Computers and the internet have given way to some of the biggest data breaches of all time. It’s alarming because these technologies are so crucial to our way of life. We read the news on it, check our email, look at the weather, and review our bank statements. They are so essential; the last thing we want to think about is the possibility of them being an unstable security nightmare. Despite increases in security, hackers always seem to find a way in or around the measures. From big box retailers to banks, no target is too big or small for them, and the cost is enormous, resulting in losses reaching the millions. Ready to get a little paranoid about your passwords and bank accounts? Here are 25 biggest data breaches of all time.
US Office of Personnel Management (22 Million Accounts)
In 2015, it was announced the US Office of Personnel Management had a security breach. At first, it was said to be limited to 4 million employees. Later that grew to 22 million employees and their families. Everything from social security numbers to fingerprints was stolen in the hack.
Ashley Madison (32 Million Accounts)
Ashley Madison, the website that arranges extramarital affairs, was less than thrilled when it discovered 32 million accounts had been hacked. Not only did the hackers take the information, but they released it online, allowing anyone to look up a person’s name to see if they used the site. The result was devastating for families across the country.
RSA Security (40 Million Accounts)
One would think cybersecurity companies would be the hardest and least likely places for a hacker to go after, but that’s exactly what they did with RSA Security. Breaching 40 million accounts by tricking an employee with a phishing email (of all things), the hackers did the unthinkable. Fortunately for RSA Security, the hackers didn’t take any sensitive personal information and were able to adjust accordingly.
Dropbox (68 Million Users)
Dropbox is a popular cloud data storage website used by millions to store pictures, videos, and all kinds of information. In 2012, over 68 million of their users’ emails and passwords were stolen and leaked on the internet.
DNC Hack (20,000 Emails)
During the 2016 US Presidential Election, it was revealed that the DNC had been hacked. The hacker’s identity is still unclear, but many point to Russia or an inside leak. Either way, the release of DNC officials’ emails by Wikileaks proved controversial and devastating for the election. Emails apparently included evidence pointing to DNC favoritism toward Hilary Clinton’s campaign rather than remaining neutral.
The National Security Agency specializes in cybersecurity and, as we found out in the Snowden leaks, snooping on millions of Americans without a warrant. It’s hard to imagine anyone would dare try to hack their systems. However, in 2016, a group called “Shadow Brokers” stole 234 megabytes of data. This data included information about the cyberweapons the NSA uses and tracking codes revealing the fingerprints of the software.
SWIFT Hack ($81 Million)
Standing for Society for Worldwide Interbank Financial Telecommunication, SWIFT operates a trusted closed computer system for banks to communicate with each other. The hackers were able to create fraudulent bank transfers and ended up getting $81 million. Quite a pretty penny. Though not close to the $1 billion they were originally after.
Verisign, the company that allows you to travel safely to websites across the internet, was hacked in 2010. Though the company stated they don’t believe the hackers penetrated the DNS servers which provide safe passage across the web, the truly disconcerting thing was how Verisign handled the hack, not making it known for years.
Home Depot (56 Million Accounts)
Back in 2014, the mega home improvement store Home Depot suffered a security breach; 56 million customer credit cards were stolen. Making matters worse, it was discovered Home Depot also had an unsecured spreadsheet with customer information on it that was easily accessible by a search engine.
National Archives (76 Million Servicemen)
The National Archives made a huge mistake when one of their laptop hard drives malfunctioned. They sent it to for repairs to an IT contractor but forgot to wipe the hard drive first. It held the personal information of roughly 76 million servicemen. While the contractor is supposed to handle information securely, that’s not always the case. In fact, 46% of lost information due to data breaches were traced back to contractors.
JP Morgan Chase (76 Million Accounts)
JP Morgan Chase suffered a cyber attack in 2014 with 76 million of their account holders having information stolen. Of course, most troubling is that JP Morgan Chase is a bank with very sensitive financial information that goes beyond credit card information. However, they assured customers there was no evidence that social security numbers or other data was stolen.
Sony Playstation Network (77 Million Accounts)
The gamer community looked on in horror when they discovered the Sony Playstation Network had been breached. Sony revealed that lots of personal information had been stolen from 77 million user accounts, including email addresses, usernames, passwords, and security questions. They didn’t think credit card information was compromised but said users should be cautious and request a new card anyway.
Anthem (80 Million Accounts)
Anthem’s 2015 security breach resulted in the loss of the personal information of 80 million customer accounts. After they discovered the attack, they contacted the FBI and offered two years of free credit monitoring. However, the breach also cost them $115 million in a lawsuit settlement.
TJX Companies (94 Million Cuatomers)
The TJX Companies hack is one of the largest of all time. When the report was released, TJX Companies stated that 46 million customers’ credit card information had been compromised. In response, banks sued to recoup losses from the breach. A few months later, it turns out that the hack actually affected 94 million customers…quite a difference from their original estimate.
Target (110 Million Customers)
Affecting 110 million customers, Target’s credit card security breach was one for the record books. 70 million of those customers had their personal information stolen, while 40 million had their credit card information stolen. The massive breach helped usher in a new upgraded standard for purchasing with credit cards.
Heartland Payment System (130 Million Customers)
The last thing you want to hear is that a credit card payment company got hacked. But that’s exactly what happened to Heartland Payment System, and it impacted 130 million customers. It affected credit cards of all types, and the company had to pay out a $110 million settlement with Visa, Master Card, and American Express.
Equifax (143 Million Customers)
Very recently, Equifax, the credit reporting agency, suffered a horrific security breach, affecting 143 million customers. Social security numbers, drivers license numbers, credit card numbers, and birth dates were all stolen, making it an incredibly dangerous hack for many people. Equifax suggests signing up to their free credit monitoring and identity theft program regardless if you were affected.
eBay (145 Million Users)
In 2014, hackers were able to steal email addresses and passwords from all of eBay’s 145 million user accounts, creating a security firestorm for the marketplace. eBay quickly suggested all users change their passwords to avoid further tampering.
Adobe (150 Million Users)
When Adobe’s network was breached, they stated only 3 million users were affected. However, that number grew to 38 million. Then, an outside party claimed the hack was far more substantial, ranging upwards of 150 million Adobe users. The information that was stolen included Adobe IDs and passwords. Adobe tried to squash concerns by claiming the hackers likely got either inactive or invalid information.
Visa, Inc. (160 Million Cards)
Hacking groups from the Ukraine and Russia stole 160 million credit cards from Visa and J.C. Penney, resulting in the losses of $300 million.
LinkedIn (165 Million Users)
After a hacker stole 165 million LinkedIn IDs and passwords, he claimed to be putting them up for sale. While LinkedIn claimed to have reset all passwords affected, one user with his password stolen still showed it as active. LinkedIn recommended all users reset their passwords and use two-step verification.
MySpace (360 Million Accounts)
The old social media site MySpace had a security breach in 2016 with hackers stealing the personal information of 360 million accounts. While most of those users don’t use the website anymore, they’re still potentially at risk if they use the same password. Usernames, passwords, and emails were all stolen from the website.
StuxNet was a highly sophisticated cyberweapon used to slow down Iran’s nuclear program by destroying their centrifuges. Utilized by US and Israeli forces, the computer worm went undetected for years and was part of a contingency plan called Nitro Zeus, a much larger plan that targeted Iran’s air defenses, communication systems, and power grid.
Adult Friend Finder (412 Million Users)
A massive breach occurred at Adult Friend Finder, which the company describes as the world’s largest sex and swinger community, resulting in stolen usernames, email addresses, and passwords of 412 million users.
Enjoy this post? Be sure to check out 25 Public Relations Nightmares That You Won’t Believe Actually Happened.
Yahoo (1 Billion User Accounts)
Yahoo’s security breach is hands down the number one hack of all time. It impacted at least 1 billion user accounts. It included email addresses, telephone numbers, birth dates, passwords, and security questions. Later, the US government indicted two Russian intelligence officers and two hackers as part of the hack and discovered they were specifically targeting high-ranking officials in both Russia and the United States.
Photo: 25. Wikipedia Commons.com (Public Domain), 24. Wikipedia Commons.com (Public Domain), 23. Alexander Klink, RSA SecurID SID800, CC BY 3.0, 22. Wikipedia Commons.com (Public Domain), 21. JefParker, DNC 2016 – Hillary Clinton, CC BY-SA 3.0, 20 – 18. Wikipedia Commons.com (Public Domain), 17. Ildar Sagdejev (Specious), 2009-04-12 The Home Depot in Knightdale, CC BY-SA 4.0, 16. Wikipedia Commons.com (Public Domain), 15. Joe Mabel, Top of JPMorgan Chase Tower, CC BY-SA 3.0, 14. downloadsource.fr via flickr. CC BY 2.0, 13. KMGH2.jpg: Andrew Williams (KMGH-TV) derivative work: Xnatedawgx (talk) (https://commons.wikimedia.org/wiki/File:Anthem_Blue_Cross_Blue_Shield,_Denver.jpg), „Anthem Blue Cross Blue Shield, Denver“, https://creativecommons.org/licenses/by-sa/3.0/legalcode, 12. Anthony92931, T.J. Maxx, CC BY-SA 3.0, 11. No machine-readable author provided. Kelly Martin assumed (based on copyright claims)., Illinois Target Store, CC BY-SA 3.0, 10. Pexels.com (Public Domain), 9. Wikipedia Commons.com (Public Domain), 8. Leon7, Ebay-PayPal San Jose, CC BY-SA 3.0, 7. Wikipedia Commons.com (Public Domain), 6. Wikipedia Commons.com (Public Domain), 5. Pixabay.com (Public Domain), 4. Jim Whimpey via flickr. CC BY 2.0, 3. Wikipedia Commons.com (Public Domain, 2. Zotob11, ADJJJ, CC BY-SA 4.0, 1. gaku., YAHOO headquarters, CC BY 2.0