Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

6 of the World’s Biggest Data Security Breaches

DZone's Guide to

6 of the World’s Biggest Data Security Breaches

A brief history of some of the worst cybersecurity data breaches in the 21st century.

· Security Zone
Free Resource

Address your unique security needs at every stage of the software development life cycle. Brought to you in partnership with Synopsys.

Data security is not just a problem for smaller businesses that don’t have the infrastructure to afford an entire security department. Bigger companies can fall victim to the efforts of hackers worldwide, as well. When it happens to a larger organization the ramifications are massive.

These are some of the world’s biggest data security breaches, to date.

Target Payment Machines

Back in December 2013, Target admitted that hackers had managed to inject their own code into payment card readers. This meant that 40 million different credit and debit cards used in Target stores were now at the mercy of hackers. This happened just after the huge shopping spree following Thanksgiving.

A month afterwards Target was forced to admit that 70 million customers had had their personal details compromised, including many who had lost their card details in the previous breach. 110 million people were hit over the course of a month.

MySpace Makes the News

MySpace used to be the king of social media. During its fall from grace it suffered the humiliation of having to admit that it had been hacked and the details of 360 million of its current and former users had been taken. What really made MySpace look bad was the fact that it was unknown when the hack took place. The only information available is that it happened before June 2013 and it was finally confirmed in May 2016.

MySpace invalidated all the affected accounts and the hack was later tracked back to a Russian hacker under the pseudonym of ‘Peace’.

Sony Online Entertainment Goes Dark

Sony’s worst nightmare happened in April 2011 when a still unknown group hacked the PlayStation Network. 78 million customers saw their details compromised, including their names and addresses. Investigators later discovered that this figure rose another 24.6 million because the attackers managed to get into other areas of Sony Online Entertainment. Some customers even saw their credit card details disappear.

This caused Sony to shut the whole PlayStation Network down for three weeks. The experts at Advance Systems Inc say that although the estimated costs to Sony were $171 million, the resulting lawsuits could have made this figure much higher.

LinkedIn Fire Sale

The Russian hacker ‘Peace’, mentioned earlier, was found to be selling account details again. This time he had stolen 167 million LinkedIn user accounts. 117 million of these came with both email addresses and passwords. Although this happened in 2016, the actual hack is considered to have been carried out in 2012.

LinkedIn’s accounts were available for sale on the dark web for only $2,200 in Bitcoin. LinkedIn could only plead with users to change their passwords.

More Bad News for eBay

Prior to this next big data breach, eBay saw their systems compromised as attackers had managed to steal login details from many of their employees. The big hit came when eBay announced that 145 million users would be forced to change their passwords. This could have been especially dangerous due to the close links between eBay and PayPal.

It was confirmed that hackers didn’t manage to compromise PayPal, though, and there were no incidents of financial fraud.

Security experts believe that although the information stolen wasn’t enough to commit financial fraud, it could be used as part of other scams.

Heartland Credit Card Hack – Smaller But More Damage

This is one of the smaller hacks on this list, but it was arguably the most devastating for the people involved. Heartland is a credit card processing organization. Back in 2008, they were afflicted with malware. This went undetected for many months, allowing the hackers to access a range of credit card data.

The hack was only discovered when Visa and MasterCard raised concerns about suspicious activity. The resulting fallout led to the company paying out a total of $140 million. The 130 million people who had their credit card details exposed saw the American hacker involved land himself with a 20-year jail term.

It was also one of the few times where a huge data hack led to a successful prosecution.

Conclusion – Prepare Yourself in 2017

"The pains of data hack can be devastating and protracted," says a representative of Byrd Davis. "I know a guy who had a ghastly auto accident because while driving, he'd received an email alert that a purchase of $35,000 had been made with his credit card. As he was to later find out, his data had been stolen from a supposedly secure ecommerce site he'd used months before."

Don’t get complacent when it comes to cyber security. This can happen to you just like it can happen to an enormous company. Prepare yourself for potential attacks in 2017 by examining your cyber security features and upgrading them when you can.

Find out how Synopsys can help you build security and quality into your SDLC and supply chain. We offer application testing and remediation expertise, guidance for structuring a software security initiative, training, and professional services for a proactive approach to application security.

Topics:
data security ,security ,data breach

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}