Criminals and state-sponsored hackers attack networks around the world every minute of every day. Most of the time those attacks are thwarted by the networks’ cyberdefenses. But when attacks succeed, they usually do so in a big way. With increasing regularity, it seems, attackers hit the jackpot and gain access to information on millions of individuals, including passwords, email addresses, and credit card numbers. Odds are high that at least some of your personal information is in the hands of these thieves.
These are some of the biggest computer hacks of the past five years.
1. Adobe (October 2013)
Number of people affected: 150 million
Information stolen: Email addresses and passwords for 150 million users, according to security vendor Sophos, as well as credit card data for 2.9 million users.
A data dump discovered on the AnonNews website contained the usernames and passwords of some 150 million Adobe customers. (Sophos)
How it happened: Hackers gained access to Adobe’s networks, though exactly how they did it has yet to be publicly revealed. In addition to stealing user information, attackers also downloaded the source code for a handful of Adobe programs, which essentially forms the foundation of the software.
Aftermath: Adobe offered free credit monitoring to individuals who had their credit card information stolen. Others were told to reset their passwords for Adobe products. Password management vendor LastPass set up a site where you can check to see if your email address was one of those stolen; you can find it here.
2. eBay (May 2014)
Number of people affected: 145 million
Information stolen: Customers’ usernames, encrypted passwords, email addresses, and other personal data. No payment information was taken.
Photo: eBay
How it happened: Attackers used compromised employee login information to get into the company’s network.
Aftermath: EBay issued a statement asking all of its users to change their passwords “out of an abundance of caution.” The company said it would also work to improve security.
3. Target (January 2014)
Number of people affected: 110 million
Information stolen: 40 million credit and debit card numbers, as well as 70 million consumer email addresses.
Photo: Yahoo News
How it happened: According to Bloomberg, hackers used credentials from an HVAC contractor working within Target to then gain access to the retailer’s network.
Aftermath: Six months later, company CEO Gregg Steinhafel wasforced to resign over the breach. In March, Target settled a class-action lawsuit for $10 million with individuals who had their credit and debit cards stolen.
4. Home Depot (September 2014)
Number of people affected: 109 million
Information stolen: 53 million email addresses and 56 million credit and debit cards for shoppers at the $80 billion home improvement chain.
Photo: Yahoo News
How it happened: Home Depot said hackers used a vendor’s login information to access the network and install malware on the retailer’s self-checkout systems, which fed the attackers information on credit card customers in the U.S. and Canada.
Aftermath: Cleaning up after the breach cost Home Depot an estimated $62 million. The company offered free credit monitoring to any customers who used a payment card at a Home Depot store after April 2014.
5. Anthem (February 2015)
Number of people affected: 88 million
Information stolen: Social Security numbers, employment details, and other personal information maintained by the nation’s second largest health insurer — but no medical data.
Photo: Yahoo News
How it happened: Investigators speculate the intrusion began months earlier and was perpetrated by Chinese government-sponsored hackers, who are also suspected of breaking into the networks of United Airlines and the U.S. government’s Office of Personnel Management.
Aftermath: Anthem offered free credit monitoring services to those affected by the attack.
6. JPMorgan Chase (July 2014)
Number of people affected: 83 million
Information stolen: Names, addresses, and phone numbers of account holders at the $2.6 trillion financial services giant.
Photo: Yahoo Screen
How it happened: According to the New York Times, hackers gained access to JPMorgan’s network via an employee’s credentials.
Aftermath: Investigators recently arrested four individuals suspected of taking part in the hack.
7. U.S. Office of Personnel Management (June 2015)
Number of people affected: 22 million
Information stolen: Social Security numbers and other personal information for former and current U.S. government employees.
Photo: Yahoo News
How it happened: Attackers suspected to be from the Chinese government stole login information from the employee of a third-party government contractor.
0 comments:
Post a Comment