It’s no secret that cybercrime is causing chaos in businesses, even after the General Data Protection Regulation came into force in May 2018. Poor cybersecurity practices and the damage caused by data leakage information to third-party organizations is expected to cost the world dearly. $ 6 billion by 2021. And given that four in ten businesses have experienced an online breach in a year, according to figures published by the government, it is important that entrepreneurs protect themselves from thieves using laptops as well as their own leniency towards the protection of private data. And there are different ways to do it without breaking the bank.
However, from Facebook’s Cambridge Analytica fiasco to hackers getting their hands on Uber user data, businesses continue to have cybersecurity challenges. Google is the latest company to join the list companies with questionable digital defenses after it was revealed that third-party developers may have gained access to the private data of half a million Google+ users. The company also chose not to disclose the information. Therefore, Alphabet, the parent company, decided to completely shut down the service.
Below, we bring you what we believe are 20 of the world’s top data breaches that not only cost millions of dollars, but consumer trust and brand reputation as well.
In what is a howler for a data breach, Yahoo! was responsible for disclosing the information of three billion people in 2013. The company did not announce the attack until 2016. While it initially said only one billion users were affected, he later revealed that all accounts that existed at the time of the hack had been hacked. It certainly didn’t improve matters when the first attack was followed by another in 2014, where 500 million accounts were accessed by Russian hackers. The United States Securities and Exchange Commission slapped the company with a $ 35 million fine for the second hack. More damaging was the fact that the company had to cut $ 350 million from its asking price of $ 4.83 billion when Yahoo! was sold to Verizon in 2017.
Friend Finder Network
Most of us like to keep our sex lives private. So it was a shock in 2016 when Friend Finder Network, the adult entertainment company, revealed that Adult FriendFinder, the sex and swingers community, had not only been attacked but that 339 million accounts had been affected by the hack. On top of that, Friend Finder Network has also seen two of its other services, Cams.com and Penthouse.com, see two million and seven million accounts hacked, respectively. A total of 412 million accounts were affected.
Social network Myspace reported in May 2016, that hackers managed to get their hands on the email addresses and passwords of its members. The Time Inc. company did not admit the number of hacked accounts, but according to LeakedSource.com there were over 360 million accounts involved, Techcrunch reported. Although Myspace is a bit of an abandoned digital island these days, it still doesn’t look too good, does it?
In May 2016, the social media platform LinkedIn reported a data breach in 2012 that compromised the personal information of 165 million user accountss. A hacker called Peace claimed to have access to 117 million email and password combinations and was sell them on the dark web.
In March 2018, sports retailer Under Armor unveiled its MyFitnessPal fitness app been attacked. The result was that 150 million usernames, email addresses and passwords were stolen. However, the company claimed passwords were encrypted and payment card data was unaffected, as were government-issued credentials like driver’s licenses.
In September 2017, cybercriminals broke into Equifax, the consumer credit reporting agency, and stole personal data from 147.4 million people. The breach has raised concerns about the amount of information brokers collect about consumers, which can range from public records to mailing addresses and other personal information. Former Equifax CEO Richard Smith resigned after the breach and the company said in March 2018 that the data breach cost it $ 114 million.
The eBay online marketplace witnessed the theft of 145 million customer information in May 2014. The root of the breach was that hackers got hold of a small number of employee credentials who gave access to eBay’s corporate network.
The birth of Facebook’s biggest scandal to date saw more than 100 million user data collected by data profiling company Cambridge Analytica. The scandal led Mark Zuckerberg to testify before the United States Congress and the European Parliament after it was revealed that Cambridge Analytica had allegedly meddled in the U.S. election. This did not assuage people’s privacy concerns when Facebook faced a hack in September 2018. The breach potentially affected 90 million accounts, including those of Zuckerberg and his deputy Sheryl Sandberg, according to the New York Times.
Over 92 million MyHeritage user accounts were compromised in October 2017 due to a data breach on the DNA testing website. A researcher found a file named myheritage on a private server. Although DNA data has not been made public, emails and passwords have been, according to Bloomberg. The company said it found no evidence the data were never used by the authors.
Uber suffered a hack that affected 57 million customers and 600,000 drivers worldwide in 2016. Of these users, 2.7 million were in the UK. The breach was kept secret by the ridesharing company until 2017. Uber confirmed that the names, email addresses and mobile phone numbers of customers have been exposed and that the names and license details of the affected drivers have been compromised. According to Bloombergformer Uber chief executive Travis Kalanick and other executives had known about the breach for more than a year before it was made public.
The extra-marital affairs app had revealed the personal information of 32 million users of the site in July 2015. This was apparently the work of a group called Impact Team who were against the company’s idea. . The parent company even offered $ 500,000 to anyone who could help catch whoever was behind it, but received no leads. At least, none to our knowledge.
The Timehop social app revealed a data breach in July 2018 that affected 21 million user names, email addresses and phone numbers. In a blog post, Timehop told users that he detected a network intrusion that occurred because his cloud environment credentials were compromised and the cloud account did not have multi-factor authentication. No private messages, financial data or social media data were viewed, the company said.
In May 2017 the online restaurant guide the reported data of 17 million users has been stolen, including email addresses and hashed passwords. The company discovered the breach and then logged the affected users out of their accounts and asked users to reset passwords. However, he said in a security advisory to customers that users logging in through Facebook or Google are not at risk.
UK retailer Dixons Carphone, owner of Currys and PC World, suffered a massive data breach in July 2017. When it originally estimated 1.2 million customer data was compromised , Dixons Carphone later confirmed in July 2018 that the breach reached ten million customers. The company claimed that no bank details were stolen and that there was no evidence that fraud had taken place.
In 2017, UK retail franchise CEX revealed that it had been hacked. The breach compromised the data of two million customers. CEX said that despite its best security efforts, a sophisticated attack compromised the system. The details involved included first and last names as well as email addresses and phone numbers. Credit card details were also believed to be at risk. The company has advised affected customers to change their passwords as a precaution.
In July 2017, insurance company Bupa revealed that an employee improperly copied information, including names, dates of birth and some contact information, but no medical information was compromised. The misuse of information has affected more than 500,000 customers.
A sophisticated breach between Tuesday, August 21 and Wednesday, September 5, 2018 resulted in the theft of the personal and financial information of 380,000 passengers. An article on the BA website said people should contact their banks if they think they were affected by the attack.
In April 2017, the loan company Wonga was a victim to a major data breach that affected 245,000 of its UK customers. Bank account numbers, sort codes, names, email addresses, home addresses, phone numbers and the last four digits of debit card numbers went wrong during the incident. Wonga advised clients to notify their banks and request that their accounts be put on alert for unusual activity and recommended being extra vigilant.
In November 2016, Tesco Bank, the consumer credit arm of the British supermarket giant, froze online operations after 20,000 customers had money stolen from their accounts. The breach was noticed after 40,000 people saw strange transactions on their accounts, the Independent reported. The bank, which has more than seven million accounts receivable, said it would cover all the financial costs of the breach. In October 2018, the company was £ 16.4million fine by the Financial Conduct Authority, the UK’s data watchdog.
Delivery and logistics company FedEx came under fire in February 2018 when it was discovered that extremely sensitive customer data was stored on an open server, essentially making all information public. The was discovered by security researchers at Kromtech. The open server included thousands of scanned documents, including passports, driver’s licenses, security credentials as well as home addresses, zip codes and phone numbers.
Looking at these huge scandals, it’s fair to say that leniency towards the way companies treat data can no longer be justified, if ever it can. It is indeed time for business leaders to tighten up their cybersecurity system before being fined or worse – shutting down their business.