This 'world's biggest data breaches' infographic is terrifying

This 'world's biggest data breaches' infographic is terrifying

Summary: Yet beautiful.

TOPICS: Security

We've covered a great deal of the major data breaches experienced by enterprises over the last decade or so—Sony, the South Korean government, Nvidia, Honda—but there's nothing quite like looking at them together, visualized.

David McCandless, Tom Evans, Miriam Quick, Ella Hollowood, Christian Miles and Dan Hampson did just that over at Information is Beautiful, and I find the result sobering, reassuring and terrifying all at once.

Sobering, because no type of company appears to be safe from a data breach.

Reassuring, because you'd think there would be more of them in nine years' time.

Terrifying, because then you realize that the researchers only included breaches of more than 30,000 records—about the population of Juneau, the capital of Alaska—and only public ones at that. What's more, they seem to be increasing in recent years. Yeesh.

The infographic is interactive, and I encourage you to check it out and read about each particular breach. (Needless to say, it was a tough middle-of-last-decade for AOL, and a tough start to the current one for Sony.) A fine piece of work.


The group continues to solicit additions of major breaches; you can check out the underlying data here and see if anything's missing.

Related on ZDNet:

Topic: Security

Andrew Nusca

About Andrew Nusca

Andrew Nusca is a former writer-editor for ZDNet and contributor to CNET. During his tenure, he was the editor of SmartPlanet, ZDNet's sister site about innovation.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Welcome To The Reality

    And don't forget, this is the tip of the iceberg...
  • Increasing

    Could it be that the disclosure of even "smaller" ones is increasing, but the number may not actually be increasing?
    • Well, we don't know for sure.

      That's just my observation of this graphic's representation; not an observation of the actual data. The authors could very well have decided to plot more examples in recent years, though I think they're smart enough to know that it may be interpreted that way.

      But yes, there does appear to be many smaller ones now. I don't know if that's reality, representation or a changing culture in which we now find it more acceptable (or merely now expect) to make public admission of a breach.
  • no Microsoft on the list?

    • I think you find MS all over the map.

      And it wouldn't show corporate intrusions unless they volunteered to be included...

      Which would NOT be a good the for MS PR.
      • none of the names on the list strike as microsoft types

        the companies on the list "volunteered" only because they had no choice
      • OMG.

        Kind of a silly comment:

        "Which would NOT be a good the for MS PR."

        Its not good for any one of them!!

        ??? What kind of nonsense is that? It wouldn't be good for MS PR!?!?

        And why wouldn't it show corporate intrusions unless they agreed to be included? Where did that gem come from?

        I suppose Sony just said "Ya, kick us again, we deserve it!"

        Please please. Is it just so impossible that people cannot withhold their outright hatred just enough to sound rational when they post a comment?
        • Well, you notice that the penetration of MS itself isn't there.

          You know, the one that walked off with MS source code?
  • But what are the consequences?

    Breaking in for fun is one thing, breaking in for stealing emails is another, and breaking in for stealing ssn's is quite another.

    We hear quite a lot of break-un stories, but is there a similar trend in the increasing numbers of reported stolen identities?
  • Disagree with "Reassuring"

    I disagree with "Reassuring, because you'd think there would be more of them in nine years' time."

    There **ARE** more of them. The graphic says it's only "selected" losses. It's not comprehensive, nor does it claim to be such.
  • Dear god. What would Tufte say...

    ...about that graphic!? "Information is Beautiful" needs a name change, fast.