The UK’s Biggest Data Breaches
It’s tempting to believe that important data breaches only happen in the US and the figures tend to bear that out – the US accounts for the overwhelming majority of the really big data breaches that have been made public, some of them absolutely vast. But US laws and regulations force organisations to admit to data breaches involving the customer, something which is not true in all countries.
In the UK, the most important piece of legislation organisations must worry about was the Data Protection Act and the possibility of fines by the information commissioner (ICO). Now, with the General Data Protection Regulation in full force across the EU (and being mirrored by the UK with the Data Protection Bill), businesses found not to have adequately disclosed breaches or protected their users face enormous fines.
With credentials being bought and sold on the dark web for serious money, significant breaches – often in the millions, and sometimes including card data – seem to be more and more commonplace.
Below we offer what we believe are the most significant data breaches to hit the globe, not in all cases because they were particularly large but because of the type of attack or vulnerability involved or the sensitivity of the data compromised.
This list is in chronological order.
More than 3.4 terabytes of data and 70 million documents from FIFA, containing numerous allegations of corruption, was leaked to German magazine Der Spiegel by the Football Leaks organisation in November.