According to a report by Risk Based Security, more than 38 billion records have been hacked since 2010. According to recent estimates by the Census Bureau, there are about 327 million Americans. An average of 116 accounts have been compromised each year for the past decade.
As reported by CNBC Make It, at least 40,650 data thefts have occurred since the beginning of 2010. These attacks are many and small, but there are still some big hacks that have gone on the calendar. history.
Based on the number of accounts affected in each data breach published since 2010, the Identity Theft Resource Center released its rankings for CNBC Make It. Only violations confirmed to have affected certain records will be included in the rankings.
Over the past year, many companies, such as 7-Eleven, WhatsApp, and Fortnite, have announced security vulnerabilities that affected millions of websites and exposed customer information, but the extent of the breach was not revealed. disclosure.
In this article, we will take a look at the most historic data breaches of the past decade.
15 Largest Companies Hacked In History
1. Dubsmash
Total number of records compromised: 161.5 million
According to Dubsmash, hackers obtained the names, email addresses and password hashes of 162 million users in February.
These breached data were sold on the dark web in February 2019, even though it happened in December 2018. More than 600 million accounts were blacklisted data from 16 websites. attack.
2. Equifax
Total records compromised: 147 million
Data breaches like Equifax’s are among the largest in history. 147 million US consumers were affected by this data breach, that’s basically 56% of the US population as of September 2017. Hackers got access to name, SNN, date of birth, number credit cards and even the victim’s driver’s license number.
Equifax acknowledged that the company failed to install the necessary patches for the vulnerability, while in March it received a notification that hackers could exploit the vulnerability.
A federal and state investigation into Equifax’s handling of a massive data breach resulted in a $700 million settlement in July. When Equifax announced the breach, it was still unclear if the data hackers obtained from the 2017 breach was being sold on the dark web.
3. Republican National Committee
Total records compromised: 198 million
In June 2017, cybersecurity experts discovered publicly accessible voter information on a server containing the information of 198 million Americans. It turned out that a conservative marketing firm hired by the Republican National Committee had failed to secure voter information. In addition to home addresses, dates of birth, and opinions on political issues, Deep Root’s cloud servers can be publicly accessed for about 12 days.
4. UnderArmour (MyFitnessPal)
Total records compromised: 143.6 million
A hacker gained access to the backend database of the fitness and diet app MyFitnessPal, owned by fitness apparel company UnderAmour in March 2018.
Hackers may have obtained usernames, passwords, and emails. The hashed password is encrypted and must be cracked to use.
5. Exactis
Total records compromised: 340 million
Exactis, a US-based data aggregator and marketing company, went largely unnoticed by most Americans until June 2018. Before that, Exactis had been quietly building a database of information. personal information of millions of Americans.
Vinny Troia, an experienced security researcher, discovered the vulnerability of this database in early June 2018, when it was built on an insecure server. About two terabytes of Exactis data was exposed, including e-mail addresses, home addresses, phone numbers and information about family members, including their hobbies and children.
6. Zynga
Total records compromised: 218 million
Zynga, the popular “Draw Something” and “Words with Friends” games for mobile devices, announced in October that hackers had scanned account logins on September 12.
About 218 million iOS and Android users who downloaded the game before September 2, 2019, were also accessed by hackers using their username, email, login ID, a Facebook ID number, phone number and account ID. Zynga account.
7. Marriott (Starwood)
Total records compromised: 383 million
In November 2018, Marriott Hotels reported that more than 300 million people had their contact information, passport numbers, addresses, and personal information exposed through a massive data breach. It is worth noting that Marriott Hotels purchased the Starwood hotel in 2016.
Up to 500 million Starwood guest accounts were compromised; The Marriott data team confirmed that the hack could have been going on since 2014.
8. River City Media
Total records compromised: 1.37 billion VND
River City Media has compromised 1.4 billion records, a company that specializes in email marketing. When an incorrect backup was configured, the company accidentally published a database containing IP addresses, names, and physical addresses online.
At the time of the discovery of the data breach, MacKeeper security researcher Chris Vickery said River City Media was able to collect data through spam activities related to emailing people with content. credit checks, scholarships and sweepstakes.
9. Veeam
Total records compromised: 445 million
A data management company that mishandles customer data will negatively affect the company’s image. That’s what the Swiss company Veeam has been through. The marketing database was mistakenly accessed by third parties, according to a statement from the company.
An estimated 445 million names, emails and IP addresses were exposed in their database for about 10 days due to “human error”. They said that most of the data in the exposed database was duplicate data and that 4.5 million unique email addresses were exposed.
10. Yahoo!
Total number of records compromised: about 3 billion
Up to now, Yahoo is known as the company that just experienced the largest data breach. About a billion Yahoo users’ names, email addresses, phone numbers, and dates of birth have been exposed due to numerous hacks over the years. Verizon announced plans to acquire Yahoo in July 2016. The company also announced a breach in September 2016, which affected 500 million Yahoo accounts in 2014.
Following that announcement, in December of the same year, they announced that at least one billion user accounts were exposed as a result of an attack on their network in 2013.
Verizon notes that all three billion Yahoo users were affected by the 2013 attack after the Yahoo sale ended in 2017. A class-action lawsuit against Yahoo over how it handled the hackers ultimately was settled for $117.5 million in April 2019.
11. Quest Diagnostics
Total records compromised: 11.9 million
The US Medical Collections Agency, a provider of the billing and collection division of testing company Quest Diagnostics, was the victim of a data breach in June. In eight months, about 11.9 million customers’ medical, financial and personal information was exposed. Include credit card numbers, phone numbers, accounts, and medical information.
AMCA isn’t the only company affected, as LabCorp says 7.7 million customers’ personal and financial data has also been exposed. The bankruptcy filing comes just weeks after the AMCA was notified of the violations. After discovering the breach, LabCorp, Quest Diagnostics, Conduent, and CareCentrix all dropped the AMCA.
12. Capital One
Total number of records compromised: 100 million
The app information of more than 100 million Americans and 6 million Canadians has been compromised by hackers since 2005.
The data from the hacked apps ranged from 2005 to early 2019 and included the consumer’s name, address, zip code, email address, phone number, and date of birth.
An estimated 140,0000 credit card customers in the United States had their bank account numbers exposed, as did 80,000 credit card holders.
The obvious difference between Capital One’s breach and other major data breaches is that this breach included sensitive information, like Social Security numbers.
13. Houzz
Total records compromised: 48.9 million
Hackers stole encrypted usernames and passwords from Houzz customers, as well as public profile information, the company notified customers of the incident earlier this year. According to ITRC, 48,881,308 accounts were affected by the breach. Another Houzz breach occurred in December 2018; however, no financial information was disclosed.
14. Premera
Total number of records compromised: 11 million
In October 2015, Chinese hackers attacked health insurance company Anthem in an attempt to dig into details about the US health insurance system. Small insurer Premera said it was attacked about 11 million times in March, not just Anthem.
Hackers often target healthcare organizations to sell their information on the black market as healthcare data has become one of the most valuable assets.
15. Carphone Warehouse
Total number of records compromised: 2.5 million
Almost 2.5 million individuals’ details were stolen and their credit card information encrypted in the biggest cyber breach in the UK in 2015. A sophisticated cyber attack took place. targeted at the company the watchdog is investigating.
Cases in Vietnam include: Zing, MSB, BKAV, Baby … are also considered popular hacks when revealing user data.