True to industry predictions, more security breaches through hacking hit the headlines in 2015 than ever before.
Whether the target is a massive corporation or a micro business, no organisation is too big or too small to escape hackers’ scrutiny.
SMS Passcode showcases ten of the most high-profile hacks this year, exemplifying how prevalent cybercrime has become and how disastrous the consequences can be.
1. US Office of Personnel Management
This breach was one of the biggest ever of US government systems. Although not proved, the attack was believed to be perpetrated by Chinese hackers. The data theft consisted of stealing addresses, health and financial details of 19.7 million people who had been subjected to government background checks as well as 1.8 million others.
2. FBI portal breach
A portal used by police and the FBI to share intelligence and arrest suspects was hacked in November this year and data on arrestees stolen. While the FBI didn’t announce figures on how many people were affected, this attack is thought to be one of the biggest law enforcement hacks this year. It was perpetrated by the same hackers who accessed CIA director John Brennan’s personal email account earlier this year.
3. Ashley Madison
The security data breach that hit the infamous infidelity dating site back in the summer of 2015 was media gold. A hacking collective identified weaknesses in password encryption and used these to crack the bcrypt-hashed passwords.
The upshot was the personal information – including credit card details – of over 11 million users was leaked on the dark web. The company has lost its CEO, seen its share price and whatever credibility it had plummet, and faces class actions from clients and investors.
October this year saw one of the UK’s biggest hacks this year and one that dominated news headlines for weeks. The mobile phone provider was the target of a bunch of teenage hackers who stole the details of over 20,000 customers.
The hackers were quickly identified and dealt with, but the company has been left with a bill of up to £35 million, having had millions wiped off its share price, and is facing law suits from customers and investors.
It emerged in October that Chinese hackers had targeted health insurance company Anthem in a bit to learn more about how medical coverage is set up in the US. Apparently, Anthem has not been the only target, with smaller insurer Premera saying it had been hacked in March, exposing details of about 11 million people.
Healthcare data has become some of the most valuable information that can be sold in the online black market, making healthcare companies a prime target for hackers.
6. Carphone Warehouse
One of the biggest breaches in the UK this year was when the details of almost 2.5 million customers was stolen back in August, with almost 90,000 having encrypted credit card information stolen. The company said it had been the victim of a sophisticated cyber attack that is being investigated by the industry watchdog.
7. Multiple US financial institutions and media companies
Hackers stole the details of over 100 million people with banks accounts in what authorities dubbed “securities fraud on cyber steroids”. At least nine banks and other financial institutions, including JP Morgan, plus Dow Jones, the parent company of the WSJ, were targeted by hackers who gained access to a number of systems that helped them to make money from illegal activities, including running a digital currency exchange, gambling websites and inflating stock prices. Three men have been prosecuted.
Another UK telco was involved in a data breach in October, when hackers stole the personal and financial details of 2000 customers. Hackers used emails addresses and passwords acquired from an unknown source to get names, phone numbers, bank sort codes and the last four digits from bank accounts.
9. Samsung Electronics
The electronics giant’s subsidiary, LoopPay, was hacked back in March this year. LoopPay developed the payment system used to run Samsung Pay, a competitor to Apple Pay, but Samsung said that no user data was compromised during the hack, which lasted several months before detection.
10. Hilton Worldwide
The global hotel chain has recently been the victim of an attack that infiltrated its POS terminals, giving hackers unfettered access to customer credit card information. Stolen information included cardholder names and card numbers, security codes and expiry dates, enabling hackers to shop online or by phone.