Network World shares most significant data breaches for 2014 so far, in terms of number of users impacted:
1. eBay – The online retailer suffered one of the biggest data breaches yet reported by an online retailer. The breach is thought to have affected the majority of the company’s 145 million members, and many were asked to change their passwords as a result.
2. Michaels Stores – The point-of-sale systems at 54 Michaels and Aaron Brothers stores “were attacked by criminals using highly sophisticated malware” between May 2013 and January 2014. The company said up to 2.6 million payment card numbers and expiration dates at Michaels stores and 400,000 at Aaron Brothers could have been obtained in the attack.
3. Montana Department of Public Health and Human Services – The server held names, addresses, dates of birth and Social Security numbers on roughly 1.3 million people, although the department said it has “no reason to believe that any information contained on the server has been used improperly or even accessed.”
4. Variable Annuity Life Insurance Co. – A former financial adviser at the company was found in possession of a thumb drive that contained details on 774,723 of the company’s customers.
5. Spec’s – A 17-month-long “criminal attack” on the Texas wine retailer’s network resulted in the loss of information of as many as 550,000 customers.
6. St. Joseph Health System – A server at the Texas health care provider was attacked between Dec. 16 and 18 last year. It contained “approximately 405,000 former and current patients’, employees’ and some employees’ beneficiaries’ information.”