Upload
secpod-technologies
View
168
Download
2
Embed Size (px)
Citation preview
Impact: 94 million credit cards exposed.
Source of breach: Hackers groups advantage of a weak data encryption system. One group stole credit card data during a wireless transfer between two stores. Another group broke into the TJX network through in-store kiosks that allowed people to apply for jobs electronically. Major cause - Unprotected network.
THE WORST DATA SECURIT Y BREACHES TILL 2015
Source of breach: The database was on a laptop and external hard drive that were both stolen.
Department of Veterans A�airs
2006 TJX Companies Inc.Impact: An unencrypted national database with con�dential details of 26.5 million veterans, active-duty military personnel and spouses was stolen. Estimated recovery cost - $100 - $500 million.
Source of breach: Data-base admin sold the data to a data broker, who in turn sold it to various marketing �rms.
2007
Fidelity National Information Services
Impact: An employee stole 3.2 million customer records including credit card, banking and personal information.
Impact: 134 million credit cards exposed through SQL injection to install spyware on Heartland's data systems.
Source of breach: Attackers stole the credit and debit cards. Vulerability to SQL injection.
Heartland Payment Systems 2008
Impact: Stolen intellectual property.
Source of breach: Act of corporate espionage. A massive and unrivalled attack was launched on Google, Yahoo, and dozens of other Silicon Valley companies. The hackers exploited a weakness in an old version of Internet Explorer to gain access to Google's internal network.
Google/other Silicon Valley companies2009
Source of breach: After infecting systems with a malicious software program the hackers sent out scam e-mails seeking personal �nancial data, asked users to click on links that could infect their PCs with malicious software. Hackers later e-mailed the victims claiming to have infected their computers with a virus and threatening to delete �les unless the payment demands were met by the victims.
Impact: Undisclosed information stolen.
VeriSign2010
Impact: Exposed names and e-mails of millions of customers stored in more than 108 retail stores plus several huge �nancial �rms and the non-pro�t educational organization.
Source of breach: Un-determined but could lead to several phishing scams and countless identity theft claims.
Epsilon 2011Impact: Around 40 million employee records stolen.
Source of breach: Two separate hacker groups worked together with a foreign government to launch a series of spear phishing attacks against RSA employees. They posed as people the employees trusted, to enter the company's network. Spent at least $66 million on remediation.
RSA Security
Impact: 77 million PlayStation Network accounts hacked.
Source of breach: Not found.
Sony's PlayStation Network
Impact: Personal information of 35 million South Koreans was exposed.
Source of breach: Attackers uploaded malware to a server used to update EST-soft's ALZip compression application.
ESTsoftImpact: Cred-it/ debit card information and/or contact information of up to 110 million people were exposed.
Source of breach: Hackers had gained access through a third party to its point-of-sale payment card readers, and had collected about 40 million credit and debit card numbers. Cost of the breach - $162 million.
Target Stores2013
2014Impact: Theft of credit/debit card information of 56 million customers.
Source of breach: A “unique, custom-built” malware had been used, which posed as anti-virus software. Cost of breach - $33 million.
Home DepotImpact: Theft of personal information on up to 78.8 million current and former customers.
Source of breach: Unkown. Cost of the breach expected to exceed $100 million.
Anthem 2015
Sources: darkreading.com | abcnews.go.com | computerworld.com | informationweek.com | hackernews.com