If you’ve never checked out http://www.privacyrights.org, I would encourage you to do so. It’s a listing of all breaches made public from 2005 up to present, presented in reverse chronological order. They collect the information from a variety of sources.
You can filter your search by checking/un-checking various boxes on the following:
- Unintended disclosure (DISC) – Sensitive information posted publicly on a website, mishandled or sent to the wrong party via email, fax or mail.
- Hacking or malware (HACK) – Electronic entry by an outside party, malware and spyware.
- Payment Card Fraud (CARD) – Fraud involving debit and credit cards that is not accomplished via hacking. For example, skimming devices at point-of-service terminals.
- Insider ( INSD) – Someone with legitimate access intentionally breaches information – such as an employee or contractor.
- Physical loss (PHYS) – Lost, discarded or stolen non-electronic records, such as paper documents
- Portable device (PORT) – Lost, discarded or stolen laptop, PDA, smartphone, portable memory device, CD, hard drive, data tape, etc
- Stationary device (STAT) – Lost, discarded or stolen stationary electronic device such as a computer or server not designed for mobility.
- Unknown or other (UNKN)
And, by industry:
- BSO – Businesses – Other
- BSF – Businesses – Financial and Insurance Services
- BSR – Businesses – Retail/Merchant
- EDU – Educational Institutions
- GOV – Government and Military
- MED – Healthcare – Medical Providers
- NGO – Nonprofit Organizations
I ran a filter search for everything – all boxes checked, and it came up with a list of 562,854,336 records from 3188 Breaches made public fitting this criteria.
An example of 1 breach:
May 25, 2012 Serco, Inc., Federal Retirement Thrift Investment Board
Reston, Virginia BSF(industry) HACK (type) 123,201 (number of records breached)
One of the computers used by the contractor Serco to support the Federal Retirement Thrift Investment Board (FRTIB) was the target of a sophisticated cyber attack. Thrift Savings Plan participants and others who received TSP payments may have had their information exposed. However, there is no evidence that the entire TSP network of 4.5 million participants was breached. A total of 43,587 participants may have had their Social Security numbers, names, and addresses compromised. An additional 80,000 may have had their Social Security numbers and no other information compromised. The attack appears to have occurred in July of 2011 and was discovered through an FBI investigation in April of 2012.
Information Source: Databreaches.net. Records from this breach used in our total: 123,201.