Data Breaches

Data Breaches - What You Need to Know
Average cost of a company data breach in 2015 was $3.8M

Data breaches, which are defined as the intentional or unintentional leak of sensitive data to an untrusted recipient or location, happen all of the time, in every corner of the world. If information is stored on technology, it’s potentially vulnerable to a data breach.

In 2015, IBM and the Ponemon Institute, a public policy think tank, examined the global impact of data breaches during recent years and their results were astonishing. In 2015, the study approximated that companies around the world spent $154.00 per user affected by a data breach, meaning that if a data breach resulted in 1,000 user accounts being breached then, on average, the company spent $154,000 to remedy the data breach incident. The study also found that the average gross cost to address a data breach for a company was $3.8MM. This was an increase of 23 percent from the previous two years (2014 and 2013).

Data breaches reach mainstream news on an all too frequent basis, but despite the fact that the topic is always being discussed somewhere, there are a number of companies, who should be ready for a data breach but simply are not. For a company that interacts in interstate or overseas commerce, it's important to reflect messaging to customers that they should feel secure when they deal with the company because their personal data is protected. This requires the company to take proactive measures to ensure that wherever they store the personal data of customers is safe.

These proactive measures may include additional firewalls on servers, double authentication schemes to access secure areas on servers, malware protection software, an IT staff that is more than familiar with data breach security issues and weaknesses, and cyber insurance in case the worst case scenario comes about. Unfortunately, even the most prestigious, well-backed and well-funded companies in the world don't have these measures in place, which is why data breaches like the ones that happened to eBay, Home Depot, Target, JPMorgan Chase and Anthem in recent years, are part of the data breach story now.

Below is a comprehensive, but not all inclusive list of the data breaches that occurred in recent years.

These summaries discuss how and when these data breaches happened, who conducted the assault if it is known and how many people were affected. Although it's scary to see such a long list of data breaches, be forewarned that there are many, many more that occurred. You can't force the companies that you interact with during every day life to be proactive about managing the data they store, but you can take steps to protect your own personal data. Please read the other articles on this site, such as the article on Best Practices, to learn how to protect yourself and your personal data from the breaches that happen to the companies that you do business with during your every day life.

more on how to protect yourself from data theft ›
Equifax Data Breach Equifax Data Breach

In early September 2017, Equifax, one of the three nationwide credit reporting bureaus, announced that as many as 143 million Americans had been compromised after a cybersecurity breach that allowed access to sensitive information.

Weebly Weebly

The breach notification site, Leaked Source (www.leakedsource.com), announced on October 20, 2016 that they notified the web design firm, Weebly (www.weebly.com), that 43,430,316 of Weebly’s user’s data had been hacked. On October 21, 2016, The International Business Times reported that a Weebly spokesperson responded by saying, “At this point we do not have evidence of ...

Yahoo! Yahoo!

Yahoo! announced on September 22, 2016 that in 2014 their server was hacked and 500 million user accounts were compromised. The hacker gained access to user names, email addresses and passwords, telephone numbers, and dates of birth.

NY Times Russian Cyber Breach NY Times Russian Cyber Breach

CNN is reporting that they have confirmed that Russia is behind the hack into the DNC email server and a recent cyber breach on NY Times' journalists.

Vivint Vivint

Home security company, Vivint, recently sent out pass code change confirmation letters to the wrong customers. One customer, who never requested a pass code change, received multiple notices for other customers.

Spotify Spotify

Hundreds of Spotify members' information was posted on the online forum Pastebin on April 23, 2016. Spotify denies any cyber breach and some speculate that the data dump is actually connected to an old cyber breach.

Have You Been Hacked?

Check to see if your personal data was compromised.

Have You Been Hacked?
Snapchat Snapchat

In January 2014, the social media website Snapchat was hacked and approximately 4.6 million phone numbers and usernames were stolen from the Snapchat API.

Mac-Torrents Mac-Torrents

In October 2015, Mac-Torrents, a torrent website, was hacked and 94,000 user accounts were stolen including email addresses, passwords and usernames.

COMELEC COMELEC

The infamous hacker group, Anonymous, breached the Philippines Commission of Elections' websites (COMELEC) in March 2016. Approximately 55MM Filipino voter details were published online including their genders, marital status, height and weight and in some instances, their email addresses.

MPGH MPGH

In October 2015, MPGH, a multiplayer game hacking website was hacked and 3.1 million member accounts were stolen including email addresses, IP addresses, passwords and usernames.

UN Internet Governance Forum UN Internet Governance Forum

In February 2014, the Internet Governance Forum, which is a forum created by the United Nations for discussion about policy issues on the Internet, was hacked and 3,200 email addresses, names, passwords and usernames were stolen and published.

R2Games R2Games

In 2015, R2Games, a gaming website, was hacked and more than 2.1 member accounts were stolen including information about the member's email addresses, IP addresses, passwords and usernames.

Malwarebytes Malwarebytes

In November 2014, a forum called Malwarebytes was hacked and 111,000 accounts were stolen including dates of birth, email addresses, IP addresses passwords and usernames.

The Panama Papers The Panama Papers

The Panama Papers incident continues to be a headline in news articles around the globe and the impact of the 11.5MM documents stolen from a cyber breach on the Panamanian-based law firm, Mossack Fonesca, and released to the public is barely understood just weeks after the breach occurred.

Wildstar Wildstar

In July 2015, a forum for the gaming website Wildstar, was breached and more than 738,000 user accounts were stolen and traded on underground forums including information about the users' dates of birth, email addresses, IP addresses, passwords and usernames.

Tesco Tesco

In February 2014, Tesco.com, a British grocery store, was hacked and more than 2,000 user accounts were breached including information on the user's email addresses, passwords and reward program balances.

Sprashivai.RU Sprashivai.RU

In May 2015, Ask.RU, a Russian website used to publish anonymous reviews, was hacked and nearly 6.7 million dates of birth, email addresses, genders, geo locations, IP addresses, passwords and spoken languages were stolen and publish online.

Telecom Regulatory Authority of India Telecom Regulatory Authority of India

In April 2015, the Telecom Regulatory Authority of India (TRAI) published tens of thousands of emails and email addresses that were sent by Indian citizens supporting net neutrality.

Minefield Minefield

In June 2015, Minefield, a French Minecraft server, was hacked an 188,000 member accounts were stolen including dates of birth, email addresses, IP addresses, passwords and usernames.

Hemmelig.com Hemmelig.com

In December 2011, one of Norway's largest online sex shops called Hemmelig.com was hacked and the email addresses, genders, nicknames, passwords, usernames and years of birth of more than 28,000 customers was stolen and published.

Yandex Yandex

In September 2014, the Russian search engine and email provider, Yandex, was compromised by a phishing scam whereby approximately 1 million user email addresses and passwords were stolen and published publicly.

Norwegian Oil and Energy Producers Norwegian Oil and Energy Producers

In August 2014, Norway's largest cyber attack occurred after a phishing scam infiltrated the computer networks of nearly 300 companies operating in the oil and energy sectors.

Linux Mint Linux Mint

In February 2016 the website Linux Mint was hacked and approximately 145,000 user email addresses, dates of birth, geographic locations, IP addresses and passwords were stolen and sold.

KM.RU KM.RU

In February 2016, KM.RU, which is a Russian portal and email service, was breached by hackers who were protesting Russia's foreign policy towards Ukraine. The hackers stole 1.5 million user details including dates of birth, email addresses, genders, geo locations, security questions and answers and usernames.

Minecraft Pocket Edition Forum Minecraft Pocket Edition Forum

In May 2015, a forum for the Minecraft Pocket edition was hacked and 16,000 account information was stolen and published publicly including email addresses, IP addresses, passwords and usernames.

Insanelyi Insanelyi

In July 2014, an iOS forum called Insanelyi was hacked and 104,000 users' email addresses, passwords and usernames.

Team SoloMid Team SoloMid

In December 2014, Team SoloMid, an electronic sports organization, was hacked and 442,000 members accounts were hacked and published online including the user's email addresses, IP addresses, passwords and usernames.

YouPorn YouPorn

In February 2012, YouPorn, an adult website, was breached through a chat feature operated by a third party and around 6,500 user accounts were stolen including information about the users' email addresses and passwords and usernames.

World Poker Tour Amateur Poker League World Poker Tour Amateur Poker League

In January 2014, the World Poker Tour Amateur Poker League website was hacked by a Twitter user and 175,000 user accounts were stolen and published online including email addresses and passwords.

StarNet StarNet

In February 2015, StarNet, a Moldavia ISP, was breached and its database of 140,000 email addresses, genders, dates of birth, customer interactions, IP addresses, names, passport numbers, passwords and phone numbers were published online.

SkTorrent SkTorrent

In February 2016, SkTorrent, a torrent tracking website out of Slovakia, was hacked and more than 117,000 user records were stolen and published including information about the user's email addresses, passwords and usernames.

Pixel Federation Pixel Federation

In December 2013, Pixel Federation, an online game communit out of Slovakia, was hacked and 38,000 member accounts were stolen and published online including emailing addresses and passwords.

MyVidster MyVidster

In August 2015, MyVidster, a social video sharing website, was hacked and almost 20,000 user accounts were stolen and published online including email addresses, passwords and usernames.

myRepoSpace myRepoSpace

In July 2015, myRepoSpace, the digital distribution platform that allows users to find and install software on jail broken Apple products, was hacked and more than 250,000 user information including email addresses, IP addresses, passwords and usernames were stolen and published publicly.

Hacking Team Hacking Team

In July 2015, the Hacking Team, which is an Italian security firm, was breached and 400 GB of data stolen from their servers was posted online. Hackers stole and publicly published email addresses and email messages.

Foxy Bingo Foxy Bingo

In April 2007, Foxy Bingo, which is an online gambling website, was hacked and 252,000 user accounts were stolen that included information about the user's account balances, dates of birth, email addresses, genders, home addresses, names, passwords, phone numbers and usernames.

Hackforums.net Hackforums.net

In June 2011, hacked a website called Hackforums.net and stole 200,000 member's information including dates of birth, email addresses, Instant Messenger IDs, IP addresses, passwords and usernames.

MajorGeeks MajorGeeks

In November 2015, a support forum called MajorGeeks was hacked and 270,000 accounts were stolen, sold and traded including email addresses, IP addresses, passwords and usernames.

Vodafone Vodafone

In November 2013, Vodafone, a British telecommunications company operating in Iceland, was hacked and more than 56,000 user's information was stolen including credit card information, email addresses, Government issued IDs, home addresses, IP addresses, names, passwords phone numbers, purchases, SMS messages and usernames.

Plex Plex

In July 2015, Plex, a discussion forum, was hacked and more than 327,000 accounts were stolen including information about the user's email addresses, IP addresses, passwords and usernames.

Money Bookers Money Bookers

In 2009, an e-wallet service called Money Bookers was hacked and nearly 4.5 million customer accounts were stolen including dates of birth, email addresses, home addresses, IP addresses, names and phone numbers. Money Bookers is now called Skrill.

Spirol Spirol

In February 2014, Spirol Fastening Solutions, which manufacturers and distributes pins, inserts and brass nuts in the U.S. and Europe, was breached and 70,000 customer accounts were stolen including information about the user's email addresses, employers, home addresses, job titles, names and phone numbers.

Gamerzplanet Gamerzplanet

In October 2015, a gaming forum, Gamerzplanet, was breached and more than 1.2 million member email addresses, IP addresses, passwords and usernames were stolen.

Seedpeer Seedpeer

In July 2015, Seedpeer, a torrent website, was hacked and approximately 282,000 user accounts were stolen and published including information on the user's email addresses, passwords and usernames.

PS3Hax PS3Hax

In July 2015, PS3Hacks, a Sony PlayStation hack and modification forum was hacked and more than 447,000 accounts were stolen including information the user's email addresses, IP addresses, passwords and usernames.

iPmart iPmart

On two separate occasions, in 2015 and 2016, a forum called i-Pmart was hacked and, in total 2.4 million member dates of birth, email addresses, passwords and usernames were stolen and published.

Xbox-Scene Xbox-Scene

In February 2015, an Xbox forum called Xbox-Scene was hacked and more than 432,000 user accounts were breached. Hackers released the users' email addresses, IP addresses, passwords and usernames.

PSX-Scene PSX-Scene

In February 2015, PSX-Scene, a Sony Playstation forum was hacked and more than 340,000 accounts were stolen including information the user's email addresses, IP addresses, passwords and usernames.

Lizard Squad Lizard Squad

In January 2015, Lizard Squad, which is a hacker collective, was hacked themselves and more than 14,241user names, email addresses and passwords were stolen and published.

Manga Traders Manga Traders

In June 2014, a Manga trading website called Mangatraders.com was hacked. Manga is a Japanese comic. In total 855,000 email addresses and passwords from user accounts were stolen and published on the Internet.

Pokemon Creed Pokemon Creed

In August 2014, the Pokemon Creed website was hacked and more than 116,000 accounts were stolen including information about the user's email addresses, genders, IP addresses, passwords and usernames.

Sumo Torrent Sumo Torrent

In June 2014, Sumo Torrent, a torrent website, was hacked and approximately 285,000 user accounts were stolen including information on the user's email addresses, IP addresses, passwords and usernames.

NextGenUpdate NextGenUpdate

In 2014, a video game website called NextGenUpdate was breached and approximately 1.2 million user accounts were stolen including email addresses, IP addresses, passwords and usernames.

Quantum Booter Quantum Booter

In March 2014, Quantum Booter, a service that provides distributed denial of service (DDoS) attacks to paying customers, was hacked and 48,600 member accounts were stolen including information pertaining to email addresses, IP addresses, passwords, private messages and usernames.

Muslim Directory Muslim Directory

In February 2014, the Muslim Directory which is a guide to Muslim services and business in the UK, was hacked and tens of thousands of user information was stolen and published publicly including age groups, email addresses, employers, home addresses, names, passwords and phone numbers.

Verified Verified

In January 2014, Verified, a community of Eastern Europeans cyber criminals, was hacked and 17,000 user details were published from their forum including email addresses, historical passwords, IP addresses, passwords, private messages and usernames.

ThisHabbo Forum ThisHabbo Forum

In 2014, ThisHabbo Forum, a fan site for Habbo.com, which was a Finnish social networking website, was hacked and approximately 28,000 email addresses, IP addresses, passwords and usernames were stolen.

Win7Vista Win7Vista

In September 2013, a forum for Win7Vista Windows was hacked and more than 200,000 users' data was dumped online including information about the users' email addresses, Instant Messenger IDs, IP addresses, names, passwords, private messages and usernames.

Lounge Board Lounge Board

In 2013, the Lounge Board, an open forum, was hacked and 45,000 accounts were stolen and published publicly including email addresses, IP addresses, names, passwords, private messages and usernames.

Lord of the Rings Online Lord of the Rings Online

In August 2013, the online video game Lord of the Rings Online was breached and more than 1.1 million player accounts were stolen and traded on underground forums. The hackers stole email addresses, dates of birth, IP addresses, passwords and usernames.

OwnedCore OwnedCore

In August 2013, a World of Warcraft forum called OwnedCore was hacked and more than 880,000 accounts were stolen including email addresses, IP addresses, passwords and usernames.

Nexus Mods Nexus Mods

In December 2015, Nexus Mods, a game modification website, was hacked and almost 6 million user accounts were stolen and traded including email addresses passwords and usernames.

Stratfor Stratfor

In December 2011, Stratfor, a global intelligence company, was hacked and hundreds of gigs of data including credit card information, email addresses, home addresses, names, passwords, phone numbers and usernames were stolen from more than 860,000 user accounts.

Neteller Neteller

In May 2010, Neteller, an e-wallet service, was breached and more than 3.6 million customer accounts were stolen including account balances, dates of birth, email addresses, genders, home addresses, IP addresses, names, phone numbers and security questions and answers.

Flashback Flashback

In February 2015, a Swedish forum called Flashback was hacked and senstive data from 40,000 members was stolen, sold and published in a tabloid newspaper. The type of information stolen was email addresses, government issued IDs, home addresses and social security numbers.

Dungeons and Dragons Online Dungeons and Dragons Online

In April 2013, hackers breached the online video game Dungeons & Dragons Online and stole 1.6 million player account information including date of birth, email addresses, IP addresses, passwords and usernames.

Final Fantasy Shrine Final Fantasy Shrine

In September 2015, a discussion forum for the Final Fantasy video game was breached and 620,000 player records were stolen including email addresses, passwords and usernames.

Crack Community Crack Community

In 2013, the Crack Community forum, which allows users to discuss cracks in games and ways to get access to other websites, was hacked and more than 19,000 member account information including email addresses, IP addresses, passwords and usernames was stolen and published online.

Cannabis.com Cannabis.com

In February 2014, Cannabis.com's online forum was breached and more than 227,000 accounts and 10,000 private messages were stolen. The hack included dates of birth, email addresses, geo location, passwords, Instant Messager IDs, IP addresses and usernames.

Nival Nival

In February 2016, a Russian gaming company called Nival was hacked in an effort to protest the foreign policy stance of the country against Ukraine. The hack resulted in more than 1.5 million user accounts being stolen including avatars, dates of birth, email addresses, genders, names, languages and usernames.

Business Acumen Magazine Business Acumen Magazine

In April 2014, the website for Business Acumen Magazine, was hacked and 26,000 member account information was stolen including email addresses, names, passwords and usernames.

Boxee Boxee

In March 2014, Boxee, a home theater PC software company, was hacked and approximately 160,000 customer records were stolen that contained dates of birth, email addresses, geo location passwords, Instant Messenger IDs, IP addresses, private messages and usernames.

Black Hat World Black Hat World

In June 2014, the SEO forum, Black Hat World, was hacked and approximately 750,000 member accounts were breached. Hackers stole dates of birth, email addresses, Instant Messenger IDs, IP addresses, password and usernames.

BigMoneyJobs.com BigMoneyJobs.com

In April 2014, the website bigmoneyjobs.com was hacked and information from more than 36,000 custumer accounts were taken including career and education levels, email address, home addreses, names, passwords, phone numbers and website activity.

Bell Canada Bell Canada

In February 2014, Bell Canada, the telecommunications company, was hacked and and 40,000 customer records were stolen that included credit card, gender, password and username information.

Battlefield Heroes Battlefield Heroes

In June 2011, a hacker group infiltrated the game Battlefield Heroes and stole 500,000 players' passwords and usernames.

Avast Avast

In May 2014, Avast, anti-virus forum, was hacked and approximately 423,000 member email addresses, passwords and usernames were stolen.

AstroPID AstroPID

In December 2013, an online forum for AstroPID, a website that provides tips on fraudulently obtaining goods and services, was hacked and approximately 6,000 email addresses, Instant Messenger IDs, IP addresses, names, passwords, private messages and usernames was stolen and publicly published.

AhaShare.com AhaShare.com

In May 2013, AhaShare.com, which is a torrent website, was breached and more than 180,000 email addresses, genders, geo locations, IP addresses, passwords, usernames and year of births were stolen and published for the public to view.

Acne.org Acne.org

In November 2014, Acne.org, which is a website about the skin disease, was hacked and resulted in more than 430,000 forum members' dates of birth, email address, IP addresses, passwords and usernames being stolen and traded in underground forums.

Yahoo Yahoo

In July 2012, the Yahoo! online publishing service called Voices was breached and almost 500,000 email addresses, passwords and usernames were stolen and published.

XSplit XSplit

In November 2013, Xsplit, a gaming live streaming and re-coding software, was hacked and nearly 3 million user email addresses, names, passwords and usernames were published online.

Vtech Vtech

In November 2015, the Vtech Learning Lodge website was hacked and approximately 6.4 million parents' and children's' accounts were breached and published including information about the users' dates of birth, email addresses, genders, home addresses, IP addresses, names, passwords, security questions and answers and usernames.

vBulletin vBulletin

In October 2015, vBulleten, a forum software maker, was breached and hackers boasted that they stole 480,000 user records, which including information about the user's dates of birth, email addresses, Instant Messenger IDs, IP addresses, passwords and security questions and answers.

Sony Sony

In 2011, Sony suffered several breaches from several different Sony products and services that resulted in more than 37,000 account details being stolen and published including email addresses, dates of birth genders, home addresses, names, passwords, phone numbers and usernames.

PHP Freaks PHP Freaks

In October 2015, PHP Freaks, a discussion board, was hacked and 173,000 user accounts were stolen including dates of birth, email addresses, IP addresses, passwords and usernames.

Patreon Patreon

In October 2015, Patreon, a crowdfunding website, was hacked and more than 16 GB of sensitive data was stolen and released online including email addresses, payment histories, private messages and website activity.

Paddy Power Paddy Power

In October 2010, Paddy Power, an Irish bookmaker, was breached and 750,000 customer records were stolen including account balances, dates of birth, email addresses, home addresses, IP addresses, names, phone numbers, security questions and answer and usernames.

mSpy mSpy

In May 2015, the spy software mSpy was breached and published on the Internet. The hackers published device usage tracking data which included personal information stored on their online service.

MedStar Health Inc. MedStar Health Inc.

MedStar, a non-profit healthcare organization in the D.C./Baltimore area, reported at the end of March 2016 that they were the victim of a ransomeware attack; however, they maintain that hackers were unable to gain access to any sensitive data.

Medical Informatics Engineering Medical Informatics Engineering

Medical Informatics Engineering, a medical software company, advised 3.9MM individuals, whose data they were storing for their medical facility customers, that their servers were hacked and sensitive data like treating physicians' name, medical conditions, birthdates, diagnosis, lab results and Social Security numbers were breached.

Mail.ru Mail.ru

In September 2014, hackers dumped almost 5 million email addresses and passwords on a Russian Bitcoin Security Forum. The exact source of the hack is not known but the published hacked data was substantiated.

LivingSocial LivingSocial

Popular daily deals and promotions website, LivingSocial, notified their 50MM member user base that they were breached in April 2013 and that hackers may have gained access to their names, encrypted passwords, usernames and dates of birth. The company reassured members that there was no breach of any credit card information.

LinkedIn LinkedIn

In June 2012, an unknown hacker breached LinkedIn's servers to gain access to their user's personal data. The hacker also breached eHarmony's servers at the same time and released a combined total of 8 million passwords from members of both companies.

Landry’s Inc. Landry’s Inc.

Landry's Inc., which manages over 500 restaurants in the United States, determined in December 2015 that they had been breached in May 2015. The breach affected an undisclosed number of patrons who dined at 43 different restaurant chains across the county.

LANDESK LANDESK

Security software company, LANDESK, acknowledged in November 2015 that it had been hacked and that some of its past and current employees' personal information including possibly their names and Social Security numbers. The total number of affected is unknown; however, outside investigation revealed that the breach may have been ongoing for more than 17 months.

Kickstarter Kickstarter

The popular crowdfunding website, Kickstarter, was notified by authorities in February 2014 that they were the hacked and that their database of users' personal information was breached. Kickstarter assured members in their subsequent announcement that no credit card information was stolen.

JPMorgan Chase JPMorgan Chase

Starting in June 2014, hackers breached JPMorgan Chase's system and gained access to 76MM personal accounts and approximately 7MM small business bank accounts, which unfortunately included information above and beyond just the customer's account information.

Hyatt Hotels Hyatt Hotels

Between August 13, 2015 and December 8, 2015, 250 Hyatt hotels across 50 countries were breached by hackers who installed malware on the Hyatt payment processing system.

Heroes of Newerth Heroes of Newerth

In December 2012, hackers infiltrated member information from Heroes of Newerth, a multiplayer online battle arena game, and stole email addresses, passwords and usernames.

Hemmakvall Hemmakvall

In July 2015 a video store chain called Hemmakvall was hacked and the email addresses, home addresses, names, passwords and phonenumbers of approximately 50,000 customers was stolen and published.

Heartland Payment Systems Heartland Payment Systems

On January 2009, Heartland Payment Systems became involved in the largest credit card scam in history when hackers accessed 130MM consumer records containing debit and credit card information. As a result, Heartland paid more than $110MM to credit card issuers to settle claims from the credit card holders.

Hannaford Bros. Supermarket Hannaford Bros. Supermarket

On December 2007, Hannaford Bros. Supermarket was the victim of a cyber breach that resulted in 4.2MM customer credit and debit card numbers being illegally accessed, which resulted in more than 1,800 incidents of credit card fraud by the victimized customers, many of whom filed lawsuits and class action suits against Hannaford Bros. Supermarket.

Gawker Gawker

In December 2010 the website Gawker was hacked and 1.3 million of their user's information including email addresses, passwords and usernames was stolen and published.

Gamigo Gamigo

In March 2012 an online gaming company out of Germany called Gamigo was hacked and more than 8 million of their member's email addresses and passwords was stolen.

Adult Friend Finder Adult Friend Finder

In May 2015, Adult Friend Finder, which is an adult hookup website, had nearly 4 million records stolen by hackers and published publicly. The hackers stole and published dates of birth, email addresses, gender, geo location, IP addresses, races, relationship statuses, secual preferences, language and usernames.

Fridae Fridae

In May 2014, an Asian LGBT website called Fridae was hacked and resulted in more than 25,000 user accounts being compromised including the account email addresses, passwords and usernames.

Forbes Forbes

In February 2014, the website Forbes was hacked and more than 1 million user accounts were stolen which included information about user's email addresses, passwords and usernames.

Excellus Excellus

The insurance carrier, Excellus BlueCross BlueShield, was breached as early as December 2013, which resulted in approximately 10.5MM member accounts being compromised including member's names, addresses, Social Security numbers, medical claim records, insurance ID numbers and financial information.

Experian Experian

Experian reported in October 2015 that 15MM customer accounts were compromised through one of its credit card processing companies that it uses for one of its clients, T-Mobile. The breach occurred between September 2013 and September 2015.

Evernote Evernote

On February 2013, Evernote, a popular online note-taking software, was breached, which left its 50MM users vulnerable. Evernote realized the hack occurred the following month and quickly requested that its entire user base reset their passwords. Hackers gained access to user's email addresses, usernames, and passwords, but not payment information according to Evernote.

eBay eBay

On May 2014, eBay advised their 145MM users that they should reset passwords because a hacker infiltrated accounts and gained access to customer names, passwords, email addresses, home addresses, phone numbers and dates of birth. eBay assured users that the hackers did not access associated Paypal accounts.

Domino’s Domino’s

In June 2014, Domino's Pizza in France and Belgium was hacked and the stolen customer information was held ransom. When Domino's refused to pay the ransom the email addresses, home addresses, names, passwords and phone numbers of almost 650,000 customers was released in January 2015.

Court Ventures Court Ventures

In March 2014, Court Ventures, a subsidiary of Experian, unknowingly provided access to a hacker in Vietnam who illegally sold the personal information of 1,300 people, which resulted in taxpayer identity fraud.

Comcast Comcast

In November 2015, Comcast was breached and information from approximately 590,000 customer accounts were stolen including email addresses, home addresses and passwords.

Bitcoin Security Forum Bitcoin Security Forum

In September 2014, approximately 5 million passwords and email addresses for Gmail accounts were hacked from an undisclosed location and posted on a Russian Bitcoin forum. Although the source and location of the hack was never confirmed the information was confirmed as real.

BaileysOnline.com BaileysOnline.com

In December 2011, the online retail and outdoor equipment company, BaileysOnline.com, was breached and the personal credit card and debit card data of approximately 250,000 customers was stolen.

AshleyMadison.com AshleyMadison.com

In July 2015, Ashley Madison, which is an adult infidelity website, was targeted by hackers who threatened to release sensitive data about their customers if the site wasn't shut down. In August 2015, the hackers released 25 gigs of very sensitive data about 37 million Ashley Madison members including dates of birth, email addresses, ethnicity, ...

AOL AOL

In April 2014, AOL became aware of a cyber breach after their members complained of frequent spam from a particular email address. AOL reported that approximately 2% of the tens of millions of AOL accounts was affected by the breach.

Android Forum Android Forum

In October 2011, a website for an Android Forum was hacked, which resulted in approximately 745,000 dates of birth, email addresses, Instant Messenger IDs, IP addresses and passwords being stolen and published .

America’s Thrift Store America’s Thrift Store

In September 2015, the third-party payment provider used by America's Thrift Store, a charity store, was hacked by a malware-based security breach that resulted in in the theft of an undisclosed number of customer credit card and pin information.

000webhost.com 000webhost.com

In March 2015, 000webhost, which is a free web hosting service, was the victim of a data breach. Hackers stole and sold more than 13 million customer records including names, email address, IP addresses and passwords before 000webhost was even made aware of the hack.

The Fappening The Fappening

In December 2015, The Fappening, which is a popular forum to discuss leaked naked celebrity photos, was breached and approximately 179,000 member accounts were compromised including information about the user's email addressees, usernames and passwords.

Mate1.com Mate1.com

In February 2016, Mate1.com, com, which is a dating website, was breached and more than 27MM member information was disclosed including dates of birth, habits, education levels, email addresses, passwords, personal descriptions, income levels and job titles.

Internal Revenue Service Internal Revenue Service

In May 2015, hackers flooded the tax agency’s online “get transcript” tool. After an extensive, nine-month review of the incident, the IRS revealed that approximately 724,000 taxpayer records were accessed, which were then used to claim refunds conservatively totaling more than $50 million.

Anthem Anthem

In February 2015, Anthem, the second-largest health insurer in the U.S., revealed that its customer database had been breached. Stolen data included names, addresses, dates of birth, Social Security numbers and employment histories.

Home Depot Home Depot

In 2014, the same Russian hacker organization that hit Target the year prior breached Home Depot's credit card system and gained access to 56MM credit and debit card numbers and pins using a sophisticated malware software that went undetected by Home Depot for many months.

Target Target

In mid-December 2013, hackers gained access to 70 million Target customer’s credit and debit card information as well as personal information including names, mailing addresses, email addresses and phone numbers.

Adobe Adobe

In October 2013, 153 million Adobe active and inactive accounts were breached. Hackers were able to access approximately 38 million accounts with sensitive data including email addresses, passwords and usernames and 3 million of those accounts also contained credit card information.

View More ›
View More ›
  • Fake Profile Pictures

    Fake Profile Pictures

    Fake profile pictures are used all over the Internet in association with …
  • YouTube Impersonation

    YouTube Impersonation

    Over the course of its 11-year history as a video-watching phenomenon, YouTube …
  • Pinterest Impersonation

    Pinterest Impersonation

    Pinterest's increased popularity has led to the rise of Pinterest impersonations, whereby …
View More ›
View More ›
View More ›