Bigger and bigger data flows mean ever more spectacular cybercrimes. The dark side of technology just hit home hard. On July 29, Capital One Financial Corp. (COF), the fifth largest credit card issuer in the U.S., revealed that a hacker accessed personal data on 106 million customers and applicants. A hack on credit bureau Equifax in September of 2017 exposed personal data of 143 million customers, including 209,000 credit card details.
According to the non-profit Identity Theft Report Center (ITRC), data breaches in 2018 totaled 1244, with 446,575,334 records exposed. While the number of breaches fell from 1632 in 2017, the amount of records exposed tripled. They exposed card details of more than 64.4 million cards.
Here’s a look at some of the largest credit card breaches in the U.S.
Capital One, the fifth largest credit card issuer in the Unites States, revealed on July 29th, 2019, that a hacker accessed the personal information of around 106 million customers and applicants in the United States and Canada. The information that was accessed included highly personal details on consumers and small businesses, including names, social security numbers, income and dates of birth as of the time they applied for one of several credit card products from 2005 through early 2019.
2. Heartland Systems 2009: 160 Million Cards
A lone hacker broke into the systems of the payment processing company in 2009 and was later caught and jailed. In 2013, five people, including this hacker, were indicted for attacking a number of retailers, financial institutions and payment processing firms and stealing personal identification and credit/debit card data. The total mentioned in that indictment was 160 million cards. Other companies affected included Nasdaq, 7-Eleven, Carrefour, JC Penney, Hannaford, Wet Seal, Commidea, Dexia, JetBlue, Dow Jones, Euronet, Visa Jordan, Global Payment, Diners Singapore and Ingenicard. (See Also: Wendy's Credit Card Hack Worse Than It Thought.)
The company that own retailers like TJMaxx and Marshall's was a target of a cyber-attack in 2006, reported the Associated Press. While data for both Visa (V) and MasterCard (MA) credit cards was stolen, the AP reported that for Visa alone, the fraud related losses could be to the tune of $68 million to $83 million, spread across 13 countries. Consumer Affairs reported that the company ended up paying $41 million to Visa, $24 million to MasterCard and another $9.75 million in consumer protection settlement to 41 states. (See also: Noodles & Company Reveals a Massive Credit Card Hack.)
4. TRW/Sears: 90 Million Cards
Almost 33 years ago, the New York Times reported that the password for a leading credit union TRW was stolen from a Sears (SHLD) store on the West Coast. That password unlocked the credit histories and personal information that could subsequently be used to obtain credit card numbers. (See also: Will Vera Bradley's Credit Card Breach Hurt Sales?)
This 2014 attack on the do-it-yourself retailers was perpetrated through a "unique, custom-built malware” according to the Wall Street Journal. Fortune magazine reported that Home Depot ended up paying $25 million to banks, $134.5 million to card companies like Visa and MasterCard and $19.5 million to affected customers.(See also: Credit Card Breach: How To Stay Safe.)