(UPDATE 4/16/18): Added section on Facebook
As much as technology has improved our lives in every way, it has also left us vulnerable. The false sense of security many devices, apps, and gadgets bring means we are far more susceptible to having our personal information stolen from us. Hackers are able to gather data from anyone, anywhere in the world using modern technology, whereas in the past they would have had to physically break into a file cabinet for such information.
Recently, it seems, some of the worst data breaches of all time are cropping up left and right. Although we consistently find ways to protect our precious information and are getting smarter about privacy and encryption, the hackers are getting smarter at the same rate (if not faster). It’s up to the corporations we store our data with to protect it. It’s out of our hands. So which companies should we be scrutinizing?
To answer that question, we need to consider the four worst data breaches of the last few years:
We don’t always have a choice in the matter of who manages our information. We have plenty of options for whom we choose to bank with, purchase from, and even back up data with. But when it comes to credit monitoring, we don’t get to choose who reports our credit score history. The company running our credit score (for such things as applying for a mortgage or leasing a car) gets to decide which company they run our score with. But we, as consumers, don’t get to decide whether or not we want a specific credit reporting company to have access to our private information like credit cards, loan history, and even social security number!
As unfair as this is, it makes it even more unfair that Equifax, one of the top credit reporting companies, suffered one of the worst data breaches in history. Not because it was the largest or the most information stolen, but because it was entirely out of the hands of the consumer. Over 143 million people had their social security number, driver’s license information, and credit card numbers stolen from Equifax’s servers back in June 2017 (which wasn’t reported to consumers until three months later!).
2. Yahoo (twice!)
Back in September 2016, only one year before the Equifax breach, Yahoo reported that 500 million of their customers’ accounts had been hacked into. Users’ names, phone numbers, email addresses, and other personal information was stolen from their site. But that’s not everything. A few months later, Yahoo announced again that they were the “victims” of yet another breach—three years earlier, in 2013! And what’s worse is that this “original” breach from 2013 that went undisclosed for three years resulted in the theft of data from all 3 billion customer accounts. That’s every single account.
Make sure you’re changing all your login information, folks. If you use your Yahoo username and/or password for other important things, these hackers have access.
3. Patient Home Monitoring Corp.
Earlier this month, it was found that a company called Patient Home Monitoring had their private patient healthcare information breached. Although less widely known, this is yet another of the top data breaches we have experienced. This is because it seemingly violates HIPAA laws meant to protect personal patient data from being seen by anyone other than the patients themselves and approved physicians or family members. The medical information released included test results, client data, and case management notes, among other sensitive documents. Reports claim over 150,000 patients were affected.
October seems to be the month of data breaches. This month, cell phone company T-Mobile reported security system bugs, potentially allowing hackers access to their entire customer base. Although T-Mobile claims only a small population of users were affected by the time the breach was patched, an anonymous source claims that even the fix T-Mobile provided for the bug is vulnerable to hacking.
The recent Facebook – Cambridge Analytica data breach is responsible for exposing the many privacy issues facing social media platforms today. While news of this scandal only broke recently, the breach itself took place in 2013. It all started with a Facebook quiz by the name of “thisisyourdigitallife.” The app, which was developed by Cambridge professor Aleksandr Kogan, was downloaded over 300,000 times. Once installed, the app would begin harvesting private information from the user’s profile. But it didn’t stop there, as every friend connected to those 300,000 accounts had their data stolen as well. This lead to the widespread data breach, affecting over 87 million users.
On March 17th, 2018, the data breach was exposed to the world. Whistleblower Christopher Wylie, a co-founder of Cambridge Analytica, came clean about the firms illicit activities to both The Guardian and The New York Times. In response to this, Mark Zuckerberg was forced to defend the company in a set of hearings on Capitol Hill. For now, we don’t know what impact these hearings will have on the social platform. But you can be sure some drastic changes will be coming to Facebook in the coming months.
These aren’t the only breaches we have lived through in recent times. In the last five years, we’ve seen security vulnerabilities in major companies like Target, Home Depot, Ashley Madison, and Sony. No company is safe from hackers, which means no customer is safe either. We as consumers must try everything we can to protect our own data and monitor it closely. Do your research and remember to always, always stay vigilant.