Share

Related Links

Top 5 Stories

Feature

Data Breach Scoreboard

06 November 2012
Drew Amorosi

Infosecurity compiles history’s top data breaches, while surveying the mandatory reporting landscape in the US and Western Europe

Data Breach Reporting Requirements 

These United States? 

*Imation’s Heat index map of data breach notification laws, based on evaluation of individual state laws obtained from the National Conference of State Legislatures website and evaluations available online from various law firms

Most Strict Data Breach Notification Laws by US State/Territory
Virginia
New York
Michigan
Massachusetts
Indiana
Source: Imation's Heat index map; does not include four US states with no notification requirements

 

 

Least Strict Data Notification Laws by US State/Territory
US Virgin Islands
North Dakota
Mississippi
Montana
Nebraska
Source: Imation's Heat index map; does not include four US states with no notification requirements

 

European Disunion

Sources: ENISA, Morrison & Foerster LLP

 Top Data Breaches – All Time (no. of records)*

1. Shanghai Roadway D&B Marketing Services (150 million)
2. Heartland Payment Systems (130 million)
3. TJX Companies (94 million)
4. TRW, Sears Roebuck (90 million)
5. Sony Corporation (77 million)
6. Tianya (40 million)/Tianya (40 million)
7. Steam [Valve Inc.] (35 million)/SK Communications (35 million)
8. Rock You Inc (32 million)
9.US Dept of Veterans Affairs (26.5 million) 
*List includes only individual incidents with a confirmed no. of disclosed records
Source: Open Security Foundation, datalossdb.org

 

 Most Significant Data Breaches*

1. RSA's SecurID (2011)
2. Heartland Payment Systems (2009)
3. HM Revenue and Customs (2007)
4. Sony Corporation (2011)
5. Epsilon (2011)
*As rated by impact poll of Infosecurity's editors and Editorial Advisory Board

 

Global Reported Data Breach Incidents by Sector

Source: Open Security Foundation, datalossdb.org

 

Reported Worldwide Data Breach Incidents by Year

*As of Sept. 14, 2012. Source: Open Security Foundation, datalossdb.org

This article is featured in:
Compliance and Policy  •  Data Loss  •  Industry News  •  Internet and Network Security  •  Public Sector

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×