- January 2000: 300,000 credit card numbers are stolen from online music retailer CD Universe—news is leaked to the web after ransom demands are rejected.
- November 2000: Travelocity exposes data on 51,000 customers on a company web server.26
- March 2001: Bibliofind.com, an Amazon-owned service website, is breached and records of 98,000 customers are compromised.
- April 2001: Hackers announce the theft of personal data on 46,000 customers from US web hosting firm ADDR.com.
- February 2002: A former employee of US financial services firm Prudential Insurance Company is charged with stealing a database of 60,000 clients to sell online.
- March 2003: Five million credit card numbers and expiration dates are stolen from Data Processors International—an insider attack is suspected.
- June 2004: 92 million email addresses of AOL subscribers are sold to spammers.
- June 2005: 40 million credit card numbers are taken from a hacked credit card processing firm.
- May 2006: Details of 26.5 million US Army veterans are stolen by hackers.
- June 2006: Japanese telecom firm KDDI admits data on 4 million customers was leaked.
- January 2007: TJX Companies Inc., the global conglomerate that includes T.J. Maxx, T.K. Maxx, Marshalls and Winners, loses at least 45 million sets of credit card details after systems are penetrated by hackers.
- November 2007: UK HM Revenue & Customs loses detailed records of 25 million taxpayers.33
- March 2008: 12.5 million sets of records on backup tapes are lost by BNY Mellon shareholder services.
- September 2008: Two CDs containing records on 11 million people are found on a Seoul scrapheap. The data is traced to oil refinery GS Caltex.
- October 2008: T-Mobile Germany loses a hard disk containing information on 17 million customers.
- January 2009: Networks at Heartland Payment Systems are hacked, exposing data on 130,000,000 credit card users.
- May 2009: Secret information on the Joint Strike Fighter and President Obama’s personal helicopter were leaked through P2P networks.
- October 2009: Hard drives sent for repair are found to contain data on 76 million US Army veterans