Cyber attacks continue to increase against businesses. These incidents can cause you to lose your data and damage your trust with clients. Taking a proactive approach to IT and network security is a necessity in today’s workplace. Developing a detailed plan to limit the impacts of a security breach is also essential in keeping damages to a minimum. Continuing to modify this plan while working with IT & networking experts is always important due to the ever-evolving nature of cyber attacks.
Security is a key concern for any organization, but it can be especially important to small and medium-sized businesses that don’t have the resources of their larger counterparts. And while there are many security breaches that occur each year, we wanted to take a moment to share seven major incidents that you need to know about:
Date: August 2013
Impact: 3 billion accounts
In 2013, Yahoo suffered a massive security breach when hackers stole data from 3 billion users. The hackers were able to access users’ names, email addresses, phone numbers, and birthdays but also the content of their emails. This is especially concerning because many people use one password for multiple accounts, so if one site has a breach it could mean that all of your other accounts are vulnerable as well.
Date: November 2019
Impact: 1.1 billion pieces of user data
In 2019, Alibaba was hacked by a developer working for an affiliate marketer. The breach exposed the personal data of more than 1 billion customers and their credit card info. The hackers got away with names, email addresses, phone numbers, and passwords in addition to credit card information. Some people were also reportedly able to access medical records due to a partnership between Alibaba’s Youku Tudou video site and drugmakers including GlaxoSmithKline Plc., Novo Nordisk A/S, and Sanofi SA
Date: June 2012
Impact: 165 million users
Date: April 2019
Impact: 533 million users
In April 2019, Facebook announced that hackers had stolen data from 533 million accounts. The breach affected Facebook’s platform and third-party apps such as Instagram, Messenger, and WhatsApp. The hackers were able to obtain names, email addresses, and phone numbers from these accounts.
The company has since apologized for the incident and stated that it would be taking steps to ensure future breaches could not take place on its platform or third-party apps.
Date: September 2018
Impact: 500 million customers
Marriott International is a global hospitality company that manages and franchises hotels. In 2018, Marriott International suffered a data breach that affected more than 500 million customers. The incident was caused by malware installed on the Starwood guest reservation database by hackers who gained access to it through an employee’s home computer.
The hackers accessed the names, addresses, phone numbers, email addresses, passport numbers, and payment card information for approximately 500 million guests who stayed at Starwood properties between 2014-18; some duplicating entries were removed from this list because they were “non-unique” (i.e., no longer currently active).
Date: October 2013
Impact: 153 million user records
In October 2013, Adobe announced that it had been hacked. The breach was traced back to a ColdFusion Web application running on the company’s network. The attackers were able to exploit a vulnerability in the application to access information such as usernames and passwords that were used to log in to other systems on Adobe’s network.
Date: October 2013
Impact: 200 million personal records
Experian is a credit reporting agency. Hackers gained access to the personal information of 200 million people in 2013. The breach included names, social security numbers, birth dates, and driver’s license numbers. Experian said at the time that it did not believe the hackers accessed any non-financial personal information such as email addresses or street addresses.
Schedule a free consultation with the cybersecurity experts at Cyber Sainik
One of the biggest ways to limit security breaches is to focus on educating your employees about cybersecurity. A managed service provider can discuss various IT security topics while also training your team on how to avoid common mistakes. Conducting these IT training sessions on a regular basis is essential in helping your employees stay up to date with these threats.
If you are looking for more information about the incidents we discussed, including how to avoid them in your own business, schedule a free consultation with the cybersecurity experts at Cyber Sainik.