The ten largest data breaches of the past decade

We look back at some of the most significant data-breaches of the past ten years.

As the days and weeks go by, it’s hard to keep track of all the data breaches we’ve encountered.  As is the way of things, it seems like we have a fresh breach every week now and that doesn’t seem to be slowing.

So, with that in mind and also the fact we’re in a new decade, we thought it high time that we took a stroll down memory lane and look at the ten largest data breaches of the past decade.  Brace yourselves.

10: Facebook, April 2019

Just over 419 million unprotected Facebook records were found online.  This data also included millions of phone records which could in turn be used for spam, phishing and even SIM-swap fraud.

9: Cambridge Analytica, March 2018

The now defunct Cambridge Analytica harvested 50 million Facebook profiles.  Whilst the numbers are not as large as some of the others in this list, the severity of the breach lead to big changes across Facebook as well as political pressure from governments around the world.

8: Uber, November 2017

In a move that surprised many in the cyber-security world, Uber paid hackers $100,000 to hush a breach that affected around 57 million customers.

7: Friend Finder Network, November 2016

412 million accounts were stolen by hackers in back in November, 2016.  What made this significant wasn’t so much the size of the breach, but more the fact that the website in question is a ‘sex and swinger’ site, meaning the data in question is much more personal.

6: US voter database, December 2015

Back in the December of 2015, around 191 million voter registration details were leaked online thanks to an incorrectly configured database.  The data included names, addresses, phone numbers, date of births, party affiliations and more.

5: eBay, May 2014

145 million customer details were compromised. Hackers were able to gain access via stolen corporate email details, eventually gaining access to the customer records.  eBay came under fire for not disclosing the breach quickly enough.

4: Target, December 2013

The U.S retail giant was hit by theft of card details and personal data amounting to around 70 million customers in total.  What made this particularly unique was that the hackers were able to install malware on the PoS machines inside stores, enabling them to steal card details.

3: Dropbox, August 2012

Way back in 2012, Dropbox became the victim of a sophisticated data breach, with around 68 million passwords making their way into the hands of attackers.  Sadly, this was all made possible because an employee used the same password for work and other unrelated accounts.

2: Sony PlayStation Network, April 2011

In 2011 Sony was the victim of an attack which led to the theft of credit-card information from their PlayStation Network.  A major problem with some of the data was that it hadn’t been encrypted, meaning it was easy for hackers to use the data.

1: WikiLeaks US embassy cables, November 2010.

Perhaps one of the most significant leaks of the past decade (if not THE most significant), saw the release of just over 250,000 despatches from 250 US embassies.  This sort of breach highlights the significance they can have.

So there you have it, ten of the most significant breaches of the past decade.  Considering the numbers above, the chances are you were affected by one or more of them, so perhaps now’s a good time to think about changing passwords or even closing accounts you no longer need.

Tips