Updated Friday, Oct. 2

A massive data breach at the credit rating bureau Experian has exposed the personal information of about 15 million people who applied for T-Mobile service between 2013 and 2015. It’s just another data breach in what has been a constant drumbeat of new hacks. It seems no one is safe–or at least, no one who has health insurance, a job, or shops at large retail stores. Here’s a breakdown of the largest groups of vulnerable people in the past two years:

Healthcare customers: Security experts warned in February that 2015 would be the year of the healthcare hack, and those forecasts have proven right. At the end of January, as many as 11 million Premera Blue Cross customers were affected by a hack. Anthem announced the following month that almost 80 million current and former customers’ personal information had been breached. In May, CareFirst BlueCross BlueShield, serving Maryland, Washington and Virginia, announced 1.1 million of its customers’ personal information had been compromised. UCLA Health System announced a data breach in July affecting 4.5 million people. In September, Excellus BlueCross BlueShield, based in upstate New York, said as many as 10 million people’s personal records had been exposed.

Ashley Madison users: Hackers stole and, in August, posted online the information for around 32 million users of the dating site, which is designed for married people looking for affairs.

Government employees: The hack, announced in June, impacted 21.5 million people who had a government background check, including government employees and some of their family members. More than 5 million fingerprints were also exposed–a security risk for spies abroad. The hack was so extensive that the United States reportedly pulled spies from China on Tuesday, since their identities may have been discovered.

Sony employees: Huge troves of company data were stolen and posted online, including sensitive executive emails, employees’ personal information, and copies of upcoming films. The hack led to the resignation of Amy Pascal, Sony’s co-chairman.

Home Depot shoppers: Last September, Home Depot announced it had been hacked, and 56 million payment cards were compromised, as well as 53 million email addresses.

JP Morgan customers: The information for 83 million customers and small businesses was compromised in a hack revealed in August 2014.

EBay users: In a hack reported in May of 2014, personal information for more than 145 million active users–including login credentials and physical addresses–was compromised.

Target shoppers: In December 2013, 110 million customers’ personal and financial information was exposed.