Technically Speaking

The Official Bigstep Blog

The World's 3 Most Massive Data Breaches & The Lessons You Can Learn From Them

What was the biggest data breach ever? Was it the infamous Sony hack that ended 2014? Maybe it was the much-publicized US Office of Personnel Management hack that rocked the government in 2015? Perhaps it was one of the major retailer hacks, like Target or Home Depot? No, none of these even make the list. These are the huge hacks that keep IT managers awake at night.

1. The Great American Business Hack (2005-2012, Involving 160 Million Records)

Unfortunately, many hackers are located outside the country, meaning it can be difficult or impossible to bring them to justice.

The single hugest hack ever was actually a series of hacks, conducted over the span of eight long years by a group of hackers in Russia and the Ukraine. This hack targeted a host of companies and banks, which includes NASDAQ, JetBlue, and JC Penney, among others. All said and done, the hack accounted for the loss of more than 800,000 bank accounts, over 160 million credit and debit card credentials, and other various and sundry data sets. To date, this is the single largest cybercrime case that has been filed.

The Takeaway: Never assume you know what a hacker is up to. Always report incidents of data breaches because these can be indicative of a larger operation. Sweeping these incidents under the rug makes it harder to track and fight these criminals, and can mean a bad gig for your PR department in the long run.

2. eBay (2014, Involving 145 Million Records)

Popular Internet shopping and auction site eBay had to tuck its tail and holler Uncle in 2014 when it was discovered that a hack of their systems resulted in the loss of the confidential information of some 145 million users, including encrypted passwords, names, addresses, dates of birth, and other sensitive info. Fortunately for both eBay and their customers, they kept their financial records (such as credit card info) in a separate database that was not compromised.

The Takeaway: Separate databases can be your saving grace in the event of a data breach. Supply security commensurate with the level of data stored there. Even if one set of data is compromised, the hackers won’t make off with everything, saving you the unfortunate task of having to tell them you lost their data.

3. Heartland (2006-2008, Involving 130 Million Records)

Modern network, application, device, and user monitoring solutions can help prevent attacks like these that last for years. Or, just partner with a cloud provider that can offer the latest security solutions.

Heartland Payment Systems is one of the largest payment processing firms in the world. Hackers were able to breach their systems over the span of two years, stealing over 130 million records, including credit and debit card information. According to prosecutors who were responsible for bringing the hackers to justice, it was the “largest case of computer crime and identity theft ever prosecuted”.

The Takeaway: There really is no excuse for an ongoing breach such as this. Modern security and monitoring technologies should alert you if anyone is in your databases causing mayhem like this. Conduct regular and thorough audits to see what data you have, who is accessing it, why, and how.

Fortunately, businesses now have a better option for secure data storage. Bigstep and the Full Metal Cloud are your partners in secure, high-performance cloud services. Learn more about us today!

Got a question? Need advice? We're just one click away.
Sharing is caring:TwitterFacebookGoogle+PinterestEmail

Readers also enjoyed:

How to Provide Enterprise-Level Security to Cloud-Based Apps

Cloud-based apps are a must-have these days. Every business from your news channel to your bank to your video streaming service offers robust, highly…

US Government Expands Big Data Project Collecting Information on Civilians Without Search Warrants

In the US, one of the most solid protections against an overly aggressive or invasive government is the idea of the search warrant. Without a search warrant,…

Leave a Reply

Your email address will not be published.