Epsilon – Name and email address breach

Hackers targeted email marketing business Epsilon in 2011, stealing thousands of identities and email addresses. The hack has been dubbed "the worst of its type." Unknown attackers stole into one of Epsilon Interactive's email servers, gaining access to the identities and email accounts of some of its 2,500 business clients, according to the company. The number of accounts compromised in the hack has not been revealed by Epsilon. According to some reports, it is the greatest data breach ever, with tens of millions of email addresses potentially exposed.

Scammers will be able to create authentic-looking email communications that appear to come from a bank or other business with which the user has an established connection using the stolen information. The emails will attempt to persuade recipients to divulge personal information such as usernames and passwords for bank accounts and other internet accounts, or to download malware onto their computers. Epsilon's clients, including Best Buy, JPMorgan Chase, and Target, incurred approximately $5 million in consumer notification, settlement, and compliance fees as a result of this. As a result of the attack, Epsilon has lost up to $4 billion (£3.1 billion).

Cost: £3.1 billion