Data Breach lock icon

Recent Blogs

Worst Data Breaches Of All Time

4 May 2020

Living in a digital era, businesses’ online information is more vulnerable than ever before. Data breaches are happening on a daily basis and can be highly costly to companies who are affected.

What is a data breach?

A data breach is an incident where confidential and sensitive information is accessed without permission. Such breaches are a consequence of a cyberattack where criminals infiltrate a computer and gain access to sensitive or confidential data.

Common cyber attacks used in data breaches include ransomware, malware and phishing. Cybercriminals will use these types of attacks to steal personal data, spy on users and even hold businesses to ransom.

Falling victim to a security breach is not unheard of and although many go unnoticed, others can put a whole business at risk. Here, we take a look at some of the worst data breaches of all time…

Marriott International

In 2018, the hotel group Marriott International revealed that the records of over 500 million customers had been involved in a data breach, dating as far back as 2014.

The names, addresses, email addresses, phone numbers, date of birth and encrypted credit card details of customers were stolen. In addition, a smaller number of customers had their passport details and travel histories taken too.

Following this colossal data breach, the hotel giant was later fined over £100m by the Information Commissioner’s Office for breaking the European Union’s General Data Protection Regulation (GDPR).

Yahoo

One of the biggest data breaches of all time, Yahoo shocked the world after admitting that three billion of its customer accounts had been compromised. According to the company the attack dated back to 2013, even though it was only revealed in 2016 that the breach had occurred. Hackers gained access to billions of usernames, passwords, phone numbers and security questions of customers. As a result, Yahoo received a hefty fine from both the United States Securities and Exchange Commission and The UK’s data protection watchdog.

eBay

In 2014, cybercriminals invaded eBay’s network by using the personal data of three corporate employees. Consequently, they gained access to customers personal details for 229 days before it was discovered. Many security experts criticised the way eBay handled the breach. Despite initially advising users to change their passwords when the breach was discovered, there was a lack of transparency informing users of the incident and many found the password renewal process difficult to follow.

Facebook

Back in 2018, over 50 Million Facebook user records – mostly belonging to US voters, were harvested by data analytics firm Cambridge Analytica. The data was collected through a quiz app that collected personal information which was then used to build a powerful software program to predict and influence people’s political choices.

Last year, the social media giant was hit by yet another data breach. This time more than 540 million records about Facebook users were publicly exposed on Amazon’s unsecured cloud computing service. Names, phone numbers, location and passwords were among the data exposed.

Uber

A few years ago, cyberattackers obtained unauthorized access to Uber’s cloud servers and downloaded information including the records of 35 million users. Additionally, 3.7 million drivers were affected, having their payment information, licence numbers and trip summaries obtained.

The major mistake that Uber made was not informing people that their personal data had been compromised. The company instead only began monitoring accounts 12 months after the attack. Consequently, Uber was fined over £170 million for not notifying victims after the breach.

Why is cybersecurity important?

As you can see, data breaches can happen to anyone and they show no sign of slowing down! It’s therefore never been so important to have an effective security system in place.

At ICT Solutions, we help businesses across the UK defend themselves with cybersecurity services. From ransomware detection to anti-virus software, Firewalls to password management systems; our security services have got you covered.

Find out more about the services we offer by contacting our team of IT experts today!