Bigger and bigger data flows mean ever more spectacular cybercrimes.The dark side of technology just hit home hard. A hack on credit bureau Equifax exposed personal data of 143 million customers, including 209,000 credit card details. While this by no means is the largest incident pertaining to credit cards it does shed light on a disturbing trend.
According to the non-profit Identity Theft Report Center (ITRC), data breaches that have led to exposure of credit or debit card information have increased in the first six months of this year. While 2016 saw 143 such incidents, the first half of this year alone has witnessed close to 100. But that's no measure of the actual damage such hacks can cause. In 2014, while the number of such attacks was lower than that in 2015, they exposed card details of more than 64.4 million cards.
Here’s a look at some of the largest credit card breaches in the U.S.
To date, the Heartland Payments Systems hack remains the largest data breach in history when it comes to credit or debit cards. A lone hacker broke into the systems of the payment processing company in 2009 and was later caught and jailed. In 2013, five people, including this hacker, were indicted for attacking a number of retailers, financial institutions and payment processing firms and stealing personal identification and credit/debit card data. The total mentioned in that indictment was 160 million cards. Other companies affected included Nasdaq, 7-Eleven, Carrefour, JC Penney, Hannaford, Wet Seal, Commidea, Dexia, JetBlue, Dow Jones, Euronet, Visa Jordan, Global Payment, Diners Singapore and Ingenicard. (See Also: Wendy's Credit Card Hack Worse Than It Thought.)
The company that own retailers like TJMaxx and Marshall's was a target of a cyber-attack in 2006, reported the Associated Press. While data for both Visa (V) and MasterCard (MA) credit cards was stolen, the AP reported that for Visa alone, the fraud related losses could be to the tune of $68 million to $83 million, spread across 13 countries. Consumer Affairs reported that the company ended up paying $41 million to Visa, $24 million to MasterCard and another $9.75 million in consumer protection settlement to 41 states. (See also: Noodles & Company Reveals a Massive Credit Card Hack.)
3. TRW/Sears: 90 Million Cards
Almost 33 years ago, the New York Times reported that the password for a leading credit union TRW was stolen from a Sears (SHLD) store on the West Coast. That password unlocked the credit histories and personal information that could subsequently be used to obtain credit card numbers. (See also: Will Vera Bradley's Credit Card Breach Hurt Sales?)
This 2014 attack on the do-it-yourself retailers was perpetrated through a "unique, custom-built malware” according to the Wall Street Journal. Fortune magazine reported that Home Depot ended up paying $25 million to banks, $134.5 million to card companies like Visa and MasterCard and $19.5 million to affected customers.(See also: Credit Card Breach: How To Stay Safe.)
Customer credit and debit card data was compromised at Target during the 2013 Black Friday weekend, WSJ reported. The breach was not just loss of reputation for the discount retailer but also big financial loss. A 2015 Reuters report says that the company spent $290 million related to the breach and expected insurance to cover close to $90 million out of that amount. The money spent by the company included $10 million settlement with shoppers, $67 million payment to Visa, $20.3 million to banks and credit unions and $19.1 million to MasterCard.