In 2017 many companies were hit with security breaches. It would appear that the larger the organization, the greater the risk of being targeted by hackers and malware. When an organization services millions of users, it is incumbent on the organization to protect those millions and their sensitive data. One of the companies was unaware of the breach for several years until they got a message from a third party informing them of the breach.
Here are 10 companies that suffered from security breaches in 2017:
1: Equifax
Hackers stole personal data from 145 million users. Information from user accounts including login information, driver’s license numbers and Social Security numbers. The consequences for this breach can be far-reaching.
2: TIO Networks
The company had weak points in their network security. Information from over 1.6 million customers was compromised. The data included bank and credit card information as well as user account information and Social Security numbers.
3: FAFSA
The IRS fell victim to a hacking breach that targeted FAFSA users. Information from 100,000 taxpayers was compromised and more than 7,000 returns were filed and 67,000 pending and attempted claims were detected and stopped.
4: Gmail
Users received an email asking to share a Google Doc. The link in the email was linked to the Google security page. Once there, the user was asked to allow an app to make changes to the user’s account. The third-party app is estimated to have affected close to 1 million users in one hour.
5: Bronx Lebanon Hospital Center
Due to a Rsync issue involving a third party backup server, thousands of medical records were compromised. The contents of the records included everything from mental health to infection/disease status.
6: WannaCry
In April, an organization called Shadow Brokers released hacking software that was later used in the hacking incident, WannaCry. WannaCry targeted outdated Windows OS systems and servers. The malware locked the computer’s systems until the victim paid a ransom.
7: OneLogin
A cloud-based platform that enables users to manage login information for numerous sites was breached. In this case, the “malicious actor” breached the security for seven hours. The extent of the damage is still under investigation.
8: California Association of Realtors
The online payment system was infected with malware that ran for a couple of days. The malware collected credit card information which was sent to a third party.
9: Imgur
Imgur recently discovered a breach that took place three years ago, back in 2014. When an email sent from the website Have I Been Pwnd, which discovers security breaches, informed the COO of Imgur that user information, including emails and passwords, was released. It is estimated that 1.7 million users may have been affected.
10: eBay
Information involving account usernames and real names were compromised, along with purchase histories. There was a breach which occurred while two companies had signal issues. Information involving sensitive products was released, like personal HIV testing kits.
