In 2007, Certegy Check Services, a St. Petersburg, Florida-based financial services firm, disclosed that an employee stole customer records that included credit card, bank account and other personal information, according to Privacy Rights.
Though the company first estimated that the breach affected about 2.3 million people, later it upped the number to 8.5 million.
The employee responsible for the breach pleaded guilty to fraud and conspiracy charges and was sentenced to time in jail as well as a multi-million dollar fine.
In April 2010, Certegy agreed to donate $125,000 to the Florida Attorney General's Seniors vs. Crime Program and $850,000 for the state's investigative costs and fees related to the case.
TD Ameritrade, the Omaha-based online trading and investing company, revealed in 2007 that information for more than 6.3 million customers was stolen when one of its databases was hacked.
According to Privacy Rights, the company said at the time that names, e-mail addresses, phone numbers and addresses were lifted in the breach, which meant that customers received spam as a result.
In 2008, CheckFree Corp., an Atlanta-based online bill paying company, reported that hackers hijacked several of the company's Internet domain names and redirected customers to a Web site hosted in Ukraine that tried to install malware on peoples' computers.
At the time, the company estimated that about 160,000 people were exposed to the malicious site. But because hackers compromised the company's domain name, as many as 5 million people might have been affected, according to the Privacy Rights Clearinghouse.
Hannaford Bros. Co., a Scarborough, Maine-based supermarket chain, disclosed in 2008 that a security breach affected hundreds of its stores in the Northeast and Florida. The company reported about 1,800 cases of alleged fraud related to the breach.
According to Privacy Rights, as many as 4.2 million people could have been compromised by the intrusion, which resulted in stolen credit and debit card numbers.