As our world becomes increasingly data-driven, the impact of data breaches can also reach hundreds of millions or billions. In a world dominated by digital transformation, data breaches have reached unprecedented levels as attackers exploit the daily dependence on data. Although it remains to be seen what the scale of cyberattacks of the future will be, here are some of the most significant breaches of recent years.
Publicly announcing the incident, the company stated it took place between 2013 and December 2016. The company was preparing to be acquired by Verizon at the time and said that hacker groups had accessed the account information of more than a billion customers. Yahoo announced a year later that 3 billion accounts were compromised. According to Yahoo, the updated estimate does not represent a new “security issue” and the company is sending emails to all “affected users.”
Even though the attackers gained access to account information including security questions and answers, payments cards and bank data were not stolen.
The website Taobao operated by Alibaba, a Chinese e-commerce company, was accessed by an affiliate marketer in 2016 during the eight-month period using a crawler program that he developed. Although the developer was sentenced to three years in prison, it appears he and his employer were collecting information for their own use instead of selling it on the black market. It is estimated that 1.1 billion pieces of user data were comprised
Several hundred million users of LinkedIn‘s social networking site had their data published in June 2021 on a dark web forum, affecting more than 90% of its users. God User, a hacker who goes by one name, exploited the site’s API (and others’) to get 500 million customer records before dumping them on the web. A boast was then made about selling their entire 700 million customer database. Although LinkedIn claimed that the breach was merely a violation of its terms of service, not a data breach, scrapped data obtained by God User disclosed email addresses, phone numbers, geolocation information and social media details.
There were reports that two datasets from Facebook apps had been exposed online in April 2019. There were more than 530 million users whose personal information was included, including phone numbers, account names, and Facebook IDs. Two years later (April 2021), this data was freely available, which suggests new and real criminal intent. Troy Hunt, a security researcher at HaveIBeenPwned (HIBP), incorporated a phone verification feature into his breached credential checking site in response to the breach in view of the sheer number of phones exposed as a result of the incident.
A computer manufacturer in Taiwan, Acer, experienced the largest ransom demand ever: $50 million. The Dark Website of REvil was viewed by us independently on March 18, 2021, and contained a long list of allegedly vendor-sourced financial data. LeMagIT, the sister publication of TechTarget, found a ransomware named REvil Hatching Triage, a malware analysis website. Specifically, it included a link to demand $50 million in Monero cryptocurrency from REvil ransomware.
This story is attributed to Omar Abdulla, Content Developer at TECHx
Omar Abdulla is a university student with a passion for business, artificial intelligence, and technology. He is also knowledgeable about digital marketing, content creation, financial management, and coding. Omar is a team player, an active thinker, and an open-minded guy who approaches work with a problem-solving attitude. He possesses technical skills in programming and design.
