Five of the Biggest Data Hacks – From Yahoo to Ashley Madison and Equifax
We may think we’ll never be hacked, but there’s a common saying in cybersecurity: “There are two types of companies: those that have been hacked and those that don’t know they have been hacked.”
Now think: How often do you share sensitive information over the internet? If you’re like most people, you hand over your information several times a day. A lunch order? It requires your full name, credit card information, and address. An email to a colleague? It could potentially include company account login information, employee salaries, or proprietary information.
As we continue about our day, we trust a wide variety of companies to keep all of our information secure. Unfortunately, despite their best efforts, companies can fall short when it comes to protecting your personal data.
Five Memorable Hacks
Here are five times major companies didn’t live up to their security promises:
- LinkedIn: In 2012, hackers stole emails and passwords for over 6.5 million LinkedIn users. This is dangerous especially when many people use the same password across numerous accounts! In 2016, LinkedIn announced the number of compromised accounts was much higher than initially thought – adding 100 million to the initial number. (https://blog.linkedin.com/2016/05/18/protecting-our-members)
- Yahoo!: In 2013 and 2014, Yahoo underwent two major attacks. All 3 billion of Yahoo’s users were impacted. According to NPR, hackers stole “account information such as names, email addresses, phone numbers, birth dates as well as hashed passwords and security questions and answers.”
 (https://www.npr.org/sections/thetwo-way/2017/10/03/555016024/every-yahoo-account-that-existed-in-mid-2013-was-likely-hacked)
- Sony Pictures: In 2014, a hacker group “wiped out many of the company’s servers” and “resulted in the theft of terabytes of data.” On top of that, the hackers released the personal data of Sony employees, such as emails, passwords, salaries, and Social Security numbers. If you can remember the emails released were very sensitive and lead to high profile employee firings.
 (https://ew.com/article/2014/12/04/sony-pictures-hack/, https://www.wired.com/2016/02/sony-hackers-causing-mayhem-years-hit-company/)
- Ashley Madison: In 2015, a hacker group stole the names, email addresses, phone numbers, and partial credit card numbers of 37 million users. Known as a website that helps people cheat on their partners, the leak led to the shaming of users and the end of many relationships.
 (https://krebsonsecurity.com/2015/07/online-cheating-site-ashleymadison-hacked/)
- Equifax: In 2017, Equifax failed to update a third party software. This left Equifax vulnerable to the attack from a group of hackers, leading to a massive leak that affected customers in the US (147 million), UK (15.2 million), and Canada (19K). The leak revealed names, Social Security numbers, birthdates, driver license numbers, credit card numbers, and more. This is one of the worst breaches because many people whose data was released had never directly signed up with the credit-monitoring service, but rather unknowingly had their data shared by a 3rd party.
 (https://www.zdnet.com/article/equifax-confirms-apache-struts-flaw-it-failed-to-patch-was-to-blame-for-data-breach/)
How to check if you’ve been hacked?
Chances are you won’t find out you’ve been hacked until it’s too late and your information has been sold. Luckily, there are tools that help you see if your account or password has been compromised. Here are a few steps you can take to check if you’ve been hacked:
- iPhones with iOS 14, you can check if your keychain passwords are on a data leak. Simply go to Settings > Passwords > Security Recommendations.
- Visit https://haveibeenpwned.com/ to enter your email address or password to see if it has appeared in a data leak.
- If you suspect a specific account has been hacked, you may be able to check in your settings whether there’s a login session from a different location or device.
What to do if you’ve been hacked?
Each situation is different and may require different steps. Here are some basic steps to take if your account is hacked:
- Update your password. Use our guide to select a strong password or passphrase.
- Review all active sessions. If you don’t recognize any devices or login locations, remove them, or end their session.
- Check to see if there have been any changes to your account. From your email and phone number to financial information, make sure everything is in line with your information.
- Do a full security audit of all your accounts. If you use the same email or password for any other account, update your login information. Make sure none of your other accounts have been impacted.
- If you’re a victim of fraud, make sure to contact the law enforcement and the appropriate party.
Remember, the best way to protect yourself from getting hacked is to limit the amount of personal data you share. For more tips, check out our guide on How to Protect Yourself Against Hackers.
 
                        
 
						