Data can be powerful to help consumers, to prevent fraud, align consumers with benefits, to grow small businesses, and so much more. CDIA members are responsible stewards of the data in their charge and that data is often regulated by a variety of federal and state privacy and security laws.

Data breaches do happen and the subjects of those breaches might be surprising to some people. In May 2022, the Visual Capitalist published an infographic, Visualizing The 50 Biggest Data Breaches From 2004–2021. Among the findings illustrated in the presentation is “the largest data breach [which] occurred in 2013 when all three billion Yahoo accounts had their information compromised. In that cyberattack, the hackers were able to gather the personal information and passwords of users. While the full extent of the Yahoo data breach is still not fully realized, subsequent cybercrimes across the globe have been linked to the stolen information.”

The findings also ranked the top ten breaches between 2004 – 2021 as against Yahoo, River City Media, Aadhaar, First American Corporation, Spambot, Linkedin, Facebook, Yahoo, Marriott International, and Syniverse. Breaches 11 – 20 were against Facebook, Friend Finder Network, OxyData, MySpace, Exactis, Twitter, Airtel, Indian citizens, Wattpad, Microsoft.

The Identity Theft Resource Center‘s 2021 Data Breach Report lists the top breached industries in the U.S. in 2021:

Industry Breach Events No. of Victims
Manufacturing & Utilities 222 49,775,124
Technology 79 44,035,156
Healthcare 330 28,045,658
Professional services 184 22,697,765
Financial Services 279 19,745,846