hacktivist collective took issue with its web surveillance and censorship laws.
However, few attacks have been as successful as a 2015 raid that saw hacker steal the identification numbers of over 50 million citizens from various state agency servers.
16. Ubisoft. Number of records compromised: 58 million
Date reported: 07/02/13
How it happened: Hackers broke into parts of the company website
Games company Ubisoft suffered a particularly nasty data breach in 2013 that saw criminals expose roughy 58 million customers usernames, email addresses and encrypted passwords. The attackers got access the data by hacking the company’s website.
next slide will load in 15 secondsSkip AdSkip Ad15. Pinterest. Number of records compromised: 70 million
Date reported: 08/23/13
How it happened: A coding error
Unlike the previous data breaches on our list, the 2013 Pinterest breach was caused by human error.
It saw 70 million users' email addresses exposed due to a flaw in the photo sharing site’s application programming interface (API) – the bit of tech used by coders to build services.
14. Sony Corporation. Number of records compromised: 77 million
13. Anthem Insurance Companies. Number of records compromised: 78.8 million
12. Facebook. Number of records compromised: 80 million
Date reported: 07/16/08
How it happened: A bungled test for a new website design
Facebook has done a lot of good work improving its security over the last couple of years, taking key steps like encrypting its users’ news feeds.
However, it’s important to remember the company is very young and during its rise to fame had more than a few technical foul ups. One of the biggest occurred in 2008 when a Facebook software glitch publicly exposed 80,000,000 users' hidden information.
11. JPMorgan Chase. Number of records compromised: 83 million
next slide will load in 15 secondsSkip AdSkip Ad10. TRW Information Systems. Number of records compromised: 90 million
Date reported: 06/01/84
How it happened: A stolen computer password
Despite happening over 30 years ago the TWR breach remains on the all time biggest data bungles in history.
TRW Information Systems was an American corporation that was involved in a variety of businesses, including aerospace, automotive, and credit reporting until it was acquired by Northrop Grumman in 2002.
In 1984 retro-hackers managed to use a stolen computer password to access the firm's systems and compromise the credit histories of over 90 million people.
You can read TWR's original explanation of the hack here.
9. TJX Companies. Number of records compromised: 94 million
8. The Korea Credit Bureau. Number of records compromised: 104 million
Date reported: 01/30/14
How it happened: An inside job
The Korea Credit Bureau investigation alleged the breach was caused by an IT worker who copied the names, social security numbers and credit card details of 104 million customers onto a USB stick before selling them to a marketing firm.
7. Home Depot. Number of records compromised: 109 million
Date reported: 09/02/2014
How it happened: "A never before seen malware"
The Home Depot hack exposed the details of 56 million customers’ payment cards and 53 million customer email addresses.
Official details remain scarce but Home Depot claimed the hackers used a previously unseen malware to evade its security systems, in a statement published just after the incident.
6. Target. Number of records compromised: 110 million
Date reported: 12/18/2013
How it happened: Hackers broke into its point of sales terminals
The Target breach is believed to have occurred between 27 November and 15 December 2013. It saw hackers break into Target's systems and steal customers' credit and debit card numbers, card expiration dates and debit card PIN numbers.
In the wake of the breach former chief information officer Beth Jacob resigned from her role in the wake of a data breach in March 2014. Target chief executive Gregg Steinhafel soon followed and stepped down from his role in May 2014.
next slide will load in 15 secondsSkip AdSkip Ad5. Heartland Payment Systems. Number of records compromised: 130 million
4. eBay. Number of records compromised: 145 million
Date reported: 05/21/2014
How it happened: Hackers used stolen employee details to break into its network
The eBay data breach is one the worst in recent memory for two reasons.
First, because the attack on its network compromised over 145 million customers’ passwords, usernames, email addresses, addresses, phone numbers and dates of birth.
Second, because despite being aware of the breach since February 2014, eBay only alerted its customers in June 2014 – a move that naturally angered some of those affected.
3. Shanghai Roadway D&B Marketing Services. Number of records compromised: 150 million
Date reported: 03/17/2012
How it happened: Believed to be an inside job
The Shanghai Roadway D&B Marketing Services breach is one of the oddest on the list. News of the compromise emerged when Chinese police raided the D&B Marketing Services Shanghai Roadway headquarters.
DataLossDB reported the raid stemmed from concerns members of the office “may have illegally bought and sold customers' information” to companies involved in marketing or phone sales.
The true cause of the breach remained murky, though D&B Marketing Services has shutdown the Shanghai office.
2. Adobe Systems. Number of records compromised: 152 million
Date reported: 10/03/2013
How it happened: Unknown
The Adobe 2013 data breach was massive. Originally spotted by security journalist Brian Krebs on October 3, 2013, the breach was so big Adobe and the security community actually struggled to figure out what information was in the initial data dump.
After weeks of research it eventually turned out, as well as the source code of several Adobe products, the hack had also exposed customer’ names, IDs, passwords and debit and credit card information.
1. New York City Taxi and Limousine Commission. Number of records compromised: 173 million
Date reported: 06/21/2014
How it happened: A bungled freedom of information request
The 2014 NYC taxi data breach resulted from a botched attempt by the commission to anonymise data it was preparing to release for a freedom of information request.
Thanks to the failed attempt to anonymise the data the NYC commission inadvertently released 20GB of data the detailed over 173 million taxi customers comings and going around the city.
The data included the pickup customers pickup and dropoff location and time and various other titbits of metadata.