Largest incidents of worldwide data loss.

Last week in Canada, Ottawa, a Montfort Hospital employee lost a USB memory stick containing the personal information of 25,000 patients. She downloaded the information from a computer at work, against the rules of the hospital and when she walked back home, she lost the USB drive. She then tried to search for it herself but couldn’t find it. With the help of her hospital team she tried another failed search attempt and after that she reported the device as missing.

Vice-president of Montfort, Philippe Marleau, said the team traced her every step but were unable to find it. He has presumed that nobody found it because normally people would contact the press or the hospital. The employee who lost the item is back at work and was not penalised or suspended because there was no illegal activity involved. She simply wanted to do some extra work at home over the weekend. According to the vice-president this is not part of their policy and the employee was not authorised to do so.

After these events, the hospital upgraded their computers with new privacy technology to stop data from being downloaded onto USB drives. All of the 25,000 patients have been sent a letter to apologise for the inconvenience caused in which a reassurance is stated that no intimate details of health issues were on the drive. The hospital received more than 200 phone calls from concerned patients, but hospital employees insist that only information related to invoicing was lost.

The loss of data at the hospital comes only a few days after a similar case in Canada, involving the federal department of Human Resources Development. The organization informed the public that six years’ worth of files with personal data, on more than half a million Canadian loans applicants, was lost. This occurred when a portable hard drive vanished in November last year and it has been confirmed that the data affects Canadian students taking a loan between 2000 and 2006.

Chantal Bemier, Canada’s assistant privacy commissioner, will investigate the incident with her team. Bemier states that privacy is in danger when companies digitally maintain their data and insists on trying to secure data storage as much as possible. A lawyer has reached out to the affected Canadians about filling in a lawsuit in response to the loss of data. The assistant privacy commissioner stated that the loss of so much personal data is unprecedented, calling it one of the biggest data loss ever seen. The question arises if this is actually true. So let’s have a look at the largest incidents of date loss worldwide:




 1 – 150 million

Shanghai Roadway D&B Marketing Services Co. Ltd

 2 – 130 million

Heartland Payment Systems

3 – 94 million

TJX Companies Inc.

4 – 90 million

TRW, Sears Roebuck

5 – 77 million

Sony Corporation


In 2012, Shanghai Roadway D&B Marketing Services Co. Ltd illegally bought and sold 150 million customers’ information. It is not known if the data was ever recovered but those responsible were arrested.

In 2009 the fifth largest credit card processor Heartland Payment Systems was affected by malicious software resulting in the loss of 130 million pieces of credit card data. Other companies that were affected by the hackers include Golden Chick, North Middlesex Savings Bank, Beverly National Bank and the Tower Federal Credit Union. The offender has been arrested but it is unknown if the data was recovered. A lawsuit followed after the loss of data.

In 2007, a hacker exposed 94 million transaction details and credit card numbers from customers of the largest off-price department store chain in the United States, TJX Companies Inc. It is unknown if the people responsible were arrested and if the data was recovered. A lawsuit followed after the loss of data.

In 1984 hackers access credit-reporting database TRW, Sears Roebuck which resulted in the loss of 90 million pieces of credit card data. A lawsuit followed, but it is unknown if the data was ever recovered and if an arrest followed.

In 2011 Sony Corporation was hacked and this resulted in the loss of 77 million customer names, email addresses, birthdays, addresses, PlayStation login details, passwords, purchase history, profile data and possibly credit cards were obtained. A lawsuit followed but it is not known if an arrest occurred or if the customer data was recovered.

As we can see what happened in Ottawa is not unique. Unfortunately loss of data is happening all the time and it can affect millions of people.

[author ]About the author: Rens is a blogger currently researching safe peer to peer file sharing.[/author]

Share on TwitterShare on FacebookShare on LinkedInPin it on PinterestSubmit to redditShare on Tumblr

Written by Guest Contributor

Leave a Reply