Has your business’s network ever been breached? With 446 million records compromised in 2018 alone, businesses need to understand what threats they are currently under and the importance of prioritizing network security to keep hackers at bay. Let’s take a look at some of the largest data breaches that have happened just since the beginning of May.
Conferencing and digital workplace software company, Citrix, revealed that hackers gained access to the company’s network between October 2018 and March 2019. Data stolen included social security numbers, financial information, and data of current and former employees.
1.6 million users of AMC Network’s Sundance Now and Shudder streaming services had their data left exposed through a database that was left unsecured. Names, email addresses, and subscription details were compromised.
Freedom Mobile, a Canadian mobile provider, had an estimated 1.5 million customers’ personal and financial information left exposed on a third-party server. The types of data left exposed included names, email addresses, mailing addresses, dates of birth, and credit card information.
The legal team behind the National Basketball Association’s Indiana Pacers was the victim of a major phishing attack. Employee and customer names, addresses, dates of birth, social security numbers, passport numbers, driver’s license numbers, medical insurance information, card numbers, digital signatures, and login information were exposed. No number of affected individuals has been given by the team.
WhatsApp experienced a security flaw that provided access to an Israeli government surveillance agency, NSO Group. NSO Group had limited access to the microphone, camera, and WhatsApp message text of the app’s 1.5 billion users.
Facebook-owned Instagram fell victim to a data breach that exposed more than 49 million Instagram influencers, celebrities, and brands’ Instagram information when an Indian-based social media marketing company left it exposed.
The 139 million users of Canva, a cloud-based graphic design tool, had their names, usernames, and email addresses exposed when hackers infiltrated their server.
First American Financial Corporation, a leading title insurer for the U.S. real estate market, had 885 million files including social security numbers, bank account numbers, mortgage and tax records, wire transaction receipts, and driver’s license images compromised for all customers as far as back as 2003.
Other May breaches: Inmediata Health Group, Uniqlo, Wyzant, Flipboard, Checkers (the fast food chain).
Almost 12 million patient records were compromised when hackers took control of the payments page of AMCA, a major payment vendor for Quest Diagnostics. Data such as financial account data, social security numbers, and health information (ePHI) were left exposed.
In the same hack, LabCorp announced that 7.7 million of its customers were impacted.
In the same attack, Opko Health had over 400,000 customer and patient records compromised.
The gaming website Emuparadise had their users’ IP addresses, usernames, and passwords exposed in a data breach.
More than 100 million users of the Evite event planning app have had their information put up for sale on the dark web. Information that was stolen included names, email addresses, IP addresses, and cleartext passwords. Some even had their dates of birth, phone number, or postal address exposed.
Kentucky-based Total Registration, a facilitator of scholastic test registrations, had their entire service compromised. Victims, who were mainly students who had registered for PSAT and Advanced Placement tests, had their names, dates of birth, grade level, gender, and social security numbers exposed.
A security vulnerability in Evernote’s Web Clipper Chrome extension gave hackers access to the online data of over 4.5 million users. Exposed data includes authentication, financial, all private communications, and more.
Over 2.7 million individuals and 173,000 businesses had their data stolen by a single Desjardins employee. Desjardins is Canada’s largest credit union, and the hack resulted in the exposure of names, dates of birth, social insurance numbers, addresses, phone numbers, and email addresses of customers.
Other June breaches: Oregon Department of Human Services, U.S. Customs and Border Protection, EatStreet, Dominion National
Due to the AMCA breach that affected Quest Diagnostics, Opko Health, and Labcorp, Clinical Pathology Laboratories had 2.2 million patients’ personal and medical information exposed with an additional 34,500 patients’ credit card or banking information breached.
A still unknown number of Sprint customer accounts were hacked through Samsung.com’s “add a line” website. Some exposed information included names, billing addresses, phone numbers, device types, device IDs, monthly recurring charges, account numbers, and more.
Other July breaches: Maryland Department of Labor, Los Angeles County Department of Health Service, Essentia Health, Fieldwork Software, Los Angeles Personnel Department
The online marketplace, Poshmark, announced that they were hacked. Usernames and email addresses of an unreported amount of clients have been exposed in the breach. Poshmark has nearly 50 million users.
The online fashion-trading platform had its over 6.8 million user accounts exposed. Data that was out there included customer names, email addresses, usernames and passwords, shipping addresses, and purchase histories.
A data breach at CafePress, a custom t-shirt and merchandise company, exposed the names, email addresses, physical addresses, phone numbers, and passwords of over 23.2 million customers.
Hackers left over 700,000 guest records exposed in a coordinated extortion attempt on the Choice Hotel chain. Stolen information included names, addresses, and phone numbers.
VPNMentor and independent security researchers uncovered a data breach containing over a million individuals’ facial recognition information as well as the unencrypted passwords and usernames of 27.8 million individuals exposed from Biostar 2, a biometric security platform.
Hostinger, a web hosting company, sent out an email to their 14 million clients who had their information hacked through an API server. As a result, first names, usernames, email addresses, IP addresses, and hashed passwords were exposed.
Other August breaches: Presbyterian Healthcare Services, State Farm, MoviePass
Before your business has its network breached, data stolen, and reputation irreparably harmed, call the security professionals at PCS to do a full security assessment. We can help you keep your data and reputation intact. Don't wait until it is too late. Call us today at (865) 273-1960 to learn more.