The 10 Biggest Data Breaches of the 21st Century

One of the consequences of a data-driven world is the impact of cybersecurity. If you own a business in London and you are worried about potential future cybersecurity challenges, you need to search for IT support in London to help you put the correct levels of security in place.

The biggest data breaches of the century

1. Yahoo – 2013 – 3 billion accounts

During its acquisition by Verizon, Yahoo came under a data breach attack that affected a huge number of accounts. It is thought that the incident took place in 2013 but it was not announced until December 2016, and then a year later the company revealed that the amount was higher than originally told. The attack did not prevent the deal with Verizon from being completed, however. It was discovered during the investigation into the incident that the attackers accessed information such as passwords, security questions and answers, but did not access any payment card and bank details of customers.

2. Alibaba – 2019 – 1.1 billion pieces of user data

A developer who was working for an affiliate marketer managed to scrape customer data from Alibaba over the course of eight months. This data included usernames and mobile phone numbers from the Chinese shopping website Taobao. The crawler software collected information for the developer and his employer to use for their own means, not to sell it to the black market.

3. Aadhaar – 2018 – 1.1 billion identity/biometric information exposed

An attack on the world’s largest ID database was bound to make big news after the attack was confirmed in early 2018. Malicious actors had infiltrated the database and exposed personal information relating to over 1.1 billion Indian citizens. The information included names, photos, addresses, email accounts, phone numbers, alongside biometric data such as iris scans and fingerprints. The accounts were also connected to bank accounts with unique 12-digit numbers, ensuring this was a credit breach as well as a data breach.

4. LinkedIn – 2021 – 700 million users

The professional networking platform suffered 700 million of its users having their data exposed on a dark web forum in June 2021. This affected over 90% of its userbase. Data was scraped through an exploitation of the site’s API and then around 500 million sets of data information was dumped. The hacker, under the name ‘God User’, then threatened to sell data relating to 700 million users.

5. Sina Weibo – 2020 – 538 million accounts

One of the largest Chinese social media platforms, Sina Weibo was hit in 2020 by an attacker who claimed to have obtained part of its database. Personal details, including real names, site usernames, locations, phone numbers, and gender, were breached. The database was reportedly sold on the dark web.

6. Facebook – 2019 – 533 million users

Two datasets from Facebook apps were exposed in 2019, relating to information on more than 530 million users. The information included account names, Facebook IDs, and phone numbers. Two years later, the data was posted for free, showing new and real criminal intent around the data.

7. Marriott International – 2018 – 500 million customers

Hotel Marriot International announced an exposure of data relating to Starwood guests in 2018. The sensitive details were exposed after an attack on its systems through unauthorised access going back to 2014. In 2018 after the information was decrypted, the information was found to be from the reservation database of the Starwood. This data included a plethora of customer information, including payment card numbers and expiration dates.

8. Yahoo – 2014 – 500 million accounts

Yahoo suffered a cyberattack in 2014 that was completely separate to the 2013 incident above. State-sponsored actors stole data from 500 million accounts on this occasion, including email addresses, names, phone numbers, and hashed passwords. It wasn’t announced publicly until 2016 after a stolen database was put up for sale on the black market.

9. Adult Friend Finder – 2016 – 412.2 million accounts

User data stretching back over 20 years was stolen from six databases on this adult-oriented social networking platform. Exposing names, email addresses and passwords on a site with such sensitive data would have a massive impact on users.

10. MySpace – 2013 – 360 million users

Although you might not have used MySpace for over a decade, it was still in the headlines in 2016 due to a cyberattack that affected 360 million user accounts. The data was leaked and put up for sale on the dark web. Lost data included email addresses, passwords, and usernames.

As you can see, data breaches can impact businesses in many different sectors. It is important that you put in place clear, robust, cybersecurity measures when first starting out as a business, allowing you to scale your security as you grow. The best IT support in London will have the experience and know-how to ensure you have the right approach, constantly evaluating and upgrading your systems to stay ahead of potential data breaches and cyberattacks.