Related Links

Top 5 Stories


Data Breach Scoreboard

06 November 2012
Drew Amorosi

Infosecurity compiles history’s top data breaches, while surveying the mandatory reporting landscape in the US and Western Europe

Data Breach Reporting Requirements 

These United States? 

*Imation’s Heat index map of data breach notification laws, based on evaluation of individual state laws obtained from the National Conference of State Legislatures website and evaluations available online from various law firms

Most Strict Data Breach Notification Laws by US State/Territory
New York
Source: Imation's Heat index map; does not include four US states with no notification requirements



Least Strict Data Notification Laws by US State/Territory
US Virgin Islands
North Dakota
Source: Imation's Heat index map; does not include four US states with no notification requirements


European Disunion

Sources: ENISA, Morrison & Foerster LLP

 Top Data Breaches – All Time (no. of records)*

1. Shanghai Roadway D&B Marketing Services (150 million)
2. Heartland Payment Systems (130 million)
3. TJX Companies (94 million)
4. TRW, Sears Roebuck (90 million)
5. Sony Corporation (77 million)
6. Tianya (40 million)/Tianya (40 million)
7. Steam [Valve Inc.] (35 million)/SK Communications (35 million)
8. Rock You Inc (32 million)
9.US Dept of Veterans Affairs (26.5 million) 
*List includes only individual incidents with a confirmed no. of disclosed records
Source: Open Security Foundation,


 Most Significant Data Breaches*

1. RSA's SecurID (2011)
2. Heartland Payment Systems (2009)
3. HM Revenue and Customs (2007)
4. Sony Corporation (2011)
5. Epsilon (2011)
*As rated by impact poll of Infosecurity's editors and Editorial Advisory Board


Global Reported Data Breach Incidents by Sector

Source: Open Security Foundation,


Reported Worldwide Data Breach Incidents by Year

*As of Sept. 14, 2012. Source: Open Security Foundation,

This article is featured in:
Compliance and Policy  •  Data Loss  •  Industry News  •  Internet and Network Security  •  Public Sector


Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×