Top 5 User Data Breaches


Number 1 – YAHOO

The biggest user data attack ever, which occurred in 2013, affected more than 3 billion Yahoo accounts.
It was previously stated by Yahoo back in 2013 that “only” 1 billion user accounts were impacted by the hacking scandal, however, in 2017 it publicly announced that the correct number was in fact a staggering 3 billion.
This dramatic incident took Yahoo almost 3 years to reveal and more than 4 years of investigation. The new acquired intelligence discovered that every single Yahoo account that existed until 2013 was hacked.
The data hacks included personal names, emails, phone number, birth dates, and passwords. The hackers were so deep in the system that they also managed to compromise the secret questions and answers of the users.
Yahoo was sold to Verizon in June 2017. The original deal got cut by 350 million because of the data breach.    

Number 2 – EQUIFAX

The second biggest cyber security breach occurred in September 2017 and affected more than 145.4 million Equifax consumers. This is the breach with the most sensitive data hacked till date.
Equifax is one of the major American credit bureau agencies. It deals with the collection and aggregation of information on over 800 million individual consumers and more than 88 million businesses worldwide.
It is believed that hackers exploited a vulnerability in one of Equifax website applications and accessed the personal information of its credit consumers.
The number was previously disclosed as an estimated of 143 million, but after a forensic review by a cybersecurity firm, an additional 2.5 million consumers were acknowledged to be affected.
The reported attack led to the exposure of personal data and identity theft of half of America’s population. Exposed data included social security numbers, addresses, dates of birth, driver’s license data, and in certain cases, credit card details.

Number 3 – EBAY

In late February and early March 2014, cyber criminals managed to infiltrate massive personal data of more than 145 million active Ebay customers.
The exposed data included basic information - personal names, phone numbers, emails, dates of birth, mailing addresses and passwords of the victims involved. Fortunately, credit card details and other financial information were not compromised during the attack. This was evaded thanks to the encrypted data from secure third-party services involved - such as Paypal.
After a thorough investigation from leading security experts it was acknowledged that the hackers raided the Ebay corporate network by using the credentials of 3 company employees who had access the user database. A company spokesperson stated that the hackers managed to copy ‘a large part’ but not the entire database.
A consumer privacy lawsuit was filed later as Ebay Inc failed to secure the identity information of its customers.

Number 4 – TARGET

Target is another large company that suffered from a data breach hack during the holiday season in 2013 where 110 million customers were affected.
It was firstly announced that the credentials compromised involved credit and debit card details and contact information of approximately 40 million customers. However, the number was later corrected from the retail giant that an additional 70 million others are also affected, raising the total estimate to 110 million. The stolen information included personal names, mailing addresses, phone numbers and email addresses.
The incident was followed by a cyber-investigation which discovered that hackers carried out the attack by accessing Target’s gateway server through credentials stolen from a third-party vendor.
Shoppers who were affected by the breach were eligible for damages up to $10,000 each. The breach cost the company $162 million and the scandal led to the resignation of the store’s CIO, followed closely by that of the CEO.

Number 5 – UBER

Uber underwent one of the biggest data breaches of the 21st century which occurred during October 2016 – affecting more than 57 million people’s private information.
The exposed data included the personal names, email addresses and phone numbers of 57 million Uber users but also driver’s license information of 600,000 drivers.
It was later discovered from a security firm that hackers gained access to the Uber servers from credentials of company’s developers. The developers had naively published code that included their usernames in GitHub repository.
The scandal worsened further because of the disastrous handling and lack of transparency on the part of Uber. The company did not report the hack but instead tried to cover it up by paying the hackers a ransom of $100,000 to get rid of the data. It took a year for Uber to confirm the breach after having made false statements to the public regarding the attack.

Comments

Post a Comment

Popular posts from this blog

Five Big Mysteries Still Unsolved By Science

Image
                   #5. Dark Matter & Dark Energy Originally known as the “missing mass problem”, dark matter’s existence was first inferred by Swiss American astronomer Fritz Zwicky, who in 1933 discovered that the mass of all the stars in the Coma cluster of galaxies provided only about 1 percent of the mass needed to keep the galaxies from escaping the cluster’s gravitational pull. But the name "Dark Matter" is very misleading. Because it implies we know it is matter of some kind. But we have no idea what this thing is. A more fitting name would be, dark gravity, because we can detect the gravitational effects of this thing, but we don't know what it is. While dark energy, is an unknown form of energy, which is hypothesized to permeate all of space. Dark energy, is a theoretical repulsive force that counteracts gravity and causes the universe to expand at an accelerating rate. Together, dark matter & dark energy make up 95% of the total mass-energy of the u
Read more