Security should be a top priority

In recent years, a number of large data breaches have made headlines and led to millions of consumers’ sensitive personal information being exposed. This can cause a lot of damage, including financial losses, reputational damage, and loss of customer trust.

Top 10 Data Breach 

#1: Equifax The US credit reporting agency suffered a massive data breach in 2017, exposing 148 million people’s personal information. This was caused by poor security measures and a lack of segmentation in their network. In addition, they were using a third-party web portal, Apache Struts, which had a known backend vulnerability that was exploited by the hackers.

This breach could have been prevented if Equifax had a good security strategy in place. This includes implementing proper network security and segmentation, patching software vulnerabilities, and training employees to avoid common attack methods.

#2: Yahoo The US internet giant Yahoo was hit with a data breach in 2016 and in 2017 that impacted a billion user accounts. The company believes that “state-sponsored actors” compromised their system.

The hack involved a spear phishing email that targeted certain employee accounts, which gave attackers access to a variety of personal information. Some of the stolen information included names, email addresses, passwords, and dates of birth.

#3: Twitter The social media giant was the victim of a data breach in July 2022, which impacted 5.4 million users. The hackers gained access to email addresses and phone numbers that were connected to user accounts. The company quickly announced that it was working to fix the issue.

#4: eBay The online retail store was also hit by a data breach in 2017. The company revealed that it had accessed an “insecure direct object reference” error that allowed hackers to view documents without authentication, making it possible for cyber criminals to steal user account credentials and financial information.

#5: Medibank The Australian private health insurance company was hit with a data breach in October that affected 200GB of data. This breach exposed personal details of customers and their medical records.

#6: Cash App The mobile payment company was hacked in December, and attackers obtained personal information for 8.2 million customers. Some of this data included customer portfolio values, stock trading information, and brokerage account numbers.

#7: Facebook The social media platform has been a target for hackers since its inception in 2008. It was recently discovered that the company’s databases were not encrypted or protected by passwords, which can make them easy to access.

Despite these breaches, there are a lot of people out there who want to keep their data private. These breaches are a reminder of the importance of protecting your sensitive information, and that the world is full of bad actors who will do whatever they can to get it.

Managing third-party risk should be at the forefront of every company’s cybersecurity practices. This includes making sure that your organization has a strong cybersecurity culture, ensuring that all third-party vendors are adequately protected and monitored, and consolidating vendors when possible.