The Three Biggest Data Breaches of This Year
At the beginning of the year, we’ve gone over the biggest privacy leaks and data breach scandals that occurred in 2018. Now that the first half of 2019 has already passed, we wanted to take a look back at the biggest data breaches that happened so far this year. So, let’s get right into it with the largest data breach, which occurred at the very beginning of the year.
Collections #1 Data Breach
Collection #1 is the name given to the sets email addresses and passwords that became public on the dark web back in January of 2019. When it was discovered by Troy Hunt, an online security researcher, it became the largest data breach on the internet, numbering in over 2.7 billion email/password pairs. Collection #1 was publicly available to any internet-goer and was temporarily open for everyone at no cost.
What was even more concerning was that all of the information was available in plain text, meaning that the hackers have managed to decrypt the encrypted protocol. Not two weeks later, several other similar sets of data appeared on the dark web, named Collection #2 through #5, which have even been seen on sale on the web. All combined, the leaked information included over 25 billion email record. To this day, the culprits behind the most massive email leak have still not been found.
Facebook (Instagram and Whatsapp) Data Breach
Facebook has become a regular guest on almost every data breach page across the web, including this one. This year, in particular, was very eventful, not just for Facebook itself, but also for two of its companies, WhatsApp and Instagram. So, let’s take a quick chronological view at how the data breaches unfolded this year.
Back in April, the UpGuard cybersecurity firm discovered that the Mexico-based Cultura Colectiva was storing over 500 million records of Facebook users on unsecured online servers. The exposed information included a variety of comments, likes, Facebook IDs, names from several million Facebook users, totaling in several hundred million records. While this data breach wasn’t reported that much compared to previous Facebook breaches, it is one of the biggest data breaches in the history of social media platforms.
Certainly one of the most serious data breaches of the year, the WhatsApp breach that occurred in May this year could have affected each and every of the 1.5 billion users, without them even knowing. The inserted spyware could turn on the devices camera and microphone without their permission, access photos, emails and messages and collect searches and location data, all without the knowledge of the user.
If the WhatsApp data breach wasn’t enough to round up the month of May, the Instagram one was more than what was necessary to bring down Facebook’s reputation further. Occurring in the same month as the WhatsApp data breach and just a few weeks after the Facebook one, the Instagram data breach exposed over 50 million Instagram users. The exact number of victims is still not known, but it included many high-profile social media influencers, celebrities and even brands.
First American Data Breach
Known as the largest real estate insurance company in the US, First American suffered a devastating breach, one that made history as the second-largest ongoing data leak in the history of the internet, right behind the Yahoo! Data breach that happened a few years ago. The data breach affected close to 1 billion customers. The leaked information included transaction records, as well as other compromising documents, such as bank numbers, driver’s licence information tax records and even social security numbers.
According to information that was provided by several cybersecurity firms, the leak wasn’t a consequence of spyware, malware, or even a hacker attempt. All signs point that the insurance company didn’t manage to secure its URLs, using a simple sequential system that allowed any user to access any piece of information just by entering the correct URL. Since this was a pretty inexcusable leak, First American suffered a big blow to its reputation and is even facing a fine by the New York State Department of Financial Services.