It feels like data breaches are an epidemic and an inevitability. There have been several major hacks in the 21st century already, involving the information of billions of people. Here, we’ll look at five major hits that have occurred in the past ten years.
A full security strategy with digital and non-digital components is a must-have for all businesses. To protect yourself or your business from a data breach and cases of identity theft, it’s necessary to regularly purge old files and electronic devices from the premises. A professional, certified company like Absolute Destruction & Recycling can come to you with mobile shredding trucks, uniformed, ID’d, and bonded staff, and safely destroy all of your materials on-site where you can visually verify the job is done. Hire professional network security professionals to properly encrypt employee and customer data and make sure your system is protected from hackers.
Yahoo (2013-2014)
During these years, there were two separate breaches totalling a massive 3 billion accounts. It wasn’t announced until the fall of 2016 that an assumed “state-sponsored actor” hit them in 2014. A second breach was announced a few months later from 2013. The information accessed involved full names, email addresses, birthdays, phone numbers, encrypted and unencrypted security answers, and hashed passwords. These two are considered to be the hugest breaches of information of all time – thus far, of course. Yahoo is currently under a wave of lawsuits and have been heavily criticized for both their lack of security measures and the lateness in notifying the affected and general public.
Adult FriendFinder (2016)
The online dating service and their collection of associated adult websites, like Penthouse.com, was accessed in mid-October of 2016, impacting over 412 million accounts. Databases containing names, emails, and passwords, were infiltrated. The personal information was from databases going back 20 years. FriendFinder was not the initial party to notify the public – Leaked Source, a site that illegally sold usernames and passwords, announced it first. The most common passwords were poorly chosen strings of numbers like “123456”.
eBay (2014)
The online auction site where users can buy and sell their goods was hacked in May 2014, a breach affecting 145 million users. Names, birthdays, addresses, and encrypted passwords for every one of its users at the time were accessed. Hackers used employee credentials and had full access for over 200 days. This hack emphasizes the need for strict employee policies and procedures from within a company.
Equifax (2017)
This was a frightening breach affecting 143 million users that gave thieves everything they needed for identity theft. This hack involved the names, addresses, birthdays, and SIN numbers (plus sometimes driver’s license numbers) of customers. Over 200,000 individuals also had their credit card information exposed. This hack was possible due to a vulnerability on their site related to applications. The breach was discovered in late July and wasn’t reported until early September. It likely started in May.
Heartland Payment Systems (2008)
Spyware was used to infiltrate 134 million credit cards of the payroll processing company in March 2008. The company was processing millions of payment transactions for 175k retail companies a month. They didn’t realize there was an issue until Visa and MasterCard reported suspicious activity.
A data breach is a huge cost – both monetarily and in reputation. In 2018, digital and analogue security needs to be a top priority for businesses.