It seems we are seeing a new cyber event in the news every day. From local government agencies to major corporations, this is not slowing down.
Below, you will see a list of the most significant data breaches in history. Please keep in mind, these companies have teams of security personnel and millions of dollars allocated to the protection of their crown jewels….they were still hacked.
Infonaligy Partners is a Dallas Cyber security firm and wants to extend a free security assessment for local companies who just don’t have the budget to hire security experts and have limited or no visibility into their network.
Cnet did a great job of compiling details on the major breaches over the last few years. Here are the details:
When: July 30, 2019
Number of people affected: 100 million people
What happened: Financial corporation Capital One suffered a data breach that impacted 100 million credit card applications, 140,000 Social Security numbers and 80,000 bank account numbers. If you applied for a card in the US between 2005 and 2019, you’re likely part of the breach, according to the bank.
Capital One said that no credit card account numbers or log-in credentials were exposed. The breach still affected names, addresses, ZIP codes, phone numbers, email addresses and birth dates. The FBI arrested Paige A. Thompson, a tech worker who goes by “erratic”. Thompson was charged with computer fraud and abuse for the hack.
Capital One has been reaching out to impacted customers, but in the meantime, you can take steps to monitor your accounts for fraud.
When: Approximately mid-May 2017
Number of people affected: About 143 million people
What happened: Hackers stole customer names, Social Security numbers, birthdates and addresses in a hack that stretched for three months. In addition, hackers nabbed 209,000 credit card numbers and 182,000 documents containing personal information. It’s unclear what the hackers did with the data during that time. The company estimates that half of the US population was affected, but didn’t include international victims. It was the biggest known leak of 2017.
You can still check to see if you were affected, worthwhile since you might get reimbursed for it. The credit reporting company agreed to pay between $575 million and up to $700 million on July 22 as part of a settlement with the Federal Trade Commission.
Number of people affected: 383 million
What happened: Malware infected the security systems of Starwood Hotels — which includes Sheraton, W Hotels, Westin, Le Meridien, Four Points by Sheraton, Aloft and St. Regis — in 2014, and the Marriott hotel group then acquired Starwood in 2016. In November 2018, Marriott discovered and revealed a four-year hacking campaign that attacked Starwood’s reservation database. Lawmakers demanded data privacy and security protections going forward.
The 500 million guests originally thought to impacted was lowered to 383 million this past January. In addition to names, addresses, phone numbers, credit card information and email addresses, hackers also swiped millions of unencrypted passport numbers.
Number of people affected: 87 million
What happened: Facebook’s Cambridge Analytica scandal isn’t the most recent or the biggest, but it’s arguably the most infamous. In a nutshell, the popular social media site was tricked by researchers who gained access to Facebook user data. The researchers then misused the data for political ads during the 2016 US presidential election.
The number of people whose data was compromised quickly rose to 87 million by last April.
The data firm was also linked to then-presidential candidate Donald Trump. Trump’s campaign hired Cambridge Analytica to run data operations during the 2016 election. Steve Bannon, who would become Trump’s chief strategist, was also reportedly vice president of Cambridge Analytica’s board. The company helped the campaign identify voters to target with ads, and gave advice on how best to focus its approach, such as where to make campaign stops. It also helped with strategic communication, like what to say in speeches.
Number of people affected: 80 million
What happened: The hackers that infiltrated Anthem Insurance swiped the names, dates of birth, member ID, Social Security numbers, addresses and more of almost 80 million current (at the time) and former employees. Shortly after the hack was revealed, the attorney general accused Anthem of failing to communicate the gravity of the situation to customers. In June 2017, Anthem agreed to pay $115 million to settle the data breach class-action lawsuit from the 2015 hack.
When: 2013- 2014
Number of people affected: 3 billion
What happened: Yahoo users were urged to change their passwords after hackers stole personal information associated with about half a billion email accounts. At the time, the numbers made it the biggest data breach in history. Initially, the casualties were reported at 500 million, still making the hack the biggest in history. Yahoo slowlyraised the number but reported in 2017 that none of its 3 billion accounts had gone unscathed in the original breach. That’s 3 billion names, email addresses, telephone numbers, dates of birth, encrypted passwords and unencrypted security questions.
The culprit? A 23-year-old Russian hacker-for-hire named Karim Baratov. Baratov was sentenced to five years in prison, paid the victims restitution and $2.25 million in fines. Yahoo didn’t go without punishment either. The company had to pay $50 million in damages and provide credit monitoring for at least two years for about 200 million people who’d been hacked.