The impact of IT security breaches can be devastating, and it’s when these attacks happen on an enormous scale that the power of unauthorised access and malicious code can become apparent.
Our latest post runs through five of the biggest and most widely reported hacks of the last ten years, looking at how significant both their impact and legacy have been.
1. PlayStation Network Attack
Sean MacEntee – Flickr – Licenced under Creative Commons – https://www.flickr.com/photos/smemon/5800650076/
Who was affected? 77 million PSN users
What was the cost? £111m
It went down in history as one of the biggest online service outages, and from one of the biggest entertainment companies no less. While 77 million PlayStation Network (PSN) users had personal details and login information at risk, 12.3 million of these had credit card information also on file.
All of these were at risk and, while there were little to no verified reports of fraud, it was an enormous breach which shattered customer confidence – damaging the brand and costing £111m in lost revenue, compensation and legal costs.
“Ebayheadquarters” by Original uploader was Coolcaesar at en.wikipedia – Originally from en.wikipedia; description page is/was here. Licensed under CC BY-SA 3.0 via Wikimedia Commons – http://commons.wikimedia.org/wiki/File:Ebayheadquarters.jpg#/media/File:Ebayheadquarters.jpg
Who was affected? 145m users worldwide
What was the cost? £117m
Highlighting the importance of keeping your personal details private, even in an office of people you trust, this hack was orchestrated simply using stolen employee credentials. Hackers gained access to eBay’s internal corporate network and were able to get personal information of 145 million users from internal databases.
The records included basic information such as names, physical addresses and phone numbers but also encrypted passwords and email addresses – potentially giving hackers access to eBay accounts, and even financial services like PayPal.
eBay were criticised for their slow response, but did launch an investigation and request its users to change their passwords.
By Elisa.rolle (Own work) [CC BY-SA 4.0 (http://creativecommons.org/licenses/by-sa/4.0)], via Wikimedia Commons – http://commons.wikimedia.org/wiki/File%3AForbes_Magazine_Building_01.JPG
Who was affected? 1m user accounts
What was the cost? Unknown
Back in 2014, American business magazine Forbes had its website hacked by the Syrian Electronic Army (SEA). As part of the attack, the online group stole login information of more than 1 million of the site’s users, and were even able to post fake news stories although these were promptly removed.
The group openly claimed responsibility through its Twitter profile and, while there were no enormous costs, it was a breach of one of the world’s biggest online publishers and could have had serious repercussions to any of the users affected.
4. Russian Hackers Bank Heists
“Backlit keyboard” by © User:Colin / Wikimedia Commons. Licensed under CC BY-SA 4.0 via Wikimedia Commons – http://commons.wikimedia.org/wiki/File:Backlit_keyboard.jpg#/media/File:Backlit_keyboard.jpg
Who was affected? Over 100 banks
What was the cost? £650m in missing money
Earlier this year Kaspersky Lab, the Russian IT firm known for its globally popular security software, uncovered one of the biggest financial cyber raids in history. The raids are thought to have taken place slowly over the last two years, with as much as £650m reported to have gone missing from banks’ records.
The gang of Russian hackers developed sophisticated illegal software which infected systems at banks around the world, allowing them to view live video feeds and digitally imitate staff and transfer millions of pounds at a time to dummy accounts.
5. TJX Companies Inc
“T.J. Maxx” by Anthony92931 – Own work. Licensed under CC BY-SA 3.0 via Wikimedia Commons – http://commons.wikimedia.org/wiki/File:T.J._Maxx.JPG#/media/File:T.J._Maxx.JPG
Who was affected? Up to 90m customer records
What was the cost? £166m
US-based retail group TJX, whose stores include T.K. Maxx and HomeSense in the UK, suffered the biggest theft of consumer data in the United States over 18 months between 2006 and 2007. An estimated 90 million credit and debit card numbers were stolen throughout the hack on its internal systems across several of its brands.
Other identifiable information was also stolen, including driver’s license numbers. Overall, the attacks cost the group more than £166 million ($256 million).
Featured image originally by n3jack – Flickr – Licensed under Creative Commons: https://www.flickr.com/photos/n3wjack/3856456237/