[BreachExchange] 3 Biggest Data Breaches of the 21st Century per Number of Records

Audrey McNeil audrey at riskbasedsecurity.com
Mon May 24 18:35:24 EDT 2021


https://techreport.com/cybersecurity/3474218/top-three-data-breaches/

Data breaches have become increasingly common as humankind has become
increasingly dependent on digital technologies. Thanks in large part to our
reliance upon the internet, data has become the most precious commodity in
this century. Data is the new gold, making it a lucrative target for
digital-age criminals. Cybercriminals regularly come up with new ways of
compromising and exploiting databases that contain sensitive information.

Unfortunately, many of these hackers have grown wealthy, encouraging others
to continuously scan the web for soft targets. There have been more than
4,000 prominent data breaches since the emergence of large-scale
digitization projects in the early 2000s. In total, billions of records
have been leaked. These records included sensitive data such as names,
email addresses, addresses, phone numbers, social security numbers, and
more.

Data Breaches Explained

A data breach is the release of confidential or sensitive data from a
secure server to an insecure environment. Sometimes called data leaks, many
data breaches are the result of human error or inside jobs. Keep in mind
that the illegal actions of cybercriminals tend to grab the most media
attention.

In some cases, data breaches include exfiltration, that is, the
unauthorized access and transmission of data. In other cases, breaches
incur a loss of data. For example, ransomware attacks encrypt stolen data
in place. The attacker then demands a ransom be paid by the data owner in
exchange for restoring access. If the ransom is not paid — or the attacker
does not restore access — the encrypted data is lost forever.

Worst Data Breaches of the 21st Century

Listed below are three of the worst incidents thus far this century. For
our purposes, we will define “worst” in terms of the highest number of
leaked records.

Yahoo (2013-2014)

Once upon a time, Yahoo was a technology behemoth and a popular service
provider. It lost its brand name as the most-used search engine and email
service provider in the late 2000s. After that, it lost its reputation as
well, thanks to one of the worst data breaches in history. Announced in
September 2016, Yahoo suffered a massive data breach from 2013 to 2014 that
impacted 3 billion user accounts.

Yahoo’s data breach began with just one click. An employee mistakenly
opened a malicious link sent in a phishing email. Oddly, the data breach
remained undetected for three years. During that timeframe, stolen data was
sold on underground forums hosted on the dark web. Attackers were able to
steal names, email addresses, phone numbers, birthdates, encrypted
passwords, security questions, and more.

Unsurprisingly, Yahoo suffered serious financial losses. Its stock price
decreased by 3% the day of the announcement, losing almost $1.3 billion
from its market capitalization. Yahoo also had to pay $80 million for a
federal securities class action settlement. It also shelled out $35 million
in fines by the Securities and Exchange Commission for not disclosing the
breach. According to BBC News, “Yahoo’s UK arm has been fined £250,000
($335,000) by the UK Information Commissioner’s Office (ICO) over a data
breach affecting more than 500 million users which took place in 2014.”

Facebook (2019)

Facebook is the world’s largest social media network, with over 2.6 billion
users globally. This makes it an attractive target for attackers as well as
a fertile ground for controversy. For these reasons, Facebook endures a
never-ending storm of cyberattacks.

Though Cambridge Analytica was the most well-known scandal involving
Facebook, it wasn’t the biggest data leak in the history of Facebook.
Instead, a combination of two security incidents made headlines in 2019.
These incidents collectively exposed the data of 540 million people thanks
to two malicious apps.

UpGuard, a cybersecurity company, finally discovered the attack. UpGuard
found two datasets containing sensitive data that had been exposed via
Amazon Web Services (AWS). The exposed databases contained user activities
on Facebook, Facebook IDs, and phone numbers. The exposed data made users
far more vulnerable to the risk of identity theft. According to TechCrunch,
this data leak incident “exposed millions of users’ phone numbers just from
their Facebook IDs, putting them at risk of spam calls and SIM-swapping
attacks, which relies on tricking cell carriers into giving a person’s
phone number to an attacker. With someone else’s phone number, an attacker
can force-reset the password on any internet account associated with that
number.”

Marriott International (2014)

Marriott International — the international hotel chain known for Sheraton
Hotels and Resorts and Starwood Hotels — discovered a data breach in 2018.
The attack — one of the most insidious hacks in history — began in 2014
when Starwood Hotel’s guest reservation systems were compromised. Attackers
were able to hide in the Starwood Hotel systems even after Marriott
International acquired Starwood in 2016. Marriott failed to migrate the
Starwood systems to their infrastructure after the acquisition.

Marriott discovered the attack in September of 2018. One of Marriott’s
security tools flagged an unusual database query that caught the attention
of its security team. By that time, the attack had exposed the data of
approximately 500 million guests, making it one of the biggest data leaks
ever. Stolen data included personal information of guests such as contact
details, credit card numbers, travel details, and even passport numbers.
Customers filed several class-action lawsuits against the hotel chain
giant. the UK Information Commissioner’s Office also hit Marriott with a
$120 million fine. Total damages cost the Marriott chain hundreds of
millions of dollars.

Cyberattacks are increasing in both number and size. Successful
cyberattacks leading to data leaks result in costly disaster-recovery plans
along with heavy fines and legal penalties. This situation obviously calls
for hardened cybersecurity infrastructure for every organization.
Businesses must implement a cybersecurity infrastructure containing
mitigation plans to defend against cyberattacks. Most successful online
attacks are a result of human error. This was the case with the hacks at
Yahoo, Facebook, and Marriott International. Accordingly, cybersecurity
training for employees should be a top priority for any business that
operates its own network.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20210524/b2f31ceb/attachment.html>


More information about the BreachExchange mailing list