how worried should you be?
“the last few years have seen a slew of data breaches—all bad, but some worse than others,” says eweek in compiling the 17 top security failures in the past three years.
july 2007
fidelity national information services
a senior-level employee of a subsidiary of financial processing company fidelity national information services stole 2.3 million consumer records containing credit card, bank account and other personally identifiable information.
july 2007
saic
by neglecting to encrypt data sent over the internet, employees of government contractor science applications international corp. put the sensitive information of more than 800,000 u.s. service members and their families at risk.
june 2007
state of ohio
a computer storage device containing the names and social security numbers of every ohio state worker was stolen from an intern’s vehicle.
march 2007
los angeles county child support services department
several laptops containing personal information—including about 130,500 social security numbers—were apparently stolen from the department’s office.
december 2006
tjx companies
during an 18-month period, 45.6 million credit and debit card numbers were stolen from one of tjx’s systems.
december 2006
university of california, los angeles
a hacker breached a university-administered database containing personal information on about 800,000 people.
august 2006
miami office of the u.s. department of transportation
as a result of the theft of a u.s. department of transportation laptop, personally identifiable information of about 133,000 florida residents was exposed.
august 2006
aol
data on 20 million web queries, from more than 600,000 users, was posted on a public web site. some search records included personal information, such as social security numbers.
june 2006
naval safety center
five spreadsheet files with personal data on approximately 28,000 sailors and family members were found on an open web site.
may 2006
wells fargo
the theft of a laptop exposed the personal information of customers.
may 2006
department of veterans affairs
a national database containing sensitive data on about 26.5 million veterans was stolen after an employee brought the data home.
february 2006
department of agriculture
as a result of hackers illegally accessing a usda database containing names and social security numbers, about 26,000 current and former employees were exposed to identity theft.
january 2006
boston globe and worcester telegram & gazette
the personal information of about 240,000 people who paid for their subscriptions to the globe and telegram by credit card or personal check was exposed when that information was printed out. the printouts were then used to wrap newspaper bundles.
january 2006
h&r block
some h&r block customers’ social security numbers were embedded in the tracking code of mailing labels used to send out (unsolicited) tax-prep software.
september 2005
choicepoint
through what amounted to a social hack, criminals gained access to the systems of database giant choicepoint. the data of more than 145,000 people was exposed.
march 2005
lexisnexis
the personal information of about 300,000 was exposed via multiple system hacks of lexisnexis databases.
february 2005
ameritrade
in transit, a computer backup tape containing the account information of more than 200,000 clients was lost or accidentally destroyed.