PRC’s six most significant data breaches of 2011 are:

1. Sony PlayStation. An external intrusion on its network and music service caused Sony to block users for seven days. Hackers gained access to 101.6 million records.
2. Epsilon. The email service provider reported a breach of 75 client companies. Conservative estimates of the number of customer emails breached are 50 to 60 million.
3. Sutter Physicians Services/Sutter Medical Foundation. A company-issued desktop computer was stolen from Sutter’s Medical Foundation offices. More than 4 million patients had their information exposed.
4. Texas Comptroller’s Office. Data from three state agencies ended up on a public server and was there for nearly a year before the exposure was noticed.
5. Health Net. Nine data servers went missing. The servers contained personal information for more than 1.9 million current and former policy owners.
6. Tricare Management Activity, Science Applications International Corporation. Backup tapes of patient data from the military health system spanning nearly two decades were stolen from the car of an employee who was transporting the data.

Follow HFN associate editor Stephanie Bouchard on Twitter @SBouchardHFN.