No matter what type of information is being accessed, all data breaches are scary because they involve the release of sensitive data to unknown sources. Given that this info is typically stolen and used for egregious purposes, data breaches can also be highly costly to the companies affected. That said, let’s take a look at 5 of the worst data breaches of all time.
A cyber-attack that occurred on December of 2013, Target’s data breach serves as an alarming wake-up call for many consumers and business owners alike.
- The Haul: Attackers walked away with the credit/debit information of 110 million customers.
- The Breach: One of the most damaging elements to this case was the fact that the breach started around black Friday. Making for especially bad publicity for the store during the holiday season, the breach was discovered by employees of the company, who then notified the U.S. Justice Department on December 13. After hiring a third-party forensic team to mitigate the attack, they managed to put an end to the situation. However, the information of the 110 million customers remained at risk.
- The Exploit: After sending phishing emails to several Target vendors in order to hijack access to the store’s network, attackers installed specialized malware that helped steal the credit/debit information of over 1 million customers.
- The Reaction: In response to the breach, Target beefed up cybersecurity, revamped firewall rules, and created new restrictions on vendor network access.
- The Aftermath: Despite their swift action, Target will have to pay tens of millions of dollars in a class action lawsuit.
The Sony data breach occurred in April of 2011.
- The Haul: Attackers walked away with info from 102 million user records.
- The Breach: Cyber attackers targeted Sony’s home gaming PlayStation Network, compromising the data (name, address, phone numbers, login credentials, etc.) of 78 million users; the attackers also hacked the company’s PC games service, bringing the total hacked accounts to 102 million.
- The Exploit: The attacker managed to steal credit card data from 23,400 million European users.
- The Reaction: Sony took the network offline for approximately 3-weeks. They also offered users free identity theft protection, 30-days of premium-level PlayStation Plus, and outlined new measures to counteract such breaches in the future.
- The Aftermath: Sony was once again attacked in 2014 costing them an additional 100 TB of sensitive data.
This attack occurred on in 2017.
- The Haul: Attacked hauled off with the financial info of 143 million users.
- The Breach– Experian failed to install a security fix for the exposed flaw in their web application tool. Hackers then exploited this flaw to steal user info.
- The Exploit: Hackers were able to steal information such as social security numbers, addresses, birth dates, driver’s license info, and more.
- The Reaction: Experian offered free credit freezes to affected users; the company is being investigated and has made many cybersecurity upgrades.
- The Aftermath– Experian is now being sued in a class action lawsuit.
This breach occurred in 2013-2014 and was one of the most massive information grabs in history.
- The Haul: 3 Billion user accounts were compromised.
- The Breach: According to the company, a “state-sponsored” actor collected an assortment of data between 2013 and 2014.
- The Exploit: Hackers walked away with info such as names, date of birth, emails, passwords, and more of approximately 3 Billion users.
- The Reaction: The massive breach caused Verizon and Yahoo regulatory and legal liabilities caused by breaches; cybersecurity measures were revamped.
- The Aftermath: The breach devalued Yahoo to the tune of $350; Verizon paid $4.48 Billion for Yahoo’s core business; Yahoo agreed to a $50 million cash settlement for those affected.
This breach occurred between the years of 2014-2018.
- The Haul: The information of 500 Million customers was compromised.
- The Breach: By accessing systems supporting Starwood hotel brands, which then became a part of Marriot’s system, foreign hackers were able to access the info of 500 Million patrons of the company.
- The Exploit: Hackers stole names, contact info, passport numbers, Starwood Preferred Guest numbers, and more.
- The Reaction: Since the breach was determined to be executed by Chinese intelligence, the American government stepped in to crack down on Beijing; extra cybersecurity measured added by the company.
- The Aftermath: A number of indictments have been handed out by the Trump administration.
Overall, there have been plenty of major data breaches in recent years. This has served as a wake-up call to individuals to always seek out optimal cybersecurity measures and to update them regularly.