2014 saw data breaches get a lot of media attention. 43% of companies experienced a data breach in 2014. According to a Ponemon Institute report, this number is up 10% over the previous year and is expected to continue rising.
Companies are attacked on average 16,856 times per year. Most of these incidents aren’t even noticed by our radars. The big ones are huge and get a lot of media coverage. Which ones were the largest of 2014? Here’s a list:
1. Michaels In January 2014 the craft-store chain confirmed that there had been a data breach. However, it did not provide details about how it occurred or how many people were affected. The company later confirmed that 3,000,000 customers’ credit and debit card information had been stolen by breaching its payment system.
Aaron Brothers art framing, a subsidiary of the store, was also affected. Additional 400,000 customer payment records were also compromised. Michaels hired two independent security companies to investigate the attack. This was the second data breach in three year.
2. LivingSocial was hacked in April 2014. The hackers stole the identities, emails, birthdays, and encrypted passwords for more than 50 million customers. The hack was particularly dangerous because of the large number of affected customers. However, the hackers made off with passwords that are often reused on other accounts. The good news is that customer and merchant financial data were not compromised.
3. eBay In May 2014, eBay announced to the public that hackers had stolen usernames, encrypted email addresses, and passwords from its database. As a precaution, the company requested that its 145 million customers change their passwords. However, it is not clear how many users’ data were stolen.
Although hackers were unable to access sensitive financial information, consumers were still vulnerable. Raj Samani, vice president and CTO at McAfee EMEA told The Washington Post that “the reality is that this data that has been stolen is going to sold.”
LIVE Webinar Thursday January 15th at 12PM EST “Avoiding Disaster”: How to Secure Your Networks With Education
It’s not a matter of if, but when malicious cyber activity will occur in your organization.
Register here for the webinar.
4. P.F. Chang’s Restaurant chain P.F. Chang’s stated that 33 of its 211 locations were subject to a security breach. The security breach that resulted in stolen credit and debit card information was discovered by the Secret Service in June. It is believed that criminals used malware in order to steal card numbers and expiration dates, as well as the names of customers who dined at this restaurant over an eight-month period. However, the exact number of those affected remains unknown.
5. Snapchat In October 2014, nearly 98,000 files stolen from Snapchat users were uploaded to The Pirate Bay. Snapchat blamed third party apps for the breach but didn’t name the culprit. Snapsaved is a third-party site that allows users save Snapchat images. An unnamed spokesperson posted on Facebook that “I would like the public to be informed that snapsaved.com has been hacked” because of a mistake in its web server setup. Many photos with inappropriate and pornographic images were stolen and posted on Reddit and 4chan. However, since Snapchat users are almost half between 13 and 17, the images were quickly deleted.
6. Home Depot Home Depot reported that its payment system was compromised and that 56 million card records had been stolen in September 2014. The malware that was installed on payment systems is believed to be the root cause of this attack. The data breach did not seem to have an impact on business like it did with Target. However, the company reported a 20% increase of profit in its third quarter.
7. JP Morgan Chase JPMorgan reported in October 2014 that hackers had exposed data from 76 million households as well as 8 million small businesses. The bank claimed that hackers only stole names, addresses, and phone numbers. Other data, such as social security numbers, remained secure. JPMorgan believes hackers gained root access to many of its servers. This is surprising considering the bank is known for having the best security controls. The investigation will continue, and more details will be revealed. However, the event is expected to be one of the largest data breaches in history.
Morgan Quinn wrote this piece, which originally appeared on Gobankingrates.com December 5, 2014.
New Horizons is a company that talks about Information Security every day. We do this not only with clients but also with vendors. We talk about industry trends and real-life problems. Because of our close relationship with these vendors, New Horizons can help businesses like yours leverage the knowledge experts of New Horizons to discuss strategies, implementation, and troubleshooting.
Click here to learn more about our Information Security Training. If you found this article useful, interesting, or helpful, please use the “Social Share” buttons below to share it with your networks.