10 Dec Past Hacking Attacks and Data Breaches
Top Hacking Attacks in History
Cyber attacks, including high authority website defacing, data breaches and malware spreads, dominated headlines over the past decade. The Internet landscape evolved in the past few years, with borderless commercial transactions taking place every second. Organisations have discovered the power of data and its mining to guide their management teams in critical business decision making. Marketing teams have seen the addition of a number of digital channels to their marketing mix and overall most businesses have undergone sophisticated digital transformations.
In this article we will take a look at some of the biggest cyber attacks that happened in recent years.
Millions of people's data are affected by these cyber security failures.
5 of the most notorious black hat hacking attacks in history follow.
Back in 1999 a programmer based in New Jersey, David L Smith, created this first major computer virus which shocked the world. The virus was disguised as a normal MS Word program and was sent to a vast number of unsuspecting recipients. The virus ‘re-sent’ itself to the first fifty people from each infected computer’s address book.
It is estimated that it caused 80 million dollars in damages and compromised around 20% of the world’s computers. David L Smith was jailed for 20 months.
NASA and the US Defense Department – hacked by a teenager
Also in 1999 a fifteen year old from Florida, by the name of Jonathan James, managed to penetrate the computer system of a US Department of Defence division and installed a backdoor on its servers. This malicious program allowed him to intercept tens of thousands of highly classified emails from various governmental agencies and organisations including mails with credentials for military computers and highly confidential emails.
Using his backdoor, James managed to steal important NASA software modules which led to NASA shutting down their systems for around 3 weeks. Jonathan James was later caught. In 2008 James committed suicide and in his suicide letter he denied all allegations related to this hacking incident.
PlayStation Network Hack in 2011
In April 2011 a hacker managed to access the PlayStation Network system. This resulted in data and personal information loss for approximately seventy-seven million users. The company hit by this attack, Sony, in a statement had said that hackers have accessed personal information, but said there is no evidence of credit card details theft. The illegal and unauthorised intruders got access to people’s names, addresses, email address, birth dates, usernames and passwords and security questions.
Sony had to shut down for twenty days and lost a staggering 171 million dollars. This loss included ‘welcome back’ packages. As part of their damage control, Sony allowed PlayStation Network Users to play a number of free games as compensation for the downtime.
This hack incident is possibly one of the biggest ever, into one of the world’s main holders of credit cards. The world’s top holders of credit cards are Amazon, PayPal, iTunes and eBay each holding more than hundred million accounts.
Marriott International data breach in 2014
The Marriott hack involved around half a million Starwood guests from all over the world. The hotel chain had its guest reservation database compromised by attackers who had penetrated their network some three years before the actual attack. Hackers copied and encrypted information including name, address, phone number, email address, passport number, date of birth, gender, account information and arrival-departure information of guests’ stays at their hotels which include top brands such as Sheraton and Le Meridien.
It remains unknown whether encryption keys have been stolen. As part of an image-repair (PR) drive and compensation campaign Marriott offered customers a twelve-month subscription to a fraud-detection service free of charge.
2017’s Equifax data breach
Search engine search results for the search term ‘Equifax’ show a good number of adverse media articles related to the well-known data breach which happened in 2017. Equifax is a multinational client credit reporting agency which collects and aggregates data and information on over eight hundred million individual consumers and more than eighty-eight million businesses internationally.
Practically personal information of half the USA’s population was exposed by the attack. This attack was very similar to Ashley Madison’s data breach. The situation got out of hand (post the breach) with a lot of phishing attacks and imposter websites asking for people’s personal information.
In settlement, Equifax offered affected users settlement funds and free credit monitoring. From a technical perspective, this data breach was due to a vulnerability open-source Apache Struts which was not patched on Equifax servers in a timely manner. An unknown hacker-group had targeted websites that failed to update Struts with the available key security patch.
These hackers literally used a keyboard instead of a gun. Organisations ended up suffering financial losses, credibility losses and reputational damage which cost an arm and a leg to rebuild. In 2020 so far all the following fell victim to hacking attacks: Manchester United, AstraZeneca, Toledo Public Schools, Jewish General Hospital, and University of Mumbai. Prevention and awareness are the answer – pen test your systems and applications today!