Slideshow: 15 worst data breaches

Data security breaches happen daily in too many places at once to keep count. But what constitutes a huge breach versus a small one? For some perspective, we take a look at 15 of the biggest incidents in recent memory.

File photo

Heartland Payment Systems

Impact: 134 million credit cards exposed through SQL injection to install spyware on Heartland's data systems.

File photo

TJX

Impact: 94 million credit cards exposed. According to KNOS Project cofounder and chief architect Kevin McAleavey, this was possible because TJX's network wasn't protected by any firewalls. Albert Gonzalez, hacking legend and ringleader of the Heartland breach, was convicted and sentenced to 40 years in prison, while 11 others were arrested.

File photo

Epsilon

Impact: Exposed names and e-mails of millions of customers stored in more than 108 retail stores plus several huge financial firms like CitiGroup Inc. and the non-profit educational organization, College Board.

File photo

RSA

      • Impact: Possibly 40 million employee records stolen. The impact of the cyber attack that stole information on the company's SecurID authentication tokens is still being debated. The company said two separate hacker groups worked in collaboration with a foreign government to launch a series of spear phishing attacks against RSA employees, posing as people the employees trusted, to penetrate the company's network. EMC reported last July that it had spent at least $66 million on remediation.
File photo

Stuxnet

Impact: Meant to attack Iran's nuclear power program, but will also serve as a template for real-world intrusion and service disruption of power grids, water supplies or public transportation systems.

File photo

Department of Veterans Affairs

Impact: An unencrypted national database with names, Social Security numbers, dates of births, and some disability ratings for 26.5 million veterans, active-duty military personnel and spouses was stolen.

File photo

Sony PlayStation Network

Impact: 77 million PlayStation Network accounts hacked; Sony is said to have lost millions while the site was down for a month.

File photo

ESTsoft

Impact: The personal information of 35 million South Koreans was exposed after hackers breached the security of a popular software provider.

File photo

Gawker Media

Impact: Compromised e-mail addresses and passwords of about 1.3 million commenters on popular blogs like Lifehacker, Gizmodo, and Jezebel, plus the theft of the source code for Gawker's custom-built content management system.

File photo

Google, etc.

      • Impact: Stolen intellectual property. In an act of industrial espionage, the Chinese government launched a massive and unprecedented attack on Google, Yahoo, and dozens of other Silicon Valley companies. The Chinese hackers exploited a weakness in an old version of Internet Explorer to gain access to Google's internal network. 
File photo

VeriSign

      • Impact: Undisclosed information stolen. Security experts are unanimous in saying that the most troubling thing about the VeriSign breach, or breaches, in which hackers gained access to privileged systems and information, is the way the company handled it -- poorly. VeriSign never announced the attacks. The incidents did not become public until 2011, through a new SEC-mandated filing.
File photo

CardSystems

Impact: 40 million credit card accounts exposed. CSS, one of the top payment processors for Visa, MasterCard, American Express is ultimately forced into acquisition.

File photo

AOL

Impact: Data on more than 20 million web inquiries, from more than 650,000 users, including shopping and banking data were posted publicly on a web site.

File photo

Monster.com

Impact: Confidential information of 1.3 million job seekers stolen and used in a phishing scam.

File photo

Fidelity National Information Services

Impact: An employee of FIS subsidiary Certegy Check Services stole 3.2 million customer records including credit card, banking and personal information.