Data is the most important asset for a company or an organization. Nowadays, the world’s top MNCs spend millions of dollars to make their systems more secure from outside attacks. A data breach in a company or an organization not only leads to millions and billions of financial losses but also creates a bad reputation among its users.
Here are the top 10 biggest data breaches that ever happened, drilling big security holes in their systems as well as in their wealth.
1. U.S. Voter database
Database of information on around 191 million U.S voters was exposed on the internet due to an incorrectly configured database in Dec 2015. It includes names, addresses, birth dates, phone numbers, party affiliations, and emails of voters in all 50 U.S. states and Washington.
2. Court Ventures
A Vietnamese identity theft service sold personal records, including social security numbers, credit card details, and bank account information through Court Ventures, a company now owned by the data brokerage firm “Experian”.
A hacker, who’s known as ‘Peace’ claimed to have 360 million emails and passwords of MySpace users. However, it’s unclear when the data was stolen from MySpace. Each record in the hacked dataset contains an email address, a username, one password, and in some cases a second password. On 27th May 2016, Peace put the MySpace hacked data up for sale on the dark web market ‘The Real Deal’ for 6 Bitcoin (around $2,800).
4. Massive American Business hack
Five Russian and Ukrainian hackers stole more than 160 million credit and debit card numbers, targeting more than 800,000 bank accounts. The cyberattacks occurred between 2005 and 2012, resulting in losses of at least $300 million for businesses and individuals. It was the largest hacking ever carried out in the United States.
Data breach at Heartland Payment Systems, a payments processing firm, has potentially compromised 130 million credit and debit cards information from all the major card brands. Heartland reported that it had lost $12.6 million in the attack including legal fees. In March 2010, Albert Gonzalez, an American computer hacker, was sentenced to 20 years in prison for his role in the hacking ring that broke into the Heartland computer systems.
Between the end of February and the beginning of March 2014, eBay suffered a massive cyberattack that compromised its main database containing user passwords. The hackers gained access to information including eBay customers’ names, their encrypted passwords, email, registered addresses, phone numbers, and date of birth.
7. Sony PSN
In April 2011, an external intrusion on Sony’s PlayStation Network and Qriocity services led to an outage of 23 days. Around 77 million accounts were compromised, preventing users of the PlayStation 3 and PlayStation Portable consoles from accessing the service.
8. US Military
This data breach involved a faulty hard drive that the agency returned to its vendor for repair and recycling without destroying the data. The hard drive contained detailed records for 76 million veterans, including millions of Social Security numbers dating back to 1972.
LinkedIn was hacked in 2012. Initially, there appeared to be 6.5 million password thefts. But in reality, it turned out to be a 117 million password data breach. In May 2016, LinkedIn acknowledged that hackers were selling a massive batch of login credentials on the black market.
10. JP Morgan Chase
JP Morgan Chase, the US’s largest bank was compromised by some cyberpunks stealing names, addresses, phone numbers, and emails of account holders. The hack started in June 2014 but it was noticed in July month. Around 76 million households and seven million small businesses got compromised by the attack.