What is a data breach?
A data breach involves exposing your personal information to an unauthorized party. It’s usually the result of a hack or phishing attack, though sometimes companies simply don’t take appropriate steps to protect your information. The best way to prevent a data breach from affecting you is by being aware of how they happen and where your personal information is shared.
How do data breaches happen?
Data breaches can happen at any level of your organization. They can be intentional or unintentional and can be caused by employees, contractors, vendors, and third parties. Cloud storage systems are not immune to security issues either; they’re just as susceptible as on-site computers and networks.
In 2017 alone, approximately 1,000 data breaches were reported in the US daily. This alarming number shows how much we need to educate ourselves about how these incidents occur so we can protect our businesses from them.
What information can be compromised by a breach?
The data that can be compromised due to a data breach is extensive. It includes:
- Name and address
- Email address and phone number
- Birth date, social security number, credit card number and bank account numbers
- Credit score, credit report or medical information (such as medical history)
- Passport details, including the passport number, driver’s license details and other identifying information
How common are data breaches?
The number of data breaches is increasing, and the size of each violation is getting larger. In 2019 alone, there have already been over 1,250 reported breaches that have compromised personal information. The average cost associated with a data breach has increased to $3 million per incident—6% compared to 2018.
The severity of these incidents also continues to increase: while only 43% of data breaches involved sensitive information in 2016, this figure rose to 64% by 2018. And while the number of records compromised in a single breach rose from 783 per incident in 2016 to 984 per incident in 2017 (a 23% increase), it jumped again this year with an average of 1,536 records lost for every reported incident.
Yahoo Data Breach
In 2013, Yahoo revealed that it had been the victim of a data breach. The attack affected over 1 billion user accounts, including names, email addresses, phone numbers and birthdates. It also stole encrypted passwords and security questions/answers from some reports.
eBay Data Breach
eBay has had a pretty rough history with data breaches. The company was hacked in 2014, 2015, 2016, 2017 and 2018.
In April 2014, eBay reported that hackers stole encrypted passwords from some of its customers’ accounts.
In May 2015, eBay said it had discovered unauthorized access to a database containing customer contact information for 145 million users, including names and email addresses for about half of them.
In December 2016, eBay said it was investigating a “security incident” after being notified by law enforcement that an unauthorized third party accessed specific files on its network.
In February 2017, eBay warned customers about possible exposure of their personal information as part of an ongoing investigation into fraud at some point from 2014.
Due to insufficiently secure protocols being used while processing such transactions during this period as well as possibly allowing other parties access to sensitive customer data stored on servers owned by Apple Incorporated – another victim here who would have been responsible for providing security services over the top.
Anthem Insurance Data Breach
What is Anthem Insurance?
Anthem Insurance is one of the largest health insurance providers in the United States, covering over 37 million people. The company operates with a wide range of companies, including Blue Cross Blue Shield, Accenture and Deloitte. On February 5th, 2015, Anthem was targeted by hackers who successfully stole personal data from 80 million customers. This incident is considered to be one of the most significant data breaches of all time, as it affected nearly half of all Americans.
How many people were affected?
This breach affected eighty million people, including names, addresses, birthdates and Social Security numbers. These numbers could be used by criminals to steal identities or commit fraud against individuals whose information was stolen in this breach.
How did it happen?
Anthem’s network security had been breached via an employee’s computer that wasn’t appropriately protected with firewalls or antivirus software, so when an employee opened up a malicious email attachment containing malware; they were able to gain access into Anthem’s internal network, which allowed them entry into its databases containing customer information such as social security numbers (SSN), medical records including diagnoses and treatment history as well as financial information like credit card numbers for those who paid their premiums through automatic withdrawals from their bank accounts (ACH).
Target Data Breach
In December 2013, Target announced it was the victim of a data breach that compromised 40 million credit and debit card accounts and 70 million other records. The company also said that personal information such as names, mailing addresses, phone numbers and email addresses were stolen from about 110 million customers.
The breach lasted for three weeks between November 27 and December 15 (the day before Thanksgiving) and involved hackers using an in-store point-of-sale (POS) system to steal credit card data.
It’s believed that the attackers accessed Target’s network after breaching one of its third-party vendors’ networks and stole credentials that allowed them access to the POS system at all Target stores in America at the time.
JP Morgan Chase Data Breach
JP Morgan Chase is an American global financial services holding company headquartered in New York City. The company operates in multiple industries, including asset management, private equity and investment banking, securities trading, wealth management and other financial services activities. According to a study conducted by Brand Finance, JP Morgan Chase is the largest bank in the world by assets and the most valuable bank brand globally.
In December 2015, it was reported that hackers had stolen personal information from over 76 million households and 7 million small businesses—the most significant theft of customer data in history—and that only one-sixth of affected customers had been notified.
The hackers stole names, addresses, emails, phone numbers and Social Security numbers from 51 million people who were customers between September 2014 through July 2015; they also grabbed driver’s license numbers for roughly 3 million people who were customers between October 2013 through October 2014; as well as account information for about 728 thousand credit card holders who applied for credit cards during this same time (April through July).
Adobe Systems Incorporated Data Breach
Adobe Systems Incorporated was hacked in October 2013, and the hackers stole data from over 38 million user accounts. The hackers also stole data from the Adobe Creative Cloud and placed it online for all to see. The information included users’ names, email addresses, encrypted passwords (meaning they couldn’t be read), dates of birth, and even some credit card information.
In October 2015, Adobe Systems Incorporated was hacked again – this time by a Russian group called Dragonfly, who were trying to sell the stolen data on the Dark Web.
Veterans Affairs (VA) Data Breach
In 2014, a hacker stole the personal data of 26.5 million veterans and their spouses through the VA’s computer system. Another hacker stole data from the Veterans Affairs Department again that same year. The stolen information included names, addresses, birth dates and Social Security numbers.
In 2015, a third breach occurred when thieves hacked into an employee email account containing information on more than 500k veterans who had applied for health care benefits at VA facilities during that time period—an estimated 860k people were affected by this breach alone.
Premera Blue Cross and LifeWise Health Plan of Oregon Data Breach
In 2014, Premera Blue Cross and LifeWise Health Plan of Oregon were hit with a data breach that affected 11 million people. The attack was carried out over the course of a month by hackers who used phishing emails and malware to steal personal information from the companies’ systems.
The breach was discovered when one victim received a suspicious email in March 2014 informing her she had an overdue bill for $1,400 worth of services at Barnes & Noble. The victim told Premera about the email, prompting its IT department to begin investigating. It wasn’t long before they found evidence suggesting there was something more nefarious going on: hundreds of thousands more individuals had been affected by similar phishing attempts since December 2013 (although it’s unclear whether any other companies were targeted).
It turns out that Premera had been using outdated software that didn’t have proper security protections built-in—and an error message during registration allowed hackers access even after clicking “reject” on their first attempt!
Home Depot Data Breach
The Home Depot data breach is considered one of the largest to date. The hackers stole 56 million credit and debit card numbers and 53 million email addresses. It’s estimated that the total cost of this breach was $162 million.
As a result of this massive hack, Home Depot ended up paying $19.5 million in fines for failing to provide adequate security measures for customer data protection and also paid $28 million in customer identity theft protection services for those customers affected by their negligence.
Sony Pictures Entertainment Inc. Data Breach
In November 2014, Sony Pictures Entertainment Inc. suffered a large data breach that leaked thousands of internal documents. The hack resulted from a North Korea cyberattack and was aimed at stopping the release of The Interview, a comedy film starring Seth Rogen and James Franco.
Regardless of what you thought about their hacking abilities (or lack thereof), North Korea’s cyberattacks were some of the most memorable hacks in recent years because they were likely responsible for an apology from President Barack Obama to Kim Jong-Un after his country was blamed for stealing personal information on tens of thousands of employees at Sony Pictures Entertainment (SPE).
How to prevent data breaches
As we’ve mentioned, there are a number of ways for a data breach to occur. However, you can take proactive steps to prevent that from happening.
First and foremost, you should ensure your passwords are strong and unique for each account where you access sensitive information. Making sure that each password is at least 12 characters long with numbers and letters will help prevent hackers from guessing it before they even try cracking it. Additionally, use two-factor authentication (2FA). This will make it harder for someone who finds one of your accounts to log into it without being detected as an intruder by whoever’s monitoring your accounts. It may be inconvenient at first, but over time you’ll get used to having extra security measures in place.
Next up is using a password manager like LastPass or LogMeOnce, which allows users to create strong passwords that are easy to remember while also keeping track of them all, so they don’t forget any important ones! Finally, consider using virtual private networks (VPNs) when accessing public Wi-Fi networks such as those found at coffee shops or airports because these types often don’t encrypt traffic, leaving devices vulnerable and making them easier targets.
Conclusion
In conclusion, data breaches are unfortunately common. They’re also very stressful for those who have experienced them firsthand. But that doesn’t mean that there’s nothing we can do to protect our personal information from falling into the wrong hands. By being careful where we share our essential details, we can ensure that only the people who need access to them actually get it!
