5 Biggest Data Breaches
Email and other data breaches are regularly occurring events. They can significantly compromise personal information security for individuals and undermine the confidence that people have in businesses/email services and their ability to ensure cybersecurity. They can lead to identity theft and cause expensive lawsuits. Companies can take a proactive approach to prevent breaches and stay on top of the related technology developments and trends. They can also take a series of reactive steps once an email breach occurs. Individual email users also have several options in preventing and reacting to their email security being breached.
What is an Email Breach?
An email breach is an action taken by hackers and cybercriminals to hack into an email server and access the contents of your email, including logins, passwords, messages, and attachments. People regularly use email for sharing sensitive information in both personal and business settings. Business emails often involve content from partners, vendors, and customers, which means that a breach at a business can affect many different parties.
Why do Data Breaches Happen?
Like any other crime, an email data breach can offer incentives to the criminals executing it. The most common way hackers benefit from breaches is financial. A financial bounty is achieved in a couple of different ways:
- Ransom Requests – when a large organization is hacked, they will do almost anything to minimize the legal and financial impact that results. Hackers try to take advantage of this by extorting money from the organizations they hack in return for the stolen data’s return and keeping the breach quiet.
- Selling Stolen Data – hackers can try to sell the data stolen from an email breach on the dark web, using cryptocurrency.
What have been the Biggest Data Breaches in Recent History?
The below details some of the largest data breaches in 2019:
- LinkedIn / Dropbox and others: 2.2 billion records were stolen from a number of websites that include the popular online tools Dropbox and LinkedIn, both used by individuals and organizations. It seems that data has been gathered for several years leading up to 2019 and is now listed on the dark web for sale. A portion of the stolen records includes usernames and passwords.
- Google Cloud: 1.2 billion consumer records were found on an unsecured Google Cloud server. These records luckily did not include sensitive/secure data, such as financial records or passwords, but did contain email addresses, social media profiles, and potential household income levels, all demographic information that can easily be sold for marketing purposes, hacking, spam, and a myriad of different cyberattacks.
- Evite, MindJolt, Wanelo, and others – almost 1 billion user records were stolen by a cyber-criminal named “Gnosticplayers” and he or she unloaded them in early 2019. This included passwords from multiple websites, such as Evite, MindJolt, Wanelo, and others.
- First American – 900 million insurance customer files, many containing sensitive information, were exposed for more than two years. This included bank account numbers, driver’s license image files, bank statements, social security numbers, and more private data. It is unknown if any exposed data was illicitly accessed or abused, though the type of information exposed certainly posed risks of identity theft.
Steps to Take if Your Data Was Breached
No one likes to think of the possibility that their personal data will be part of a breach, but it is relatively common, so it only makes sense to be educated and prepared.
- First of all, it is essential to note that you will definitely be notified by the company whose servers experience the breach.
- It is the law that all affected parties are notified in writing if their data was included in a data breach.
- If you are notified, you can ask questions that allow you to understand what data points were included in the breach so that you can take steps to change anything like a login or password.
- Some things cannot be altered, like social security numbers and addresses. Then your best option is to be extra diligent in looking at your credit report for any signs that someone is attempting to steal your identity. This might include new credit cards, or bank accounts opened without your knowledge.
- If you spot any such fraud, you can report it to the financial institutions involved. They can assist you in reporting it to the appropriate government channels and taking steps to ensure all fraudulent accounts are closed.
- Banks and credit card companies have fraud protection programs that ensure that by following the correct protocols, you will not have to bear a loss of funds due to fraud.
Data breaches are common and can have difficult after-effects for those whose information is stolen. Understanding your rights and taking steps to protect yourself from fraud is important.