Talk:List of data breaches

Latest comment: 21 days ago by McYeee in topic List too long, should consider a threshold

Historical perspective / earlier breaches

edit

Currently the earliest breach listed is 2004. Large breaches may be well covered, but I'd like to see more info supporting a historical perspective. E.g. at what point in the History of Technology should the potential for data breaches have changed people's fundamental strategic thinking about what can and cannot be "secret" or safe anymore? At what point were such volumes of critical or consumer data being amassed digitally such that breaches could be significantly damaging? At what point were storage densities high enough and portable enough to be a risk? At what point were networks interconnected enough with common protocols and operating systems to be at risk?

I don't mean that this article should answer those questions directly, but that a list of indicative early breaches (they don't have to be huge, just significant in some interesting way) should provide insight to such questions. It would also be nice to have some estimates (probably an extremely rough range) of what % of breaches are suspected to have gone completely undetected, to give further insight into the incompleteness of any such list. DKEdwards (talk) 19:06, 12 January 2021 (UTC)Reply

For example, this site: https://searchsecurity.techtarget.com/feature/Data-breach-protection-requires-new-barriers says: "In 1984 the global credit information corporation known as TRW (now called Experian) was hacked and 90 million records were stolen." That sounds like a very significant example. DKEdwards (talk) 20:48, 12 January 2021 (UTC)Reply

Comcast/xfinity NOT listed... why?

edit

Comcast has been hacked numerous times (not all listed): in 2015, 2020, 2021, 2022.

In December 2020 alone, 1.51 BILLION records were hacked.

Is Wikipedia or the author of this article afraid of or somehow restrained by Comcast for some reason?

River City media is also not listed - January 2017 1.24 BILLION 2601:601:D27F:3630:509F:86D7:D2F4:4E62 (talk) 16:13, 31 January 2024 (UTC)Reply

Epsilon breach

edit

I don't think the 2011 Epsilon data breach has proper coverage on Wikipedia. Reportedly 60 million private details leaked.[1] Often listed as the 'worst data breach of its time'.[2]

References

  1. ^ Michael Gordover (March 2015). "Throwback Hack: The Epsilon Email Breach of 2011".
  2. ^ "Top 10 most expensive data breaches". Mission Critical Magazine.

Tule-hog (talk) 00:41, 27 July 2024 (UTC)Reply

National Public Data security breach

edit

There needs to be more information incorporated regarding the enormous security breach experienced by National Public Data, exposing 2.9 billion people's personal information, including full social security numbers and several decades of other information. The information has been found available for sale on the dark web. Unfortunately, I lack the expertise to include this breach in the table/listing. Thank you BlkMtn (talk) 03:39, 10 September 2024 (UTC)Reply

It exposed 2.9 billion "lines of data", but that doesn't correlate to number of people affected, since one person can be represented by multiple lines. Given the US population is under 400 million, we clearly need a better number to say how many were affected. Masem (t) 04:02, 10 September 2024 (UTC)Reply

List too long, should consider a threshold

edit

Given how small and trivial some of these leaks are compared to others, I think we need to trim the list to leaks where at least 100,000 people or records were affected, at least as a starting point. — Masem (t) 13:34, 17 October 2024 (UTC)Reply

The problem is that leak size is not the same as link damage: the Mermaids breach is a good example of how only a very small number of people <1000 were part of a very notable breach https://www.digitalhealth.net/2021/07/mermaids-fined-ico-data-protection-breach/ Joe (talk) 15:11, 17 October 2024 (UTC)Reply
I _do_ think that there is milage in merging at least some of: this article; https://en.wikipedia.org/wiki/List_of_cyberattacks, https://en.wikipedia.org/wiki/List_of_phishing_incidents, and https://en.wikipedia.org/wiki/List_of_security_hacking_incidents - having all four lists seems like overkill. Joe (talk) 15:15, 17 October 2024 (UTC)Reply
If we trim this page, it seems like it might make sense to spin out content by country for breaches involving governments and by sector for the companies. McYeee (talk) 20:39, 4 November 2024 (UTC)Reply