The Year in Data Breaches
Banks and merchants have been building their defenses against hackers for years, but it hasn't been enough. They were still the targets of several major breaches in 2011, affecting millions of consumers.
Sony disclosed in April that the personal information of up to 77 million users of its online gaming network was affected in a data breach. Though there were anecdotal reports of credit-card misuse following the PlayStation Network breach, Sony maintained that most users were not at risk for financial fraud.
The crafts retailer reported in May that it had suffered a widespread breach of its customers' card data. The company discovered tampering with the PIN pads at its checkout lanes in stores across 20 states. Michaels required its customers to make signature-based transactions until the affected devices were replaced.
The breach at EMC Corp.'s RSA Security was particularly chilling, since so many banks and other companies rely on its one-time-password tokens to secure their systems. In the breach's aftermath RSA offered to replace 40 million of its SecurID tokens at 30,000 companies.
Citi reissued over 200,000 cards after a May website breach it disclosed in June. About 360,000 of its 23.5 million North American card accounts were affected altogether. In August, an unrelated data breach at a merchant led Citi to again reissue some of its customers' cards.
There's no such thing as "low-value" data. Email addresses may not be enough by themselves to use for identity theft, but when the client list for Epsilon, the email marketing unit of Alliance Data Systems Corp., was exposed in April, many feared that the email addresses could be paired with knowledge of Epsilon's client affiliations to create extremely targeted and extremely effective phishing attacks.
The company behind the popular PC game distribution service Steam disclosed a breach in November of the encrypted payment details of its 35 million customers. Though this breach affects a smaller number of people than Sony's PlayStation Network breach did, Steam users are more likely than PSN users to have linked a credit card to their account.
PhotosBest of BankThink 2015: Readers' Choice
PhotosBest of BankThink 2015: Editors' Choice
Photos'Tech Can Reinvent Banking or Dispose of It': Comments of the Week
Photos'Facebook Should Roll Up the Banking Sector': Comments of the Week
PhotosIs BSA Becoming a 'Bank Surveillance Act'?: Comments of the Week
PhotosAre the Big Banks Open for Small Business Lending?
Photos'Capital Has Consequences': Comments of the Week
Photos'Might as Well Start Paying the Fines Now': Comments of the Week