A hacker going by the moniker of “God User” used data scraping techniques by exploiting the site’s (and others’) API before dumping a first information data set of around 500 million customers. Professional networking giant LinkedIn saw data associated with 700 million of its users posted on a dark web forum in June 2021, impacting more than 90% of its user base. LinkedInĭate: June 2021 Impact: 700 million users We will continue to work with law enforcement to defend and protect the interests of our users and partners.” 3. We have proactively discovered and addressed this unauthorized scraping. It appears the developer and his employer were collecting the information for their own use and did not sell it on the black market, although both were sentenced to three years in prison.Ī Taobao spokesperson said in a statement: “Taobao devotes substantial resources to combat unauthorized scraping on our platform, as data privacy and security is of utmost importance. Over an eight-month period, a developer working for an affiliate marketer scraped customer data, including usernames and mobile numbers, from the Alibaba Chinese shopping website, Taobao, using crawler software that he created. Alibabaĭate: November 2019 Impact: 1.1 billion pieces of user data Our investment in Yahoo is allowing that team to continue to take significant steps to enhance their security, as well as benefit from Verizon’s experience and resources.” After investigation, it was discovered that, while the attackers accessed account information such as security questions and answers, plaintext passwords, payment card and bank data were not stolen. Verizon’s CISO Chandra McMahon said at the time: “Verizon is committed to the highest standards of accountability and transparency, and we proactively work to ensure the safety and security of our users and networks in an evolving landscape of online threats. Yahoo stated that the revised estimate did not represent a new “security issue” and that it was sending emails to all the “additional affected user accounts.”ĭespite the attack, the deal with Verizon was completed, albeit at a reduced price. Less than a year later, Yahoo announced that the actual figure of user accounts exposed was 3 billion. At the time, it was in the process of being acquired by Verizon and estimated that account information of more than a billion of its customers had been accessed by a hacking group. The company first publicly announced the incident – which it said took place in 2013 – in December 2016. Securing the number one spot – almost seven years after the initial breach and four since the true number of records exposed was revealed – is the attack on Yahoo. Yahooĭate: August 2013 Impact: 3 billion accounts So, here it is – an up-to-date list of the 15 biggest data breaches in recent history, including details of those affected, who was responsible, and how the companies responded (as of July 2021). The latter have purposefully not been included in the list. We have also made a distinction between incidents where data was actively stolen or reposted maliciously and those where an organization has inadvertently left data unprotected and exposed, but there has been no significant evidence of misuse. How large cyberattacks of the future might become remains speculation, but as this list of the biggest data breaches of the 21 st Century indicates, they have already reached enormous magnitudes.įor transparency, this list has been calculated by the number of users impacted, records exposed, or accounts affected. Digital transformation has increased the supply of data moving, and data breaches have scaled up with it as attackers exploit the data-dependencies of daily life. In today’s data-driven world, data breaches can affect hundreds of millions or even billions of people at a time.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |