Expedia’s Trip Advisor, email marketing provider Epsilon, Sony’s online entertainment services, professional engineering society Institute of Electrical and Electronics Engineers. They all suffered some kind of a data breach in the first four months of 2011. At one point, it seemed like there was at least one new security breach being reported every week. The incidents listed above don’t include any health care data breaches, accidental information exposure like British Petroleum’s lost laptop or Texas State Comptroller’s office storing information on an open FTP server or corporate espionage such as the attacks on RSA Security and Oak Ridge National Laboratory. What organizations get hit depend entirely on what motivates the attacker. And as recent months have shown it’s not always about "dollars and cents," Application Security CTO Josh Shaul told eWEEK. "If you are an organization with money, there is someone out there who would be happy to steal it from you. If you have valuable data, same deal," Shaul said. For this slide show, eWEEK analyzed a list pulled from PrivacyRights.org containing more than 150 events reported in 2011. We focused on hacked incidents, or "electronic entry by an outside party, malware and spyware." Below are some of the largest data breaches reported in 2011—so far.
of
Sony’s PlayStation Network, Qriocity, Sony Online Entertainment
Date Reported: April 26 Size: 101 million user accounts Type of Data: name, home and e-mail addresses, login credentials, some credit card information Sony’s three cloud services for PlayStation games, music and video, and online gaming were compromised by attackers while the company was distracted by a distributed denial of service attack from a different source. The company is rebuilding the services to be more secure.
Epsilon, Alliance Data Systems
Date Reported: April 1 Size: Unknown; 60 million estimated e-mail addresses Type of Data: e-mail addresses, some names Attackers breached e-mail marketing provider Epsilon’s databases and waltzed off with e-mail marketing lists belonging to its clients, including Walt Disney, JPMorgan Chase and Best Buy. While the company has declined to disclose exactly how many addresses were stolen, risk analytics firm estimate the number is around 60 million.
HBGary Federal
Date Reported: Feb. 7 Size: 60,000 records Type of Data: corporate emails, presentations, client reports The Anonymous hackers collective attacked HBGary Federal’s network in revenge for comments made by the CEO regarding their identities. The group hacked the email server and published all the stolen documents on a Russian server, ala Wikileaks-style.
WordPress
Date Reported: April 14 Size: Unknown, 18 million records estimated Type of Data: source code, API keys, passwords
University of South Carolina
Date Reported: March 4 Size: 31,000 Type of Data: names, addresses, health records, financial data, Social Security numbers A "security problem" exposed the information of faculty, staff, retirees and students on eight USC campuses.
TripAdvisor, Expedia
Date Reported: March 24 Size: unknown Type of Data: user e-mails The "unauthorized" intrusion into TripAdvisor’s database affected only a portion of users, but the company was not very forthcoming about any details. As the world’s largest travel related site, it’s likely to have impacted many users.
RSA Security
Date Reported: March 18 Size: Unknown Type of Data: "information related to SecurID technology" RSA Security may not be considered big in terms of actual records compromised, but the attack had wide-ranging repercussions, not only on the security company, but on all the enterprises and government agencies that rely on the SecurID two-factor authentication technology for their own security.
HuskyDirect.com, University of Connecticut
Date Reported: Jan. 11 Size: 18,059 records Type of Data: names, addresses, credit card numbers, e-mail addresses, phone numbers An attacker was able to access the customer database and viewed information belonging to customers who bought UConn-branded sports gear.
Seacoast Radiology
Date Reported: Jan. 12 Size: 231,400 records Type of Data: patient names, social security numbers, addresses, phone numbers Despite the size, this was pushed down the list because it occurred in 2010 but was reported in 2011. This unusual breach happened in Nov. 12, 2010 when third-party intruders broke into the network to use the bandwidth to play Call of Duty. It’s not clear whether they accessed the patient data.
Ankle and Foot Center of Tampa Bay
Date Reported: Jan. 29 Size: 156,000 Type of Data: names, dates of birth, addresses, social security numbers, health care services received This was another 2010 incident reported in 2011. Hackers breached the center’s network to access protected patient health information and personal data.
Windows Azure is a public cloud platform for building, hosting and scaling applications. Try Windows Azure free for 90 days and get 20GB outbound and unlimited inbound data transfer.
IT Security & Network Security News & Reviews News & Reviews 
Cloud Data Backup Now Makes Sense for SMBs: 10 Reasons Why 
HP, Lenovo, Asus Laptops, Desktops Offer Consumer Style for Busin[..]
Microsoft`s F#: 10 Reasons Why It`s a Hot Programming Language fo[..]
Data Center Efficiency: 10 Tips to Boost Productivity, Reduce Pow[..]
iPhone Apps to Kick Off the 2012 Summer Season 
Email Security: 10 Steps for Dealing With Dangerous Messages
See All Slideshows
Expedia’s Trip Advisor, email marketing provider Epsilon, Sony’s online entertainment services, professional engineering society Institute of Electrical and Electronics Engineers. They all suffered some kind of a data breach in the first four months of 2011. At one point, it seemed like there was at least one new security breach being reported every week. The incidents listed above don’t include any health care data breaches, accidental information exposure like British Petroleum’s lost laptop or Texas State Comptroller’s office storing information on an open FTP server or corporate espionage such as the attacks on RSA Security and Oak Ridge National Laboratory. What organizations get hit depend entirely on what motivates the attacker. And as recent months have shown it’s not always about "dollars and cents," Application Security CTO Josh Shaul told eWEEK. "If you are an organization with money, there is someone out there who would be happy to steal it from you. If you have valuable data, same deal," Shaul said. For this slide show, eWEEK analyzed a list pulled from PrivacyRights.org containing more than 150 events reported in 2011. We focused on hacked incidents, or "electronic entry by an outside party, malware and spyware." Below are some of the largest data breaches reported in 2011—so far.