Criminals and state-sponsored hackers attack networks
around the world every minute of every day. Most of the time those
attacks are thwarted by the networks’ cyberdefenses. But when attacks
succeed, they usually do so in a big way.
With increasing regularity, it seems, attackers hit the jackpot and gain
access to information on millions of individuals, including passwords,
email addresses, and credit card numbers. Odds are high that at least
some of your personal information is in the hands of these thieves.
These are some of the biggest computer hacks of the past five years.
|
Adobe (October 2013)
Number of people affected: 150 million
Information stolen: Email addresses and passwords for 150 million users,
according to security vendor Sophos, as well as credit card data for 2.9
million users.
How it happened: Hackers gained access to Adobe’s networks, though
exactly how they did it has yet to be publicly revealed. In addition to
stealing user information, attackers also downloaded the source code for
a handful of Adobe programs, which essentially forms the foundation of
the software.
Aftermath: Adobe offered free credit monitoring to individuals who had
their credit card information stolen. Others were told to reset their
passwords for Adobe products. Password management vendor LastPass set up
a site where you can check to see if your email address was one of those
stolen. |
|
eBay (May 2014)
Number of people affected: 145 million
Information stolen: Customers’ usernames, encrypted passwords, email
addresses, and other personal data. No payment information was taken.
How it happened: Attackers used compromised employee login information
to get into the company’s network.
Aftermath: EBay issued a statement asking all of its users to change
their passwords “out of an abundance of caution.” The company said it
would also work to improve security. |
|
Target (January 2014)
Number of people affected: 110 million
Information stolen: 40 million credit and debit card numbers, as well as
70 million consumer email addresses.
How it happened: According to Bloomberg, hackers used credentials from
an HVAC contractor working within Target to then gain access to the
retailer’s network.
Aftermath: Six months later, company CEO Gregg Steinhafel was forced to
resign over the breach. In March, Target settled a class-action lawsuit
for $10 million with individuals who had their credit and debit cards
stolen. |
|
Home Depot (September 2014)
Number of people affected: 109 million
Information stolen: 53 million email addresses and 56 million credit and
debit cards for shoppers at the $80 billion home improvement chain.
How it happened: Home Depot said hackers used a vendor’s login
information to access the network and install malware on the retailer’s
self-checkout systems, which fed the attackers information on credit
card customers in the U.S. and Canada.
Aftermath: Cleaning up after the breach cost Home Depot an estimated $62
million. The company offered free credit monitoring to any customers who
used a payment card at a Home Depot store after April 2014. |
|
Anthem (February 2015)
Number of people affected: 88 million
Information stolen: Social Security numbers, employment details, and
other personal information maintained by the nation’s second largest
health insurer — but no medical data.
How it happened: Investigators speculate the intrusion began months
earlier and was perpetrated by Chinese government-sponsored hackers, who
are also suspected of breaking into the networks of United Airlines and
the U.S. government’s Office of Personnel Management.
Aftermath: Anthem offered free credit monitoring services to those
affected by the attack.
|
|
JPMorgan Chase (July 2014)
Number of people affected: 83 million
Information stolen: Names, addresses, and phone numbers of account
holders at the $2.6 trillion financial services giant.
How it happened: According to the New York Times, hackers gained access
to JPMorgan’s network via an employee’s credentials.
Aftermath: Investigators recently arrested four individuals suspected of
taking part in the hack.
|
|
U.S. Office of Personnel Management (June 2015)
Number of people affected: 22 million
Information stolen: Social Security numbers and other personal
information for former and current U.S. government employees.
How it happened: Attackers suspected to be from the Chinese government
stole login information from the employee of a third-party government
contractor.
Aftermath: OPM Director Katherine Archuleta resigned, and the agency
suspended its background check system until further notice.
|
|