Biggest Data Breaches

Each of the most recent biggest data breaches resulted in the exposure of huge amounts of personal information and identities

Notable Data Breaches

Equifax

2017-07-15

Score: 10.0
147,700,000 Records

Malicious actors infiltrated Equifax's systems by exploiting a weak point in the credit bureaus website software. According to The New York Times, the hack granted them access to sensitive files in the credit bureaus system from mid-May to July. Equifax and security consultants believe the malicious outsiders might have compromised the names, dates of birth, Social Security Numbers, and other personal information of 147.7 million U.S. consumers in that span of time. Given its potential scope, the Equifax breach received a Breach Level Index score of 10.

Motor Vehicles Department in Kerala, India

2017-05-01

Score: 9.9
200,000,000 Records

The department suffered a data breach by a malicious outsider that led to the theft of 200 million records and rated a BLI score of 9.9. The database maintained by the motor vehicles department was compromised during the attack, and as a result, vehicle registration details were exposed, according to Data Breaches.net and India media publication.

River City Media

2017-03-06

Score: 9.8
1,340,000,000 Records

An email marketing organization called River City Media failed to properly configure its Rsync backups, thereby making its data publicly viewable online. In examining the data, researchers discovered that the organization had created a database of 1.34 billion email addresses that it sent spam mail in the form of offers. The breach, which received a Breach Level Index rating of 9.8, also exposed customers' names and physical addresses along with several thousands of email addresses used by the company to avoid anti-spam filters.

Deep Root Analytics/ Republican National Committee

2017-06-13

Score: 9.6
198,000,000 Records

A data firm contracted by the Republican National Committee, Deep Root Analytics stored personal information on nearly all 200 million American voters for two weeks on Amazon's cloud without proper password protections. Researcher Chris Vickery found that the misconfiguration exposed more than a terabyte of personal details including names, home addresses, phone numbers, and dates of birth. This accidental loss incident earned a Breach Level Index score of 9.8.

Alteryx

2017-12-19

Score: 9.4
123,000,000 Records

In December, Vickery found an Amazon Web Services storage bucket left open to the public by marketing analytics firm Alteryx. The exposure, which merited a 9.4 Breach Level Index ranking, exposed the sensitive information of more than 120 million American households such as the names of residents, income, mortgage rates, and even residents' interests/hobbies.

Center for Election Systems at Kennesaw State University

2017-03-03

Score: 9.1
7,500,000 Records

Center for Election Systems at Kennesaw State University. On 2 March 2017, Kennesaw State University contacted the FBI about a breach at its Center for Election Systems. The event could have compromised as many as 7.5 million Georgians' voter records. For that reason, the security incident received a Breach Level Index score of 9.1.

Zomato

2017-05-04

Score: 9.1
17,000,000 Records

The restaurant app experienced an account access breach by a malicious outsider that exposed 17 million records, for a BLI score of 9.1. According to Engadget. The attacker infiltrated Zomatos system and got away with 17 million users IDs, usernames, names, email addresses and hashed passwords. The service says no payment information was stolen since credit card details are stored separately.

Top Scoring Data Breaches

Organization BreachedRecords BreachedDate of BreachType of BreachSource of BreachLocationIndustryRisk Score
JPMorgan Chase83,000,00008/27/14Identity TheftMalicious OutsiderUnited StatesFinancial10.0
Korea Credit Bureau, NH Nonghyup Card, Lotte Card, KB Kookmin Card104,000,00001/20/14Identity TheftMalicious InsiderSouth KoreaFinancial10.0
Equifax147,900,00007/15/17Identity TheftMalicious OutsiderUnited StatesFinancial10.0
Reliance Jio 120,000,00007/10/17Account AccessMalicious OutsiderIndiaTechnology10.0
Target110,000,00011/04/13Financial AccessMalicious OutsiderUnited StatesRetail 10.0
Home Depot109,000,00009/02/14Financial AccessMalicious OutsiderUnited StatesRetail 10.0
MySpace360,000,00006/11/13Account AccessMalicious OutsiderUnited StatesOther10.0
Anthem Insurance Companies (Anthem Blue Cross)78,800,00001/27/15Identity TheftState SponsoredUnited StatesHealthcare10.0
Friend Finder Networks412,214,29510/16/16Existential DataMalicious OutsiderUnited StatesEntertainment10.0
eBay145,000,00005/21/14Identity TheftMalicious OutsiderUnited StatesRetail 10.0

Breach Risk Calculator

How bad might a breach be if it did happen to you? Calculate your own risk score and breach severity using the Breach Level Index.
Calculate Your Score