Nothing terrifies modern day businesses than learning they have lost data or that they have been hacked and have had it stolen from them. In a world where every detail of a man’s existence can be found on one server or another, businesses are expected to keep whatever information they have on their clients as securely as possible. In the event that should there be a breach they are expected to know about it in the shortest amount of time – to keep losses to a minimum – and then be able to restore whatever was lost from their backups so no clients will have to suffer the consequences.
But that is all much easier said than done as it is a known fact that servers all over the world are being hacked – successfully, that is – and data loss is on the rise. To see just how bad stolen data can affect businesses and their clients and to also realize how often an occurrence data breaches in even some of the biggest companies in the world are, we have compiled some of the world’s worst data disasters that have happened in 2015 and 2016.
Without further ado and in no particular order:
- Anthem Inc. (formerly WellPoint, Inc.): this well-known health insurance company was targeted by hackers on February 4, 2015. The company admitted that the hackers had bypassed its server securities and stolen an estimated 37.5 million (some put the estimates at double that figure) records that could be personally be traced to clients as each record contained detailed information about the individuals: their names, addresses, Social Security numbers, dates of birth and even career histories.
- Oracle: this tech giant prides itself in making some of the most secure databases on the market today. Unfortunately for them, they announced on August 12, 2016 that their MICROS POS (point-of-sale) system had been the source of a data breach. Although the system is used in over 330,000 cash registers across the globe, it was not clear how big the damage done was. It is thought that a big Russian online syndicate was behind the attack and that they had managed to infect company computers with malware hidden on the MICROS customer support portal which allowed them to steal the data.
- LinkedIn: this business-oriented online social media network has been the target of hackers many times over the past five years. Back in 2012 the email and passwords of 117 million users were stolen and the site’s users were asked to reset their passwords. On May 17, 2016 those email and password combos were revealed online and LinkedIn had to jump into the fray again: the company disabled all passwords that were created before the 2012 hack until account owners had reset them, while other users who hadn’t reset their passwords were forced to do so.
It is still not known who was responsible for the attack, but LinkedIn assured everyone that they were working with the authorities to find out who it was.
Although…
- MySpace: those who are old enough will remember this forerunner of social media platforms which was extremely popular before its abrupt demise (well, sort of). Apparently, a person who claims to have stolen the LinkedIn data in 2012 – and tried to sell it online in 2016 – was back in May, 2016 saying that he/she (the hacker chose to use an androgynous name: “Peace”) had the email and password combination of over 360 million MySpace users. If that could be proven to be true, it will make this e-heist the biggest one in the history of online banditry!
- The Philippines Commission on Elections (COMELEC): on April 11, 2016 the commission admitted that their databases had been breached saying it was probably the worst breach in any government’s history. The March 27 attack saw the theft of personal information of every single person that had registered to vote in the country – an estimated 55 million people. Online rights activists (or “hacktivists”) Anonymous claimed responsibility for the attack saying they had only been trying to make COMELEC aware of gaping security holes in their databases before the forthcoming elections which were to be held on May 9. Be that as it may, the data was made available a few days later and can still be found online for anyone to use and peruse.
- United States Office of Personnel Management (OPM): in July 2015, this government agency admitted that they had been hit by one of the most advanced cyber-attacks ever. At first, estimates put the number of records that had been lost at just four million. When the FBI stepped in to investigate, that number swiftly climbed to 18 million records and now it is believed to be in the environs of 22 million. The hackers got away with that many records of government employees’ full details: names, dates of births, addresses, and Social Security numbers. Among them were five million who also had their fingerprints and security clearance documentations exposed.
The agency later admitted that this attack was the second part of an earlier attack that had happened just about a month ago, in June. In that instance, over 4 million records had been stolen which included information on present and former employees.
This list is going to grow – and we haven’t even included other lesser attacks that have occurred over this period. The lesson to be learned here is that no server can truly be called secure; its luck could run out any time.