This blog has comprised a list of 10 of the biggest or most significant data breaches and cybersecurity incidents of 2018. Basically, this list is based on how much risk or damage the breach caused to companies, people or account holders.
Below is a list of 10 of the biggest data breaches reported thus far in 2018 in terms of a total number of data breached, who are being attacked and when data breach took place:
1. Aadhaar
- 1.1 billion Records breached
- Date Disclosed: 3 Jan 2018
According to reports a 12-digit unique identifier that is assigned to every Indian citizen was compromised of all 1.1 Billions citizens registered in India.
2. Facebook
- 50 million records breached in March
- Date Disclosed: March 17, 2018
- 90 million records breached in September
- Date Disclosed: September 25, 2018
- 7 million records breached in December
In the month of March, hackers accessed the information of 50 million Facebook users. The Facebook data breach was discovered when hackers exploited the Facebook vulnerability that allowed hackers to steal Facebook access tokens. It was the first data breach of 2018.
In the month of September, this was the second time when approx 50 million Facebook accounts were compromised.
3. Quora
- 100 million records breached
- Date Disclosed: 30 November 2018
On 30 Nov, Quora disclosed that a malicious third party had compromised the account information of 100 million users which included Name, email address and encrypted password.
4. Marriott Hotels
- 500 million records breached
- Date Disclosed: November 2018
In the month of November, Marriott Hotels disclosed that it had suffered a data breach in which personal information of 500 million guests stolen which included name, email id, address, D.O.B., passport number & credit card information.
5. TicketFly
- 27 million records breached
- Date Disclosed: 7 June 2018
In late May 2018, Ticketfly was the target of a “malicious cyber-attack“. It was confirmed that financial information, including credit and debit cards, was not accessed. Information, including names, addresses, email addresses and phone numbers, connected to approximately 27 million Ticketfly accounts was accessed.
6. MyHeritage
- 92 million records breached
- Date Disclosed: 4 June 2018
In the first week of June MyHeritage Company that test people’s DNA to find their ancestors and build their family trees had confirmed that 92 million records have been breached who signed up earlier than October 26, 2017. But fortunately, DNA info and family trees were stored on separate systems that weren’t compromised
7. Exactis
- 340 million records breached
- Date Disclosed: 26 June 2018
The breach was discovered in June 2018 when a researcher noticed that Exactis’s database was on a publically accessible server. Exactis exposed approx 340 million records in which information was an email address, phone number, physical address and many more.
8. British Airways
- 380,000 customer’s data breached
- Date Disclosed: 7 September 2018
In the first week of September, British Airways apologized for the hundreds of thousands of its customer’s data were stolen in the most serious attack on its website and application. It was concluded that approx 380,000 card payments made between August 21st and September 5 were compromised. The hackers used ‘credit card skimming’ technique in this attack.
9. Cathay Pacific
- 4 million passengers data breached
- Date Disclosed: October 2018
Cathay Pacific’s data breached exposed personal information of 9.4 million passengers. Flight systems and safety were not affected by the breach, the company said, as the IT systems affected were wholly separate from operational equipment.
10. Under Armour
- 150 million records breached
- Date Disclosed: 25 May 2018
In the month of May, the company’s food and nutrition app were hacked, but fortunately, any payment info was not leaked as company processes payments through a separate channel.
Other Notable Data Breaches of 2018
Panera
- 1.1 billion records breached
- Date Disclosed: 3 Jan 2018
MBM Company
- 3 million Customers data breached
- Date Disclosed: March 2018
Orbitz
- 880,000 customer’s details exposed
- Date Disclosed: 1 March 2018
Pumpup
- 6 million records breached
- Date Disclosed: 31 May 2018
Sacramento Bee
- 5 million Records breached
- Date Disclosed: 7 June 2018
There were numerous additional data breaches also that took place in the year 2018, which means the number of compromised records could actually be much higher.
Stay safe and secure from today’s emerging cyber attacks.