![This photo taken on August 4, 2020 shows Prince, a member of the hacking group Red Hacker Alliance who refused to give his real name, using his computer at their office in Dongguan, China's southern Guangdong province. - From a small, dingy office tucked away in an industrial city in southern China, one of China's last "volunteer hacker" groups maintains a final outpost in its patriotic hacking war. (Photo by NICOLAS ASFOURI / AFP) / TO GO WITH China-hacking-security,FOCUS by Laurie Chen / The erroneous mention[s] appearing in the metadata of this photo by NICOLAS ASFOURI has been modified in AFP systems in the following, we removed the HOLD HOLD HOLD in the main caption. Please immediately remove the erroneous mention[s] from all your online services and delete it (them) from your servers. If you have been authorized by AFP to distribute it (them) to third parties, please ensure that the same actions are carried out by them. Failure to promptly comply with these instructions will entail liability on your part for any continued or post notification usage. Therefore we thank you very much for all your attention and prompt action. We are sorry for the inconvenience this notification may cause and remain at your disposal for any further information you may require. (Photo by NICOLAS ASFOURI/AFP via Getty Images)](https://media.cnn.com/api/v1/images/stellar/prod/210621154549-hackers-keyboard.jpg?q=x_0,y_131,h_1419,w_2523,c_crop/w_250)
Data breaches and hacks have become facts of life in the 21st century.
The most recent hack involves Capital One. The bank said Monday that a hacker gained access to more than 100 million of its customers’ personal information. The breach potentially compromises people’s Social Security numbers, bank account numbers, addresses, credit scores and limits, among other data.
That number is huge, but it’s not the worst breach ever.
1. Yahoo!
Yahoo’s epic, historic data breach in 2013 compromised 3 billion people in total. The company revealed in 2017 that the accounts for every single customer during that time had been breached, including users of Tumblr and Flickr.
Altaba, what’s left of Yahoo after the company sold most of its properties to Verizon, paid $35 million last year to settle charges that it misled investors about the hack.
2. First American
First American Financial Corp., an American real estate and mortgage insurer, revealed in May 2019 that it left 900 million sensitive customer files exposed.
The trove of digital documents that could have been accessed included private information, such as Social Security numbers and bank accounts. But it’s not clear if any of the files were improperly accessed.
3. Facebook
In April, researchers discovered a vast collection of data on Facebook users was publicly exposed on Amazon’s cloud computing servers.
Two third-party Facebook (FB) app developers were found to have stored user data on Amazon’s servers in a manner that allowed it to be downloaded by the public, according to a report from UpGuard, a cybersecurity firm.
It was one of many data breaches that Facebook has announced over the years. The Federal Trade Commission announced last week a $5 billion settlement with the company over how the company lost control over massive troves of personal data and mishandled its communications with users.
4. Marriott
Marriott (MAR) said last year that someone had gained “unauthorized access” to its guest reservations system for nearly five years. Approximately 500 million guests’ information could have been accessed, which includes names, passport numbers and credit card details.
The hotel chain faces a $124 million fine for failing to protect customer data from UK regulators under Europe’s tough new privacy rules, called General Data Protection Regulation.
5. Adult FriendFinder
Swinger website Adult FriendFinder said in 2016 that as many as 412 million users had their personal information exposed — the company’s second hack in a year.
6. Equifax
Equifax (EFX) disclosed in 2017 that personal information of as many as 143 million people was compromised. This breach was particularly alarming as Equifax (EFX) is one of the major companies that tracks credit histories of almost all Americans and sell that sensitive information to banks, credit card companies and other clients.
The company recently reached a deal to pay up to $700 million to state and federal regulators to settle probes related to the incident, the largest settlement ever paid for a data breach.
7. Capital One
A hacker named Paige Thompson is accused of breaking into a Capital One (COF) server and gaining access to 140,000 Social Security numbers, 1 million Canadian Social Insurance numbers and 80,000 bank account numbers, in addition to an undisclosed number of people’s names, addresses, credit scores, credit limits, balances and other information, according to the bank and a US Department of Justice complaint filed Monday.
In total, more than 100 million Capital One customers’ accounts could have been compromised.
