Biggest Data Breaches
Our data is comprised of every aspect of our life, from family photos and search history to every transaction and call we have ever made. If knowledge is power, then this data has become valuable not just to us but to malicious actors as well.
We like to think that this data is protected and secured, but the truth is far from it, and we’re here to remind you that in today’s world – nothing is certain.
Here are the biggest data breaches that have occurred in the 21st century – do everything in your power not to be next on the list.
We decided to give the dubious title of the biggest data breach to a story that could gave been taken from the mission-impossible franchise. The year is 2013, the end of a beautiful era for those who were once the symbol of Silicon Valley, and the death blow came just in time.
The breach began with a phishing campaign- a malicious email sent to YAHOO employees. The number of sent emails is unknown, but all it took was one employee who clicked on the attached link. As soon as that occurred, a Latvian hacker hired by Russian agents found YAHOO’s database and its editor tool. To maintain unauthorized access, the hacker installed a backdoor to YAHOO’s servers and downloaded information that included the names, phone numbers, passwords, and emails of half a billion users.
All this hassle just so that Russia can keep tabs on a few thousand users like journalists, United States government employees, and even a Russian fitness trainer who worked in Russia’s sports ministry. A worthy cause.
Admittedly it seems far away, but there was once a beautiful time when we would fly to other countries, in a metal vessel called an airplane. EasyJet – the favorite airline company among those who are willing to give up comfortable seating for the chance to bathe in the beautiful turquoise water of Greece’s shore – has experienced a serious information security breach that was discovered in May 2020.
Email addresses and travel details of approximately 9 million passengers were revealed, and worse, the credit card details of about two thousand passengers were stolen. Official information regarding the hacker’s MO has yet to be released since it is an ongoing investigation. However, some experts speculate that EasyJet’s data systems became more vulnerable due to the advanced permissions users were given following the Coronavirus pandemic.
Those experts also raise the suspicion that a Mega-Cart attack was deployed, on account of the stolen credit card information that included the CVV numbers, data that EasyJet is not allowed to store.
Although flights are a complicated business nowadays, you can always hop into one of the Marriott branches and feel overseas. Just be careful, because in March 2020 the huge hotel chain announced that the information of approximately 6 million guests was stolen, with the help of two branch employees.
Marriott identified a hack into the internal network of one of its subsidiary hotels, and thanks to the access of hotel employees, the hackers were able to steal guests’ information- names, email addresses, residences, phones, and birthdays. One would think that this is a one-time incident, but the hotel chain also experienced a data breach in 2018. On second thought, maybe we’ll wait for the flights.
Taken from Freepik
They have become the heroes of the pandemic, and some propose they receive a medal of honor. No, we’re not referring to the dedicated doctors working 26-hour shifts, but instead, the food delivery companies that have managed to feed an entire country in hysteria. Where Israel has Wolt and Ten Bis, the USA has DoorDash.
The food delivery company got into serious trouble in September 2019, when an unauthorized third party was able to access the information of some of the company’s users. The information of almost 5 million customers, suppliers, and drivers was stolen – names, email and shipping addresses, phone numbers, order history, and passwords. Even the last four digits of credit cards were stolen for some.
Noncookers beware, soon everyone might know that you’re not sticking to the salad diet you promised.
First American Corporation
The horror of young couples, a greater commitment than children, the number one risk factor of hair loss – the mortgage has become the nightmare of anyone seeking to break free from the whims of homeowners. But if it’s comforting, some had their nightmare become public.
In 2019, more than 885 million sensitive documents regarding mortgages from First Americans were leaked to the public. The data was stolen from the company’s website, where it had been stored unprotected and exposed. These documents contained bank account numbers, tax returns, mortgage transaction approvals, ID numbers, and photocopies of driver’s licenses.
Websites are known as popular vulnerabilities and serve as a way of penetrating the internal network of many organizations. Therefore, it is important to perform applicable penetration tests so that you can provide the best and most secure service to your customers.