Data breaches are on the rise again because of our increasing reliance on technology. Let’s have a look back at the world’s worst cybersecurity attacks.
Adobe
Adobe reported in early October 2013 that hackers stole nearly 3 million encrypted records. Those records were log-in credentials and encrypted customer credit card records.
Yet, Adobe increased those figures after several weeks. They estimated that hackers also stole the IDs and encrypted passwords for 38 million users. However, security blogger Brian Krebs reported that it appears that Adobe lost more than 150 million usernames and hashed passwords.
Furthermore, weeks of research revealed that the hack also exposed financial information such as credit and debit card info. Moreover, hackers also exposed the customer names, IDs, and passwords.
Adobe paid around $1 million dollars to customers. That was for settling legal fees and claims.
Sony
The breach in the Japanese brand compromised the personal data of 77 million users. Additionally, hackers compromised the banking details of tens of thousands of players.
Sony paid a few million dollars for settling legal fees. Moreover, the company paid 15 million dollars in compensation.
The breach could have been avoided if Sony chose not to ignore a well-known network vulnerability. Thus, it only took a very simple SQL injection for hackers to breach Sony’s network.
Canva
Canva is a famous graphic design tool with its home base in Australia. The company suffered an attack in May 2019 that affected 137 million users. Exposed data included names, cities of residence, email addresses, usernames, and hased passwords.
Additionally, Canva reported that hackers didn’t steal files with financial data. Yet, hackers managed to view them.
Gnosticplayers, the suspects in the cybercrmime, contacted ZDNet to boast about the incident. The suspects claimed that they gained OAuth login tokens for users who signed in via Google.
Furthermore, Canva reported that around 4 million accounts were later decrypted and shared online. This prompted Canva to invalidate unchanged passwords. Moreover, they notified users with encrypted passwords in the list.
MyFitnessPal
MyFitnessPal is a fitness app owned by Under Armour. It suffered from a breach in February 2018. Hackers put the data into a massive information dump and offered for sale on Dream Market.
MyFitnessPal didn’t disclose how the breach happened or the number of accounts affected. However, speculations are that around 150 million customers were affected by the said breach.
MySpace
MySpace is a former powerhouse in the league of social media sites. However, they still made the list in the worst cybersecurity attacks. Around 360 million user accounts were up for sale on the dark web market The Real Deal. The asking price was around 6 bitcoin (around $3,000 at the time).
MySpace reported that the compromised data included email addresses, passwords, and usernames. That data is from the accounts crteated prior to June 11, 2013 on the old Myspace platform.
Yahoo
This is currently the biggest data breach among the worst cybersecurity attacks in history. Yahoo announced in September 2016 that hackers stole the data of around 500 million users. The compromised data included real names, email addresses, dates of birth, and telephone numbers.
In December 2016, Yahoo announced another data breach from 2013. The company estimated that the hackers compromised the data of all of its 3 billion user accounts.
