The 10 Most Costly Data Breaches in History
There is very little that sends chills down an executive’s spin faster than the utterance of the two words “data breach.” They understand that the first hard-hitting consequence of a data breach is enormous financial loss. That is typically followed by a devastating strike against the company’s reputation as consumers realize that their sensitive data has been compromised. Operational downtime is another avoidable outcome of a data breach. Oftentimes, an infringement ends in expensive legal action, which itself brings more bad press for the company.
There are specific industries that hackers and cyber threats tend to target due to the large amount of personal information they contain. The number one targeted industry over the years has been healthcare, followed unsurprisingly by financial services, energy, pharmaceuticals, and technology.
Of course, businesses of every size and industry are at risk if they don’t employ world-class network security. However, there may be some things that we can learn from the largest, costliest, and most public data breaches in history.
10. 2016 Uber at $148 million
Starting off the countdown is a company that suffered a critical data breach and tried to dust it under the rug by paying the hackers $100,000 to delete the data. The hack exposed the personal data of 57 million riders and drivers, which included 600,000 US driver’s license numbers.
They were fined $148 million for negligence and their attempt to cover it all up.
9. 2011 Sony Playstation Network at $171 million
Several years earlier, Sony had the misfortune of their own data breach in the news. This time 77 million users learned that their accounts were included in the hack. The hackers got everything they needed to start creating new identities: names, birth dates, home addresses, usernames, and passwords.
8. 2018 Marriott at $200 million
In 2016, Marriott acquired Starwood Hotels, and what occurred after was the breach of up to 500,000 customers’ extraordinarily intimate data like email addresses, home addresses, passport numbers, and credit card information.
Shockingly, the hackers had access to the hotel reservation system for over four years, and they found malware on 54 Starwood hotels in North America.
7. 2007 TJ Maxx at $256 million
In 2007, TJX, the parent company of TJ Maxx and Marshalls, announced that a hacker had accessed 46 million unencrypted credit card numbers. That means that the card numbers were ready to use. It was a precarious situation for consumers. They later learned that the number was actually closer to 100 million.
TJX ended up paying $256 million to consumers and, in data, breach fines to help restore the brand’s image.
6. 2013 Target at $300 million
In 2013, right as Target should have been preparing for the merriest (and busiest in the retail industry) time of year, they endured a massive data breach that involved 40 million customer credit cards being exposed to hackers.
Because the breach came right before the holiday season, many people decided to shop elsewhere, and sales suffered a blow.
5. 2013 – 2014 Yahoo $470
In 2016, Yahoo disclosed a mind-boggling double hack that had happened in 2013 and also in 2014. During the 2013 technology security breach, hackers gained access to information for three billion user accounts. Yahoo users were shocked that the company waited years to alert them of the data hack.
4. 2006 Veteran’s Affairs Up To $500 million
A Maryland employee left unencrypted data on an external hard drive. When his house was burglarized, the computer equipment was stolen. When the breach was exposed in May of that year, the VA disclosed that the stolen data included the names, Social Security numbers, birth dates, and some disability ratings for 26.5 million veterans and their spouses. The agency estimated that it would cost $100-$500 million to address the information breach.
3. 2015 US Office of Personnel Management $500 million
The US Office of Personnel Management (OPM) manages the personal data of millions of federal employees. In 2015, they experienced multiple data breaches in a row while updating their security. Consequently, the private information of four million employees was compromised. Like most companies in similar positions, OPM dedicated funds to free credit monitoring to reduce the negative impact.
2. 2017 Equifax $700 million
One of the largest breaches ever is Equifax. The credit-monitoring behemoth offers credit monitoring services for free and for free to millions of trusting users. But, this data breach proved that even financial security companies are not immune to cyber threats. A huge breach exposed the private information of over 160 million accounts.
They spent hundreds of millions of dollars tightening their security, more on settlements. Wall Street also lowered the company’s valuation by $4 billion.
1. 2011 Epsilon $4 billion
Epsilon’s hack is legendary. Epsilon handles 40 billion emails annually and more than 2,200 brands internationally. It turned out that even customers who had opted out of marketing emails were affected. The scale of the hack and the brands involved were jaw-dropping.
How To Prevent A Data Breach
There are some steps your company can take to block a potential data breach.
- Everyone in the company should recognize the signs of phishing and other cyber threats, to not fall victim to it.
- Total IT can help your company take proactive steps against malware that can weaken your network and expose it to threats.
- It is crucial to securely back up your data offsite in the case of information hacks, natural disasters, or system malfunctions.
A handful of decisive steps can protect your company from losses and guarantee customer loyalty.
The Next Step With Total IT
Total IT has approaches that protect multiple points of entry and ensure your company won’t become the next PR headache. A multi-tiered approach will keep your employees and your customers safe from the constant threat of information hacks. Talk to TotalIT today about your support needs–whenever you need it.