The 10 Worst Data Breaches of 2018

While 2018 was a good year for many, but for two billion people things didn’t turn out so well. That number, again two billion, is the number of people affected last year by data breaches.

Yes, a staggering two billion people had their personal data breached. Many of the breaches occurred at companies known around the world, including Facebook and Marriott Hotels. The latter alone saw data breached of more than half a billion consumers.

Hackers increasingly target major corporations but perhaps more worrying is the fact that some of the data breaches occurred simply due to organizations bungling the security of customers’ data.

NordVPN, a company offering virtual private network services, looked into corporate data breaches during 2018. They pointed out that no company, big or small, can assume to be safe from hackers intent on stealing information. Data breaches are on the rise according to the figures from 2018. This is a huge worry as companies and governments collect more and more information from their users and citizens to store away.

As you will see below some of the biggest and most well-known organizations, who billions of people trust with their information, have fallen foul of data breaches.

10 Worst Data Breaches of 2018

1O Worst Data Breaches of 2018

1. Aadhaar (1.1 billion)

2018 started off on the wrong foot for data security. In January it was discovered that the data of Indian citizens stored by the Unique Identification Authority of India was being sold through WhatsApp for just Rs 500 (just over $7)!

For that ridiculously low price buyers were given access to the personal information of 1.1 billion people.

2. Marriott Hotels (500 million)

Marriott takes second place for a huge data breach at its Starwood chain involving the personal data of half a billion customers.

The hotel admitted exposing customer details after their Starwood room reservation network was hacked. Millions of people involved in the breach had their email address, passport numbers, date of birth and addresses stolen.

3. Exactis (340 million)

Two terabytes of data stored by the marketing firm Exactis was left on an unprotected server discovered by security researcher Vinny Troia over the summer. The data did not contain any financial information, but it did seem to have very detailed profiles for nearly everyone in America.

4. Twitter (330 million)

Twitter was also the victim of a breach with around 330 million users affected. The company openly admitted they had made an error with the way they stored passwords of users, storing the details in plain text.

Twitter did stress that they had saved this file in a that only employees could access, but obviously that wasn’t true.

5. My Fitness Pal (150 million)

Under Armour’s MyFitnessPal notified its users in March 2018 that it had experienced a breach involving 150 million users. Those hackers now know just how many cheat days those users have been sneaking.

6. Facebook (147 million)

Around 147 million users of Facebook had data exposed in multiple breaches. The most recent occurred in September 2018 when hackers exploited a vulnerability in the “View As” feature and took control of users accounts.

7. Firebase (100 million)

Firebase had its databases misconfigured, leading to the exposure of the data records of more than 100 million users.

8. Quora (100 million)

100 million users of Quora were hit in a data breach by what Quadro said was a “malicious third-party”. Identifiable information was stolen including email addresses and names.

9. MyHeritage (92 million)

MyHeritage exposed the information of over 92 million users, containing details such as email addresses and passwords.

10. Ticket Fly (27 million)

A Ticket Fly data breach affected 27 million users with the popular website forced to close after what was described as a “cyber incident”. Data affected included email addresses, phone numbers, usernames and home addresses of customers.

Bonus: Google+

Even Google was not a safe place for data for 500,000 unlucky users. Developers found a bug in the Google+ API that allowed developers of third-party apps to infiltrate the data of users.

 A VPN Can Help to Keep Your Information Safe

It’s not only large companies that are at risk of data breaches and hackers, home computers are also at risk of having their data stolen when online.

If big companies such as Google and Facebook can be infiltrated with the levels of security they are supposed to have behind them, so can the everyday internet user. Thieves could use your stolen data to steal your identity, gain access to bank accounts and raise huge debt on credit cards.

VPN is one-step towards making yourself more secure online and keeping your data safe by adding an extra layer of protection between your computer and the open net.