MENU

10 Biggest Cyber Crimes and Data Breaches

March 7, 2017 • Lists, Security, Top Stories

Cybercrime; the ever growing threat of online interactions.

Cybercrime; the ever growing threat of online interactions.

Cyber criminals are becoming more sophisticated at picking our virtual pockets and uncovering almost all our personal information available online- yet most of us remain woefully unprepared.
A 2016 survey, conducted by PricewaterhouseCoopers, highlighted that organizations rank cybercrime as the second most reported type of economic crime, up from fourth place. This is despite the fact that most cybercrimes go unreported.
This indicated the widespread growth of cybercrime. Online crime has moved way beyond the inquisitive teenage hacker who pushed boundaries. It now comprises elaborate worldwide syndicates that are well organized and use sophisticated tools. They steal personal data, passwords and other information, then use it to blackmail businesses or scam consumers. Or they might sell it on the black market, where others can use this information to steal identities and run up credit card charges.
TheBestVPN have in light of this growing threat, compiled a list of the 10 most notable cybercrimes, either by size or significance from around the world.
1. 50 Millions Credit Cards Data Stolen from Home Depot’s System (2014)
In 2014 retailer Home Depot’s system was breached, exposing data from over 50 million credit cards.
The thieves used a vendor’s user name and password to get into the company’s computer network, then installed malware on its point-of-sale systems, which meant that consumers swiping their credit cards were literally handing over their data to the criminals.
In other words, people were buying physical items from a real life store, but at the same time they ended up giving their credit card data to hackers.

2. Single Largest Theft of Customer Data (Citigroup, HSBCS, Dow Jones & Others) in 2014    
In 2014 Bank JPMorgan Chase disclosed a massive breach that saw the data of 76 million households and 7 million small businesses compromised. Other U.S. financial institutions, brokerage firms, and financial news publishers were also targeted, including Citigroup, HSBC, Dow Jones and payroll service company ADP.

Three men, now under arrest and pending trial, had set up “hacking as a business model,” according to Preet Bharara, the United States attorney for the Southern District of New York. He called the breach: “The single largest theft of customer data from a U.S. financial institution ever.”
The charges allege that the men used the stolen information in pump-and-dump schemes, manipulating prices of stocks by sending fake e-mails to customers whose data was stolen, tricking them into investing then profiting by the rise in stock price. The three men also allegedly operated unlawful internet gambling sites, distributed counterfeit and malicious software and operated an illegal BitCoin exchange.

3. Yahoo Data Breach: Over 1,5 Billion Users Data Was Breached (2013 to 2016)
Yahoo! has been the target of at least two major breaches over the years. In September 2016, the company disclosed that it had a 2014 breach which led to the data of at least 500 million users being stolen. Then four months later it reported another breach had happened in August 2013 that exposed data of more than a billion Yahoo! users. The company did not explain why it took so long to report the breaches, which could land it in trouble with regulators.
The U.S. Securities & Exchange Commission issued guidance in 2011 that required companies to disclose material information about cyber incidents if they could impact investors. The agency is reportedly investigating the company.

4. In 2015, 79 Million Customer’s Data was Stolen from HealthCare Companies
The last three years have shown how vulnerable consumer health data can be as hackers increasingly target health insurance and medical information. In 2015, three healthcare companies – Anthem, Premera Blue Cross and CareFirst BlueCross BlueShield, were hacked. Anthem’s was the largest – exposing some 79 million customers’ data. Premera lost information on more than 11 million customers. Then CareFirst uncovered a breach that compromised the information of over a million customers. The U.S. government, which sometimes holds even more critical information than companies, has become a prospective targets.

5. Over 700,000 Social Security Numbers Were Stolen From IRS in 2015
In 2015, the U.S. Internal Revenue Service had a breach that exposed more than 700,000 Social Security numbers and other sensitive information. Published reports say the hackers took advantage of an online IRS program called “Get Transcript,” which allowed taxpayers to access their tax history. Even before the breach, identity thieves were using stolen Social Security numbers to fraudulently file for refunds. According to a report by the inspector general, in the 2016 tax season the IRS identified 42,148 tax returns with $227 million claimed in fraudulent refunds, and that was only as of early March of that year.

6. Largest Government Data Breach (2016) Due to Outdated Technology
Meanwhile, the U.S Office of Personnel Management (OPM) exposed records of as many as 21.5 million people, one of the largest breaches of government data in U.S. history. Information included Social Security numbers, names, dates and places of birth, health and financial details and even fingerprints of people who had been subjected to government background checks. A congressional report published in September 2016 said the government was using outdated technology that left its systems vulnerable. One of the hackers used a contractor’s credentials to log on, install malware and create a backdoor to the network.

7. Google Corporate Servers in China Were Hacked in 2009
In 2009, hackers accessed several of Google’s corporate servers in China, stealing intellectual property and other information. The company said it had “evidence to suggest that a primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists.”
Four years later, in 2013, U.S. government officials said the Chinese hackers had accessed a sensitive database that contained court orders authorizing surveillance, possibly of Chinese agents who had Gmail accounts. A Microsoft official suggested that Chinese hackers had targeted its servers at about the same time as Google’s, possibly seeking similar information about its email service.

8. North-Korea “supposedly” Hacked Sony Pictures and Stole Unreleased Movies
In 2014, hackers attacked the computer network of Sony Pictures, stealing employee e-mails, information on executive salaries and copies of unreleased movies. There was widespread speculation that the group was trying to disrupt release of the film, The Interview, a comedy depicting a plot to assassinate North Korean leader Kim Jong-un. The U.S. government blamed the North Korean government for the breach – the first time the U.S. government publicly accused a country of a cyber attack.

9. WikiLeaks: Sensitive Emails From Democratic National Committee (2016)
In July WikiLeaks published a series of emails taken from servers of the Democratic National Committee. The e-mails contained private correspondence, some of which derided the campaign of the Bernie Sanders, and sensitive financial data on high-profile donors to Hillary Clinton’s campaign.
The revelations prompted the resignation of the DNC’s chairperson and arguably impacted the U.S. election. U.S. intelligence agencies said they were confident that the Russian government was behind the hacks and even issued a report at the end of 2016 providing details on how the Russians allegedly carried out the exploit. Others, particularly new President Donald Trump, expressed doubt that Russia was responsible.

10. Biggest DDOS Attack That Took Down Twitter, PayPal, Netflix and Others (October, 2016)
2016 also marked the first time the so-called “Internet of Things” (IoT) was widely used in a cybercrime. In October, a cyberattack on one of the companies that host the internet’s Domain Name System, a directory of internet addresses, took down many of the internet’s most popular sites, including Twitter, Netflix, Paypal and Spotify.
The attack was of a common type, called a distributed denial of service (DDoS), which shuts down systems by bombarding them with too many requests at the same time. The unusual and alarming aspect, however, was that rather than using “zombie PCs,” where malware has been downloaded onto the PCs of unsuspecting consumers, making them into a sort of robot that can help to send all these requests, the attackers used common internet-connected things like baby monitors and digital recorders. The company, called Dyn, said the onslaught came from millions of internet addresses, making it one of the largest cyberattacks of all time.
Experts believe that as more things are connected to the internet, cybercrime is only going to get worse. Research firm Gartner forecasts that there will be 6.4 billion things connected to the internet by 2018. It predicts that by 2020 some 25 percent of known cyberattacks will involve the IoT.

Staff Writer


Comments are closed.

« »

Read previous post:
Piere Havenga, Managing Director of Vertiv in Middle East and Africa.
Emerson Network Power Rebrands as Vertiv

Vertiv, the business formerly known as Emerson Network Power, officially launched under its new branding in South Africa at a...

Close