15 Most Outrageous Data Loss Incidents of all Time

15. British Home Office loses data on all English & Wales prisoners

• Data on 84,000 prisoners was lost– British Home Officer ‘misplaced’ a thumb drive

• Employee thought it was a good idea to download all England & Wales prisoners’ data from secure servers to a thumb drive!

• This was ‘okayed’ as long as this person didn’t lose it…

14. Ma.gnolia Meltdown

• Ma.gnolia went down in January 2009 • Data was lost forever in the cloud– Database failed– No backup– No effective recovery solution

• Users turned to Delicious• Data corruption and loss can be redeemed but

faith in cloud services is irreparable

13. Daily Mail loses employee data

• Daily Mail was a company that pointed out fallacies of government when it lost data, slipped up, or jeopardized security.

• Daily Mail met some karma in 2008 when one of their laptops was stolen– Contained personal information on thousands of

the organization’s staff – including bank account numbers

12. Department of Veteran Affairs Stolen Laptop

• Employee took a laptop home and it ‘mysteriously’ disappeared – Data & info on 27 million veterans and GI’s were

on laptop• 2 months later and 4 miles away, the laptop

was being sold– Hard drive appeared to not have been touched– Sheer luck that no one accessed the data

11. British Royal Navy data stolen

• Lost information on everyone who applied to join the armed forces for past ten years

• Royal Navy Officer left laptop in his car – it was soon stolen

• Lesson learned: lock your car door (or better yet, don’t leave an unattended laptop in your car!)

10. Microsoft Loses Sidekick user data

• Microsoft acquired T-Mobile’s Sidekick phone• Every user’s data was lost promptly after the

acquisition– Loss was result of server failure at either Microsoft

or Danger, former owner of Sidekick• Data was eventually recovered for most users

9. Virginia loses prescription drug records

• Man hacked into Virginia State Government’s Prescription Monitoring Program – Downloaded 8.3 million health records

• He then issued random statement– “I don’t know what all this [expletive] is worth or

who would pay for it, but I’m bettin’ someone will.”

• The Government did pay, unclear if hacker was ever identified

8. Health Net Insurance Loses Data on 1.5 Million Customers

• Portable hard drive was lost– 1.5 million patients’ data was lost

• Attorney General promised an investigation• Lesson learned: that much information should

NOT be portable

7. VeriSign: Not as secure as you thought

• VeriSign is a security confirmation company for online websites to reassure customers that their data is safe when making a purchase

• Data loss occurred when laptop was lost – Contained private information on all Verisign

employees including SSN’s, telephone numbers, salaries, etc.

6. Courier Service Loses Data on 25 Million People

• Government department copied info on 25 million people onto a pair of CDs sent them by courier from HM Revenue and Customs to the National Audit Office– Discs never showed up

• Even worse, this isn’t the first time this has happened to this government agency!

5. Los Alamos Computers Go Missing

• The Los Alamos nuclear weapons facility deals with highly sensitive data

• Did not take special precautions to protect it• Laptops go missing periodically– As of 2008, 80 laptops had gone missing

• Lesson learned: Tighten security if this is a recurring problem!

4. Bank of America loses data on 1.2 million government employees

• BoA lost a backup tape containing personal data from 1.2 million government employees

• If BoA is responsible for securing billions of dollars, how can they lose a backup tape?

• One employee whose data was compromised: Senator Patrick Leahy (D-VT)

3. CardSystems Gets Hacked

• CardSystem manages credit and debit cards• Hackers hacked into CardSystems,

compromising 40 million people’s information• Security breach occurred at a third-party

processor of payment card transactions • 100,000 Visa accounts and 30,000 other card

brand accounts were hacked• Culprit: CardSystems failed to secure their

network although certified in 2004

2. National Archive and Records Loses 76 million social security numbers

• NARA, which keeps records for U.S. military, sent a broken hard drive for repair

• They failed to erase the information of 76 million military individuals as well as Secret Service and White House operations procedures– Single largest release of personal information by the

government ever• No breach of data occurred but incident itself is

significant

1. Heartland Payment System Hacking Exposes 130 million

• Albert Gonzalez and his cronies hacked Heartland Payment Systems, 6th largest credit card processor in the country

• Through an SQL injection, they managed to plant scripts that siphoned credit card and personal data of 130 million users

• Largest data breach of 2009, and possibly of all time

Lessons Learned

• Companies are not taking data security seriously

• Double think where you store data• Set data security policies within your

organization• Be careful where you send your data and how

it is handled• Never leave sensitive data out in the open

Protect Your Online Data

• If banks, government agencies, and credit card companies can’t secure your data, who can you trust with your data?

• Only a redundant backup will ensure your data will never be lost

• Protect your data with a Backupify free or premium social media backup account