DLP: High-Profile Leaks

Leaks in Russia

Main article: Data leaks in Russia

Data breaches in the public sector

Main article: Data leaks in the public sector of countries of the world

Data breaches in healthcare settings

Main article: Data breaches in healthcare facilities

Data leaks in social networks

Main article: Data leaks in social networks

2024

Hackers have been stealing technical data from Volkswagen for years

On April 20, 2024, it became known that cybercriminals had been stealing technical data from the German automaker Volkswagen for several years. In total, at least 19 thousand files containing confidential information about various units and technologies for the production of vehicles were stolen. Read more here.

American telecom operator AT&T admits to data leakage of 73 million subscribers

On March 30, 2024, US mobile operator AT&T announced a cyber incident that affects the company's information infrastructure. As a result of the incident, the data of approximately 73 million subscribers were on the darknet. Read more here.

2023

API hole leaks data of 2.6 million users of popular foreign language learning service Duolingo

At the end of August 2023, it became known that the attackers posted personal data of 2.6 million users of the popular service for learning foreign languages ​ ​ Duolingo on one of the hacker forums. Read more here.

760 thousand accounts of the Discord messenger are put up for sale

In mid-August 2023, a major leak of Discord user data became known. The company itself, which develops the messenger of the same name popular among gamers, confirmed this information. Read more here.

The data of tens of thousands of Bank of America customers was stolen. All due to ransomware virus attack

On August 9, 2023, the audit and consulting company Ernst & Young (EY) reported that as a result of a hacker attack, personal information of tens of thousands of Bank of America customers was stolen. Read more here.

Artisanal encryption in Chinese app leads to data breach of 455m users

Software to enter Chinese characters Sogou , Input Method on computers and mobile devices contains dangerous vulnerabilities in the system that enciphering endanger personal data approximately 455 million users. This is stated in the report of the information security organization Citizen Lab, published on August 9, 2023. More. here

DHL client data leak recorded

On July 21, 2023, it became known that cybercriminals hacked DHL's information infrastructure and stole customer data from this international express cargo and document delivery company. Read more here.

Data leakage of 30 million users of Microsoft software

In early July 2023, the cybercriminal group Anonymous Sudan announced the hacking of Microsoft servers and the theft of an extensive database of users of products and services of the Redmond Corporation. Read more here.

Millions of customers' data has been open since 2016 due to cloud misconfiguration

On May 31, 2023, Toyota Motor announced that information about its customers in some countries of Asia and Oceania, with the exception of Japan, remained publicly available for many years - from October 2016 to May 2023. Read more here.

ChatGPT is increasingly leaking important data

By May 2023, several cases of data leaks due to the use of neuronets ChatGPT are already known. The company itself, OpenAI developing the project, confirmed the existence of the problem. More. here

Financial software developer Carvin Software admitted to hacking its products, which affected 356 thousand customers

On May 23, 2023, it became known that a class action lawsuit was filed against Carvin Software, a company specializing in the provision of digital services to recruiting and financial agencies in connection with a hacker invasion. Carvin Software has already admitted to the hack, which could potentially affect approximately 356,000 customers. Read more here.

Toyota admitted that the data of 2.15 million car owners for 10 years were in the public domain

On May 12, 2023, the Japanese corporation Toyota Motor announced that information about approximately 2.15 million owners of its cars remained in the public domain for a decade. The reason was the human factor, and motorists who connected to the Toyota cloud services platform suffered. Read more here.

Hyundai admitted to leaking customer data, including residential addresses and VIN codes

In mid-April 2023, Hyundai reported a personal data leak affecting car owners in Italy and France, as well as those who ordered a test drive of cars at dealerships in these countries. Read more here.

1.5 TB of product sources stolen from MSI

On April 7, 2023, MSI reported a cyber attack on its IT infrastructure. The attackers managed to steal 1.5 TB of information related to a variety of company products - from desktops and laptops to motherboards and graphics accelerators. Read more here.

Major data breach at Hitachi Energy

On March 17, 2023, Hitachi Energy reported a hacker invasion that stole information about employees. The cyber attack affected units in different countries. Read more here.

60GB of Deutsche Bank data for sale

In mid-March 2023, an unknown cybercriminal (or group of attackers) under the pseudonym Alliswell put up for sale on the Internet an extensive array of data allegedly stolen from the German financial conglomerate Deutsche Bank. Read more here.

12 GB of Acronis corporate IT data merged into open access

On March 9, 2023, it became known about the hacking of Acronis IT systems. The cybercriminal has made public more than 12 GB of all kinds of data, including certificate files and Python scripts. Read more here.

160GB of Acer secret data is publicly available

In early March 2023, it became known about the Acer data leak. The "merged" database includes confidential documentation on product models, binaries, files of the manufacturer's internal infrastructure and other classified information. As evidence of a successful hack, hackers published some of the stolen data, including financial ones. Read more here.

News Corp media conglomerate Rupert Murdoch admits hackers stole corporate data for 2 years without stopping

Rupert Murdoch's News Corp Mediconglomerate said in late February 2023 that hackers had stolen the company's corporate data for 2 years without stopping. The relevant information was disclosed in one of the letters addressed to employees. Read more here.

Unsecured military server leaks Pentagon data

On February 20, 2023, the US Department of Defense blocked a public server that stored internal emails from the US military. Read more here.

Atlassian Collaboration Software Developer Confirms Employee Data Breach and Tells How It Happened

In mid-February 2023, it became known that the attackers had stolen data from the Australian company Atlassian, a developer of collaboration software. Read more here.

Pepsi admitted to leaking employee data and told details of cyber attack

In mid-February 2023, it became known that Pepsi was the victim of a data breach. Cybercriminals invaded the corporate network, during which they managed to install malware, which caused the data leak. Read more here.

Google Fi customer data breach sparks wave of SIM spoofing attacks around the world

At the end of January 2023, Google warned users of its Fi service, which provides virtual mobile operator services, that their personal data could be in the hands of cybercriminals. Read more here.

GoTo admits leaking customer backups after ransomware virus attack

On January 23, 2023, video conferencing software developer GoTo, formerly part of Citrix, reported that attackers had stolen backups of users of a number of products. Read more here.

Data of all Austrian citizens put up for sale

The Dutch hacker, arrested in November 2022, received and put up for sale the full name, address and date of birth of almost every resident of Austria. This was announced on January 25, 2023 by the police of the Alpine country. The unprotected database was freely available on the Internet.

The user, who is believed to be a hacker, put the data up for sale on an online forum in May 2020, presenting it as "the full name, gender, full address and date of birth of allegedly every citizen" of Austria, police said in a statement, adding that investigators confirmed its authenticity as of January 30, 2023.

The suspect, aged 25 and arrested in an Amsterdam apartment, was known to international police and is under investigation by Dutch police and the judiciary, Austrian police said. The data was stolen from an incorrectly configured cloud database, which the attacker found through a search engine and the police added that the search engine was not Google. Austrian police spokeswoman Elias Schmidt said that the materials on the case were not published until January 25, 2023, in order not to interfere with the investigation. Since this data was freely available on the Internet, it should be absolutely certain that this registration data completely or partially irrevocably passed into the hands of cybercriminals.

According to the Austrian police, the database includes about 9 million data sets. The population of Austria is approximately 9.1 million people. The hacker also put up for sale "similar datasets" from, and Italy Netherlands , Colombia but the Austrian police department said they did not have more details on other countries.

Austrian information is so-called registration data - basic information, including the current address that residents are required to provide to the authorities. The Austrian police warned that using methods of psychological pressure and social engineering, attackers are trying to convince people to give them the missing information in order to steal money from their bank accounts. Many of these attempts are successful.^[1]

These 230,000 Puma customers are up for sale

At the end of January 2023, an 84 MB data set was put up for sale on a hacker forum, which, according to the seller, contains personal data of 230 thousand Puma customers in Chile. Read more here.

American airline accidentally revealed a database of employees and hundreds of thousands of people

In mid-January 2023, a Swiss information security researcher discovered an unprotected server that was left publicly available on the Internet. It revealed a huge amount of customer data by the US national airline CommuteAir, including private information about almost 1,000 employees. Read more here.

There was a data leak of 37 million subscribers of the American operator T-Mobile

On January 19, 2023, it became known that the data of about 37 million subscribers of the American mobile operator T-Mobile were stolen by hackers. The operator's systems were subjected to a hacker attack back in November 2022, but this became known only in January 2023. Read more here.

Nissan admitted to data leakage of 18 thousand customers

On January 16, 2023, Nissan announced that cybercriminals were able to steal data on approximately 18 thousand customers in North America. It is alleged that the leak was the fault of a third party that provides software development services to the automaker. Read more here.

Hackers stole 2.4 GB of data from Samsung employees

In early January 2023, the hacker group Genesis Day claimed responsibility for hacking into Samsung's internal servers and said it had attacked the company in response to South Korea's cooperation with NATO. Read more here.

Data breach of 4 million customers of insurance companies Aflac and Zurich in Japan

On January 10, 2023, the Japanese division of the American insurance company Aflac reported the theft of personal data of its customers. The Swiss company Zurich Insurance Group faced a similar attack in Japan. At the disposal of the attackers were personal information about about 4 million holders of insurance policies of these organizations. Read more here.

Volvo data put up for sale on a hacker forum

On January 3, 2023, it became known that an unknown attacker (or a group of cybercriminals) put up for sale on one of the hacker forums confidential data stolen from the automaker Volvo. Read more here.

2022

A hole in the website of the credit bureau Experian allowed anyone to download people's personal data

On January 9, 2023, it became known that attackers successfully use the official Experian website to obtain credit reports using a person's name, address, date of birth and social security number. Read more here.

Slack data breach after cyber attack

On December 31, 2022, a corporate messenger Slack reported a hacker attack, as a result of which attackers gained access to some private repositories of the service on GitHub. More. here

Hackers stole data of 400 million Twitter users

On December 25, 2022, it became known that a hacker hiding under the nickname Ryushi put up for sale on the Breach forum an extensive database with detailed information about Twitter users. The attacker invites the head of the service, Elon Musk, to acquire information on an exclusive basis in order to avoid a huge fine from European regulators. Read more here.

The popular password storage service LastPass has stolen the data of tens of millions of users

On December 22, 2022, the LastPass team, one of the world's most popular password managers, announced that the service hacker had been attacked: attackers managed to steal the data of millions of users. More here.

Hackers gain access to emails of 15,000 corporate clients of Australia's second largest telecom company

On December 14, 2022, it became known that the second largest telecommunications company in Australia, TPG, faced a hacker attack: it affected the Australian email services iiNet and Westnet, which are used by up to 15 thousand business clients in various areas. Read more here.

Hackers steal data of Indian students across the country over 18 years

On December 5, 2022, it became known that the cybercriminal group Team Mysterious Bangladesh announced the hacking of the computer system of the Central Council of Higher Education of India (CBHE). In the hands of attackers could be data on students for an 18-year period throughout the country. Read more here.

Hackers leaked data of all customers of one of Australia's largest insurance companies for refusing to pay ransom

In early December 2022, the Federal Police Australia accused Russian hackers from the group REvil of stealing the personal data of customers of the country's largest medical insurance company. Medibank The company confirmed the theft of data, estimating the damage at $20 million and recognizing the victims. The corresponding statement by AFP Commissioner Reese Kershaw was published on the agency's website. More. here

WhatsApp mega-leak. Data of 0.5 billion users put up for sale

In mid-November 2022, a message appeared on one of the famous hacker forums about the sale of an extensive database containing up-to-date information about almost 0.5 billion users of the popular WhatsApp messenger. Read more here.

One of Australia's largest insurers admits to leaking data from all customers

On October 25, 2022, the Australian insurance company Medibank, one of the largest in the country, announced that during a recent cyber attack, attackers could steal personal information about all its customers. The consequences of the hack turned out to be much larger than previously assumed. Read more here.

3 TB of Thomson Reuters customer data leaked

On October 27, 2022, it became known that Thomson Reuters leaked a large amount of confidential data, including corporate and client information. On clandestine cybercriminal forums, this information is estimated to cost millions of dollars. Read more here.

Internal correspondence on 100 thousand letters was stolen from the Iranian regulator in the field of nuclear power

On October 21, 2022, it became known that cybercriminals hacked the email server of one of the companies that are part of the Atomic Energy Organization of Iran (AAEI), a state monopoly enterprise that controls the activities of the country's nuclear power facilities. Read more here.

Microsoft admitted to leaking data from its customers

On October 19, 2022, Microsoft revealed details of an incorrect server configuration that led to the leakage of data from some potential customers. The data of 548 thousand users, including their confidential information, were in the public domain. Read more here.

Toyota admitted to data leakage of 300 thousand customers and source software

On October 7, 2022, Toyota Motor Corporation issued a notice that third parties could gain unauthorized access to a database with information about approximately 296,000 customers of the company. Read more here.

The sources of new Intel processors have been leaked to the Internet

On October 8, 2022, it became known that an archive containing the source code of a number of files and tools designed to create BIOS/UEFI for the IntelAlder Lake-S hardware platform (desktop PCs) had leaked to the Internet. For Intel, this can be a very serious problem. Read more here.

Ferrari attacked by hackers

On October 3, 2022, it became known about a hacker attack on Ferrari. As a result of the cyber attack, internal documents, technical documentation, repair manuals and numerous other documents were stolen from the automaker. Read more here.

The fintech platform Revolut, founded by the Russian, was hacked by hackers. Customer data merged

In mid-September 2022, the fintech platform Revolut, founded by the Russian, was subjected to a cyber attack, as a result of which an unauthorized third party gained access to the personal information of tens of thousands of customers. Some customers at the time of the incident also noted that the support chat displayed inappropriate expressions for visitors. Read more here.

Memory card manufacturer Adata from Taiwan was attacked by hackers. They stole secret data

On October 4, 2022, the RansomHouse group announced the hacking of Adata, which specializes in the release of RAM, solid state drives, portable hard drives, flash key fobs, etc. Read more here.

The popular LastPass password manager, used by 33 million people, reported the hack. Source code stolen

The popular LastPass password manager, which is used by 33 million people, confirmed the hacking of the service. Source codes and confidential technical information were stolen from the platform, the company said at the end of August 2022. Read more here.

OneTwoTrip confirms hole that caused data breach

Travel planning service OneTwoTrip has confirmed the existence of a vulnerability that caused a data leak. The company also announced on August 24, 2022 that the fault had been fixed. Read more here.

Russian hackers posted data of Lockheed Martin employees on the Internet

In August 2022, the hacker group Killnet published evidence of hacking into Lockheed Martin's internal employee authorization system. Until recently, the company claimed that all employee information was safe. Read more here.

Cisco's corporate network was hacked with voice phishing attacks. 2.8 GB of data stolen

On August 10, 2022, Cisco confirmed that the ransomware group Yanluowang had infiltrated its corporate network in late May 2022 and extorted money under the pretext of leaking stolen files to the Internet. Read more here.

1 billion Chinese people sell data on the dark web

In early July 2022, unknown persons Darknet put up for sale a database that supposedly contains information about a billion citizens China for 10, which bitcoins MTS is more than $190 thousand.

The data is said to have been stolen from the Shanghai National Police database, totalling 22TB. The data includes names, addresses, national identification numbers, contact information and criminal records.

Bleeping Computer reported on July 4, 2022 that a hacker or group of attackers acting under the name ChinaDan shared a sample of 750 thousand records containing delivery information, identification data and police records. Hackers typically publish samples of stolen data to prove that they offer a relevant database for sale. ChinaDan claims the data was stolen from a local private cloud provided by Alibaba Cloud, which is part of state China's security network. A hacker or a group of cybercriminals is asked to pay 10 PTCs, which as of July 5, 2022 cost $19 667.10 per PTC 1 to purchase the stolen data.

Binance founder and CEO Zhao Changpeng, wrote that the company found a billion records leaked from one Asian country. In response, Binance has stepped up screening procedures for potentially affected users. Zhao later said that the incident was due to a bug in the deployment of Elastic Search by an unnamed state agency, which led to the accidental inclusion of user credentials from the Shanghai National Police database in China.

According to Bloomberg, the alleged leak sent shockwaves through the Chinese IT security community, including speculation about the credibility of the statement and how it might have happened. Neither the Shanghai National Police nor other Chinese government officials have commented on the leak. Bloomberg, citing cybersecurity experts, writes that hackers could gain access to Shanghai police data through a third-party cloud infrastructure partner.^[2]

6.5 TB of data from crew members and source software of the Turkish airline Pegasus Airlines leaked to the Network

The Turkish low-cost airline Pegasus Airlines, popular with Russians, accidentally leaked data on its flights and personal information of crew members. This was announced at the end of May 2022 by the information security company SafetyDetectives. IT specialists incorrectly configured the cloud data storage, as a result of which about 23 million files or 6.5 TB of data were freely available, including flight information, source code of Electronic Flight Bag software and employee data. Read more here.

Coca-Cola IT systems hacked. 161 GB of data stolen, they are sold for $63 thousand.

At the end of April 2022, Coca-Cola announced that it was investigating a data breach after a gang of Stormous cyber security agents alleged hacking into the company's IT systems and stealing its data. The hackers, they claim, hacked into several Coca-Cola servers and downloaded 161GB of data. Read more here.

Nestle confirms 10GB data archive leak with passwords, correspondence and customer information

On March 24, 2022, the hacker group Anonymous announced a hack into the Nestle database. The company confirmed the data breach but said it was the fault of employees. Read more here.

Hackers have released 37 GB of Microsoft source code to the public

In March 2022, the hacker group Lapsus $ released 37 GB of Microsoft software source code to the public. Hundreds of the company's projects have been compromised, including the search engine Bing, as well as a virtual voice assistant with elements of artificial intelligence Cortana. Read more here.

Samsung stole 190 GB of source code for device software

On March 7, 2022, Samsung confirmed the fact of a data leak, as a result of which confidential information was stolen. In total, hackers stole 190 GB of data, most of which is the source code of the software for the devices. Read more here.

Hackers stole data of job applicants and business partners from Panasonic

On January 7, 2022, Panasonic management announced that during the investigation it was found that a file server hack in Japan occurred through a foreign branch server. The company said that information about job candidates and internship employees, including personal data, were compromised as a result of the hack. The server also contained business information, including business-related information provided by business partners, as well as some data collected within the corporation. Read more here.

2021

Panasonic servers hacked

At the end of November 2021, Panasonic admitted hacking its own systems and leaking internal data. Unidentified cybercriminals managed to gain access to the Japanese giant's internal network, according to an official report from the company. Read more here.

Online broker Robinhood with investments Yuri Milner reported the theft of data 7 million users

On November 8, 2021, the online broker Robinhood with the investment of Yuri Milner announced that the personal data of more than 7 million customers were available as a result of data hacking. The attacker was able to obtain a list of email addresses of approximately 5 million users and full names for a separate group of 2 million. Additional personal information, including names, dates of birth and postcodes, was disclosed to a smaller group of about 310 people, and more extensive account data was disclosed to about 10 customers. Read more here.

Data of 45 million users of free VPN services put up for sale

In early November 2021, a database of 45.5 million users of free VPN services of FreeVPN.org and DashVPN.io owned by ActMobile Networks was put up for sale on the darknet. Read more here.

Facebook sued a Ukrainian, accusing him of stealing the data of 178 million users of the social network

In October 2021, Facebook sued Ukrainian Alexander Solonchenko, accusing him of stealing the data of 178 million users of the social network. The corresponding lawsuit came from the court in the northern district of California. Read more here.

Hacker sells data to 100 million T-Mobile customers

In early August 2021, information appeared that a hacker sells personal data of 100 million T-Mobile customers in the United States, claiming that we are talking about complete information about each client, including social security numbers. Read more here.

Morgan Stanley has corporate customer data stolen after IT contractor hacked

In mid-July 2021, Morgan Stanley reported that some corporate customer data was stolen in a data breach from a third-party supplier. Read more here.

British Airways to pay millions of pounds in compensation for data breach

In early July 2021, British Airways reached an agreement to resolve a class action lawsuit over a 2018 data breach involving the personal and financial data of hundreds of thousands of customers. Read more here.

Hackers stole data of 3.3 million customers from Volkswagen

In June 2021, it became known that hackers stole the data of 3.3 million customers from Volkswagen and put them up for sale. The automaker acknowledged the leak, but called it not as large-scale as described in the media. Read more here.

Alibaba admits to leaking 1.1 billion user records

In mid-June 2021, Alibaba announced that it had been the victim of a months-long cyber attack in which an employee of Alibaba's consulting company, using web scanning software, stole 1.1 billion user records, including their names, phone numbers and other data. Alibaba claims that the attacker did not sell this data. Read more here.

Hackers hacked McDonald's and downloaded data on customers and employees

In mid-June 2021, McDonald's reported that hackers stole the data of customers and employees from the United States, South Korea and Taiwan. Unauthorized access was cut off a week after it was discovered, and the company hired outside consultants to investigate. Read more here.

Air India data stolen from 4.5m passengers

At the end of May 2021, it became known that the data of almost 4.5 million passengers from all over the world were stolen from India's largest airline, Air India, as a result of an "extremely sophisticated" cyber attack. Passenger data came to hackers after hacking the Swiss organization SITA, which provides telecommunications and IT services in the aviation industry. Air India revealed the scale of the problem only three months after the first report of the data breach. Read more here.

Data Base of 1.3 million Clubhouse users made it to the public

In early April 2021, a database of 1.3 million users of the social network Clubhouse appeared on one of the hacker forums. The data includes names from accounts, links to photos, data on accounts from other social networks, as well as details about people who invited a particular user to the social network. Read more here.

Data breach of 500 million LinkedIn users

In early April 2021, hackers put up for sale data from 500 million users of the LinkedIn social network. The stolen information includes full usernames, phone numbers, email addresses and employment details. Read more here.

Shell Data Breach Due to Accellion Software Flaw

At the end of March 2021, a software flaw Accellion led data breach to the company. Shell The oil and gas giant said the incident involved an Accommodation solution used to securely transfer large data files. Hackers gained access to some personal data of employees, as well as data from Shell companies and some of its customers. More. here

Users of Vivo and Claro mobile operators leaked in Brazil

In mid-February 2021, the Brazilian National Data Protection Authority (ANPD) announced the start of an investigation into the second largest data breach in the country. As part of the latest incident, data from half of the Brazilian population was disclosed, and user data from mobile operators Vivo and Claro was disclosed. Read more here.

T-Mobile stole recordings of conversations of 200 thousand subscribers as a result of hacking IT systems

In early January 2021, T-Mobile reported its fourth data breach in the past three years. This time, as a result of hacking into the mobile operator's IT systems, hackers were able to access recordings of subscribers' conversations. Read more here.

2020

There was a leak of the source code of CMA banking software, which is used by many Central Bank of the world

In early December 2020, it became known about the leak of the source codes of the software of the CMA company, whose clients are central banks of different countries, including in Russia. Read more here.

Resona Bank lost a disk with data of 14 thousand customers

On October 14, 2020, Resona Bank reported that its headquarters Tokyo had lost a magneto-optical disk containing data on 14,561 depositors, including their names and addresses. More. here

Hackers stole LG electronics sources and demand ransom

On June 28, 2020, there were reports of theft of the source codes of the software underlying LG Electronics electronic devices. The data could potentially be used to create sophisticated malware. Read more here.

Frost & Sullivan employee and customer Data Base went on sale on the dark web

On June 24, 2020, it became known about a major data leak from the business consulting company Frost & Sullivan. Members of the hacker organization KelvinSecurity published a proposal to sell stolen information on one of the darknet forums. Read more here.

Data of 500 thousand Zoom users were on sale on the dark web

In early April 2020, it became known that more than 500 thousand Zoom accounts appeared on the darknet, which were put up for sale. This data contains email addresses, passwords, URLs for organizing private meetings, as well as personal conference identifiers (a digital code that is used in certain cases). Read more here.

After a fine of $124 million, Marriott again leaked data from 5.2 million customers

At the end of March 2020, Marriott admitted to another leak of customer data - this time the problem affected 5.2 million customers of the world's largest hotel chain. Read more here.

Cathay Pacific to pay 9.4m customers for data breach

Cathay Pacific At the beginning of 2020, she was fined 500 thousand pounds sterling (about $642 thousand) for the large-scale data breach of her clients, which became known in October 2018. The decision was made by the Great Britain Information Commissioner's Office ICO. More. here

Data from tens of millions of Decathlon customers are in the public domain

In February 2020, security researchers from VPNmentor discovered that the data of more than 123 million Decathlon clients were in the public domain due to an unprotected ElasticSearch server. Read more here.

Data from 10.6 million customers of MGM Resorts hotels made publicly available

In mid-February 2020, the personal data of more than 10.6 million customers who stayed at MGM Resorts hotels were published on a hacker forum. Among other things, the personal and contact details of celebrities, technical directors, journalists, government officials and employees of some of the world's largest technology companies were in the public domain. Read more here.

Data from millions of Microsoft customers in the public domain

On January 22, 2020, it became known that the data of millions of Microsoft customers were in the public domain. This was due to incorrect configuration of the Elasticsearch database: its parameters were set in such a way that anyone could view all the information from the catalog. Read more here.

2019

Data from 2.4 million Wyze customers were in the public domain

On December 30, 2019, it became known that the supplier of "smart" devices Wyze confirmed a data leak from the server, as a result of which the personal information of about 2.4 million customers turned out to be on the Web. Read more here.

Data of a million owners of Honda cars were in the public domain

In mid-December 2019, the data of a million Honda car owners were in the public domain, and for the second time in a year. The automaker claims that this is a much smaller leak. Read more here.

More than 1 billion combinations of email address/password leaked to the Network

On December 12, 2019, it became known that unknown persons published unencrypted e-mail addresses passwords users in the public domain. Security researcher Bob Diachenko discovered unprotected database Elasticsearch on December 4, 2019, but it was indexed by search engine BinaryEdge at the beginning of the month and has been in the public domain ever since. Dyachenko notified the relevant person about the incident, and Internetprovider on December 9 the base was data protected.

The database contained 2.7 billion email addresses and more than 1 billion unencrypted passwords to them. As the database analysis showed, most of the data is a leak put up for sale by a cybercriminal under the pseudonym DoubleFlag in early 2017. The leak, called the Big Asian Leak, included user data from a number of Chinese internet companies, including NetEase, Tencent, Sohu and Sina.

The 1.5 TB leak mainly contains the email addresses of Chinese users (qq.com, 139.com, 126.com, gfan.com and game.sohu.com). Most user names are dialed numbers or telephone numbers. As explained by Comparitech experts, such usernames are characteristic of residents China who have difficulties with the characters of the Latin alphabet.

Who owned the open database is unknown. In theory, it could be collected at the first stage of an attack with credential stuffing or a spam campaign^[3].

Iranian bank debit card data leak

On December 11, 2019, it became known that social networks data 15 million issued were published in one of debit cards them. banks Iran According to Iranian reports, the MEDIA incident is the largest banking incident in Iran's leak history. More. here

In the United States, hacked the payment system of public services and stole the data of 20 thousand credit cards

At the end of September 2019, about 20,000 payment card records from eight U.S. cities were on the black market in an attack on Click2Gov, the country's popular payment system for state and municipal services. Read more here.

Data from 2.5 million Yves Rocher customers in the public domain

On September 4, 2019, Zecurion announced that cybersecurity specialists had gained access to the confidential data of millions of company customers. According to the head of the analytical center Zecurion Ulyanov Vladimir, competing cosmetic companies can use this information to lure customers, which will affect large financial losses for Yves Rocher. Read more here.

Mastercard has lost the data of tens of thousands of customers. Credit cards and phones went to attackers

On August 23, 2019, Mastercard reported a massive data breach to regulators in Germany and Belgium. The payment system did not specify the number of affected customers and only noted that we are talking about "a large number." The leak was discovered on August 19. Read more here.

The largest ever data leak of bank customers occurred

At the end of July 2019, it became known about the largest leak of data from bank customers. Capital One financial holding suffered, which estimates the damage at $100-150 million. Read more here.

Hackers stole data from 3.1 million Toyota and Lexus car owners

At the end of March 2019, Toyota reported a data leak of 3.1 million car owners, which occurred as a result of a cyber attack on dealerships in Japan. This incident was the second in five weeks. Read more here.

Data of 200 million Chinese were in the public domain due to incorrect configuration of MongoDB

On January 10, 2019, Bob Diachenko, director of cyber risk research at Hacken, published the results of an investigation according to which the personal data of more than 202 million people looking for work in China, including phone numbers, email addresses, driver's licenses, salary expectations, marriage status, political preferences, height, weight, were in the public domain for 3 years. Read more here.

2018

US Postal Service reveals data of 60 million people

On December 10, 2018, Panda Security in Russia reported that the United States Postal Service (USPS) fixed a vulnerability that allowed attackers to receive personal information for about 60 million people within a year, mainly US citizens. Read more here.

Data breach of 500 million Marriott users

On November 30, 2018, Marriott International admitted to a data breach of 500 million users, which occurred as a result of a hack of the Starwood booking system. Read more here.

Bank data breach of nearly 400,000 British Airways customers

In early September 2018, it became known about a large-scale leak of data from British Airways customers. As a result of the hacker attack, information was stolen regarding card payments to about 380 thousand people who used the services of a British airline. Read more here.

Commercial secrets of Ford, Tesla and Toyota hit the Web

Security researchers at UpGuard reported in July 2018 the leak of confidential documents from more than 100 companies, including General Motors, Fiat Chrysler, Ford, Tesla, Toyota, ThyssenKrupp and Volkswagen. The data was publicly available on a server owned by Level One Robotics^[4][5].

The reason for the leak was the general rsync file transfer protocol used to back up large datasets.

No restrictions were set on the rsync server, security researchers said. Thus, any client connected to the rsync port had access to the data download. Rsync servers must be restricted to IP addresses so that only certain clients can connect to them. In addition, user access to rsync must be configured so that clients are authenticated before accessing the data, experts noted.

In total, experts found 157 gigabytes of data containing assembly line diagrams, plans and diagrams of factory floors, documentation, forms of requests for identification forms, etc.

In addition, the personal data of some employees were disclosed, including copies of driver's licenses and passports, as well as important business documents including invoices, contracts and bank account details.

Data from 200 million Japanese are sold on the darknet

A hacker, presumably of Chinese origin, sells data from 200 million residents on a cybercriminal forum. Japan The data was probably stolen from 50 hacked small sites and collected into one archive in December 2017, Bleeping Computer reported in May 2018.^[6]

After analyzing the data samples, FireEye researchers concluded that they belong to users of the websites of companies specializing in trade, food and drink, entertainment and transportation. Experts are confident in the authenticity of the archive, since the data of the same users are found in different leaks.

The presence of old and new data in the archive indicates that they were stolen between March 2013 and June 2016. The nature of the data varies depending on the sites, however, as a rule, they are e-mail and home addresses, real names, dates of birth and phone numbers.

The cost of the archive is 1,000 Japanese yen (about $150.96). Some alleged buyers complained on the forum that they paid for the purchase, but never received the files. The reliability of such complaints is very doubtful, since they could be published by hacker competitors interested in selling their own archives. Nevertheless, given that the current population of Japan is about 127 million people, it is not clear where the data in the archive comes from another 73 million.

Biggest retail data breach

In early April 2018, it became known about the largest data breach in retail in history. Hackers managed to steal credit and debit card data from more than 5 million customers of Lord & Taylor and Saks Fifth Avenue (part of the Canadian Hudson's Bay group), who specialize in selling clothes and shoes. Read more here.

2017

Giant interactive base found with leaks

In early December 2017, analysts at 4iQ discovered a huge interactive database on the darknet, combining 252 different data leaks.

The database with a total volume of more than 41 GB is regularly updated and offers users more than 1.4 billion credentials in plain text format. Who compiled this dump is unknown, the author indicated only Bitcoin and Dogecoin wallets for donations.

The researchers 4iQ indicated that all passwords are presented in the database in clear text and, according to testing conducted by experts, many of them are valid. Moreover, about 14% of passwords found in the database were not published anywhere. The date of the database update is November 29, 2017, it is available for searching, importing leaks and other functions.

This database includes a summary list with Exploit [.] in, another summary database of Anti Public credentials, 133 additional major leaks, for example , LinkedIn, Netflix, Last.FM and YouPorn.

4iQ experts noted 385 million new login/password pairs and 318 million new compromised users. Below is a table of the most common passwords compiled by the researchers^[7].

Uber paid a ransom of $100 thousand to delete data on 57 million users

On December 7, 2017, it became known how and to whom Uber Technologies paid a ransom to delete data on 57 million customers of the service. According to Reuters, citing three knowledgeable informants, in November 2016, Uber transferred $100,000 to a 20-year-old hacker from Florida (USA) for not disclosing personal information of users. The payment was made through the bug bounty system, which is usually used for small user incentives that indicate the vulnerabilities of the service.

Heathrow security data found in flash drive found

As it became known in October 2017, an unknown person found on flash drive the ground, which revealed detailed information about the security systems of the largest Great Britain airport. Heathrow^[8] to Daily Mail journalists, who were transferred a "flash drive," it contained 76 files with a total volume of 2.5 gigabytes, containing information about the security measures taken to protect Queen Elizabeth II and the country's top politicians when using the airport, as well as anti-terrorist measures. More. here

Data of 400 thousand UniCredit customers

On July 26, 2017, it became known about a hacker attack on UniCredit bank, as a result of which the data of hundreds of thousands of company customers was leaked. The relevant information is contained in the message of the financial institution. Read more here.

Dow Jones mistakenly released data of 2.2 million of its customers

In July 2017, one of the world's leading financial information agencies Dow Jones & Company, due to an error in the settings of the cloud storage database, published in the public domain the data of several million of its customers, including names, internal identifiers, addresses, payment details and bank card data.

According to Dow Jones representatives, the repository contains information about 2.2 million customers, but independent experts believe that the number of victims may reach 4 million.

For its part, Dow Jones has confirmed the data leak, but they do not plan to notify customers about it. Dow Jones analysts argue this decision by the fact that the data in the public domain is not confidential, since it does not contain passwords in clear text.

Personal data of 14 million Verizon customers were in the public domain

In July 2017, it became known about a major leak of personal data of 14 million customers of the telecommunications corporation Verizon. According to UpGuard, an information security company, more than 20GB of information has been leaked online, including names, addresses, customer account details and even PINs to their Verizon user accounts.^[9]

UpGuard experts in early June 2017 discovered a public server in the Amazon S3 cloud, where information about Verizon clients was stored. The owner of the server is a partner of Verizon, the Israeli company NICE Systems. The folders named by month contained data from January to June 2017 - in ZIP archives with unencrypted text files totaling about 23 GB. There were also audio recordings of calls to the Verizon support line.

In addition, the same server stored data belonging to another company - the French telecom operator Orange. However, client information was not detected, only internal files.

As it turned out, open access was the result of a "human error" - NICE administrators incorrectly configured the server.

The researchers promptly informed Verizon and NICE about the leak, however, access to the data was not closed until nine days later.

Since the server was available via a direct link, the likelihood that someone could get to the data earlier than UpGuard is small, but still remains.

Meanwhile, Verizon representatives claim that the investigation did not reveal unauthorized access to this data, but do not explain why they draw such a conclusion.

Hackers published 25 thousand photos of patients of the Lithuanian plastic surgery clinic

At the end of May 2017, a group of hackers called Tsar Team published on the Web more than 25 thousand photos and personal information of patients of the Lithuanian plastic surgery clinic Grozio Chirurgija. Read more here.

A giant database called the "mother of all leaks" was discovered on the Web

Information security experts discovered^[10] in May 2017 in the public domain a database with 560 million leaked passwords, which MacKeeper researchers have already dubbed the "mother of all leaks." As a check using the Have I Been Pwned platform showed, the database contains over 243 million unique email addresses leaked as a result of certain hacks.

According to researchers from MacKeeper, the database is another giant array of credentials collected from various sources. It is not surprising that compromised passwords have been circulating on the Web for some time, but the existence of a ready-made database that allows anyone to take possession of them raises concerns.

In total, the researchers found 313 large databases larger than 1 GB containing terabytes of information. Databases are located in cloud storage in the United States, Canada and Australia, but it is quite difficult to determine their true owners.

The size of the detected database is 75 GB. It contains structured data in a readable json format, leaked as a result of at least ten well-known hacks, including LinkedIn, Dropbox, MySpace, Neopets, RiverCityMedia, Tumblr, MySPace and Lastfm^[11]

US retailer Neiman Marcus fine

Savings on electronic security systems can lead to significant financial and reputational losses. The American retailer Neiman Marcus is forced to pay $1.6 million for not taking proper measures to protect against hacking and untimely informing buyers about the leakage of payment card data.

Presumably 350 thousand data of Neiman Marcus customers were leaked back in 2013, and only on March 17, 2017 a final decision was made regarding compensation for the victims.

An insufficiently reliable data protection system and untimely informing customers became the reason for a class action lawsuit. As a result of the proceedings, the court ruled that Neiman Marcus is obliged to pay $1.6 million, as well as continue to carry out measures to strengthen cyber defense. The retailer has already installed new, safer readers at the checkout that make it harder to steal data, and provided a system to protect against malicious software. A cyber attack on an electronic system at the cash desks of the Neiman Marcus store chain caused the credit and debit card data of about 350 thousand of the retailer's customers to become available to cybercriminals. Neiman Marcus customers who made purchases from July 16, 2013 to January 10, 2014 were attacked. Worst of all, the violation was not immediately identified, but only after a few months. And even after it was discovered, the retailer did not immediately inform customers of the sensitive data breach^[12].

25 million Gmail logins with passwords put up for sale

Millions of logins and passwords for Gmail and Yahoo mailboxes were put up for auction on the darknet in March. The seller is a user with the nickname SunTzu583, previously seen in the wholesale of hacked Gmail and PlayStation accounts. Now he has put up for auction record-breaking data arrays, and most of them are precisely the details for Google^[13] accounts: ^[14].

SunTzu583 have put up for auction several lots with millions of logins and passwords in mailboxes Gmail and. Yahoo

The first batch of almost 5 million accounts is represented by three "lots": the first two contain 2262444 accounts each and are sold for $125.48 or 0.1298 bitcoin, and the third contains all 4928888 accounts at once. The cost of the last lot is $200 or 0.206 bitcoin.

According to the seller's assurances, in this set, all passwords for accounts are decrypted.

The authors of HackRead, having analyzed the data provided by the seller as an example for free, were convinced that their sources were major leaks of previous years; in particular, from LinkedIn (when hackers managed to hijack 117 million accounts), Adobe (154 million accounts were stolen) and Bitcoin Security Forum (from where 5 million passwords to Gmail leaked). BSF is precisely the source of most of the accounts currently on sale.

The seller honestly warns that not all passwords will work on Gmail now. Leaks have been widely reported in the press, so it is hoped a significant proportion of affected users have changed their passwords.

In addition to these 5 million, SunTzu583 sells almost 22 million more Gmail accounts for $450 (0.4673 bitcoin). Despite the fact that the number of accounts in this set is four times higher, the cost of the second set is only two times higher than the price tag on the first. This is due to the fact that in it only 75% of the offered accounts are available out of the box - passwords in them are presented in the form of text. The rest of the passwords are cached.

The authors of HackRead found that several leaks of different years became the sources of this data, the largest of which was the Dropbox hack in 2012. Then the data of 68 million Gmail accounts were stolen. These details were shared only in 2016. Other sources of these accounts were leaks from Nulled.cr in 2016 and MPGH.net in 2015.

Data of 33 million employees of IBM, Dell, AT&T, Boeing and other corporations stolen and posted on the Web

A very large database with the contact data of millions of employees of American corporations has leaked to the Web. The database contains 33.7 million unique records, which contain postal addresses, full names, names of positions and functions of employees, and other information of varying degrees of confidentiality ^[15]].

The database contains data from employees of famous American companies, including those working in the ICT industry: AT&T, Boeing, Dell, FedEx, IBM, Xerox and others.

According to ZDNet, the database "contains dozens of fields," and, in addition to purely personal information, it also contains more or less publicly available information, such as the geographical location of headquarters and offices, the number of employees in each company and their industry affiliation - advertising, legal services, media and telecommunications.

This kind of data is used by marketers and advertisers to conduct targeted campaigns. The cost of such databases can be very high.

As stated in the publication ZDNet, in 2015, the cost of accessing half a million such records reached $200 thousand. Thus, access to the entire leaked database would be about $13.7 million.

The leaked database is owned (or owned) by the marketing corporation Dun & Bradstreet. She has so far reacted to the information about the leak only with a short statement: "We carefully analyzed the information received and concluded that it corresponds to the same type and is presented in the same format in which we provide data to our customers on a daily basis. Our analysis shows that these data were not obtained and replicated through the Dun & Bradstreet system. "

2016: Leaked bank data of 34,000 Acer customers

In June 2016, it became known about a major leak of confidential data of Acer customers. Visitors to the Taiwanese manufacturer's online store were injured. Read more here.

2015

Information security incidents in 2015 occurred almost every day. They had a wide variety of motives, ways of execution, scope and consequences. The Falcongaze think tank recalled the most high-profile cases of data leaks and prepared a monthly chronicle of events.

January - Target. Scrooge, who ruined Christmas, turned out to be a Target chain of stores in the past year. As a result of a large-scale leak, the attackers had credit card data of forty million buyers. The leak for Target ended with a $300 million loss, the resignation of the CEO and a pretty damaged reputation.

February - Anthem. In February, there was a message about the largest leak in the field of medicine. The hacker attack compromised the personal data of 80 million customers of Anthem, a health insurance company. Company officials have requested help from the FBI and the investigation is still ongoing.

March - Medical institutions. In March, the health sector was hit one by one. A number of American medical organizations suffered as a result of hacker activity. As a result of large-scale leaks in various medical institutions in Louisiana, Florida, Oregon and Indiana, the data of more than 220 thousand patients suffered.

June - LastPass. In June, terrible messages appeared in the media - passwords from the service were stolen, in which users stored passwords so that they would not be stolen. In fact, everything is not so bad: the attackers gained access to the email address, password reminder, salt and hashes of user authentication, that is, the accounts of the overwhelming number of users remained safe. Nevertheless, the leak caused a resonance and made you ask an important question: how secure is the software created for information security.

July - Ashley Madison. The most resonant leak of the year can rightfully be considered a hack of the dating site Ashley Madison. 33 million users of the site, which positions itself as a dating service for adultery, found their addresses and transaction history in the public domain. After that, a series of scandals began, related, for example, to the fact that most of the women's accounts on the site turned out to be fake, the service continued to store information about remote users, the addresses of politicians were found in the database, and the media disseminated the news of two suicides related to the leak.

August - Carphone Warehouse. In August, a cyber attack hit Carphone Warehouse, Britain's largest mobile phone retail retailer. Data on 2.4 million customers of the company (about 4% of the total population of the UK) were stolen, and among them 90 thousand credit card access codes. The UK Information Commissioner's Office took up the investigation into the country's largest leak.

September - Excellus BlueCross BlueShield. In September, the story with Anthem continued. The leak turned out to be even larger than first thought and affected customers of the BlueCross BlueShield association, of which Anthem is a member. As a result, more than 10 million records were compromised, including information about finances, social insurance numbers, addresses and names. The cause of the leak is still unknown.

October - Experian (T-mobile). October was marked immediately by a number of major security incidents, but the largest was the leak of information about 15 million users of the T-Mobile operator. The leak did not occur inside T-Mobile itself, but on the part of Experian, which is engaged in consulting, and is also a partner of T-Mobile in the field of attracting users. Information about all customers who conducted operations with T-Mobile through Experian between September 2013 and September 2015 was compromised.

November - VTech. The Chinese maker of "smart" toys reported in November about the data breach of 11 million customers, half of whom are minors. Hackers not only compromised customer data, but also gained access to correspondence and photos, videos and audio messages sent to servers.

And finally, in December there was the largest leak of personal information for the entire year. Researcher Chris Vickery accidentally discovered a database of 191 million Americans voting in the public domain. About 300GB of leaked data includes detailed personal information about compromised citizens, from name to phone number, and a history of electoral activity since 2000. Where this information appeared on the network and who is responsible for its distribution remained unknown.

2014

Leaks at McDonalds, HTC, Barclays, Microsoft

SearchInform also compiled a rating of the most high-profile incidents of 2014 related to leaks of confidential information at the end of 2014.

In January 2014, the McDonalds chain posted advice for employees on its corporate resource that you should not overuse burgers, cola and fries, since these products are not useful for the body. The "sincere recognition" of the global fast food giant caused a wave of reproaches and lawsuits addressed to the company.

Once one of the leaders in the smartphone market of NTS, which is going through far from the best of times at the end of 2014, a blow to the back was inflicted by its own employees, who are part of the highest echelon of the company's management. They stole commercial developments in order to create their own smartphone company in China. The ex-employees are awaiting trial. They were expected to receive real prison terms.

A very noticeable leak of personal data was made by the British bank Barclays in February, as a result of which hundreds of thousands of bank customers were among the victims. It is important to note that this leak of confidential information is different from other cases of data loss in that it was not accidental. Personal information was deliberately copied by bank employees for the subsequent sale of data on the black market.

Alexey Kibkalo from Microsoft was detained in March 2014 by the FBI. He was accused of facilitating the dissemination of commercial secrets of the company, as well as providing journalists and bloggers with products that had not yet appeared on official sale. The details of the case are here.

The top information leaks for the month of April are headed by the American leader in the field of information and analytical services Experian, which has lost accounts of about 200 million of its customers. The same month is famous for another case of a leak to KT Corp. from South Korea, which also allowed the loss of 12 million client data. These cases, which occurred in different parts of the world, are related to one thing - such an operation was carried out with the direct participation of corporate personnel, thanks to which access to information on the protection of the corporate network was opened for criminals. If the control over personnel was carried out properly, it would be much more difficult for hackers to carry out such an operation.

In May, the largest loss of personal data was noted by the world famous online auction eBay, which leaked information about several million users of the resource with addresses, phone numbers and other information to the network. A similar incident occurred with the well-known Steam game subscription service from Valve. However, we note that in this case this is a consequence of the unreliability of the software, and not the fraud of the company's personnel.

In the first place among the leaks of last summer, no doubt, information declassified by the Americans about their residency in Afghanistan can be placed. Do not forget about another employee, now former, Microsoft Corporation, Brian Jorgensson, who is currently serving his term for trading confidential information - he also received this term in the summer of 2014.

One of Nigeria's banks lost more than $40 million in September. The information leak occurred with the assistance of a system administrator who had recently lost his job at this bank. It is worth noting that in the countries of the former USSR, the main reason for the leak of information is associated with IT personnel. Data provided by the SearchInform research center suggests that almost a fifth of all leaks are directly related to staff.

Although October and November were not particularly rich in events related to the leak, the largest concern in America AT&T became involved in a rather large scandal, since one of the company's system administrators was able to gain access to confidential information about 1600 VIP clients.

According to experts of the analytical center of SearchInform (SearchInform), the bulk of lightning data leaks is due to an insufficient level of control over the actions of personnel at workplaces. Such expensive days of them, the mistakes of large corporations can be a good lesson, thanks to which it will be possible to protect your business from losses caused by personnel, as well as save a lot of money that can otherwise be spent on eliminating the consequences of data leaks.

Biggest leak in history: 1 billion accounts stolen from Yahoo

The largest leak of the now known affected half a billion people - this is how many accounts were stolen from Yahoo: hackers gained access to personal data of more than 1 billion users, including their logins, passwords, email addresses and even phone numbers.

In

March 2017, the US Department of Justice formally charged three Russian citizens and a citizen of Kazakhstan with hacking into Yahoo Corporation servers in 2014, as a result of which 500 million mail accounts were leaked. Of those four, two in the charge are named as intelligence officers, while the other two are named as hackers "hired by the Russian authorities." Read more here.

See also

• Data breaches
• See TAdviser for DLP Solutions and Projects Catalog
• DLP - Data Loss/Leak Prevention
• What are the scares of data leaks and how to protect yourself from them? TA Details
• Security Incident Management - Issues and Solutions
• Information Protection - DLP Myths and Reality
• Analysis of high-profile incidents in the field of information security in 2019
• Secure e-mail of confidential documents
• DLP Solutions (Russian Market)
• DLP Solutions (Global)
• What if the leak has already happened?
• Cutting and sewing lessons from DLP developers
• DLP: High-Profile Leaks
• Prices for user data in the cybercriminal market

Notes