2014 might be remembered as the year of compromise. According to data publishing platform Silk, nearly 290.5 million records were compromised in the top 11 breaches of all time. With a record 783 breaches last year, according to the Identity Theft Resource Center and Identity Theft 911, breach totals are 27.5 percent higher than in 2013.
While cumulative losses are a moving target thanks to long-tail exposure, the average cost is rising. According to global investigations firm Kroll, the average cost of a data breach hit $5.9 million in 2014, up 9 percent from the previous year. Worse, few of the culprits are ever caught. Some of the worst losses, in fact, have yet to be quantified, and may not be given the ways in which stolen data has been spread globally.
Data breaches are expected to reach $2.1 trillion globally by 2019, according to a Juniper Research study. That number is four times the estimated cost of 2015 expected breach losses. Yet the full scope data breach losses may never be known. Many breaches affect records and may not show financial impact for years.
To date, the costliest data breaches are:
10. The Home Depot – up to $56 million
A cyberattack in September 2014 on the big box retailer resulted in 56 million credit and debit card records being compromised. Malware launched on the company’s systems remained there for five months before being detected and removed. So far, the company has paid out $33 million in reparations, and that number is expected to reach $56 million.
9. Sony Pictures Entertainment – $100 million
In late 2014, Sony’s entertainment subsidiary was hit with a hacking attack in which hackers, calling themselves Guardians of Peace, claimed to have stolen 100 terabytes of data from Sony’s system. The group then launched a malware program on Sony’s computers to erase the company’s data. The estimated cost of recovery: $100 million.
8. Anthem – $100 million+
In February 2015, health insurer Anthem underwent a cyberattack that revealed the personal information of nearly 80 million people. The amount of information stolen, including names, addresses, and Social Security numbers, leaves Anthem’s customers and former customers open to potential identity theft. Current estimates on the breach costs are expected to surpass $100 million.
(Photo: The rare NYC Home Depot)
7. Heartland Payment Systems – $140 million
The credit card processing company announced in early 2009 that over 130 million credit and debit card records were exposed when the company’s systems were compromised by malware in 2008. In what was, until recently, the costliest breach in history, Heartland paid over $140 million in costs, fines and penalties.