Data breaches are not uncommon in the modern day. From small-scale breaches affecting relatively unknown organizations to big data breaches that make news worldwide, the world is now accustomed to the phenomenon. Contrary to what most people might think, data breaches are not always a result of advanced hacking techniques. Sometimes, the laxity of organizations ends up leaving their data in compromised states. Data breaches have resulted in the loss of personal information, organizational reputation and huge sums of money. Let us look at some of the biggest data breaches of all time.
The 2017 Equifax is probably one of the most famous breaches in recent times. This breach occurred in May 2017 resulting in the exposure of the data over a hundred million accounts. The breach was not immediately reported by the company and the September 7 announcement was several months after the event had occurred. According to sources, negligence in implementing a patch to the Apache software was the cause of the breach. Even though only hundreds of thousands of account information was stolen, the breach was itself was colossal.
It is not often that stores are attacked. In fact, most people expect breaches to occur in banks and other institutions that store valuable financial data. In a modern day where cards are used everywhere though, it is not uncommon to hear of any kind of business being attacked. The target data breach targeted customer information entered at the POS systems. This breach affected over 70 million customers.
The Sony Pictures data breach became famous because of the nature of the attack itself. Phishing attacks are very common today and they are listed as among the most common cybersecurity risks. According to reports, the level of phishing had risen to about 83% by 2018. The Sony breach was one of the infamous attacks where employees were scammed off their information through social engineering techniques. The Sony attack led to the loss of 100 terabytes of data and unprecedented damages.
There is probably no breach that has been as significant over the decade as the Yahoo attack. This attack led to the compromise of all Yahoo accounts. Attackers were able to access the data of 3 billion customers in an attack that the company did not have any clue about. For over 4 years, the company did not come out to report the attack nor indicate whether they had received information about the breach. It is only in 2017 that Yahoo fully acknowledged the scale of the attack.
JP Morgan Chase is a renowned financial institution. Being a huge company, this organization is always a target. In 2014, a successful attack occurred at the company and the data of over 80 million accounts were compromised. The details that were accessible by hackers included phone numbers, emails, and names. The attack instantly became one of the biggest to occur to a financial institution. Attackers used the information they had collected to carry out different scams over time. It was revealed over $100 million was lost as a result of the scams and that 4 men were indicted for the attack.
eBay is among the biggest e-commerce platforms in the world. In 2014, the company sent messages to customers prompting them to change their login credentials due to a data breach. The said data breach came as a result of exposure of information by employees in the company. The information that was lost included personal login details. Even though the information lost was sensitive, it was not enough to allow attackers to steal user payment details. Over 145 million users were affected by this breach.
Uber is another company that experienced a major data breach but failed to reveal information about the breach to the public. This transportation network company had information of over 57 million drivers and customers leaked to hackers. The 2016 data breach resulted in Uber losing $100,000 to hackers as a ransom for their cooperation. The details of the data breach did not go public for over a year. In 2017, the details of the breach were made public to the huge dismay of Uber customers. The data breach occurred as a result of the successful hacking of a GitHub account used by Uber engineers.