The top 7 breaches of 2015

  1. Excellus BlueCross BlueShield: The Excellus BlueCross BlueShield hack was the third-largest healthcare breach of 2015, exposing personal data from more than 10 million members after the company’s IT systems were breached, beginning as far back as December 2013.
  2. Premera Blue Cross: Premera announced its cyberattack, affecting the data of more than 11 million members, just one month after the Anthem Blue Cross breach. The company discovered the cyberattack in January, but the initial breach occurred in May 2014. Employees of Microsoft, Starbucks and Amazon were some of the customers affected.
  3. VTech: Marking the first breach to directly affect children, in November an unauthorized party obtained customer data from the Learning Lodge app store and Kid Connect servers, exposing the data of more than 6 million children and nearly 5 million parent accounts.
  4. Experian/T-Mobile: Attackers breached one Experian North America business unit server, containing the personal data of about 15 million T-Mobile customers. The cause was T-Mobile sharing customer information with Experian to process credit checks or financing.
  5. OPM: The personal information of more than 21.5 million citizens, including 5.6 million fingerprint records was compromised from the Federal Office of Personnel Management cyberattack, exposing 19.7 million individuals who applied for security clearances, 1.8 million relatives and other government personnel associates and 3.6 million current and former government employees.
  6. Ashley Madison: The Impact Team hacker group accessed the Ashley Madison user database, revealing financial records and other proprietary information, including the personal data of 37 million users. The group’s manifesto uncovered the “full delete feature” was false and personal information of its users was kept on file.
  7. Anthem: In February, Anthem made history as the largest healthcare breach ever recorded. Initially, Anthem estimated approximately 78.8 million highly-sensitive patient records were breached, but that quickly increased to an additional 8.8 to 18.8 million non-patient records. Anthem’s attack was just the first of many healthcare breaches of 2015; CareFirst BlueCross BlueShield and the UCLA Health Systems were also hacked.