Most Notorious Data Breaches
Game of Thrones fans have known for a long time, knowledge is power. And in today’s world, we no longer refer to knowledge as random facts or mathematical abilities, but as data.
Our data is comprised of every aspect of our life, from family photos and search history to every transaction and call we have ever made. Service providers keep our data in huge server farms located in remote areas such as India, Nevada, and Narnia.
So if knowledge is power, and data is knowledge, then rest assured that some seek to take and use your information.
We like to think that this data is protected and secured, behind a password that is not our wedding date or the name of our favorite pet.
But the truth is far from it, and we are here to remind you that in today’s world – nothing is certain.
Here are the most serious data breaches that have occurred in the 21st century – do everything in your power not to be next on the list.
Statistics Canada. Table 35-10-0002-01 Police-reported cybercrime, number of incidents and rate per 100,000 population, Canada, provinces, territories and Census Metropolitan Areas
We decided to give the dubious title of the biggest data breach to a story that could gave been taken from the mission impossible franchise. The year is 2013, the end of a beautiful era for those who were once the symbol of Silicon Valley, and the death blow came just in time.
The breach began with a phishing campaign- a malicious email sent to YAHOO employees. The number of sent emails is unknown, but all it took was one employee who clicked on the attached link. As soon as that occurred, a Latvian hacker hired by Russian agents found YAHOO’s database and its editor tool. To maintain unauthorized access, the hacker installed a backdoor to YAHOO’s servers and downloaded information that included the names, phone numbers, passwords, and emails of half a billion users.
All this hassle just so that Russia can keep tabs of a few thousand users like journalists, United States government employees, and even a Russian fitness trainer who worked in Russia’s sports ministry. A worthy cause.
Admittedly it seems far away, but there was once a beautiful time when we would fly to other countries, in a metal vessel called an airplane. EasyJet – the favorite airline company among those who are willing to give up comfortable seating for the chance to bathe in the beautiful turquoise water of Greece shore – has experienced a serious information security breach that was discovered in May 2020.
Email addresses and travel details of approximately 9 million passengers were revealed, and worse, credit card details of about two thousand passengers were stolen. Official information in regards to the hacker’s MO has yet to be released since it is an ongoing investigation. However, some experts speculate that EasyJet’s data systems became more vulnerable due to the advanced permissions users were given following the Coronavirus pandemic.
Those experts also raise the suspicion that a Mega-Cart attack was deployed, on account of the stolen credit cards information that included the CVV numbers, data which EasyJet is not allowed to store.
Although flights are a complicated business nowadays, you can always hop into one of the Marriott branches and feel overseas. Just be careful, because in March 2020 the huge hotel chain announced that the information of approximately 6 million guests was stolen, with the help of two branch employees.
Marriott identified a hack into the internal network of one of its subsidiary hotels, and thanks to the access of hotel employees, the hackers were able to steal guests’ information- names, email addresses, and residences, phones, and birthdays. One would think that this is a one-time incident, but the hotel chain also experienced a data breach in 2018. On second thought, maybe we’ll wait for the flights.
Taken from Freepik
They have become the heroes of the pandemic, and some propose they receive a medal of honor. No, we’re not referring to the dedicated doctors working 26-hour shifts, but instead, the food delivery companies that have managed to feed an entire country in hysteria. Where Israel has Wolt and Ten Bis, the USA has DoorDash.
The food delivery company got into serious trouble in September 2019, when an unauthorized third party was able to access the information of some of the company’s users. The information of almost 5 million customers, suppliers, and drivers was stolen – names, email and shipping addresses, phone numbers, order history, and passwords. Even the last four digits of credit cards were stolen for some.
Noncookers beware, soon everyone might know that you’re not sticking to the salad diet you promised.
First American Corporation
The horror of young couples, a greater commitment than children, the number one risk factor of hair loss – the mortgage has become the nightmare of anyone seeking to break free from the whims of homeowners. But if it’s comforting, some had their nightmare become public.
In 2019, more than 885 million sensitive documents regarding the mortgages from First American were leaked to the public. The data was stolen from the company’s website, where it had been stored unprotected and exposed. These documents contained bank account numbers, tax returns, mortgage transaction approvals, ID numbers, and photocopies of driver’s licenses.
Websites are known as popular vulnerabilities and serve as a way of penetrating the internal network of many organizations. Therefore, it is important to perform applicable penetration tests so that you can provide the best and most secure service to your customers.