The Biggest & Baddest Data Breaches of 2016
With a history of over 5,000 data breaches in the last 10 years, it’s safe to say that any electronic information connected to you is either at risk or has already been compromised at least once. As James Comey, the director of the FBI puts it, “There are two kinds of companies. Those that have been hacked and those that don’t know yet that they’ve been hacked.” This list shows a breakdown of the 10 largest data breaches, with a minimum of 10 million records at risk, in the past year.
Yahoo!:The biggest one of 2016, with 500 million records stolen, actually occurred in 2014, but was not announced or acknowledged by Yahoo until two years after the fact. The database that was accessed contained records of over 500 million of Yahoo’s users.
Foursquare:More than 22.5 million records were apparently taken from publicly available sources containing usernames, email addresses, and Twitter and Facebook IDs.
Weebly:43.4 million records were stolen, but the means of how this theft was committed is not yet known. However, the stolen data contained email addresses, usernames, passwords, and logged IP addresses of users computers.
Twitter:32 million login credentials, including plain text passwords, were for sale online. The data appears to have been stolen directly from users rather than from a hack of Twitter’s servers.
MySpace: Over 360 million usernames and passwords were stolen. The passwords were stored as “unsalted SHA-1 hashes” and were broken using a cracking server capable of running millions of SHA-1 calculations per second.
Friend Finder network:Over 400 million accounts representing 20 years of user data including email addresses, passwords, usernames, the database outline, sites in the network visited by users, site registration data and much more.
Securus Technologies:70 million prisoner phone calls were recorded and leaked by an unidentified hacker via SecureDrop. The fact that a portion of these calls were between inmates and their attorneys proves a massive breach of client-attorney privilege.
Kromtech:Sensitive account details of 13 million users of MacKeeper, Zoebit and Kromtech were accessible via a database that was publicly searchable and discovered by an independent security researcher. The database server along with three others has now been secured and is no longer publicly available.
VTech:The records of 11.6 million children and their parents has been leaked due to a serious lack of security on the behalf of VTech. The records include home addresses, names of the parents and children, a picture of the child used as their online avatar, weakly encrypted passwords, plaintext secret questions and answers, email addresses, and just about anything needed to find any of these kids.
Verizon Wireless:Verizon Enterprise Services announced that it had been the victim of a data breach that affected millions of its customers. The breach allowed hackers to collect information including all basic contact information.
Comments