We all like to think that the companies that have our credit-card information—the banks, entertainment companies, and government agencies—are able to protect our valuable information.
Unfortunately, that isn’t always the case.
CSO Online recently ran a list of some of the worst data security breaches of the 21st Century. And if you want to worry about the safety of your financial and personal information? This list gives you plenty of cause.
For instance, the list covers the December 2006 security breach suffered by retail giant TJX Companies in which the credit-card information of 94 million customers was exposed.
There are two theories about how this security breach happened. One view is that a group of hackers took advantage of a weak data encryption system and stole credit-card data during a wireless transfer between a pair of Marshall’s stores in Miami. A second theory is that hackers broke into the TJX network through kiosks inside actual stores that allowed people to apply for jobs.
The upshot? Albert Gonzalez, a legend in the hacking community, was arrested and sentenced to 40 years in prison for the scheme.
Department of Veterans Affairs
In May of 2006, hackers stole an unencrypted database with the names, Social Security numbers, birthdates, and disability ratings for 26.5 million Military veterans, active-duty military personnel, and spouses.
The database was, amazingly, stored on a laptop and external hard drive that were both stolen from the home of an analyst with the Veterans Administration.
This case ended with a fairly happy ending as an unknown person returned the stolen laptop and hard drive about a month after the theft.
Sony’s PlayStation Network
PlayStation Network suffered what is still viewed as the worst gaming community data breach ever in April of 2011. Hackers compromised the accounts of 77 million PlayStation Network accounts, and Sony reportedly lost millions of dollars by shutting down the site for a month.
Sony says it has still not found the source of this hack, but as CSO Online says, the hackers gained access to full names, passwords, email addresses, home addresses, purchase histories, and credit-card numbers of PlayStation Network gamers.