Warning: Trying to access array offset on value of type bool in /home/forge/wisepiggy.com/public/wp-content/themes/responsifarm/single.php on line 22

Major security breaches you should know about

By
Rebekah Azofeifa
  • Credit
  • 7 minute read

Unfortunately, data breaches are more common than you think. In an attempt to keep consumers informed, WisePiggy has created this list and will continue to update it with helpful information as news breaks on major security breaches that might affect your financial accounts.

One way to stay on top of your finances in the midst of all these breaches is to monitor your credit score and credit report, free of charge, at WisePiggy.com.

free_credit_click_ad

U.S. Federal Government

Date announced: June 4, 2015

Affected: 19.7 million current and former federal employees

Estimated cost: Unknown

The U.S. government announced in June 2015 that they suspected Chinese hackers of stealing personal records of over 4 million employees from both the Office of Personnel Management and the Interior Department. As the FBI investigated the attack, they discovered a second cyber-attack which was most likely carried out by the same hackers. This attack targeted sensitive intelligence and military personal, increasing the affected population to nearly 20 million.

Premera Blue Cross

Date announced: March 17, 2015

Affected: 11 million customers

myfreescorenow_ad

Estimated cost: Unknown

In a data breach that began in May 2014, cybercriminals gained access to medical data, birth dates, Social Security numbers, bank account numbers, and other personal information of 11 million Premera Blue Cross customers. The company’s PR rep says this attack is unrelated to the recent Anthem Blue Cross data breach.

Anthem Blue Cross

Date announced: Feb. 4, 2015

Affected: 80 million accounts

Estimated cost: Unknown

Hackers breached an Anthem database that contained records of past and present customers and employees. The database contains Social Security numbers, names, addresses, and other personal information. The company believes that no medical information or credit card data was exposed during the attack.

JPMorgan Chase

Date announced: Oct. 2, 2014

Affected: 76 million household and 7 million business accounts

Estimated cost: Unknown

Hackers infiltrated JPMorgan Chase’s database, taking contact information such as names and addresses from its customers. However, it appears that account numbers, passwords, and other highly sensitive information were not compromised.

Home Depot

Date announced: Sept. 8, 2014

Affected: 56 million payment cards

Estimated cost: $62 million

In a period from April to September, cybercriminals used custom software to hack into Home Depot’s cash registers systems in the U.S. and Canada.

eBay

Date announced: May 21, 2014

Affected: All 145 million active users were asked to change their passwords, but eBay wasn’t sure how many accounts were actually compromised.

Estimated cost: Unknown

Hackers stole personal information such as names, passwords, and addresses from eBay users by stealing login credentials from a few employees. The breach lasted from late February 2013 to early March 2013.

Target

Date announced: Dec. 19, 2013

Affected: 40 million debit and credit card accounts and personal information from 70 million customers

Estimated cost: $148 million

From late-November to mid-December, data hackers pierced Target’s network, stealing millions of customers’ card information, as well as personal information, such as name and street address.

Adobe

Date announced: Oct. 3, 2013

Affected: 152 million accounts

Estimated cost: $700 million

In 2013, hackers got hold of millions of Adobe user IDs, taking credit and debit card numbers. The company did not publically acknowledge the cyber-attack until two weeks after it was discovered.

Global Payments, Inc.

Date announced: March 30, 2012

Affected: 1.5 million payment cards

Estimated cost: $94 million

In late March 2012, the payment processing company, Global Payments, discovered that hackers had gained access to a portion of their data systems. The company was one of the largest processors of Visa and MasterCard transactions, but days after the breach, Visa dropped Global Payments from its list of approved service providers.

Sony

Date announced: May 3, 2011

Affected: 100 million user accounts and tens of millions of credit cards

Estimated cost: $1.7 billion

In April 2011, Sony experienced multiple data breaches within PlayStation Network, Sony Online Entertainment and Qriosity. The company temporarily shut down these sites while they investigated the cybercriminal(s) who stole credit card data and personal information from millions of users.

National Archives and Record Administrations

Date announced: Oct. 2, 2009

Affected: 76 million veterans

Estimated cost: Unknown

A defective hard drive containing 76 million Social Security numbers was sent to recycling without deleting the unencrypted data. The hard drive was used to request copies of veteran health records and discharge papers. It has never been located.

Heartland Payment Systems

Date announced: Jan. 19, 2009

Affected: 130 million cards

Estimated cost: $2.8 billion

In May 2008, hackers installed spyware in Heartland’s data systems and recorded consumer card data during the purchase process for a period of eight months. At the time, it was the largest data breach of the 21st century.

Bank of New York Mellon

Date announced: March 26, 2008

Affected: 12.5 million consumer records

Estimated cost: $150,000 in a settlement to Connecticut; other costs are unknown

The bank lost a box of computer tapes which contained Social Security numbers, personal information, and potentially, bank account numbers. The box was being sent to storage, along with nine other boxes, but it never arrived to the facility.

TD Ameritrade Holding Corporation

Date announced: Nov. 23, 2007

Affected: 6.3 million customers

Estimated cost: Between $2.5 million and $6.5 million in a settlement for a class action suit

Hackers infiltrated one of Ameritrade’s databases, taking personal information and Social Security numbers from 6.3 million customers. Months prior, the company had received spam-related complaints from its customers yet failed to notify the public of a potential breach.

Fidelity National Information Services (FIS)

Date announced: May 3, 2007

Affected: 8.5 million records

Estimated cost: $13 million

March 2007, an FIS employee stole credit card and account data from customers, and then sent the information to co-conspirators who withdrew $13 million from ATMs all across Europe.

TJX Companies Inc.

Date announced: Jan. 17, 2007

Affected: 94 million credit and debit cards

Estimated cost: $2.5 billion

In late 2006, TJX, the parent company to TJ Maxx and Marshalls, discovered suspicious software on their systems. After further investigation, the company said that the hackers may have accessed their systems as far back as July 2005, stealing data from over 90 million credit cards.

U.S. Department of Veterans Affairs

Date announced: May 22, 2006

Affected: 28.6 million records

Estimated cost: $20 million paid to military personnel (past and present) in a class action suit.

A laptop containing veteran Social Security numbers, names, and other personal information was stolen from a VA employee’s home. Officials believe the robbery was a random act, and that the burglar had no idea what kind of sensitive information existed on the computer.

CardSystems Solutions

Date announced: June 17, 2005

Affected: 40 million card accounts

Estimated cost: Unknown

CardSystems Solutions, a third-party processor of card transactions, experienced a data breach in May 2005, potentially exposing tens of millions of card data. Hackers planted a virus in the company’s database and exported user information. At the time, this was the world’s largest data breach.