World's Biggest Data Breaches and Hacks of 2014

World's Biggest DATA BREACHES AND HACKS of 2014 Login Administrator Password **** 842 2014 was a year plagued with countless breaches and hacks. Based on the number of accounts affected, the scope of brand damage, the ingenuity of the breach, and the consequences, this list contains the top 14 data breaches and hacks of the year. Jan 01, 2014 1 Skype Social Media Hack skype Source: Twitter Skype's social media accounts were overtaken by a hacktivist group who posted brand damaging messages about Skype's privacy policies. skype Jan 02, 2014 Snapchat Product Hack Source: Re/code 2 L 123-123-1234 Greyhat hackers exploited a disclosed back-end security weakness in the Snapchat app and published partial phone 1 123-123-1234 L 123-123-1234 numbers of more than L 123-123-1234 5 million Snapchat users. L 123-123-1234 2 123-123-1234 L 123-123-1234 Feb 14, 2014 Forbes Forbes Source: Forbes FAKE Hacktivists attacked Forbes.com and stole over 1 million users' e-mails and 1MILUON USERS'EMAILS AND PASS WO RDSSTO LEN and posted fake stories. 'spJomssed Маг 26, 2014 4 NAVER Naver Source: The Korea Herald 4 A group of hackers purchased the personal information of 25 million users SPAM PAD of Naver, a popular South Korea search portal. With the names, addresses, Internet IDs and passwords of these users, hackers were able to log into Naver accounts and profit off sending spam/illicit e-mails. SEARCH ENGINE SEARCH Арг 17, 2014 5 Michaels Michaels' Retail Credit Card Breach Source: Michaels 5 Hackers attacked Michaels' point-of-sale systems with malware and stole the information of 3 million customer credit/debit cards. Арг 28, 2014 Aol. AOL Data Breach Source: Reuters® Leveraging stolen e-mail addresses, passwords, contact lists, and security questions, AOL hackers sent spam e-mails YOU'VE GOT MAIL TO SPAM SPAM SPAM SPAM * ТENS OF MILLIONS ACCOUNTS to AOL users with links to malicious websites or malware. SPAM SPAM SPAM Tens of millions accounts were affected. SPAM SPAM SPAM SPAM SEND May 21, 2014 7 eBay Corporate and Customer Account Breach ebay Source: Re/code 7 Using stolen employee credentials, cyber attackers hacked into eBay's corporate network and walked hackers stole 145 million accounts away with the customer database of 145 million accounts ebay which included names, encrypted passwords, e-mail addresses, physical addresses, and phone numbers. Jun 18, 2014 8. Code Spaces Code Spaces Ransom Breach Source: Twitter! end Hackers put code-hosting and project management tool Code Spaces out of business. What started out as a DDOS attack on Code Spaces turned into an extortion attempt accompanied by an intrusion into their Amazon Elastic Compute Cloud (EC2) panel. The hackers then deleted all customer and back-up data. US The money Jul 23, 2014 StubHub Third-Party Breach Stub Hub! Source: Bloomberg® Preying on users who recycle passwords, hackers took over * TICKET * Password 1,600 StubHub user aCcounts ****6842 by scraping credentials from third-party accounts. Once they gained access, they purchased and re-sold tickets for major entertainment and sporting events. User Password Aug 2014 10 JPMorgan Customer Account Breach JPMorgan Source: Threat Post 10 NOT PROTECTED BY The cyber attack on JPMorgan Chase left the accounts of TWO-FACTOR 76 million households and 7 million small businesses AUTHENTICATION vulnerable as hackers had access to -100 servers between June and August 2014. Using stolen administrative credentials, the hackers found their way into a server unprotected by two-factor authentication. Aug 18, 2014 11 Community CHS Heslth Systeme Community Health Systems Source: Re/code 1"1 The American hospital network Community Health Systems announced hackers stole the names, addresses, birth dates, phone numbers, and social security numbers of 4.5 million patients. The attackers were believed to be from China and utilized sophisticated malware to retrieve HIPAA protected information. Sept 2, 2014 12 Home Depot Customer Account Breach HOME Source: Re/code 12 56 million cards were compromised during a five month malware attack on Home Depot's point-of-sale terminals, causing a breach significantly worse than Target's mega breach. Home Depot announced that the malware was custom built for the attack. Nov 10, 2014 13 UNITED STATES POSTAL SERVICE USPS Corporate Breach Source: USPS 15 / Bloomberg 14 Hackers breached USPS' computer networks, stealing the data of more than 800,000 employees. POSTAL SERVICE Customers who called/e-mailed the USPS Customer Care Center between January 1 and August 18, 2014 may have also had their names, addresses, telephone numbers, and e-mail accounts leaked. Nov 24, 2014 14 SONY Sony Corporate Breach Source: Reuters 15 / Re/code 18 Hackers breached Sony Pictures Entertainment's internal computer network using malware and accessed critical admin passwords that were unprotected. They leaked 47,000 employees social security numbers, private e-mail messages, and intellectual property such as movies and scripts. The hackers' main demand was for Sony to cancel the release 47,000 employees' social security numbers were leaked SONY of the movie The Interview. 1) Twitter: https://twitter.com/skype/status/418550480000671744 2) Re/code: http://recode.net/2014/01/02/snapchat-account-leak-raises-questions-about-it-and-other-mobile-apps/ 3) Forbes: http://www.forbes.com/sites/andygreenberg/2014/02/20/how-the-syrian-electronic-army-hacked-us-a-detailed-timelinel 4) The Korea Herald: http://www.koreaherald.com/view.php?ud=20140326001543 5) Michaels: http://www.michaels.com/payment-card-notice-ceo-letter/payment-card-notice-CEO.html 6) Reuters: http://www.reuters.com/article/2014/04/28/cybercrime-aol-idUSL3NONK4HZ20140428 7) Re/code: http://recode.net/2014/07/11/with-ebays-earnings-on-tap-its-data-breach-and-seo-penalty-loom-largel 8) Twitter: https://twitter.com/codespaces 9) Bloomberg: http://www.bloomberg.com/news/articles/2014-07-23/ebay-s-stubhub-says-arrests-planned-over-account-hacks 10) Threat Post: 11) Re/code: http://recode.net/2014/08/18/chinese-hackers-stole-info-on-4-5-million-u-s-hospital-patients/ 12) Re/code: http://recode.net/2014/11/06/home-depot-says-53-million-email-addresses-were-stolen/ 13) USPS: https://about.usps.com/news/fact-sheets/scenario/media-statement-final.pdf 14) Bloomberg: http://www.bloomberg.com/news/articles/2014-11-17/fbi-probes-state-department-hack-linked-to-white-house-breach 15) Reuters: http://www.reuters.com/article/2014/12/23/northkorea-cyberattack-congress-idUSLINOU70VW20141223 16) Re/code: http://recode.net/2014/12/23/sony-hack-what-you-missed/ http://threatpost.com/two-factor-snafu-opened-door-to-jpmorgan-breach/110119 Bitium, Inc 2015 © All rights reserved. Bitium and the Bitium logo are trademarks or registered trademarks of Bitium, Inc. in the USA and other countries. All other trademarks are the property of their respective companies. Information is subject to change without notice. b BITIUM www.bitium.com