The 10 biggest data breaches in the last 10 years

Protecting your data isn’t just about backups, you’ve also got to stop others from gaining access to your data. Over the last few years plenty of big corporations, ones that we know and trust with our most precious of personal information, have unwittingly given that same data out.

Let’s go back a few years and find out some of those who learnt about data protection the hard way.

1. Yahoo

In 2012, Yahoo saw 400,000 text passwords lifted from their VoIP network. The hackers, believed to be a group called D33DS, posted the passwords online to ‘highlight’ the lack of security on the internet.

2. eHarmony

True love was not safe in 2012 when 1.5 million eHarmony passwords were compromised by a hacker. Analysts discovered the passwords online and realized they were from the romance site when they found many of the passwords used variations of the word… eHarmony … or should that be 3harm0ny.

3. LinkedIn

Not wanting this popular social networking site to be left out, the hacker who took 1.5 million passwords from eHarmony proceeded to take 6.5 million passwords from LinkedIn as well. LinkedIn’s loss was a Russian web forum’s gain when the passwords were posted online … with the usernames left out. Mashable has a great graphic of some of the most common variations from this heist.

4. Sony PlayStation Network

In 2011, 77 million Sony PlayStation Network accounts were hacked by what Sony said was an ‘external intrusion’. Card numbers, passwords and email addresses were compromised and the PlayStation Network was taken offline for over a month. It was not just angry gamers who wanted an explanation.  Sony had to send a letter to the US House of Representatives, who had sent them a ‘please explain’.


It wasn’t a good day for the company directors when hackers got into NAZDAQ’s Directors Desk, a cloud-based system used for boardroom-level communications between executives and directors. Hackers not only got bragging rights, but access to inside information that could have been used to make ‘informed’ stock market trades in 2011.

6. Citigroup

Data can also be compromised internally, as Citigroup found out in Japan in 2011 when the personal information of 92,000 local customers was sold to a third-party. In this case, an employee who worked for an outsourced contractor sold the information. Of course, hackers were not completely absent that year. They had made their presence felt a few months earlier by accessing the account details of 200,000 Citigroup customers in an unrelated incident.

7. AT&T

New tech is generally a good thing, but in 2010 AT&T’s online 3G application had a pretty serious downside – a vulnerability that was found and exploited by hacker group Goatse Security. The hackers tested the security flaw by accessing the e-mail addresses of over 100,000 iPad 3G customers. These iPad 3G early adopters included: Diane Sawyer, Harvey Weinstein and NY Mayor Michael Bloomberg.

8. GE Money

Now we’re back in 2007, so it seems appropriate to note an old-school data ‘incident’ – when a magnetic tape with 150,000 social security numbers and in-store credit card information belonging to 650,000 customers went missing from a GE Money storage facility. There was no sign of anything criminal – it just went missing. GE spent two months reconstructing the tape, so they could notify those affected.

9. The Gap

The loss of data from this clothing retailer was not good news for those who tried to get a job with the company. In 2007, the details of 800,000 job applicants were lost when two laptops were stolen. Unfortunately, the data included social security numbers and of course, the data was not encrypted.

10. AOL

And here we finish at 2006, with a softer landing – a data breach of the accidental kind. To further its research into search technology, AOL produced a text file containing the keyword searches of 650,000 users, and accidentally released it on one of the company’s websites. It was left there long enough for those with an interest in ‘search statistics’, to download the list.

While network security and stopping data theft can be complicated and expensive, securing your data from disasters, both human and man-made, is easy if you use BackupAssist. With TrueCrypt 256 bit AES encryption, easy to set up and configure automated backups and dedicated support for VSS apps including Exchange and SQL, protecting your data has never been easier. 

Download your free, fully functional 30 day trial of BackupAssist today. 

1 thought on “The 10 biggest data breaches in the last 10 years”

Leave a Comment

Share on email
Share on print
Share on facebook
Share on google
Share on twitter
Share on linkedin

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email. Join 1,874 other subscribers