Worst Data Breaches Ever

The last few years have seen a slew of data breaches-all bad, but some worse than others. In the spirit of learning what not to do by example, eWEEK presents some of the worst data breaches ever. (Unfortunately, this list is likely to be cont

Monster.com August 2007 As the result of a security breach at Monster.com job site, the confidential information of some 1.3 million job seekers was stolen and used in a phishing scam. What might be worse is the fact that Monster waited

July 2007

Fidelity National Information Services

A senior-level employee of a subsidiary of financial processing company Fidelity National Information Services stole 2.3 million consumer records containing credit card, bank account and other p

July 2007

SAIC

By neglecting to encrypt data sent over the Internet, employees of government contractor Science Applications International Corp. put the sensitive information of more than 800,000 U.S. service members and their families at risk.

June 2007

State of Ohio

A computer storage device containing the names and Social Security numbers of every Ohio state worker was stolen from an intern’s vehicle.

March 2007

Los Angeles County Child Support Services Department

Several laptops containing personal information-including about 130,500 Social Security numbers-were apparently stolen from the departments office.

December 2006

TJX Companies

During an 18-month period, 45.6 million credit and debit card numbers were stolen from one of TJX’s systems.

December 2006

University of California, Los Angeles

A hacker breached a university-administered database containing personal information on about 800,000 people.

August 2006

Miami Office of the U.S. Department of Transportation

As a result of the theft of a U.S. Department of Transportation laptop, personally identifiable information of about 133,000 Florida residents was exposed.

August 2006

AOL

Data on 20 million Web queries, from more than 600,000 users, was posted on a public Web site. Some search records included personal information, such as Social Security numbers.

June 2006

Naval Safety Center

Five spreadsheet files with personal data on approximately 28,000 sailors and family members were found on an open Web site.

May 2006

Wells Fargo

The theft of a laptop exposed the personal information of customers.

May 2006

Department of Veterans Affairs

A national database containing sensitive data on about 26.5 million veterans was stolen after an employee brought the data home.

February 2006

Department of Agriculture

As a result of hackers illegally accessing a USDA database containing names and Social Security numbers, about 26,000 current and former employees were exposed to identity theft.

January 2006

Boston Globe and Worcester Telegram & Gazette

The personal information of about 240,000 people who paid for their subscriptions to the Globe and Telegram by credit card or personal check was exposed when that information was print

January 2006

H&R Block

Some H&R Block customers’ Social Security numbers were embedded in the tracking code of mailing labels used to send out (unsolicited) tax-prep software.

September 2005

ChoicePoint

Through what amounted to a social hack, criminals gained access to the systems of database giant ChoicePoint. The data of more than 145,000 people was exposed.

March 2005

LexisNexis

The personal information of about 300,000 was exposed via multiple system hacks of LexisNexis databases.

February 2005

Ameritrade

In transit, a computer backup tape containing the account information of more than 200,000 clients was lost or accidentally destroyed.

• Eight Top Security Concerns
• FBI Data Mining for More than