When it comes to listing the key data breaches in 2018, we have some of the largest and most impactful ones that were reported throughout the year. Read on to know more…
Over the last few years, billions of people have fallen victim to the biggest data breaches in history. According to global digital security firm Positive Technologies, in this year, billions of people were affected by data breaches and cyberattacks with 765 million in the months of April, May and June alone — with losses surpassing tens of millions of dollars. Cyberattacks increased 32% in the first three months of 2018 and 47% during the April-June period, compared to the same periods in 2017.
Though, it is a challenge to list all the data breaches in this year, there have been some of the largest and most impactful ones that were reported throughout the year. The consequences of large organizations and enterprises leaking sensitive data are many. For consumers, it is loss of privacy, potential identity theft, and countless hours of restoration of the whole system. And it’s an expensive damage control exercise for enterprises, too, in the form of bad press and the resulting damage to their reputation, as well as time and money spent to remediate the breach and ensure customers’ data is well secured in the future and all times.
We have listed up a few of the biggest data breaches of 2018 below…
Among the many unfortunate headlines for Facebook this year was a massive data breach that exposed the account details and personal information of almost 50 million users. Facebook said they have fixed the security vulnerability and alerted authorities of the breach. The hack was possible due to Facebook’s “View As” feature, which lets users view their own account as if they were a stranger in order to check post privacy settings, etc. The feature gives the user an “access token,” which allows them to log back into their account without resubmitting information, and hackers exploited this to harvest other users’ access tokens.
If you use the same login information and password for accounts across many different websites, hackers could potentially find your login in a data breach of a lower-stakes app and use it to access your account on something more important and private, like a bank account.
Marriott Data Breach
One of the biggest data breaches of the year and potentially of all time was disclosed earlier in December this year. Marriott International, the world’s largest hotel chain, announced a breach of its Starwood guest reservation database and said that as many as 500 million guests could be affected. Upon investigation, Marriott found that there had been unauthorized access since 2014 and that an “unauthorized party” had copied and encrypted some information and “took steps toward removing it,” but the company did not specify how much data was removed. Marriott said that for about 327 million of affected guests, accessed information included some combination of a name, address, phone number, email, passport number, Starwood Preferred Guest account information, date of birth, gender, arrival and departure information, reservation data and communication preferences.
About 100 million Quora users were affected by authorized access to one of its systems by a “malicious third party,” according to the site. Quora said it was logging out all users who might have been affected in order to prevent further damage and notifying users whose data had been compromised. Compromised information may include names, emails, addresses, encrypted passwords and data imported from linked networks. Quora said a security breach compromised the data of as many as 100 million of its 300 million users.
My Fitness Pal
Under Armor said about 150 million users were affected by a data leak in the company’s MyFitnessPal app that occurred in February. Under Armor said notified users via email and in-app messages, and it was “working with leading data security firms to assist in its investigation.”