Fidelity National Information Services (FIS), a large banking services company, was hacked in 2011 and information from that breach was used in a $13 million ATM theft.  Initial reports said damage was limited to a small portion of its organization.  Subsequent audit reveals a much larger breach plus apparently poor management of its incident response.

• More than $100 million spent in response to breach
• An FDIC audit showed that since the breach & response that many machines still have default, no, or poor passwords
• An FDIC vulnerability scan found over 10,000 instances of default passwords in use
• FDIC report in November 2012 shows 18,747 network vulnerabilities and 291 application vulnerabilities presented as past due

More here