Data breaches in 2015 result in over 480 million records leaked or compromised
January 11, 2016 |
Readers of this blog would know the regularity of data breaches throughout the world in 2015. Itgovernance in List of data breaches and cyber attacks in 2015 – over 480 million leaked records has actually tabulated the volume of the records leaked or compromised by those breaches. The best guess is that 487,731,758 records were leaked on line.
With poor regulation and no data breach notification laws in Australia it is difficult to get an accurate idea of what the impact of data breaches are.
The article provides:
The volume of data breaches and cyber attacks that marked 2015 could be appropriately described as a ‘cascade’ or ‘torrent’, or perhaps ‘maelstrom’.
There have been breaches of highly sensitive data (including that of children), targeted attacks on government agencies such as the US’s OPM and Germany’s Bundestag, and an alarming number of well-orchestrated DDoS attacks.
Money has been stolen, data has been swiped and lives have been ruined.
However, I must not fail to mention the fantastic work law enforcement agencies around the world have been putting in to bring justice down on the cyber criminals causing havoc this year. As Stuart Winter-Tear recently called it, 2015 has been the year of collaboration, and we can only hope to see the same in 2016.
By my calculations, which is counting up all of the available numbers on the stories that I’ve reported each month, I’m at 487,731,758 leaked records in 2015. It’s very likely that the final number is significantly higher, but we know that there’s been at least 487,731,758.
Below, I’ve listed the most significant events of each month; to view the full list for each month, please click that month’s heading. I will continue to update this list until the end of January 2016, so be sure to come back.
Note: The total number alongside each month is not the definitive number, please take it as the minimum number of records leaked in each month – not the total.
January – 2,057,199
Aussie Travel Cover data breach – thousands of policyholders not informed that records were stolen
Unpatched vulnerability leaves millions of Moonpig customers at risk for 17 months
19,000 French websites suffer cyber attack in ‘unprecedented surge’
Wingstop announces payment card data security incident
Park ‘N Fly confirms data breach affecting customer’s payment cards
Chick-fil-A investigates payment card data breach
Thieves target American and United airlines, dozens of free trips booked
Minecraft data breach – usernames and passwords leaked online
Wisconsin chiropractic clinic notifies 3,000 patients of insider breach
Malware infects payment card system at French Lick Resort
February – 102,223,313
Credit card information stolen in Big Fish Games site compromise
Banks link credit card fraud to Marriott hotels
Yet another online parking hack: Book2Park loses card data in data breach
18.8 million non-customers could be affected by Anthem breach
Russian dating site Topface pays ransom to stop 20 million hacked records being made public
March – 11,342,576
Bulk Reef Supply website compromised, credit cards at risk
Malware installed at California burger joint, payment cards at risk
Hilton HHonors Awards accounts exposed by security flaw
New health care data breaches: another 11 million customer records exposed
Amazon’s Twitch game-streaming service hacked
Jamie Oliver’s website found spreading malware… again
April – 2,306,312
“Dyre Wolf” online banking campaign bypasses two-factor authentication – $1 million stolen
Belgium’s biggest French-speaking newspaper goes offline after cyber attack
Data compromised in Linux Australia server breach
Costa Coffee Club members wake up and smell the data breach
Russian hackers accessed President Obama’s emails
Hyatt Gold Passport breached – user passwords reset
160,000 students compromised in Metropolitan State University data breach
370,000 Social Security numbers exposed in Auburn University data breach
May – 1,512,825
Bundestag cyber attack confirmed
How the Washington Post was hijacked by the Syrian Electronic Army (again)
Cyber criminals steal $3.8 million from Alaska Native corporation
Anonymous hackers steal terabyte of passwords from Italy’s Expo 2015
Jamie Oliver serves up a third helping of malware
Adult FriendFinder website breached; compromising data leaked online
Harbortouch POS malware attack – customer card data stolen
Hard Rock Hotel loses customer card data over seven months
June – 22,446,450
Microsoft’s anti-surveillance site hacked
Aussie Internet provider Westnet breached – over 30,000 customers affected
FBI looks at Cardinals in Astros’ data breach
Second data breach at OPM confirmed
Millions of US government workers hit by data breach
Polish airline forced to ground planes after “IT attack”
July – 64,713,144
Hacking Team hacked – cyber surveillance company tells customers to stop using its software
Nursery webcam accessed by stranger to speak to parent and child
Coordinated cyber attack hits four New Jersey gambling sites
Digital media streaming service Plex hacked, forum held for ransom
Canadian Security Intelligence Service website taken offline
Detroit Zoo, eight others across the county experience POS breach
CVS and Walmart Canada Are Investigating a Data Breach
Donald Trump hotel chain hit with credit card data breach
August – 2,841,114
Ashley Madison 9.7GB data dump posted online
Carphone Warehouse hack: 2.4 million customers affected
Mumsnet founder ‘swatted’, site attacked – users urged to change passwords
Users of dating site Plenty of Fish targeted by cyber attack
Russia launches “sophisticated cyberattack” on Pentagon computers
UVA shuts down servers after cyber attack
GitHub Again Hit by a new DDoS attack
New York magazine confirms outage was result of cyber attack
September – 17,085,880
London’s 56 Dean Street clinic leaks HIV status of 780 patients
800,000 fans of the Kardashians left exposed after privacy blunder
Malware sneaks into the iOS App Store. What you need to know about XcodeGhost
NCA website falls foul of Lizard Squad DDoS attack
Imgur suffers DDoS attack on 4chan and 8chan servers
Banks: Card Breach at Hilton Hotel Properties
Thousands of Lloyds Premier Bank customers have had their data “stolen” in security breach
October – 39,754,915
Police force blames hacker after #CyberAware tweet sent out containing bogus security advice
CIA boss has his personal email account hacked… and yes, it’s on AOL
Hacked Shopping Mall CCTV Cameras Are Launching DDoS Attacks
Payment card breach at The Commons Hotel in Minnesota
EyeBuyDirect announces website breach, payment cards affected
Payment card breach at Peppermill Resort Spa Casino in Reno
November – 11,415,000
Eclipse staggers to feet, gets smacked by second DDoS
Norwich International Airport website hacked
ProtonMail hit by mystery DDoS attack, preventing customers from accessing their secure email
JPMorgan Hackers Breached Anti-Fraud Vendor G2 Web Services
Extortionists target CCN in a DDoS attack; 5 bitcoins bounty
U.S. Government Officials Targeted by Iranian Hackers
UK pummelled with DDoS after ISIS cyber attack warning
VTech hacked: nearly 5 million parents’ and 200,000 children’s details exposed
Breach at Securus Technologies exposes 70 million prison phone calls
Hilton Hotels admits hackers planted malware and stole customer card details
Payment card data breach affects 54 Starwood Hotels
December – 210,033,030
JD Wetherspoon data breach 300% bigger than TalkTalk incident
Elephant Bar data breach includes 8 Bay Area sites since August
FBI: MaineGeneral Health Victim of Data Breach
13 Million MacKeeper Users Exposed
Database of 191 Million U.S. Voter Records Left Exposed Online