Ten years after the most important data breach recorded to date, suffered by Yahoo! in 2013, ESETthe company specializing in cybersecurity and proactive threat detection, reviews data breach incidents.
From the Equifax incident, which affected almost half the population of the United States, and part of Great Britain and Canada, through the leak of more than a billion data from citizens of India, to the largest theft of information sold in collections that totaled more than two billion records.
From 2013 to date: these have been the largest data breaches
1.- Yahoo!
In 2013, the internet services company Yahoo! went down in history for having suffered the most important data breach in the last 10 years.
At first, the company had recognized that 1 billion accounts were affected, but 4 years later, in 2017, when Verizon acquired the company and carried out an exhaustive investigation with external forensic experts, the real dimension of the cyberattack could be taken: Oath, Verizon’s internet unit, acknowledged that the number of users affected was more than 3,000 million, -all Yahoo! at that time – and, in addition to sending emails to notify the “new” affected, published on their website additional information about the gap of 2013.
However, What kind of information was compromised with this attack? Yahoo!’s chief information security officer, Bob Lord, said the leak included names, email addresses, phone numbers, dates of birth, hashed passwords, and in some cases security questions and answers. The “good news” is that cybercriminals they did not gain access to bank or payment detailssince the compromised system did not host this type of information.
2.- International Marriott
The Marriott International hotel chain made headlines in 2018 for something that began four years earlier and that would imply almost 400 million compromised records: On November 30, 2018, Marriott issued a statement in which he claimed to have received “an alert from an internal security tool about an attempt to access Starwood’s guest reservation database in the United States.” During the investigation it was learned that “there had been unauthorized access to the network since 2014”.
What resulted in this data breach that went completely unnoticed for 4 years? 383 million records were compromised, including encrypted names, phone numbers, passport details, email addresses and even credit card numbers.
According to the new york times, the attack could be attributed to a Chinese intelligence group, whose main objective was to collect data on American citizens. The research team, working from an alert issued on September 8, 2018, specified that the cybercriminals used a remote access Trojan and a tool that finds combinations of usernames and passwords in system memory.
3.- Equifax
Equifax is one of the largest credit reporting agencies in the United States. This data is key to understanding the criticality of the leak that took place in 2017 and that put the data of almost half of US citizens at risk.
During September of that year, Equifax announced that it had suffered a leak which involved data from approximately 143 million people, or 44% of the total population of the United States. Customers in the UK and Canada were also affected. Among the information that the cyber attackers were able to access were customer names, social security numbers, dates of birth, addresses, driver’s license numbers, and also credit card numbers.
According to Equifax itself, the leak occurred due to a “web application vulnerability to access certain files. The Bloomberg site He assured that the leak was possible due to an untimely patch, which was available two months before the attack. The consequences were not long in coming: Richard Smith, CEO of Equifax at the time, left his position. The company had to face lawsuits from users and investigations by regulatory bodies in the United States, the United Kingdom and Canada, and its shares fell.
4.- Aadhaar
aadhaar is the world’s largest identification database. It was created by the Unique Identification Authority of India in 2009 so that Indian citizens can, through a card, access state aid, buy a mobile SIM card, open a bank account and carry out various bureaucratic procedures. Punctually, Aadhaar contained information of more than 1.1 billion Indian citizensalso including a unique 12-digit identity number, fingerprint and iris scans, name, gender and contact details.
During January 2018, the hacking suffered by Aadhaar was publicly disclosed: the cyberattackers managed to exploit the website of Indane, a state-owned public service company that was connected to the government database through an interface, with the aim of to recover data stored by other applications or software.
Indane did not have the corresponding access controls and thus exposed the data of the company and of all users who had an Aadhaar card. It became one of the largest government data breaches in history, leaving the vast majority of India’s population (an estimated 90%) exposed to potential victims of crimes such as identity theft and other scams. . A investigation carried out by the Tribune newspaper of Indiashowed that for 500 rupees (something like 6 dollars) this data could be accessed through a group of hackers who offered it through WhatsApp.
5.- Collection #1 to #5
He Collection case it was made up of a collection of data that was extracted from various ancient breaches. Among the five installments that this “saga” had, it managed to filter the shocking number of 2,200 million email addresses and passwords.
It all started in mid-January 2019, when it became known that 773 million unique email addresses and also more than 20 million passwords had been leaked through MEGA and other forums, through a package called Collection#1. Towards the end of the month, another four new folders that were part of the same collection were released. Collection#2, Collection#3, Collection#4, Collection#5 also included, among other data, usernames, addresses and passwords, reaching a total weight of 993.36 GB.
the german institute Hasso Plattner conducted research of the leak, ensuring that the complete combo of the five folders added up to 2.2 billion records in total. In fact, in some forums the complete package was offered, with the detail of the weight of each folder.
“Data breaches are often more common and frequent than we would like. Therefore, it is very important that as users we know if our data has been leaked in any way, in order to prevent it from being used for malicious purposes. sites like Have I Been Pwned, Identity Leak Checker, HackNotice are some of those that allow us to know if our password has been leaked. The next step is to update the keys, choosing new and more secure passwords, avoiding reusing the same password in more than one service. Another very good practice is to activate the double factor authentication in all the services that have it available”, advises Camilo Gutiérrez Amaya, Head of the Research Laboratory of ESET Latin America.