It has been a busy few years for the world’s computer hackers and there seems to be a new headline in the papers every week about the latest electronic security failures. One of the best way to deter hackers is to outsource in-house servers to a secure data center that monitors and encrypt sensitive business data. Between the efforts of so-called “hacktivists” and outright ne’er-do-wells, it’s been a constant struggle to keep data under wraps for many huge companies at the electronic forefront. In that spirit, here is a rundown of seven the worst data breaches in the last five years:
Sony’s PlayStation Network
On April 20 2011 the online PlayStation Network, the service responsible for all of the PS3’s online activity, went down. In the beginning, although there was an outcry as angry users couldn’t get online, no-one really knew why it was down. That was until news reports started appearing and before long it was made public that the service had indeed been hacked and an unbelievable 77 million PlayStation Network accounts had been compromised. The culprits gained access to 12 million credit card details, names, addresses, login and password details. Perhaps most shocking about this story is that the network remained down for more than a month while the company tried to rectify the situation and are said to have lost millions of dollars in the process. While it has been claimed that hacktivist group Anonymous had a hand in the attack, possibly in response to Sony’s persecution of a gamer who modified their consoles, no hackers have yet been brought to justice.
In August 2007 hackers managed to gain access to the personal details of over 1.3 million profiles on one of the world’s biggest job sites. Reports say that the hackers carried out the operation via a basic phishing scam, by sending bogus e-mails to users asking them to click on compromised links. When the links were clicked, the user’s account login details were captured and the hackers were in, free to do what they liked with the info contained in the account. The attack appears to have been financially motivated: shortly after the attack, victims were e-mailed with threats of important file deletion from their computers if they didn’t pay up.
In December 2010, 1.3 million passwords and e-mail addresses were taken from various blogs and forums on the Gawker network, including Lifehacker and Jezebel, and the hackers hijacked users’ accounts for the purposes of sending out huge amounts of spam. A group of hackers calling themselves “Gnosis”, accepted responsibility and claimed they had carried out the attack because of an apparent prior dispute between Gawker and internet message board 4chan, which has been the hub for a great deal of hacker activity over recent years. Thankfully, no payment information was leaked and all that was required to rectify the situation was a simple password change for all users.
This look at “The Worst Data Breaches of the Past Five Years” was brought to you by the tech-obsessed and security conscious team at Broadband Choices, comparing price plans from a wide variety of broadband providers. Part 2 of this series takes a look at data breaches from RSA Security, Heartland Payment Systems, Epsilon, and Hotmail.