Data privacy is more important than ever before. Data is running the world and with great power, comes great responsibility. January 28th was Data Privacy Day and reiterates the importance of keeping our data safe, as it is meant to. We go to great lengths to ensure that our homes, electronics, and personal belongings are safe and sound but are we thinking along the same lines when it comes to our data? Itโs high time that we do because organizations are collecting our data every second of every day and in most cases, we canโt do much about it. The other major concern is if the data is being secured by the organizations collecting them. Weโve witnessed multiple instances of data leaks by major companies in the past couple of years. Letโs educate ourselves and look at some major data breaches that over the years have left the general public shell-shocked.
Yahoo
Yahoo, one of the pioneers of the Internet era, revealed in 2016 that it was the victim of a data breach that occurred in 2014 which compromised the names, email addresses, phone numbers, and dates of birth of 500 million users. If that wasnโt bad enough, Yahoo dropped another bombshell a year later citing that a breach in 2013 had compromised all 3 billion user accounts on its server. This was done by a different set of hackers who stole personal details like names, passwords, email addresses, dates of birth, and security questions and answers. Yahoo was in the process of being acquired by Verizon when these breaches were revealed. The revelations certainly had an impact, as a company that was once valued at a $100 billion was sold for $4.48 billion.
ย Uber
One of the biggest ridesharing services, Uber Technologies Inc, discovered a major breach in 2016 which disclosed the personal information of approximately 57 million users and drivers. Uber further made a mess of the already damaging situation by the way it handled the whole fiasco. The breach wasnโt disclosed until a year later. To make matters worse, it was revealed that Uber had paid off the two hackers with $100,000 to destroy the data with no confirmation that it was actually done. The hackers gained access to Uberโs AWS account credentials when they hacked into its Github account. The weak security was the reason that all the data was compromised with such ease and Uber paid for it in terms of reputation and fines.
Equifax
Equifax, one of the major credit reporting agencies, exposed sensitive information (social security numbers, driver’s license numbers, dates of birth, and addresses) of 143 million users in 2017. The hackers gained entry through a consumer complaint web portal and then gained access to connected servers. The usernames and passwords were stored in plain text which gave them access to more systems. The data was accessed undetected for months and once detected, Equifax made it known to the public a month later. The security practices were weak and the negligence led to more than 40% of the US population having their personally identifiable information revealed.ย
Facebook
Facebook experienced a major breach in April 2019 that exposed over 540 million records. Its Mexico-based partner called Cultura Colectiva was responsible for the incident. An inadequately secured AWS server exposed data that could be used to trace user details like usernames, comments, and likes. Another third-party app called โAt the Poolโ leaked around 22,000 passwords due to an unencrypted backup of AWS. In cases like these, password reuse rears its head and becomes a menace. The stolen passwords are usually sold on the dark web where criminals use those passwords on other sites where the users have accounts. The only silver lining is that the third-party app has been out of business for the past five years.ย
Having strangers know a lot more than your name (even your name for that matter!) is scary and makes you wonder about the world we live in. Privacy is important to all of us but we usually donโt give it much thought given all that we have on our plate. The above incidents are a wake-up call and we realize that we have to be more proactive when it comes to protecting our data. Hereโs to hoping that this Data Privacy Day taught us to be more cautious and vigilant in cyberspace.ย
Fill in the details to know more
What Are SOC and NOC In Cyber Security? What’s the Difference?
February 27, 2023
Fundamentals of Confidence Interval in Statistics!
February 26, 2023
A Brief Introduction to Cyber Security Analytics
Cyber Safe Behaviour In Banking Systems
February 17, 2023
Everything Best Of Analytics for 2023: 7 Must Read Articles!
December 26, 2022
Best of 2022: 5 Most Popular Cybersecurity Blogs Of The Year
December 22, 2022
What Is Asset Classification?
March 20, 2023
Masquerade Attack โ Everything You Need To Know!
Best Infosys Information Security Engineer Interview Questions and Answers
Add your details:
By proceeding, you agree to our privacy policy and also agree to receive information from UNext through WhatsApp & other means of communication.
Upgrade your inbox with our curated newletters once every month. We appreciate your support and will make sure to keep your subscription worthwhile