579.

That's the number of data breaches that have occurred in 2014,as of Sept. 30, according to the ID Theft Resource Center, anonline educational site on fraud, idenity theft and databreach.

It seems we can't go more than a week without hearing about ahigh-profile data breach. Jimmy John's was the last, and the restaurantchain isn't fessing up to how many records were exposed, only that216 stores were affected.

Criminals hacked into some of these companies' networks, andother data breaches occurred due to shoddy risk managementpractices (looking at you, IRS). Take a look at the top 10breaches, by number of records stolen, in the past 12 months.

10. P.F. Chang's China Bistro

When: March to May 2014

Records stolen: Unknown, thought to be thousands

Type of information stolen: Criminals hacked into 33 of thechain's point-of-sale machines and stole credit and debit carddata, which found its way onto the black market. In some cases,personal idenfication such as name and the card's expiration datealso was acquired. The value of a stolen record? Between $18 and$140 on the online black market.

Related: Read "P.F. Chang's IDs restaurants hit by databreach"

9. Neiman Marcus

When: July 2013 to October, made public in January 2014

Records exposed: 1.1 million

Type of information stolen: Debit and credit card numbers

8. Viator

When: September 2014

Records exposed: 1.4 million

Type of information stolen: The tours and activites provider,which has been acquired by TripAdvisor, reported a data breachaffecting its websites and mobile offerings. Customers' credit anddebit card numbers, email address and other personal informationwas stolen.

7. IRS

When: Unknown, but made public in August 2014

Records exposed: 1.4 million

Type of information stolen: Not "stolen" in this case, as theIRS brought this leak upon themselves (and any taxpayer). The IRSprovided a printer services contractor a compact disc containingtaxpayer names, addresses and Social Security numbers. None of thecontractor personnel who worked on this contract were subject to abackground investigation.

That's not the only problem at the IRS. An employee has beencriminally charged with storing personal information of more than20,000 taxpayers on his home computer, which ended up on Googleback in March.

6. Michaels Stores

When: May 8, 2013, to Feb. 27, 2014

Records exposed: 2.6 million

Type of information stolen: Credit and debit card information,hacked through the chain's point-of-sale systems. Personalinformation–names and addresses–were not stolen.

5. Community Health Systems

When: April to June 2014, made public in July 2014

Records exposed: 4.5 million

Type of information stolen: Patient names, physical addresses,birth dates, telephone and social security numbers stolen fromCommunity Health Systems, which operates 206 hospitals across thecountry 

Read: "Hospital hacks: The new gold mine for datathieves"

4. Home Depot

When: April to September 2014

Records exposed: 56 million

Type of information stolen: Malware installed on cash registerssyphoned credit and debit card numbers.

Read "HomeDepot data breach victims' bank accounts drained" 

3. Target Corp.

When: November to December 2013

Records exposed: 70 million

Types of information stolen: Credit and debit card infrormationfrom 40 million accounts, and personal information–names, physicaladdresses–from up to 70 million customers.

Read: "Target warns data breach could hurt futureprofit"

2. JP Morgan Chase

When: June to July 2014

Records exposed: 76 million household accounts, 7 million smallbusiness accounts

Types of information stolen: Names, physical addresses, phonenumbers and email addresses of account holders. It is not clear whythe hackers chose to hunt for customer information, instead offinancial data.

Read "JP Morgan Chase, four other banks, hit byhackers"

1. eBay

When: February 2014, made breach public in May 2014

Records exposed: 145 million 

Types of information stolen: Hackers stole eBay credentials"from a small number of employees" to gain access to personaldata. Usernames, passwords, real names, email addresses,physical addresses, phone numbers, birthdates were stolen.Financial information was not affected. The online marketplace hasnot confirmed who is behind the attack, but the Syrian ElectronicArmy claimed responsibility.