Data Loss Source: Heartland Payment Systems Inc., a credit-card processor, disclosed a data breach that analysts said may rank among the biggest ever reported. Cyber criminals compromised its computer network, gaining access to customer information associated with the 100 million card transactions it handles each month.
Date of Breach: January 18, 2008
Size of Loss : Unknown
Affected Individuals: Customers
Geographic Focus: Seattle, WA
Data contained: The data compromised include the information on a card’s magnetic strip — card number, expiration date and some internal bank codes — that could be used to duplicate a card.
Additional Notes: Robert Baldwin, Heartland’s president and chief financial officer, said it was too early to say how many records were accessed and that calling it the largest-ever breach would be “speculative.”
Additional Information: Wall Street Journal

Data Loss Source: Hosting provider The Planet detected a security breach that may have affected the customer portal account and server passwords.
Date of Breach: Oct. 17, 2008
Size of Loss : 25,000
Affected Individuals: The Planet customers
Geographic Focus: U.S.
Data contained: Customer portal log-in names and passwords.
Additional Notes: The Planet identified the methods by which the systems were compromised and have closed those holes. Only two user accounts were definitely affected, and no credit card information is believed to have been compromised.
Additional Information: Web Host Industry News

Data Loss Source: Investigators found credit card numbers blowing in the wind. These piles and papers contained hundreds of old receipts from Domino’s Pizza stores. The former owner had been discarding boxes of old records and somehow all those receipts got loose.
Date of Loss: June 1, 2008
Size of Loss : 6,000,000
Affected Individuals: Domino’s customers
Geographic Focus: Tucson, AZ
Data contained: Credit card numbers and names on receipts dating back to several years ago.
Additional Notes: Tucson Police and several officers came to collect the records we found and have them destroyed.
Additional Information: KVOA.com

Data Loss Source: Personal information on about 650,000 customers of J.C. Penney and up to 100 other retailers could be compromised after a computer tape went missing. GE Money, which handles credit card operations for Penney and various other retailers, said that the missing information includes Social Security numbers for about 150,000 people.
Date of Loss: January 15, 2008
Size of Loss: 650,000
Affected Individuals: Credit card holders
Geographic Focus: United States
Data contained: Names, addresses, and Social Security numbers.
Additional Information: Associated Press

Data Loss Source: A Massachusetts chain of restaurants, called Not Your Average Joe’s, was targeted by an individual or individuals seeking to illegally obtain credit card data.
Date of Loss: Oct. 24, 2007
Size of Loss: Unknown
Affected Individuals: Restaurant customers
Geographic Focus: Massachusetts
Data contained: “The activity occurred largely between early August and late September; there has been no evidence of any fraudulent activity subsequent to September 29,” the company said. “Based on preliminary conversations with the credit card companies, it appears that this issue has impacted significantly fewer than one percent of the nearly 350,000 customers we served during that period. Investigations indicate that no member of the Not Your Average Joe’s staff was involved.”
Additional Information: Boston Business Journals