What was the biggest data breach ever? Was it the infamous Sony hack that ended 2014? Maybe it was the much-publicized US Office of Personnel Management hack that rocked the government in 2015? Perhaps it was one of the major retailer hacks, like Target or Home Depot? No, none of these even make the list. These are the huge hacks that keep IT managers awake at night.
1. The Great American Business Hack (2005-2012, Involving 160 Million Records)
The single hugest hack ever was actually a series of hacks, conducted over the span of eight long years by a group of hackers in Russia and the Ukraine. This hack targeted a host of companies and banks, which includes NASDAQ, JetBlue, and JC Penney, among others. All said and done, the hack accounted for the loss of more than 800,000 bank accounts, over 160 million credit and debit card credentials, and other various and sundry data sets. To date, this is the single largest cybercrime case that has been filed.
The Takeaway: Never assume you know what a hacker is up to. Always report incidents of data breaches because these can be indicative of a larger operation. Sweeping these incidents under the rug makes it harder to track and fight these criminals, and can mean a bad gig for your PR department in the long run.
2. eBay (2014, Involving 145 Million Records)
Popular Internet shopping and auction site eBay had to tuck its tail and holler Uncle in 2014 when it was discovered that a hack of their systems resulted in the loss of the confidential information of some 145 million users, including encrypted passwords, names, addresses, dates of birth, and other sensitive info. Fortunately for both eBay and their customers, they kept their financial records (such as credit card info) in a separate database that was not compromised.
The Takeaway: Separate databases can be your saving grace in the event of a data breach. Supply security commensurate with the level of data stored there. Even if one set of data is compromised, the hackers won’t make off with everything, saving you the unfortunate task of having to tell them you lost their data.
3. Heartland (2006-2008, Involving 130 Million Records)
Heartland Payment Systems is one of the largest payment processing firms in the world. Hackers were able to breach their systems over the span of two years, stealing over 130 million records, including credit and debit card information. According to prosecutors who were responsible for bringing the hackers to justice, it was the “largest case of computer crime and identity theft ever prosecuted”.
The Takeaway: There really is no excuse for an ongoing breach such as this. Modern security and monitoring technologies should alert you if anyone is in your databases causing mayhem like this. Conduct regular and thorough audits to see what data you have, who is accessing it, why, and how.
Fortunately, businesses now have a better option for secure data storage. Bigstep and the Full Metal Cloud are your partners in secure, high-performance cloud services. Learn more about us today!