Data is transforming to one of the most important assets in the digital realm. The tech giants monopolizing data are considered the most powerful organizations on the planet. Nonetheless, they are often becoming vulnerable to a data breach epidemic despite the overflowing value of data monitored by such entities.
A data breach is an information security breach where personal data is exposed publicly without approval. When giant firms such as Yahoo and Facebook have gotten comprehensive attention for the outcome of a data breach, small companies are no escape.
Take note that data breaches can impact businesses of all sizes in many different ways. They are challenging to determine, expensive to address, and can cause massive reputational damage that some enterprises never recover.
Nevertheless, the only thing organizations can do in such scenarios is to mitigate the consequences of a breach to execute a detailed risk management practice for a recognition, restraint, and communication in the aftermath of a data breach.
Below is the list of the well-known and biggest data breaches in the 21st century.
- FriendFinder Networks Data Breach
Occurred in October 2016 and affected 400 million accounts
This company suffered one of the major and most damaging data breaches in history in 2016. FriendFinder Network Inc. jeopardized 400 million accounts, with most of them coming from AdultFriendFinder.com. Did you know that every database involved in the breach is composed of usernames, email addresses, and passwords kept in plain text?
- Marriott International Data Breach
Occurred in September 2018 and affected 500 million guest records.
On September 8, 2018, a security tool flagged a suspicious effort to access a guest reservation database for Marriott’s Starwood brands. It was found out that the Starwood network was compromised in 2014 when the international corporation started an investigation. The data breach happened when it was still a separate company before merging with Marriott.
In 2016, Marriott acquired Starwood but failed to incorporate the firm with its reservation system. Starwood was still utilizing its preceding IT infrastructure, which resulted to an attack. The record of five hundred million guests was washed out from the Starwood systems by the hacker. The cybercriminals utilized Trojan Horse software to access the accounts
- Facebook Data Breach
Occurred in September 2019 and affected 400 million users
This is one of the recent data breaches of today. The giant social media platform, Facebook, reported a series of security breaches in the past. Nevertheless, the data breaches that happened in 2019 were big. The company disclosed that millions of Instagram passwords had been kept online in plain text. After that, other problems, such as technical flaws allowing kids to chat with strangers online, undiscovered to their parents.
News emerged of a data leak in September 2019 that uncovered the phone numbers of at least 400 million Facebook users. That database comprises records throughout numerous geographic locations, consistent with 133 million Facebook users in America, 50 million in Vietnam, and 18 million in the United Kingdom.
The database in question was discovered to be unsecured by password or any form of encryption. Anyone searching the web could find and access that data.
- First Americans Financial Corporation Data Breach
Occurred in May 2019 and affected 885 million users
American journalist Brian Krebs reported the big data breach of financial records from the company in 2019. The breach leak digitalized documents which go back to 2013. A few of the most important data stolen during the incident were drivers’ license images, wire transaction receipts, social security numbers, mortgage and tax records, bank statements, and bank account numbers.
What’s more, the breach was started from an authentication mistake. No verification was needed to access the files that make them accessible to anyone with a browser. Any individual with the link can access data, and with a change of one digit, it was simple to find other documents with the same URLs.
The company encountered a common web designer error referred to as Direct Object Reference (IDOR). A web page with sensitive data is made so a certain party will only view it. Nonetheless, the table turned as there’s no other way to determine the person seeing it.
Anybody who types the link could easily and directly access the web browser. Cybercriminals and hackers used Advanced Persistent Bots (APBs) to gather and index the remaining documents.
This data breach proved that companies could not massively depend on unique links to protect data. As an alternative, documents must be safeguarded with passwords and multi-factor authentication.
- Yahoo Data Breach
Occurred in October 2017 and affected three billion accounts
Yahoo suffered the biggest and most detrimental breach in history in 2013. However, it took another 3-4 years to find the accident. The Chief Intelligence Officer of InfoArmor, Andrew Komarov, discovered the data breach when he’s assisting the firm in responding to another data attack in 2016.
He unraveled hints of the 2013 breach while trying to take down the stolen information. He observed a dark web seller providing close to $300,000 for a list of over a billion Yahoo accounts in August 2015.
Yahoo experienced a hot in its income when it went public along with the massive data breach. The organization alerted its users to reset all their passwords and restart their security questions. News of the breach declined Yahoo’s value by $350 million, not to mention the stock price drop by three percent.
The security breach led the company to long-term effects. What’s more, the company ran into different civil and regulatory complainants, as it failed to disclose the breach timely. It is expected that most of their post-breach injuries could have been prevented had it been assessed and revealed the breach sooner.
There you have it! These are the top five of the biggest and most damaging data breaches in the 21st century.
What are your thoughts about this post? Share your insights with us by leaving your comments below!