The 9 Biggest Data Breaches Of All Time

AshleyMadison.com isn't even one of them.

The issue of cybersecurity is once again in the spotlight after user data stolen from affair website AshleyMadison.com was published online Tuesday afternoon, exposing personal information for more than 30 million accounts.

This attack is only the latest in a series of super-sized data breaches that have taken place since the early 2000s. A huge number of private corporations, academic institutions and government agencies all around the globe have been attacked by hackers, according to InformationIsBeautiful.com, a site that collects and distills data into easy-to-read infographics and diagrams.

The Ashley Madison hack proves -- as so many incidents before it did -- that our data is all too often not safe, whether we're building a dating profile or shopping on Amazon. “Most people have no idea how vulnerable we are,” Rick Holland, a security analyst at advisory firm Forrester Research, told The Huffington Post's Alexis Fitts this week.

How comforting. With that in mind, check out the list below to learn about the nine biggest data breaches ever.

9
The Home Depot (2014) - 56 million records
Joe Raedle via Getty Images

The Home Depot admitted in September 2014 that hackers had used malware to break into the company's system and had exposed 56 million debit and credit cards.

8
Target (2013) - 70 million records
Vince Talotta via Getty Images

Hackers were able to access the retail giant's system for nearly a month. Target initially said the attackers had swiped 40 million credit and debit cards, but it later revised its figures to say that 70 million customers were affected.

7
JP Morgan Chase (2014) - 76 million records
Andrew Burton via Getty Images

The largest bank in the nation was the victim of a high-profile cyberattack during the summer of 2014. The breach compromised the data of 76 million households -- more than half of all U.S. households -- and 7 million small businesses.

6
Sony PSN (2011) - 77 million records
Bloomberg via Getty Images

In late April, Sony warned its customers that hackers had stolen personal information for 77 million user accounts of the PlayStation Network, an online gaming service. The company temporarily shut down the PSN after discovering the breach.

5
Anthem (2015) - 80 million records
David McNew via Getty Images

In January 2015, hackers broke into the health insurance giant's records and pillaged names, Social Security numbers and other sensitive information for up to 80 million customers.

4
TJX (2003) - 94 million records
Bloomberg via Getty Images

TJX, the parent company of stores like T.J. Max and Marshalls, said in 2007 that hackers had compromised the information of 94 million customer accounts. Previously it said that 45.7 million credit and debit card numbers had been affected since as far back as 2003.

3
Heartland (2006-2008) - 130 million records
Bloomberg via Getty Images

From late 2006 to early 2008, hackers breached Heartland Payment Systems -- one of the world's largest payment processing companies -- and made off with more than 130 million credit and debit card numbers. Prosecutors at the time called it the "largest case of computer crime and identity theft ever prosecuted," according to The New York Times.

2
eBay (2014) - 145 million records
Justin Sullivan via Getty Images
In May 2014, the e-commerce giant asked its customers to change their passwords, after a historic data breach exposed names, addresses, dates of birth and encrypted password of 148 million users. Financial information (credit card numbers, etc) was stored separately and, therefore, wasn't compromised.
1
American business hack (2005-2012) - 160 million records
Thomas Trutschel via Getty Images

Over the course of eight years, a hacking group from Russia and Ukraine targeted banks and companies, including Nasdaq, 7-11, JetBlue and JC Penney. The hackers stole 160 million credit and debit card numbers and breached 800,000 bank accounts. It is the largest cyber crime case filed to date.

(Note: This list includes only instances of hackers externally accessing a company's records, not leaks or data dumps from individuals within the company.)

___

Lorenzo Ligato covers technology and Internet culture, and is based in New York. You can contact him at lorenzo.ligato@huffingtonpost.com or on Twitter: @lorenzowrites.

____

Close

What's Hot