Visualizing The 50 Biggest Data Breaches From 2004–2021

View high-resolution version of infographic

This graphic visualizes the 50 largest data breaches, by entity and sector, since 2004.

Visualizing The 50 Biggest Data Breaches From 2004–2021

As our world has become increasingly reliant on technology and data stored online, data breaches have become an omnipresent threat to users, businesses, and government agencies. In 2021, a new record was set with more than 5.9 billion user records stolen.

This graphic by Chimdi Nwosu visualizes the 50 largest data breaches since 2004, along with the sectors most impacted. Data was aggregated from company statements and news reports.

Understanding the Basics of Data Breaches

A data breach is an incident in which sensitive or confidential information is copied, transmitted or stolen by an unauthorized entity. This can occur as a result of malware attacks, payment card fraud, insider leaks, or unintended disclosure.

The targeted data is often customer PII (personally identifiable information), employee PII, intellectual property, corporate data or government agency data.

Date breaches can be perpetrated by lone hackers, organized cybercrime groups, or even national governments. Stolen information can then be used in other criminal enterprises such as identity theft, credit card fraud, or held for ransom payment.

Notable Data Breaches Since 2004

The largest data breach recorded occurred in 2013 when all three billion Yahoo accounts had their information compromised. In that cyberattack, the hackers were able to gather the personal information and passwords of users. While the full extent of the Yahoo data breach is still not fully realized, subsequent cybercrimes across the globe have been linked to the stolen information.

Here are the 50 largest data breaches by amount of user records stolen from 2004–2021.

Rank Entity Sector Records Compromised Year
1 Yahoo Web 3.0B 2013
2 River City Media Web 1.4B 2017
3 Aadhaar Government 1.1B 2018
4 First American Corporation Finance 885M 2019
5 Spambot Web 711M 2017
6 Linkedin Web 700M 2021
7 Facebook Tech 533M 2021
8 Yahoo Web 500M 2014
9 Marriott International Retail 500M 2018
10 Syniverse Telecoms 500M 2021
11 Facebook Web 419M 2019
12 Friend Finder Network Web 412M 2016
13 OxyData Tech 380M 2019
14 MySpace Web 360M 2016
15 Exactis Data 340M 2018
16 Twitter Tech 330M 2018
17 Airtel Telecoms 320M 2019
18 Indian citizens Web 275M 2019
19 Wattpad Web 270M 2020
20 Microsoft Web 250M 2019
21 Experian Brazil Finance 220M 2021
22 Chinese resume leak Web 202M 2019
23 Court Ventures Finance 200M 2013
24 Apollo Tech 200M 2018
25 Deep Root Analytics Web 198M 2015
26 Zynga Gaming 173M 2019
27 VK Web 171M 2016
28 Equifax Finance 163M 2017
29 Dubsmash Web 162M 2019
30 Massive American business hack Finance 160M 2013
31 MyFitnessPal App 150M 2018
32 Ebay Web 145M 2014
33 Canva Web 139M 2019
34 Heartland Finance 130M 2009
35 Nametests App 120M 2018
36 Tetrad Finance 120M 2020
37 LinkedIn Web 117M 2016
38 Pakistani mobile operators Telecoms 115M 2020
39 ElasticSearch Tech 108M 2019
40 Capital One Finance 106M 2019
41 Thailand visitors Government 106M 2021
42 Firebase App 100M 2018
43 Quora Web 100M 2018
44 Web 98M 2012
45 TK / TJ Maxx Retail 94M 2007
46 MyHeritage Web 92M 2018
47 AOL Web 92M 2004
48 Dailymotion Web 85M 2016
49 Anthem Health 80M 2015
50 Sony Playstation Network Gaming 77M 2011

The massive Yahoo hack accounted for roughly 30% of the 9.9 billion user records stolen from the Web sector—by far the most impacted sector. The next most-impacted sectors were Tech and Finance, with 2 billion and 1.6 billion records stolen, respectively.

Although these three sectors had the highest totals of user data lost, that doesn’t necessarily imply they have weaker security measures. Instead, it can probably be attributed to the sheer number of user records they compile.

Not all infamous data breaches are of a large scale. A smaller data breach in 2014 made headlines when Apple’s iCloud was hacked and the personal pictures of roughly 200 celebrities were disseminated across the internet. Although this highly targeted hack only affected a few hundred people, it highlighted how invasive and damaging data breaches can be to users.

The Cost of Data Breaches to Businesses

Every year data breaches cost businesses billions of dollars to prevent and contain, while also eroding consumer trust and potentially having an adverse effect on customer retention.

A 2021 IBM security report estimated that the average cost per data breach for companies in 2020 was $4.2 million, which represents a 10% increase from 2019. That increase is mainly attributed to the added security risk associated with having more people working remotely due to the COVID-19 pandemic.

Measures to Improve Data Security

Completely preventing data breaches is essentially impossible, as cybercrime enterprises are often persistent, dynamic, and sophisticated. Nevertheless, businesses can seek out innovative methods to prevent exposure of data and mitigate potential damages.

For example, after the iCloud attack in 2014, Apple began avidly encouraging users to adopt two-factor authentication in an effort to strengthen data security.

Regardless of the measures businesses take, the unfortunate reality is that data breaches are a cost of doing business in the modern world and will continue to be a concern to both companies and users.

The post Visualizing The 50 Biggest Data Breaches From 2004–2021 appeared first on Visual Capitalist.

Previous post Frisian Islands challenge North Sea drilling plan
Next post Tesla shares drop after Elon Musk’s email
Translate »