Uncategorized

2014: The Year of The Data Breach

15 Dec

2014 was quite a year – and it’s not over yet. Throughout the year we heard what felt like a new story every month about a data breach or hack. Companies large and small were damaged by breaches of many different scopes. Some you may have heard of, and some you may be surprised to see as we go over some of the eye opening breaches of 2014.

iCloud

Almost everyone heard about what some referred to as “Applegate”. The iCloud service was hacked in 2014 resulting in the exposure of hundreds of nude celebrity photos. Apple denied that the service was the victim of the attack, yet implemented new security measures after reports surfaced.

J.P. Morgan – Chase

Considered one of the largest data security breaches in history J.P. Morgan, owner of Chase banks, had their credit card systems hacked this past year. The attack was reported to have affected more than 80 Million consumer customers and around 7 Million small/mid-size business customers.

U.S. Government Contractor USIS

One of the more ironic breaches this past year was that of private contractor USIS. USIS is a private government contractor that performs security clearance background checks and other investigations for the U.S. Government. While there were no reports of background check or other similar information being leaked, information on a number of employees was found to be attacked.

Target

This one of the more publicized breaches, and for good reason. The major retailer who has over 2,000 locations in North America was the target (no pun intended) of a security breach in 2013 – but made more headlines in 2014 as more information became available. The breach affected payment systems in stores and ultimately led to lower sales and the resignation of the company’s Chief Information Officer.

eBay

In early 2014 it was announced that eBay users fell victim to a massive data breach. The breach affected more than 145 Million users including email addresses, postal addresses, and most importantly account login information. Users were asked to immediately change their passwords to avoid further disruption. While no financial information was stolen, the company reported that it lost several hundred million dollars due to the breach.

Home Depot

Home Depot was another large retailer that suffered a breach in 2014. The company reported that a third-party vendor was ultimately at fault, but over 56 Million credit cards and over 50 Million email addresses were leaked.

U.S. Postal Service

Even our trusty mailman was subjected to hacking in 2014. Just under a million workers were affected as social security numbers and home addresses were stolen in a hack of the US Postal Service. Ironically, this breach occurred around the time that the United States and China were to meet to discuss cybersecurity – the hack was initially blamed on the Chinese.

Sony

Late this year Sony was the target of a breach when their computers were taken over by unknown attackers. While initial blame was placed on North Korea, an investigation found insufficient evidence to support the claim. Several news stories have broken since the breach concerning celebrities in Sony films as well as executives in the company.

Microsoft/XBox

Just last week Microsoft’s online content platform XBox Live was hacked causing outages of service for many users, most of whom own the XBox 360 platform. The breach affected users with XBox Live accounts attempting to connect to the service in order to play games and watch other video content including Netflix or HBO GO. After allegedly fixing the issues, users complained that the system was again down this past Friday. The hack was reported to have been performed by a group known as Lizard Squad, who often asks users on Twitter which devices or platforms they should hack. Several users suggested Lizard Squad should hack XBox Live – which they then performed shortly thereafter.

There were several other breaches this year including:

  • Spotify (one user)
  • U.S. Weather Systems
  • European Central Bank
  • Snapchat

It seems these lists continue to grow each year as companies try to stay ahead of their counterparts. While some companies seem to have staved off attacks for now, it often seems that it’s only a matter of time before attackers hits another big name. If these major breaches have taught us anything, it’s that online and data security is extremely important for all of us.