The increase in data leaks in the past year or so is obviously alarming, but what is more worrying is that it is not always obvious it has happened. There are millions of victims who might not even know that it has happened to them, as many do not use VPN identity protection.
When your data is stolen, the criminals can do a lot with the information, ranging from using it to access your online accounts, such as email, Facebook or PayPal, to the more serious breaches including online banking and taking out credit in your name.
Unfortunately, unlike other forms of theft which results in direct loss of money, whether through access to bank accounts or a credit card, data theft can lead to more problems.
Identity fraud is one of the biggest growing cyber crimes as it can be very difficult to fix, let alone even realize to begin with. This is because unlike a direct theft of your money, something that you will notice, you won’t necessarily realize someone has stolen your information. With simple data such as your name, address, date of birth or email address, criminals can then use this information to collect more information about you. This can lead to the criminals taking out loans, mortgages, phone contracts or other forms of credit, in your name. Damages to your credit score might be the only thing to inform you, but only if you regularly monitor it. It would only be an obvious problem once you try to take credit out yourself and our denied. Debt collectors might even visit if the debt has been outstanding, which can prove tricky to prove it wasn’t you.
How do you find out if you were a victim of data theft?
Luckily there are many websites that can actually tell you if you have been a victim. There are many tools on the Internet to find out, such as haveibeenpwned.com, a website that will tell you if your data has been stolen. All you need to do is to input an email address and it will scour the Internet looking for any matches. This is a great way to see if you would be affected, as identity fraud is notoriously difficult to spot. The most important thing you can do however is to protect yourself the best you can, to ensure data thefts do not happen.
How do you protect yourself from an identity theft?
Using an anonymous VPN service whenever you browse the Internet is the number one method to safeguard your online presence, no matter what you are doing online.
Whether it is for simple activities such as Facebook or talking to friends and family, working online and sending business emails, or watching movies and streaming videos online using a VPN for online privacy is beneficial to all. Personal VPN services like Le VPN allow you to securely connect to the Internet from wherever you are, on whatever device you use and enhance your data security with VPN identity protection. This will allow you to safely and anonymously browse the Internet, without the fear of somebody potentially snooping on your activity or hacking your data.
Now, many of you will be wondering if your data had been breached and stolen, why didn’t the companies notify you? But the reality of it is that if these companies were so transparent in their data breaches and lack of truly secure servers then their business would be affected greatly. It is in their best interest to keep such breaches low key and is usually only reported by security experts or those outside of the company. The main issue lies within the very lenient punishments, or complete lack of, dished out to the companies for employing a weak security system with little to no encryption. Obviously it can be difficult to place all the blame on companies who have been on the receiving end of a cyber attack. But in many cases, as we’re about to see, not enough resources and care have been put into protecting the very customers that are so important to their business.
After the recent numerous data thefts and hacks, we look back at ten of the biggest data breaches of all time.
10. The Panama Papers
The most recent breach on this list is also potentially one of the biggest in history, with the most far-reaching consequences of all the hacks on this list. 11.5 million leaked documents, approximately 2.6 terabytes of data, were released online earlier this year and contained intimate information on attorney-client details ranging from high ranking politicians, to criminals and pro athletes. The information implicated more than 214,000 offshore companies associated with Panamanian law firm Mossack Fonseca. The documents contained details of how the rich and famous kept assets from the public eye, with the majority of them taking advantage of tax havens.
Even though the actual act of offshore tax havens is not illegal, many of those who use them were conducting illegal business, including evading tax. The fallout of the breach is still being felt around the world, with many politicians and heads of governments coming under intense scrutiny.
9. PlayStation Network
Data breaches aren’t even just limited to computers, as Sony found out the hard way back in 2011. With consoles shifting to more online features such as online play, downloading and other features using the Internet, accounts of course would come into play containing personal and identifiable data. Naturally as more and more devices go online, security holes will appear. As with anything online, all of this information has to be stored somewhere.
When the breach happened, it compromised over 77 million PlayStation Network users and their accounts. Names, addresses, email addresses, date of births and other personal information was stolen. Sony had no choice but to take down the service for 20 days whilst the damage was repaired, costing more than $171million for the outage.
8. Anthem Health Insurers
Anthem, the second largest health insurer in the US, suffered a huge data breach in February of 2015, suffering a hack the affected more than 88 million customers across the USA. The details that were compromised contained information on names, addresses, birth dates, social security numbers, phone numbers and even employment information. It is still not known who is responsible for the attack on Anthem, but medical records and financial information remained safe and none were compromised.
With this information, many Anthem members started receiving ‘phishing’ emails claiming to be from the company as a means to capture further information. This is one of the most dangerous methods of extracting further information as the majority of users would not think twice about an email climbing to be from a company they are a member of. Anthem subsequently sent out emails to everyone who might be affected warning them against such fake emails. They also provided free credit monitoring service for those affected.
7. TJ/TK Maxx
Even now, the TJ/TK Maxx data breach was the biggest of its kind, with more than 94 million debit and credit card details stolen in a widespread breach of customer data. The companies computer systems were first hacked and accessed in 2005, with transactions dating back to 2003 were open to the hackers in stealing credit card details. Vulnerabilities left by TJ/TK Maxx in their system made it easy for the hackers to obtain millions of credit and debit cards. The company failed to either encrypt customer data or even delete it entirely, as is common practice with transaction histories, instead they left all customer details long after their transactions had been processed.
The real problem with breaches like this is that most companies do not take the necessary precautions or safeguards to protect customer data. Many companies do not fully understand the importance of securing customer data, ensuring encryption is adequate. It is only when their systems are breached and data stolen is when the true cost of security is revealed.
6. Target
The American retail giant Target suffered one of the largest data theft in modern history back in 2014 when more than 110 million user details were stolen. The cyber attack was initially reported as only 40 million but further investigation found that it almost double that figure. The key difference in this attack compared to most other breaches of data, is that credit card information was also stolen. This is of course in addition to the personal data including names, addresses, passwords, birth dates and email addresses. The credit card data was so specific and included all information needed for a criminal; card number, expiry dates, the three digit security code and even PIN numbers.
The hackers were able to steal customer’s data through sabotaged point-of-sale terminals in Target stores, targeting unaware customers throughout the busiest period of the year; Christmas. The hacks occurred over a period of days between November 27th to December 15th, causing damages in excess of $3.6 billion in liability costs. In a move that was the least Target could do for their customers, they offered a year’s free credit monitoring to ensure nobody became a victim of identity fraud.
5. Heartland / Global Payments
Another data breach on the list is also the biggest credit card fraud in history. The actual hack occurred at Global Payments, a payments processing company, which affected all the major credit card companies in the world. Every time a credit card is swiped, the transaction information is transmitted to a company like Global Payments before the information is forwarded to the actual credit card company such as Visa or MasterCard. Hackers were able to intercept credit card details, as well as obtain them through Global Payments servers, and use them fraudulently. The total number of people affected reached 130 million back in 2009.
This attack prompted a huge shift in the credit card industry where many security experts called for companies to switch to the more secure ‘chip and pin’ cards that have become popular in the rest of the world. But the credit card companies feel it’s actually cheaper to resolve the issue after its happened rather than the cost to change their credit card systems.
4. eBay
One of the world’s leading e-commerce sites was subjected to a database hack back in May 2014, which saw up to 145 million users affected worldwide. The hack saw passwords leaked for an untold number of users, to which eBay swiftly asked users to change their passwords. Despite this, eBay claimed that no financial information was compromised, mainly due in part to PayPal controlling the majority of payment through eBay, and is kept entirely separate on a different encrypted server. But what was stolen included names, addresses, passwords, phone numbers and email address.
The hack actually happened in February and March of 2014 and was noticed soon after. It is still not known who was behind the attack but eBay assured customers in the aftermath of the hack that no unauthorized activity was reported on eBay, as well as no access to financial information connected with eBay accounts.
3. Adobe
Starting with one of the biggest in history, the Adobe hack left more than 150 million user details compromised, resulting in email addresses and passwords stolen and 2.9 million user’s credit card details stolen. A data dump found on the AnonNews website where it was revealed that hackers had somehow accessed Adobe’s servers and stole vast amounts of personal data. It is still yet unknown how the hackers managed to breach the security of Adobe’s systems, but they also got away with stealing source code for a number of Adobe’s software, which provides the foundation for key programs such as Photoshop, Lightroom etc.
After the breach happened, Adobe provided free credit monitoring to those individuals who were affected in order to combat identity fraud due to the information being stolen. The only other course of action that could be taken was to make all users to change their passwords for their accounts. Password manager LastPass also set up a website to see if you were affected by the data breach.
2. Voter Database
191 million voters in the USA were exposed when an online voting database was compromised and all the personal information of voters were leaked online. As opposed to the majority on this list, this breach wasn’t a result of a cyber attack or malicious intent, but rather an incorrect configuration of the database. This resulted in the information of millions of voters to be accessible on the open Internet. The data included information such as names, addresses, dates of birth, phone numbers, party affiliations from all over the United States.
A tech support specialist from Texas stumbled across the data when he was looking for exposed information on the web in a bid to raise awareness of data leaks. Fraud schemes such as identity fraud are very prevalent and this kind of information is perfect for them.
1. Court Ventures
In one of the boldest and far reaching data breaches of modern times, a Vietnamese man, Hieu Minh Ngo, was charged over his involvement in acquiring millions of sensitive data on American citizens after posing as a private investigation company. The ID theft ring managed to convince Experian, one of the world’s largest credit monitoring companies, in selling sensitive details on millions of individuals. Such details sold included names, addresses and all the usual data that is so valuable to ID theft criminals. This attack affected more than 200 million individuals and also compromised bank details.
With so many data breaches occurring at an alarming rate with no signs of slowing, now is the best time to stay on top of your online security. Despite some of the world’s biggest companies embroiled in data thefts and hacks, security still is not a top priority with the majority of companies. With Le VPN, you can at least make sure your own personal Internet connection is encrypted and secure, no matter where you are in the world.
Sign up to Le VPN and enjoy the true freedom of the Internet.
* Article updated on August 1st, 2018 *
HOLIDAY SPECIAL
First 3 years for $2.22/mo
NO LOGS
100+ LOCATIONS
P2P ALLOWED
Easy To Use
30-Day Money Back
Friendly Support
Bitcoin Accepted
Ultra High Speeds
Written by Vuk Mujović @VukMujovic
Vuk Mujović is the founder of MacTíre Consulting, an analyst, data management expert, and a long-term writer on all things business & tech. He authored blogs, articles, and opinion pieces aimed to help both companies and individuals achieve growth without compromising their security. Vuk is a regular guest author to Le VPN Blog since January 2018, where he gives his expert opinion on the topics related to cybersecurity, privacy, online freedom, and personal data protection. He also often shares his tips and best practices in relation to internet security and digital safety of private individuals and small businesses, including some additional applications of using a VPN service.