Biggest Data Breaches of All Time

While you may see large data breaches in the news from time to time, you may not realize the sheer amount of information that has been compromised over the years. Most of these are infamous and well known, but if you are just realizing you have an account with one of these companies, it may not be too late to change you password. Here’s a list of the biggest data breaches of all time.

YAHOO (AUGUST 2013)

Number of accounts compromised: 3 Billion

There’s no easy way to put this: This data breach is hands down the biggest blunder on this list. Hackers gained access to names, emails, addresses, passwords, and security questions for every single Yahoo account. Yahoo originally believed that only 1 billion accounts were compromised, but after Verizon acquired the company in 2013, Verizon sent out a press release indicating all 3 billion accounts were included in the breach.

“In connection with the December 2016 announcement, Yahoo took action to protect users beyond those identified at that time as potentially affected. Specifically:

  • Yahoo required potentially affected users to change their passwords.
  • Yahoo also required all other users who had not changed their passwords since the time of the theft to do so.
  • Yahoo invalidated unencrypted security questions and answers so they cannot be used to access an account.

We are continuing to work closely with law enforcement, and continue to enhance our safeguards and systems that detect and prevent unauthorized access to user accounts.”

YAHOO (LATE 2014)

Number of accounts compromised: 500 Million

Unfortunately, lighting can strike twice, and Yahoo has the top two spots on this list. Hackers gained access to names, emails, and addresses, but passwords were properly secured. A second data breach in such a short amount of time destroyed any faith users had left in Yahoo’s security practices.

Yahoo is notifying potentially affected users and has taken steps to secure their accounts. These steps include invalidating unencrypted security questions and answers so that they cannot be used to access an account and asking potentially affected users to change their passwords. Yahoo is also recommending that users who haven’t changed their passwords since 2014 do so.

MYSPACE (JUNE 2013)

Number of accounts compromised: 360 Million

The former king of social media was not immune from data breaches. A hacker by the name of “Peace” attempted to sell the contact information and passwords of 360 million MySpace users. While many users had fled MySpace for other social media platforms at that point, users frequently keep their username and password as similar as possible wherever they go. Any users who were at risk were asked to create a new password the next time they logged in.

“As part of the major site re-launch in the summer of 2013, Myspace took significant steps to strengthen account security. The compromised data is related to the period before those measures were implemented. We are currently utilizing advanced protocols including double salted hashes (random data that is used as an additional input to a one-way function that “hashes” a password or passphrase) to store passwords. Myspace has taken additional security steps in light of the recent report.”

LINKEDIN (JUNE 2012)

Number of accounts compromised: 117 Million

Originally believed to be only 6.5 Million accounts compromised, but after finding the data (from the hacker “Peace” again), 167 million accounts were found with 117 million of them featuring both email addresses and passwords.

“We take the safety and security of our members’ accounts seriously. For several years, we have hashed and salted every password in our database, and we have offered protection tools such as email challenges and dual factor authentication. We encourage our members to visit our safety center to learn about enabling two-step verification, and to use strong passwords in order to keep their accounts as safe as possible.”

EQUIFAX (MAY 2017)

Number of accounts compromised: 145 Million

This breach may not be the largest breach on this list, but it is certainly the most important. Hackers were able to gain names, birth dates, addresses, and (most importantly) Social Security numbers for each account. This allowed the hackers to sell the information to identity thieves who could apply for loans, credit cards, and even mortgages under any of the users names.

“As soon as Equifax discovered the unauthorized access, Equifax acted immediately to stop the intrusion. The company promptly engaged a leading, independent cybersecurity firm which has been conducting a comprehensive forensic review to determine the scope of the intrusion, including the specific data impacted.  Because this incident involves a substantial amount of personal identifying information, the investigation has been complex and time-consuming. As soon as we had enough information to begin notification, we took appropriate steps to do so.”

DATA BREACHES CAN HAPPEN TO BUSINESSES OF ANY SIZE

SIGN UP TO OUR NEWSLETTER AND GET A FREE CYBER THREAT REPORT 

CALL 718-227-5500 NOW FOR A NETWORK ASSESSMENT

Employee Safety Tips

Part Two of our Cyber Holiday Safety Series focuses on protecting your workplace. Gift card scams and money wiring scams increase this time of year …

Read More →

Online Shopping Safety Tips

Part One of our Cyber Holiday Safety Series focuses on protecting your information while online shopping. Phishing emails focused on fake deals and last minute …

Read More →

New York and New Jersey Data Regulation

If your company does any business in New York or New Jersey, it can be difficult to know what laws pertain to your business. We’ve …

Read More →

Security Alert: Lack of Trust Comes with a High Price Tag for U.S. Businesses

A new study finds that “Almost half (44%) of US consumers have suffered the negative consequences of a security breach or hack…”. The research done by …

Read More →

Preparing for an IT Disaster

IT disasters are devastating to the infrastructure of any business. In 2018, threats to your IT infrastructure are growing no matter what sector your business …

Read More →

Building an Incident Response Program

In part one of our series, our overview of Building an incident response plan, we discussed what regulations organizations will need to meet in order …

Read More →

NetConnect / VISN-IT Featured in StorageCraft Press Release

New StorageCraft Partner Success Program Boosts Profit Paths Across All Channel Partner Business Models DRAPER, Utah, Sept. 27, 2018 /PRNewswire/ — StorageCraft®, whose mission is to protect all …

Read More →

Small Business Cyber Security Concerns

The truth is that Small Businesses have a lot to fear when it comes to Cyber Security. Any disruption that causes downtime or loss of …

Read More →

Email Compromise – How Does it Work?

Email compromises are becoming more and more dangerous every year, and it’s important to know how they work. Email Compromises involve the hacking of a …

Read More →

Cloud Computing Pros and Cons

What is the cloud? Cloud Computing is “the practice of using a network of remote servers hosted on the Internet to store, manage, and process data, …

Read More →

Phishing Threats

Phishing threats are getting more and more sophisticated as cyber security measures become smarter. The main reason why phishing must be handled differently than other …

Read More →

The Dark Web and You

Chances are that somewhere out on the Dark Web lies passwords, email address, and other compromising information that relates to your company. From clicking on …

Read More →

The New Extortion Scam you’ll want to look out for!

Email Threats constantly evolve and try to find new ways to steal your money or steal your information. A large part of Cyber Security is …

Read More →

Two Factor Authentication – Do I Really Need It?

Two Factor Authentication procedures or Multi Factor Authentication procedures are a part of many interactions in our daily life. Most credit and debit cards now …

Read More →

The True Cost of a Data Breach

One of the biggest headaches your company can endure is a data breach. Whether its caused by employee error or targeted cyber attacks, the long …

Read More →