5 Largest Data Breaches of 2015

Although cyberattacks seem to make the news every week, incidents are down slightly from last year. Here is a list of the ones that garnered headlines.

by Chelsey Levingston, Dayton Daily News, Ohio / December 1, 2015

(TNS) -- As 2015 nears an end, the tally of U.S. data breaches has reached an estimated 690 incidents as of Nov. 24, down about 2.5 percent from the 708 breaches recorded during the same time period last year, according to the nonprofit Identity Theft Resource Center.

The counseling center compiles media reports and records obtained from federal sources and state attorneys general to come up with the count. It’s likely the actual number of breaches is greater due to delayed reporting or businesses unaware their systems are compromised, according to the California-based nonprofit.

These reported incidents add up to an estimated 176.2 million compromised records so far this year exposing personal and financial information, according to the center. However, some incidents tracked by the nonprofit affect an unknown number of records.

Find below the list of the five largest known breaches of 2015. The ranking was provided by Identity Theft Resource Center.

1. Anthem Inc., 78.8 million records

The Indianapolis-based health insurer — whose Ohio division is the largest commercial health plan in the state — learned of a cyberattack to its information technology system at the end of January,

According to the resource center, nearly 80 million records were compromised, which Anthem said could have impacted current and former members of its health plans.

2. U.S. Office of Personnel Management, more than 25 million records

The federal office this year discovered two separate but related cybersecurity incidents.

In June, officials found background investigation records of current, former and prospective federal employees and contractors had been stolen including Social Security numbers of approximately 21.5 million people, Also earlier this year, personnel data of 4.2 million current and former federal government employees had been stolen, according to the government office.

3. T-Mobile/Experian, 15 million records

Credit reporting bureau Experian learned in September an unauthorized party accessed T-Mobile data housed in a server affecting approximately 15 million records.

Records containing a name, address, Social Security number, date of birth, identification number and additional information used in T-Mobile’s credit assessment were accessed, according to an online fact page about the incident at www.t-mobile.com/landing/experian-data-breach-faq.html. No payment card or banking information was obtained, according to the companies.

4. Premera Blue Cross, 11 million records

The northwestern U.S. health insurer discovered at the end of January a cyberattack on its technology system affecting Premera Blue Cross, Premera Blue Cross Blue Shield of Alaska and affiliate brands Vivacity and Connexion Insurance Solutions Inc.,

5. Excellus Blue Cross Blue Shield/Lifetime Healthcare Companies, 10 million records

Excellus BlueCross BlueShield, an independent licensee of the Blue Cross Blue Shield Association, learned in August cyberattackers had gained unauthorized access to its technology systems. Additionally, the investigation revealed that the initial attack occurred on Dec. 23, 2013, according to the company. The incident exposed an estimated 10 million records, according to Identity Theft Resource Center.

©2015 the Dayton Daily News (Dayton, Ohio) Distributed by Tribune Content Agency, LLC.