Yahoo, LinkedIn, Apple iCloud: 10 Big Data Breaches

Data breaches and hacks are becoming so prevalent that each year there is another significant loss or leak of personal or corporate information.

Major US companies appear to bear the brunt of such breaches, but the increasingly sophisticated malware and ambitions cyber criminals are finding all manner of ways to infiltrate servers and devices then exfiltrate data from both large companies and smaller firms.

We have a rundown of some of the most significant breaches that have occurred in recent years.

LinkedIn

In 2012 an attack on professional networking site LinkedIn saw the leaking of credentials from 117 million of its users accounts, which were put up for sale in May 2016 for a paltry five Bitcoins.

While LinkedIn claimed the breach was not significant at the time, it was not only embarrassing for the company and a concern for its users, but it also cost the firm $1 million. LinkedIn also claimed that 6.5 million passwords were swiped initially, but as it transpired a lot more were exposed due to LinkedIn not adding a pivotal layer of security to make account details hard to decode.

US Government

Hacking a website is one thing, breaching one of the most powerful governments in the world is another.

But back in 2014 a hack on the US government’s Office of Personnel Management saw hackers gain access to the agency’s databases and make off with the staff records and security clearances of up to 21.5 million federal employees. State-sponsored hackers from China saw blame levied at them by security experts, but no public blame was bought by the US against China.

Worryingly two hackers responsible for stealing data from US government employees are now offering to sell the source code of the malware which enabled them to do so. This could mean the US government can expect more dangerous hack attempts in the near future.

Inland Revenue Service

While the US tax season was in full swing, the Inland Revenue Service (IRS) was hit by a large data breach which saw the exfiltration of data for 700,000 individuals.

The hack has apparently occurred in May 2015 with it initially appearing that 114,000 accounts were affected, until February 2016 when that number was found to have ballooned to over half a billion accounts.

eBay

Between February and March 2014 the login details of several eBay employees were compromised and hackers gained access to the company’s customers names, email addresses, physical addresses, phone numbers and dates of birth, as well as encrypted passwords.

The e-commerce company was prompted to ask all of its active users, some 128 million people at the time, to change their passwords making the breach one of the largest of the year.

Ashley Madison

The hack of the affair facilitating website Ashley Madison was one of the most significant breaches of 2015, as while it saw the customer database of its 32 million users leaked, the hack promoted all manner of issues. These ranged from hackers criticism of Ashely Madison for being morally bankrupt to criticising the websites business practices of charging $19 to delete user’s data; blackmail was also employed to threaten the takedown of Ashley Madison or the its customers’ account details would be leaked.

The company did no acquiesce to such demands and thus the data was leaked. There is currently a hefty bounty of $377,000 abvaiable for anyone who provides information leading to the capture of the hackers.

Continues on Page 2…