All Data Breaches of all time – An Alarming Timeline

It is the responsibility of website owners, online businesses, payment companies, and banks to safeguard the personal information we provide.

Because we’ve used their internet service and given them our business, they should at least thank us. Yet, on almost a monthly basis, we learn that hackers have breached the security of huge companies and have stolen a lot of their consumer data. The past year has seen a series of publications exposing privacy concerns and VPN data leaks. In investigations, researchers found bad coding errors caused the exposure of up to 20 million users’ personal information.

For example, in the last 12 months, 88% of UK’s security companies have experienced some sort of data breaches. Therefore, you should always use the best VPN services for UK to protect your personal information.

The following is a comprehensive list of all data breaches of all times – an alarming timeline that will make you aware of the threats of data breaches.

Capital One (2019)

In 2019, 106 million people’s names were exposed through a data breach at Capital One. The stolen data contained payment histories, names, credit scores, addresses, and more.

Hackers made off with 1 million Canadian social insurance numbers, 80,000 bank account numbers,  140,000 social security numbers, and credit card applications dating back to 2005 due to a breach.

MySpace (2016)

At an unknown time, MySpace was hacked. The vast majority of people have abandoned it. At the time, 360 million login details were leaked online, so Facebook’s predecessor had been hacked before 2016.

It is true that few people use MySpace anymore (it is a site for musicians and artists), but the passwords that were leaked worked on other sites as well. It’s the main reason why you need to use a different password for every account you have.

Heartland Payment Systems (2009)

At least 100 million people were affected by this hack, which went undetected for eight months. In order to produce new physical cards, hackers accessed enough information. A total of $140 million in fines and penalties was imposed on Heartland Payment Systems. The hacker, Albert Gonzalez, received 20 years in prison for the attack, which he will serve concurrently with a sentence of the same length for hacking into a second business.

Equifax (2017)

Credit agencies have also been hacked. Equifax’s reputation was severely damaged because of this 2017 hack that exposed credit card numbers and dispute documents. In total, 143 million records were hacked, including 14 million from the United Kingdom.

Further, the crisis management was poor, with various figures given and assertions that passwords were not stolen when they were. As a result of the controversy, Equifax’s chairman and CEO, Richard Smith, resigned.

Marriott Hotels (2018)

The Marriott Hotels organization was hacked in 2018, affecting 500 million customers. This compromised sensitive data, including travel plans and passport numbers, difficult to access by thieves.

Marriott Hotels was subjected to yet another data breach in 2020, this time exposing up to 5.2 million accounts between January and February.

Facebook (2019)

You can even lose access to your Facebook account due to data breaches. In 2019, it was discovered that third-party apps exposed 540 million account information. Data was left unencrypted on Amazon cloud servers used by the apps.

This happened after the Cambridge Analytica debacle, which suggests that Facebook hadn’t learned its lesson. In fairness, the information was in the hands of third parties who had neglected to encrypt it. However, this event once again highlights Facebook’s cavalier attitude toward user data.

Friend Finder Network (2016)

The dating and adult entertainment sites of Friend Finder Network made headlines when it was discovered that over 15 million apparently erased profiles had not been purged from the database. A data breach affecting 412 million accounts exposed the data of active customers as well.

Some of the smaller sites hacked in 2016 included,,  AdultFriendFinder, and others. It appears that the leaked accounts came from the late 1990s.

Yahoo (2014 & 2017)

500 million Yahoo accounts were exposed in the Yahoo breach of 2014. Besides obtaining passwords and security questions encrypted, hackers also acquired personally identifiable information.

Yahoo reported that the breach was carried out by a “state-sponsored actor,” meaning Russia, China, or North Korea. It was only two years later that the breach was acknowledged, suggesting that it was the result of a cybercrime gang.

Yahoo has been breached twice by big data. There was a hack in 2013, which essentially exposed the entire user database. Confirmation came in 2017 following an extensive study of four years.

Further, the once-popular webmail and search engine didn’t disclose the full extent of the breach until March 2017, ten months after initially saying that only 1 billion records had been compromised.

First American (2019)

Eighty-five million records were exposed in First American’s breach in 2019. Social bank account numbers, mortgage documents, security numbers, and wire transfers were all exposed.

A complete lack of security left accounts dating back to 2003 exposed. First American’s document URLs are easy to learn for anyone interested in viewing a record. It’s bad enough that they were exposed to the internet rather than being safely stored on an intranet. There is no encryption at all, and this is unacceptable.

LinkedIn (2012)

The LinkedIn website was hacked by a Russian in 2012, and 167 million credentials were stolen. According to the original estimate, the number of leaked passwords totaled 6.5 million, but the true scope of the breach wasn’t realized until 2016 when a dark web marketplace called Motherboard discovered millions of passwords.

JP Morgan Chase (2014)

JP Morgan Chase was the target of a cyberattack in 2014 that exposed 83 million client accounts. The phone numbers, emails, and names of two-thirds of American households were stolen. Hackers accessed the company’s servers over a period of two months before being identified as part of the network.

The Takeaway

Clearly, there were many other breaches that were not addressed, but we hope you got an overview of all data breaches of all times – an alarming timeline.  The rapid digitalization of business will increase these incidents, and firms without solid cybersecurity strategies will continue to face cyberattacks.