10 Biggest Cyber Crimes and Data Breaches Till Date

  • Comments 0
    0
  • OTA 2,669
  •    +

Cyber criminals are becoming more sophisticated at picking our virtual pockets. And most of us remain woefully unprepared. Below are the 10 biggest cyber crimes and data breaches, which include governments, Yahoo, Google and others.

Advertisements
10 Biggest Cyber Crimes and Data Breaches Till Date

According to a 2016 survey conducted by PricewaterhouseCoopers, organizations rank cybercrime as the second most reported type of economic crime, up from fourth place. (It’s worth noting that most cybercrimes go unreported.)

In the survey, 32 percent of organizations admitted they had been a victim of cybercrime and 34 percent expected to become a victim in the next two years. Only 37 percent had a plan to respond to these incidents.

Such stats indicate widespread denial in the face of a growing problem. Online crime has way beyond teenage hackers pushing boundaries and into elaborate worldwide syndicates that are well organized and use sophisticated tools. They steal personal data, passwords and other information, then use it to blackmail businesses or scam consumers. Or they might sell it on the black market, where others can use it to steal identities and run up credit card charges.

Here are 10 of the most notable cybercrimes, either by size or significance. They illustrate the growing threat to businesses, consumers and governments.

Rarely a week goes by without news of another data breach at another corporation. And cyber thieves are taking different types of data and doing more things with them.

Infographic: 10 Biggest Cyber Crimes and Data Breaches

  1. 50 Millions Credit Cards Data Stolen from Home Depot’s System (2014)

    In 2014 retailer Home Depot’s system was breached, exposing data from over 50 million credit cards.

    The thieves used a vendor’s user name and password to get onto the company’s computer network, then installed malware on its point-of-sale systems, which meant that consumers swiping their credit cards were literally handing over their data to the criminals.

    In short, people were buying physical items from a real life store, but ended up giving their credit card data to hackers. Scary, huh?

    More information: Reuters.com

  2. Single Largest Theft of Customer Data (Citigroup, HSBCS, Dow Jones & Others) in 2014

    Bank JPMorgan Chase in 2014 disclosed a massive breach that compromised the data of 76 million households and 7 million small businesses. Other U.S. financial institutions, brokerage firms, and financial news publishers were targeted, including Citigroup, HSBC, Dow Jones and payroll service company ADP.

    Three men, now under arrest and pending trial, had set up “hacking as a business model,” according to Preet Bharara, the United States attorney for the Southern District of New York. He called the breach:

    “The single largest theft of customer data from a U.S. financial institution ever.”

    The charges allege that the men used the stolen information in pump-and-dump schemes, manipulating prices of stocks by sending fake e-mails to customers whose data was stolen, tricking them into investing then profiting by the rise in stock price. The three men also allegedly operated unlawful internet gambling sites, distributed counterfeit and malicious software and operated an illegal BitCoin exchange.

    More information:Justice.gov & another article on Justice.gov

  3. Yahoo Data Breach: Over 1,5 Billion Users Data Was Breached (2013 to 2016)

    Yahoo! has been the target of at least two major breaches.

    In September 2016, the company disclosed that it had a 2014 breach compromised the data of at least 500 million users.

    Then in four months later it reported another breach had happened in August 2013 that exposed data of more than a billion Yahoo! users. The company did not explain why it took so long to report the breaches, which could land it in trouble with regulators.

    The U.S. Securities & Exchange Commission issued guidance in 2011 that required companies to disclose material information about cyber incidents if they could impact investors. The agency is reportedly investigating the company.

    More information: WSJ.com

  4. In 2015, 79 Million Customer’s Data was Stolen from HealthCare Companies

    The last three years have shown how vulnerable consumer health data can be as hackers increasingly target health insurance and medical information.

    In 2015, three healthcare companies – Anthem, Premera Blue Cross and CareFirst BlueCross BlueShield, were hacked. Anthem’s was the largest – exposing some 79 million customers’ data. Premera lost information on more than 11 million customers. Then CareFirst uncovered a breach that compromised the information of over a million customers.

    The U.S. government, which sometimes holds even more critical information than companies, has become a juicy target.

  5. Over 700,000 Social Security Numbers Were Stolen From IRS in 2015

    In 2015, the U.S. Internal Revenue Service had a breach that exposed more than 700,000 Social Security numbers and other sensitive information. Published reports say the hackers took advantage of an online IRS program called “Get Transcript,” which allowed taxpayers to access their tax history.

    Even before the breach, identity thieves were using stolen Social Security numbers to fraudulently file for refunds. According to a report by the inspector general, in the 2016 tax season the IRS identified 42,148 tax returns with $227 million claimed in fraudulent refunds, and that was only as of early March of that year.

    More information: Forbes.com & CBS News

  6. Largest Government Data Breach (2016) Due to Outdated Technology

    Meanwhile, the U.S Office of Personnel Management (OPM) exposed records of as many as 21.5 million people, one of the largest breaches of government data in U.S. history.

    Information included Social Security numbers, names, dates and places of birth, health and financial details and even fingerprints of people who had been subjected to government background checks. A congressional report published in September 2016 said the government was using outdated technology that left its systems vulnerable. One of the hackers used a contractor’s credentials to log on, install malware and create a backdoor to the network.

    Governments around the world also have learned how to use hacking to their advantage, for cyber-espionage.

    More information: KrebsonSecurity.com

  7. Google Corporate Servers in China Were Hacked in 2009

    In 2009, hackers accessed several of Google’s corporate servers in China, stealing intellectual property and other information. The company said it had “evidence to suggest that a primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists.”

    Four years later, in 2013, U.S. government officials said the Chinese hackers had accessed a sensitive database that contained court orders authorizing surveillance, possibly of Chinese agents who had Gmail accounts. A Microsoft official suggested that Chinese hackers had targeted its servers at about the same time as Google’s, possibly seeking similar information about its email service.

    More information: WashingtonPost.com

  8. North-Korea “supposedly” Hacked Sony Pictures and Stole Unreleased Movies

    In 2014, hackers attacked the computer network of Sony Pictures, stealing employee e-mails, information on executive salaries and copies of unreleased movies. There was widespread speculation that the group was trying to disrupt release of the film, The Interview, a comedy depicting a plot to assassinate North Korean leader Kim Jong-un.

    The U.S. government blamed the North Korean government for the breach – the first time the U.S. government publicly accused a country of a cyber attack.

  9. WikiLeaks: Sensitive Emails From Democratic National Committee (2016)

    … and it would not be the last.

    In July WikiLeaks published a series of emails taken from servers of the Democratic National Committee. The e-mails contained private correspondence, some of which derided the campaign of the Bernie Sanders, and sensitive financial data on high-profile donors to Hillary Clinton’s campaign.

    The revelations prompted the resignation of the DNC’s chairperson and arguably impacted the U.S. election. S. intelligence agencies said they were confident that the Russian government was behind the hacks and even issued a report at the end of 2016 providing details on how the Russians allegedly carried out the exploit. Others, particularly new President Donald Trump, expressed doubt that Russia was responsible.

  10. Biggest DDOS Attack That Took Down Twitter, PayPal, Netflix and Others (October, 2016)

    2016 also marked the first time the so-called “Internet of Things” (IoT) was widely used in a cybercrime. In October, a cyberattack on one of the companies that host the internet’s Domain Name System, a directory of internet addresses, took down many of the internet’s most popular sites, including Twitter, Netflix, Paypal and Spotify.

    The attack was of a common type, called a distributed denial of service (DDoS), which shuts down systems by bombarding them with too many requests at the same time. The unusual and alarming aspect, however, was that rather than using “zombie PCs,” where malware has been downloaded onto the PCs of unsuspecting consumers, making them into a sort of robot that can help to send all these requests, the attackers used common internet-connected things like baby monitors and digital recorders.

    The company, called Dyn, said the onslaught came from millions of internet addresses, making it one of the largest cyberattacks of all time.

    Experts believe that as more things are connected to the internet, cybercrime is only going to get worse. Research firm Gartner forecasts that there will be 6.4 billion things connected to the internet by 2018. It predicts that by 2020 some 25 percent of known cyberattacks will involve the IoT.

    More information: DHS.gov

This piece of content was put together by TheBestVPN.com research team.

Check the comment section below for additional information, share what you know, or ask a question about this article by leaving a comment below. And, to quickly find answers to your questions, use our search Search engine.

Note: Some of the information in samples on this website may have been impersonated or spoofed.

Bookmark articleSave

Was this article helpful?

  • Like (0)
  •       
  • Dislike (0)   
Advertisements

Comments, Questions, Answers, or Reviews

There are no comments as yet, please leave one below or revisit.

To protect your privacy, please remove sensitive or identifiable information from your comments, questions, or reviews. We will use your IP address to display your approximate location to other users when you make a post. That location is not enough to find you.

Your post will be set as anonymous because you are not signed in. An anonymous post cannot be edited or deleted, therefore, review it carefully before posting. Sign-in.

Write Your Comment, Question, Answer, or Review

Advertisements
Trending Trending Now

View more...

Online Threat Alerts Security Tips

Pay the safest way

Credit cards are the safest way to pay for online purchases because you can dispute the charges if you never get the goods or services or if the offer was misrepresented. Federal law limits your liability to $50 if someone makes unauthorized charges to your account, and most credit card issuers will remove them completely if you report the problem promptly.

Guard your personal information

In any transaction you conduct, make sure to check with your state or local consumer protection agency and the Better Business Bureau (BBB) to see if the seller, charity, company, or organization is credible. Be especially wary if the entity is unfamiliar to you. Always call the number found on a website’s contact information to make sure the number legitimately belongs to the entity you are dealing with.

Be careful of the information you share

Never give out your codes, passwords or personal information, unless you are sure of who you're dealing with

Know who you’re dealing with

Crooks pretending to be from companies you do business with may call or send an email, claiming they need to verify your personal information. Don’t provide your credit card or bank account number unless you are actually paying for something and know who you are sending payment to. Your social security number should not be necessary unless you are applying for credit. Be especially suspicious if someone claiming to be from a company with whom you have an account asks for information that the business already has.

Check your accounts

Regularly check your account transactions and report any suspicious or unauthorised transactions.

Don’t believe promises of easy money

If someone claims that you can earn money with little or no work, get a loan or credit card even if you have bad credit, or make money on an investment with little or no risk, it’s probably a scam. Oftentimes, offers that seem too good to be true, actually are too good to be true.

Do not open email from people you don’t know

If you are unsure whether an email you received is legitimate, try contacting the sender directly via other means. Do not click on any links in an email unless you are sure it is safe.

Think before you click

If an email or text message looks suspicious, don’t open any attachments or click on the links.

Verify urgent requests or unsolicited emails, messages or phone calls before you respond

If you receive a message or a phone call asking for immediate action and don't know the sender, it could be a phishing message.

Be careful with links and new website addresses

Malicious website addresses may appear almost identical to legitimate sites. Scammers often use a slight variation in spelling or logo to lure you. Malicious links can also come from friends whose email has unknowingly been compromised, so be careful.

Secure your personal information

Before providing any personal information, such as your date of birth, Social Security number, account numbers, and passwords, be sure the website is secure.

Stay informed on the latest cyber threats

Keep yourself up to date on current scams by visiting this website daily.

Use Strong Passwords

Strong passwords are critical to online security.

Keep your software up to date and maintain preventative software programs

Keep all of your software applications up to date on your computers and mobile devices. Install software that provides antivirus, firewall, and email filter services.

Update the operating systems on your electronic devices

Make sure your operating systems (OSs) and applications are up to date on all of your electronic devices. Older and unpatched versions of OSs and software are the target of many hacks. Read the CISA security tip on Understanding Patches and Software Updates for more information.

What if You Got Scammed?

Stop Contact With The Scammer

Hang up the phone. Do not reply to emails, messages, or letters that the scammer sends. Do not make any more payments to the scammer. Beware of additional scammers who may contact you claiming they can help you get your lost money back.

Secure Your Finances

  • Report potentially compromised bank account, credit or debit card information to your financial institution(s) immediately. They may be able to cancel or reverse fraudulent transactions.
  • Notify the three major credit bureaus. They can add a fraud alert to warn potential credit grantors that you may be a victim of identity theft. You may also want to consider placing a free security freeze on your credit report. Doing so prevents lenders and others from accessing your credit report entirely, which will prevent them from extending credit:

Check Your Computer

If your computer was accessed or otherwise affected by a scam, check to make sure that your anti-virus is up-to-date and running and that your system is free of malware and keylogging software. You may also need to seek the help of a computer repair company. Consider utilizing the Better Business Bureau’s website to find a reputable company.

Change Your Account Passwords

Update your bank, credit card, social media, and email account passwords to try to limit further unauthorized access. Make sure to choose strong passwords when changing account passwords.

Report The Scam

Reporting helps protect others. While agencies can’t always track down perpetrators of crimes against scammers, they can utilize the information gathered to record patterns of abuse which may lead to action being taken against a company or industry.

Report your issue to the following agencies based on the nature of the scam:

  • Local Law Enforcement: Consumers are encouraged to report scams to their local police department or sheriff’s office, especially if you lost money or property or had your identity compromised.
  • Federal Trade Commission: Contact the Federal Trade Commission (FTC) at 1-877-FTC-HELP (1-877-382-4357) or use the Online Complaint Assistant to report various types of fraud, including counterfeit checks, lottery or sweepstakes scams, and more.
  • Identitytheft.gov: If someone is using your personal information, like your Social Security, credit card, or bank account number, to open new accounts, make purchases, or get a tax refund, report it at www.identitytheft.gov. This federal government site will also help you create your Identity Theft Report and a personal recovery plan based on your situation. Questions can be directed to 877-ID THEFT.

How To Recognize a Phishing Scam

Scammers use email or text messages to try to steal your passwords, account numbers, or Social Security numbers. If they get that information, they could get access to your email, bank, or other accounts. Or they could sell your information to other scammers. Scammers launch thousands of phishing attacks like these every day — and they’re often successful.

Scammers often update their tactics to keep up with the latest news or trends, but here are some common tactics used in phishing emails or text messages:

Phishing emails and text messages often tell a story to trick you into clicking on a link or opening an attachment. You might get an unexpected email or text message that looks like it’s from a company you know or trust, like a bank or a credit card or utility company. Or maybe it’s from an online payment website or app. The message could be from a scammer, who might

  • say they’ve noticed some suspicious activity or log-in attempts — they haven’t
  • claim there’s a problem with your account or your payment information — there isn’t
  • say you need to confirm some personal or financial information — you don’t
  • include an invoice you don’t recognize — it’s fake
  • want you to click on a link to make a payment — but the link has malware
  • say you’re eligible to register for a government refund — it’s a scam
  • offer a coupon for free stuff — it’s not real

About Online Threat Alerts (OTA)

Online Threat Alerts or OTA is an anti-cybercrime community that started in 2012. OTA alerts the public to cyber crimes and other web threats.

By alerting the public, we have prevented a lot of online users from getting scammed or becoming victims of cybercrimes.

With the ever-increasing number of people going online, it important to have a community like OTA that continuously alerts or protects those same people from cyber-criminals, scammers and hackers, who are every day finding new ways of carrying out their malicious activities.

Online users can help by reporting suspicious or malicious messages or websites to OTA. And, if they want to determine if a message or website is a threat or scam, they can use OTA's search engine to search for the website or parts of the message for information.

Help maintain Online Threat Alerts (OTA).

10 Biggest Cyber Crimes and Data Breaches Till Date