Hacked! The biggest data breaches of 2017

by

November 8, 2017

Hacked!The biggest data breaches of 2017.png

Every time we turn on the news, we see another unfortunate world event. And every time we check our favorite news websites, it seems as if there’s another report of a widespread ransomware attack. In fact, reports indicate that data breaches rose by 40% in 2016 alone.

Let’s recap some of the biggest data disasters of 2017 so far.

InterContinental Hotels Group (IHG)

Chances are good that you’ve stayed at an IHG hotel in your life, even if you don’t recognize the name. This company owns popular chains like Crowne Plaza, Holiday Inn and Candlewood Suites, and last February, it announced that a breach had affected 12 of its properties. Data such as cardholder names, numbers and verification codes were taken from malware-infected servers used to store the details of on-site restaurant and bar payments—and in April, the number of compromised properties jumped from 12 to 1,200! IHG admitted that it had not initially known the full scope of the breach, but stated that all malware had been eradicated by the end of March.

Gmail

At MyITpros, we remember the day that a sophisticated Gmail phishing scam targeted about 1 million users. In fact, some of our very own employees received duplicitous emails (but don’t worry, no one fell for the scam!). The phishing attack accessed Gmail accounts through a third-party app and sent emails that looked like they came from recipients’ known contacts, directing recipients to the real Google security page and prompting them to allow access to a fake Google Docs app. Luckily, Google was able to shut down the phishing attack in an hour.

CybersecurityGraphic.png

Equifax

The security industry called the September Equifax breach one of the worst in history. All told, 143 million consumers of this Big Three credit reporting agency had their sensitive data stolen, including Social Security numbers, birthdates, names and driver’s license numbers, and about 200,000 people’s credit card information was also compromised. The breach happened in mid-May through July after a loophole in the company’s software was discovered by hackers. A much smaller attack in March that affected one of Equifax’s subsidiaries received more media attention following the larger attack, at which point the company said it had notified the few thousand people affected at the time.

Yahoo

Back in 2016, it was reported that Yahoo had suffered a catastrophic breach affecting 1 billion accounts, and further details came to light as recently as October 2017. Since the news first broke, it’s been discovered that the actual number of affected accounts totaled 3 billion—every Yahoo account in existence—and spread across email, Tumblr, Flickr and Fantasy. Information taken included phone numbers and passwords.

Of course, this isn’t a complete list—other household names like Chipotle and Whole Foods also suffered breaches this year. As a Texas-based company, MyITpros was particularly sad to hear about breaches happening in our own backyard, such as the one that compromised Denton Health Group. Given the regularity with which breaches are hitting the headlines, educating users on how to spot threats is paramount. To find out more about how MyITpros works to inform and protect its users, give us a call!

We're Integris. We're always working to empower people through technology.

Keep reading

A Personal Twist on Zero Trust Security

A Personal Twist on Zero Trust Security

The massive Australian data breach in late September inspires me to share a personal twist on Zero Trust Security. What makes this incident colossal? BBC News Australia reports, "Australian telecommunications giant Optus revealed about 10 million customers - about 40%...

4 Cybersecurity Takeaways from China’s Largest Data Breach

4 Cybersecurity Takeaways from China’s Largest Data Breach

Cybersecurity drama strikes again as human error leads to China's biggest data breach and perhaps the most significant hack of personal information in history. According to Threat Post, the incident was triggered after a Chinese government software developer wrote a...

The Business Impact of the AGCO Ransomware Attack

The Business Impact of the AGCO Ransomware Attack

On May 6, 2022, global agricultural equipment manufacturer and distributor AGCO announced they were victims of a ransomware attack. The cyber assault hit some of their production facilities on May 5. Restoring operations to normal will take several or more days. While...