4. Heartland Payment Systems - $140 million
Heartland Payment Systems, a payment processor based in Princeton, N.J., was the victim of a major cyber attack in 2008. Criminals installed spying software on the company’s computer network and stole the numbers of as many as 100 million credit and debit cards. Albert Gonzales, a hacker from Miami, was accused of playing a critical role in the Heartland hack, as well as other massive data breaches of companies including retailer TJX, 7-Eleven, Inc., and the grocery chain Hannaford Bros. Co. Inc. In 2010, Gonzales was sentenced to 20 years in federal prison. The company paid about $140 million in fines and settlements but recovered tens of millions through insurance, Business Insurance reports.