An unfortunate byproduct of the internet and the so-called “information age” is that consumers frequently are entering sensitive information onto websites or storing highly sensitive information online. Some of the information that might be on the Internet includes your name, driver’s license number, common passwords, financial information, address, phone number, and so on. This creates an opportunity for bad actors to try to access this sensitive information for the purpose of stealing identities, accessing financial accounts, and much more. And while a lot of our information is stored on servers managed by large corporations that spend millions on information security, they often are not successful at achieving this. In this article, we discuss 3 of the most significant data breaches that have occurred in recent years.
Telecommunications provider T-Mobile was hacked in February of 2021. This represents one of the scariest data breaches given how large T-Mobile is and the fact that cell phones are a major part of consumers’ lives. The company did not disclose the extent of the hack but reporting showed that many T-Mobile customers were affected by SIM swap attacks which are also known as SIM hijacking. These customers lost access to their phones as hackers were able to gain access to their phone numbers, messages, and calls, which enabled them to access other accounts through things like two-factor authentication.
This is perhaps the most well-known data breach that has happened over the past 10 years. The data breach occurred back in 2017. What made this particular data breach unique is the fact that Equifax is one of the three largest credit bureaus in the United States. Credit Bureaus are at the epicenter of the U.S. credit system and have access to financial account information as well as social security numbers. Information basically does not get more sensitive than this. According to Equifax, over 148 million people were impacted by this data breach. Information including, but not limited to, names, home addresses, phone numbers, dates of birth, social security numbers, and driver’s license numbers were exposed, and 209,000 of those customers also had their credit card information stolen as well.
In 2017 Yahoo announced that it had over 3 billion accounts compromised through a data breach. This is one of the largest data breaches that has occurred. The hackers gained access to users’ security questions and answers, which is information they could use to access other websites. Yahoo was later able to confirm that no additional information such as passwords, payment card data, and bank information, was stolen. So while the absolute scale of the data breach was enormous, the exposure was not that significant. However, like most data breaches, the damage was done to Yahoo’s credibility in terms of the security of its platform.
These are only a few examples of data breaches and importantly these are cases where the companies realized they had a breach. There are many cases where companies don’t realize they’ve been hacked until years later.