The Internet is a wonderful thing, but there are many dangers out there, even in the online world, especially when you’re trying to keep your private data safe, so we decided to take a look at the 10 biggest data breaches of all time in light of the latest news about the Yahoo! Inc. disastrous hack. Verizon Communications Inc. which is in the process of acquiring Yahoo’s online properties, isn’t happy about this either and may seek large discounts or pull out of the deal.
As you may have already read, about 1 billion Yahoo accounts were compromised. Although the news was has just been announced, the breach actually happened in 2013 and many of us have been affected, maybe even you. There are many steps that you can take to keep yourself safe, including by making sure you don’t use the same password on all your accounts, that you don’t overshare information about yourself, that you use advanced security measures, such as two-step authentication and more.
Online security is not something to joke about. Your data can be used to steal your identity, to steal your money if banking data is involved, or it can even be used to get your personal computer hacked where private files are stored. These can be stolen and later kept for ransom, which is something that’s been happening a lot more often lately, such as it has happened in these 7 biggest hacks of all time.
The situations on our list are so bad that the JP Morgan Chase case a couple of years ago doesn’t even make the list, or even come close to the occupant of number 10. The case, if you’ll remember, saw over 83 million accounts compromised in what continues to be one of the worst intrusions into a bank’s system. Although it took a while to get everything under control, and even longer for the bank to come clean to its clients, JP Morgan Chase didn’t really suffer a lot, its shares weren’t even affected by the scandal.
Other big data breaches that made the news, but not our list, are those of Ashley Madison, when some 37 million accounts were hacked, the Tumblr breach that left 65 million accounts exposed, or the Home Depot 2014 hack where 56 million people were affected.
We wanted to know which were the worst hacks, with the most victims, so we went looking for the 10 biggest data breaches of all time.
Number of accounts affected: 98 million
If you’re not familiar with Rambler, that’s ok, because this isn’t an English website, but a Russian one, mostly used by those living in Russia and the surrounding countries. Rambler.ru provides search, news, email and advertising tools, so it’s pretty much a local version of Yahoo if you will. It competes against the likes of Yandex and Mail.ru, which you may have heard about.
9. PlayStation network
Number of accounts affected: 102 million records
It was April 2011 and it was Sony Corp (ADR) (NYSE:SNE) who was under attack. Targeting the PlayStation Network linking Sony’s home gaming consoles and the Sony Only Entertainment, as well as the Qriocity video and music streaming service, hackers took the information of about 102 million users.
Number of accounts affected: 110 million
Next up is Target Corporation (NYSE:TGT), a company that not many actually link to the possibility of a data breach. However, in December 2013, the retail giant was hit by hackers who had infected the payment-card readers. What did this result in? Some 40 million credit and debit card numbers had been exposed to the hack since that’s the number of cards used in the Target Corporation (NYSE:TGT) stores across the United States during the 2013 shopping spree following Thanksgivings.
The entire problem was announced in January of the next year. The company said that full names, addresses, email addresses and telephone numbers of 70 million customers had been compromised, along with the credit card info where it was attached to the account. While this was the sure-number provided, it was added that the number could very well rise to 110 million. Target Corporation (NYSE:TGT)’s stock price went down for a bit, but quickly recovered.
7. Heartland Payment Systems
Number of accounts affected: 130 million
Heartland Payment Systems is, as the name suggests, a payment processing company based in New Jersey. It was in 2009 that the company announced it had suffered a data breach that affected some 130 million credit and debit cards pertaining to over 100 million people. It all happened with the “help” of some well-planted malware on the company’s network which recorded card data as if arrived from retailers. The mastermind behind the attack was convicted back in 2010 for what was at the time the largest data breach on an American company. He is serving 20 years in prison.
The company’s stock took a dip after the announcement, and it took a while to recover. In December 2015, Global Payments Inc (NYSE:GPN) announced that it would acquire Heartland Payment Systems for $3.50 billion. The transaction was completed in April this year.
Number of accounts affected: 145 million
eBay Inc (NASDAQ:EBAY) has faced some issues over the years, including a pretty nasty data breach back in 2014. According to the company, the security system was compromised, exposing personal information pertaining to some 145 million customers. The list included login credentials, physical addresses, names, dates of birth, phone numbers and more.
The breach took place between late February and early March and it wasn’t detected until a couple of months later, making for an ugly situation overall. Despite the massive breach, eBay Inc (NASDAQ:EBAY)’s stock barely moved, dropping just a few bucks in the following days.
Number of accounts affected: 165 million
Although it’s not quite as popular as other social networks given its profile, LinkedIn Corp is still a very used platform for professionals. The business-networking website suffered a data breach in 2012 that wasn’t kept secret for long. What was actually hidden from the public eye was the fact that it wasn’t just 6.5 million user accounts affected as previously thought, but some 165 million! About 117 million passwords were exposed, pushing other services to go through their own databases and alert users to change their passwords if they matched those stolen ones.
What was the effect the breach had on LinkedIn’s investors? None. Since the data revealed in 2012 was minimal, the stock prices barely moved. What is more surprising is that following the reveal of the real numbers of that 2012 data breach didn’t move the numbers either. Earlier this month, Microsoft Corporation (NASDAQ:MSFT) has successfully completed the acquisition of LinkedIn.
Number of accounts affected: 360 million
Sure, MySpace is not something you think about anymore, but it seems that the network suffered a massive data breach while it was at its most active. According to LeakedSource.com which has been looking into various data breaches across the world, there are over 360 million accounts involved in the breach. The records include email addresses and passwords. Since some of these accounts had second passwords stored, there are over 427 million passwords available for sale on the dark web. What made many people sigh in relief is that they haven’t actually visited the site in years and that much has changed since then, including the way we protect our accounts nowadays.
Number of accounts affected: 412 million
2016 was the year of the exposed data breaches it seems, since FriendFinder was also in the spotlight. 412 million accounts, according to Leaked Source, were affected by the leak. Since FriendFinder Networks is the parent company of several sites, such as AdultFriendFinder, Cams.com, Penthouse, Stripshow and iCams.com, this means there are quite a lot of people who should be changing their passwords if they’re used on other accounts as well. Since this is adult content we’re talking about, we should remind people of the Ashley Madison hack that exposed 32 million people, some of them quite publicly.
Unlike other data breaches investigated by Leaked Source, this particular data set won’t be made public (for now) due to the sensitive nature of the site.
Number of accounts affected: 500 million
And now we finally get to the worst place to keep your data, it seems – Yahoo! Inc. (NASDAQ:YHOO). At the end of September 2016, not too long ago, a huge data breach at Yahoo was revealed, the biggest on record at the time. It all happened in the middle of the deal with Verizon Communications Inc. (NYSE:VZ), which had agreed to acquire Yahoo’s core business, making it pretty difficult for Yahoo’s higher ups to explain the situation, we’re sure.
It seems the data breach took place in 2014 and the collection of data available out there includes real names, email addresses, birthdays, telephone numbers and more, which is all very helpful to those who want to spam your account and maybe even send you a few phishing emails. The good news in this entire situation was that the passwords were hashed, which made them uncrackable through usual methods.
The company has blamed a “state-sponsored actor” without giving any actual names or even a direction to its accusations. The situation was so dire that even the FBI got involved, vowing to investigate the matter.
Again, it’s not like Yahoo’s stock was doing very well in the first place, but you’d think that with 500 million users affected by this data breach, the investors would get spooked. However, the company’s stock price barely went down a few bucks before recovering.
Number of accounts affected: 1 billion
Yes, it’s Yahoo! Inc. (NASDAQ:YHOO) again. Did you think the last data breach, which was the largest in history, was bad? Well, let’s talk about this newly discovered breach which doubled the number to a whooping 1 billion accounts.
Just a few days ago, Yahoo made headlines again after announcing it had discovered a serious data breach that happened in August 2013. What makes it worse is that this wasn’t an update to the situation disclosed in September, and it’s actually a completely different incident. Even worse is that Yahoo found all this out from some data sets and now by actually identifying the intrusion associated with the theft.