Skip to main content

Biggest security breaches of the 21st century

Previously, we were discussing the topic of inside security breaches that can be a threat to enterprises. In today’s article, we will go on and complete the list with some of the biggest and most famous outside security breaches of the 21st century.

A secure network is a sign of a good IT staff, but when nothing happens, it is hard to notice that everything is working well. However, when something does happen, that is usually bad in terms of security-related issues. But what were the most famous threats, that made companies fall on their knees?

1. Yahoo fall

In 2014 Yahoo announced that it had been a victim of what they called “the biggest security breach in history”. Due to the attack, personal information of 500 individual users were compromised, including birth dates, names, e-mail addresses, and passwords. There were other attempts and revisions of the case, and further investigation led to the shocking fact stating that 3 billion users were somehow compromised, outnumbering the original 500 million by far.

The damages were shown in the sale prize of Yahoo which went down by 350 million dollars. Heads fell, including the CEO of the company, head of legal affairs and many other high positioned employees.

2. eBay scandal

Back in 2014 companies were not in luck. Online retailer giant eBay reported a cyber-attack during this period, which caused the company more than a little headache. Personal information of 145 million users were exposed. The company told the press that the hackers were able to monitor their database because they stole credentials of 3 eBay employees. For a total of 229 days, they could download and copy sensitive information, different databases, and other company secrets.

In the end, eBay sales dropped, as it asked the customers to revisit their personal information and change their most valued data. The company was criticized for the lack of up to date security and handling personal information loosely. The result was a lower customer activity following the scandal, but in the end, everything came back to the way it was before, but hopefully in a bit more secure form.

3. Targeting Target stores

Target announced that back in 2013, credit and debit card information and contact information of 110 million people were compromised. The breach started before Thanksgiving but was discovered only a few weeks afterwards. The hackers had gained access through a third-party HVAC vendor to its point-of-sale (POS) payment card readers and had collected about 40 million credit and debit card numbers. By January those numbers were up to 110 million people.

Both CIO and CEO of the retail giant company resigned in the following year, and the company was pushed to make huge security investments. Since then it has been focusing on keeping attackers out of the system.

4. Surprise for Uber

Back in 2016 Uber reported that personal information of 57 million users were leaked due to hacker activity. The way Uber handled the issue was a lesson to learn for other companies on how not to handle situations like that at all.

The company learned that two hackers were able to get names, email addresses, and driver license numbers of 600,000 Uber drivers and many more customers. The hackers were able to access Uber’s GitHub account, where they found username and password credentials to Uber’s AWS account. To make things worst Uber kept this attack a secret for a whole year. What’s worse, they paid the hackers $100,000 to destroy the data with no way to verify that they did, claiming it was a “bug bounty” fee.

Protecting the system is crucial for small and big companies as well, but handling the inconvenient consequences of a mistake is even more important. Security breaches not only weaken companies by leaking information, but they also destroy reputation if the issue is not handled well enough.


You might also be interested in:


Share this post

Comments ()