Data is precious in this information age. Therefore, some steal it. Read on and find out the most significant data breaches of this century.
Data is one of the most valuable assets of any company. So we live in a world where there are many benefits, including economic benefits, to be gained from information. The world’s largest companies store and collect countless amounts of data for a reason. But just as it is valuable to them, it is also valuable to other malicious actors who will go to great lengths to steal it. That’s why data breaches have become commonplace in this age of the Internet and instant communication.
In the not-too-distant past, a breach affecting the data of around one million people was a major scandal. So such a figure would surprise no one, to the extent that it could be classified as a small and common breach. But what would you think of data breaches that compromise the data of %10, %20, %50 of people with Internet access? That’s how big the leaks you’ll see in this list are.
All the breaches on the list happened to the most well-known tech giants, to actual macro companies with almost infinite resources. And the irony is, in some cases, they were not victims of skilled hackers but themselves due to unacceptably poor security and lack of data protection.
Here are the most significant data breaches in history.
What is a data breaches?
Before we begin, it might be necessary to explain what a data breach is. You might think it’s a basic term, but not everyone knows about it.
A data breach is the intentional or unintentional disclosure of confidential information to an insecure environment. It is also often referred to as accidental disclosure of information or data leakage. Incidents range from cyber-attacks associated with organized crime for personal gain. Other leaks occur due to the careless handling of equipment.
In some cases, national governments or political activists cause data breaches to other entities for various reasons. But in this list, you will only find those caused by malicious actors seeking financial gain from the stolen information.
The biggest data breaches in history.
Method: Poor security
MongoDB is an open-source NoSQL document database system with customers as big as eBay, Barclays, Cisco, Sega, and Uber.
So, in May 2019, a gigantic unprotected MongoDB database was found on the Internet. This dabase contained the records of 275,265,298 Indian citizens with details about their names, gender, dates of birth, email address, phone numbers, plus details of education, current salaries and professional information.
Method: poor security
Exactis is an information broker company from the United States. It is responsible for collecting information to generate high-quality targeted advertising.
In the same way, in June 2018, the Florida firm exposed a database with a total of 340 million records on a public server. So, information such as age, phone number, emails, personal interests, the number of children each person has, and more, was exposed.
Friend Finder Networks
Method: poor security/hacked.
Friend Finder Networks is an American company that provides adult entertainment, online dating, and social networking services.
So, in October 2016, hackers gained access to 20 years of data in six databases that included emails, names, and passwords of users of this company’s services. These include Adult Friend Finder, Penthouse.com, Cams.com, iCams.com, and Stripshow.com.
The vast majority of these passwords were protected with the weak SHA-1 algorithm, which means that they could easily crack 99% of the stolen passwords.
Marriot International is an American multinational diversified hospitality company and holds the title of the largest hotel chain globally.
So, Marriot International announced in November 2018 that hackers had stolen the data of around 500 million customers. The leaked information contained names, contact information, passport numbers, and travel information, among other personal data. The company also believes that financial information related to credit and debit cards may have been stolen. Still, it is uncertain whether the attackers could decrypt the card numbers.
Method: Poor security
Facebook is a company that requires no introduction. It offers the largest social networking service worldwide, with nearly three billion users.
So, in April 2019, it was revealed that two sets of third-party Facebook application data had been exposed on Amazon’s publicly accessible cloud computing service.
Also, one of the datasets, sourced from the company Collective Culture, weighed 146 gigabytes. It contained 540 million records with all kinds of information and details, such as comments, likes, reactions, account names, FB IDs, and much more.
First American Corporation
Method: Poor security
First American Corporation is a U.S. company that provides title insurance and settlement services to the real estate and mortgage industries.
In this way, a design flaw in one of its apps made the breach posible. It exposed bank account records, social security numbers, electronic transactions, driver’s licenses, and even corporate documents of hundreds of millions of users on its website.
Yahoo! is another known company, one of the largest companies on the Internet, offering multiple web-related services. And its users were victims of the largest data breach in history.
Yahoo announced in September 2016 that they had been victims of a data leak in 2014. Attackers leaked the real names, email addresses, dates of birth, and phone numbers of more than 500 million users.
Also, months later, the company revealed that a leak caused by different hackers had occurred in 2013. Also, the attackers compromised the names, birth dates, emails, passwords, and security questions and answers of 3 billion accounts.
And those are the largest security breaches in history, totaling more than 6 billion accounts whose data was compromised.
Although these are terrible anecdotes, they leave a great learning experience. In addition, four of the data breaches presented here were caused by security issues. Therefore, this means that the companies involved could have prevented these leaks by investing properly in cybersecurity.
Don’t make the same mistake. No matter how big your company is, data security and protection are essential to you and your customers.