Biggest Data Breaches

Each of the most recent biggest data breaches resulted in the exposure of huge amounts of personal information and identities

Notable Data Breaches



Score: 10.0
147,700,000 Records

Malicious actors infiltrated Equifax's systems by exploiting a weak point in the credit bureaus website software. According to The New York Times, the hack granted them access to sensitive files in the credit bureaus system from mid-May to July. Equifax and security consultants believe the malicious outsiders might have compromised the names, dates of birth, Social Security Numbers, and other personal information of 147.7 million U.S. consumers in that span of time. Given its potential scope, the Equifax breach received a Breach Level Index score of 10.

Motor Vehicles Department in Kerala, India


Score: 9.9
200,000,000 Records

The department suffered a data breach by a malicious outsider that led to the theft of 200 million records and rated a BLI score of 9.9. The database maintained by the motor vehicles department was compromised during the attack, and as a result, vehicle registration details were exposed, according to Data and India media publication.

River City Media


Score: 9.8
1,340,000,000 Records

An email marketing organization called River City Media failed to properly configure its Rsync backups, thereby making its data publicly viewable online. In examining the data, researchers discovered that the organization had created a database of 1.34 billion email addresses that it sent spam mail in the form of offers. The breach, which received a Breach Level Index rating of 9.8, also exposed customers' names and physical addresses along with several thousands of email addresses used by the company to avoid anti-spam filters.

Deep Root Analytics/ Republican National Committee


Score: 9.6
198,000,000 Records

A data firm contracted by the Republican National Committee, Deep Root Analytics stored personal information on nearly all 200 million American voters for two weeks on Amazon's cloud without proper password protections. Researcher Chris Vickery found that the misconfiguration exposed more than a terabyte of personal details including names, home addresses, phone numbers, and dates of birth. This accidental loss incident earned a Breach Level Index score of 9.8.



Score: 9.4
123,000,000 Records

In December, Vickery found an Amazon Web Services storage bucket left open to the public by marketing analytics firm Alteryx. The exposure, which merited a 9.4 Breach Level Index ranking, exposed the sensitive information of more than 120 million American households such as the names of residents, income, mortgage rates, and even residents' interests/hobbies.

Center for Election Systems at Kennesaw State University


Score: 9.1
7,500,000 Records

Center for Election Systems at Kennesaw State University. On 2 March 2017, Kennesaw State University contacted the FBI about a breach at its Center for Election Systems. The event could have compromised as many as 7.5 million Georgians' voter records. For that reason, the security incident received a Breach Level Index score of 9.1.



Score: 9.1
17,000,000 Records

The restaurant app experienced an account access breach by a malicious outsider that exposed 17 million records, for a BLI score of 9.1. According to Engadget. The attacker infiltrated Zomatos system and got away with 17 million users IDs, usernames, names, email addresses and hashed passwords. The service says no payment information was stolen since credit card details are stored separately.

Top Scoring Data Breaches

Organization BreachedRecords BreachedDate of BreachType of BreachSource of BreachLocationIndustryRisk Score
Facebook2,200,000,00004/04/18Identity TheftMalicious OutsiderUnited StatesSocial Media10.0
Government of India/Aadhaar1,200,000,00001/03/18Identity TheftMalicious OutsiderIndiaGovernment10.0
Equifax147,900,00007/15/17Identity TheftMalicious OutsiderUnited StatesFinancial10.0
Reliance Jio 120,000,00007/10/17Account AccessMalicious OutsiderIndiaTechnology10.0
Friend Finder Networks412,214,29510/16/16Existential DataMalicious OutsiderUnited StatesEntertainment10.0
Anthem Insurance Companies (Anthem Blue Cross)78,800,00001/27/15Identity TheftState SponsoredUnited StatesHealthcare10.0
Yahoo500,000,00012/01/14Account AccessState SponsoredUnited StatesTechnology10.0
Home Depot109,000,00009/02/14Financial AccessMalicious OutsiderUnited StatesRetail 10.0
JPMorgan Chase83,000,00008/27/14Identity TheftMalicious OutsiderUnited StatesFinancial10.0
CyberVor1,200,000,00008/05/14Account AccessMalicious OutsiderGlobalTechnology10.0
eBay145,000,00005/21/14Identity TheftMalicious OutsiderUnited StatesRetail 10.0
Korea Credit Bureau, NH Nonghyup Card, Lotte Card, KB Kookmin Card104,000,00001/20/14Identity TheftMalicious InsiderSouth KoreaFinancial10.0
Target110,000,00011/04/13Financial AccessMalicious OutsiderUnited StatesRetail 10.0
Adobe Systems, Inc152,000,00009/18/13Financial AccessMalicious OutsiderUnited StatesTechnology10.0
Yahoo1,000,000,00008/09/13Identity TheftMalicious OutsiderUnited StatesTechnology10.0
MySpace360,000,00006/11/13Account AccessMalicious OutsiderUnited StatesOther10.0
Motor Vehicles Department in Kerala200,000,00005/01/17NuisanceMalicious OutsiderIndiaGovernment9.9
General Directorate of Population and Citizenship Affairs, the General Directorate of Land Registry and Cadaster50,000,00001/12/15Identity TheftMalicious OutsiderTurkeyGovernment9.9
Country's Supreme Election Committee (YSK)54,000,00012/16/13Identity TheftMalicious OutsiderTurkeyGovernment9.9
iMesh51,000,00009/22/13Identity TheftMalicious OutsiderUnited StatesTechnology9.9

Breach Risk Calculator

How bad might a breach be if it did happen to you? Calculate your own risk score and breach severity using the Breach Level Index.
Calculate Your Score