Top 10 Biggest Hacks of the Century So Far
#10: DNC Email Leak
In the run-up to the 2016 US election, an enormous email leak may have put a stop to Hillary Clinton’s dreams of becoming president that year. In July, an enormous batch of thousands of stolen emails belonging to the Democratic National Committee was released by WikiLeaks. The most damning content in the emails was the Democrats’ organized attempts to prevent Bernie Sanders from gaining the nomination. No matter your thoughts about politics, it’s not exactly democratic to manipulate things behind the scenes to ensure any candidate doesn’t get a chance to run. Things got even messier when the Sanders campaign accused Clinton of “money laundering” as well as bias.
#9: Equifax
Close to 150 million Americans were affected when one of the US’s biggest credit companies, Equifax, suffered an enormous data breach. The breach happened in 2017 and a wide range of vital personal data fell into the hands of the cyber attackers, including social security numbers and dates of birth. But Equifax didn’t notify consumers of the breach until a few months after it had happened, which was pretty shocking considering that more than 15 million non-Americans were also affected. A few years later, Equifax was ordered to pay a huge settlement of $700 million for the breach, which may have even led to incidents of identity theft.
#8: Celebgate
In 2014 the internet was set ablaze when celebrity nudes began to leak online for some of the day’s biggest names, including Jennifer Lawrence, Kaley Cuoco, and Kirsten Dunst. After Apple was blamed as the source due to supposed security issues with iCloud, they investigated and discovered the data had been accessed through phishing – a common scam most people will have encountered. Thankfully, unlike in many hacking scandals, the culprit was actually caught and convicted; it was a thirty-six-year-old man from Pennsylvania who was responsible. “Celebgate” also led to Apple increasing its focus on privacy and security even more, and additional arrests for hacking personal accounts.
#7: eBay
One of the biggest online retailers in the world, eBay behaved shamefully by taking days to notify users of a huge data breach in 2014. When it finally did, the company was cagey with the details and simply asked users to change their passwords. While people definitely should change their passwords regularly regardless of if they’re involved in a giant hack, this was the bare minimum from eBay and a terrible response to the 145 million compromised accounts. But it’s not surprising that eBay was a little ashamed of what happened, since the breach occurred after hackers broke into the accounts of just three eBay employees.
#6: Facebook
In recent years, it’s become clearer and clearer that Facebook’s security protocols aren’t working all that well. Not only was there a large attack on Facebook in 2013 that resulted in 2 million stolen passwords, but in 2019 there was an additional and significantly larger breach that affected around 500 million Facebook accounts. And this time it actually was Facebook’s fault, because there was a major flaw with its contact syncing system. Facebook users like to share their personal stories, but sharing this kind of information is a different story. If you’ve used the platform in the last ten years, you’ve probably been involved in a leak.
#5: First American
Also in 2019, First American announced that around 885 million mortgage documents had been stolen by hackers. This was so severe because of the amount of personal information that is put into a mortgage application to get accepted, including financial details, photo ID, and social security number. Both customers with mortgages and the banks that lend the money were compromised in the incident. First American was ultimately sued, but only needed to pay regulators a fine of under $500,000. That’s; small change compared to the value of those compromised mortgages, not to mention the fact the company knew about the security flaw since the previous year.
#4: Ashley Madison
This controversial website was designed with a specific audience in mind: people who wanted to cheat on their partners. Unfortunately for Ashley Madison’s millions of users, the company you’d think would prioritize privacy and security was doing nothing of the sort, and never deleted any of its user data. In 2015, a group of hackers took advantage of this and stole all the site’s data, threatening to release it and expose Ashley Madison’s clientele if the business wasn’t shut down. Rather than take down the website until the hack could be resolved, the company decided to call the hackers’ bluff, with disastrous consequences for them; info dumps found their way online, and the resulting fallout was immense and sometimes tragic.
#3: Yahoo
In 2013 and 2014, Yahoo was the victim of an enormous leak – but shockingly the company still didn’t see fit to tell anybody until 2016, some three years later. When the violation finally became public knowledge, it took an additional ten months for Yahoo to confess just how many accounts had been affected – and it turned out every single one of its some 3 billion accounts was compromised. In terms of users affected alone, this is the largest hack in history as of 2021. The problem was that Yahoo’s security was severely lacking, allowing cybercriminals with even a basic knowledge of how to crack passwords and accounts to run off with vast amounts of data.
#2: Sony Pictures Entertainment
It wasn’t the largest hack in history, but it certainly was one of the strangest. Back in 2014, Seth Rogan and James Franco’s comedy movie “The Interview,” about two journalists visiting North Korea and killing Kim Jong-un, ruffled quite a few feathers. Enough feathers, in fact, that a hacker group claiming to be from North Korea hacked Sony, the movie’s distributor, in revenge. The hack succeeded in its aim of hampering “The Interview,” which was pulled from most theaters ahead of its release, but also stole the personal information of many Sony employees who had almost nothing to do with the film. Between that and the huge PlayStation Network hack, 2014 was a bad year for Sony.
Before we unveil our top pick, here are a few Honorable Mentions:
Sina Weibo
China’s Biggest Social Media Platform Had Over 500 Million Accounts Compromised in 2020
Sina Weibo https://youtu.be/mknHwhntZ-M?t=49
SolarWinds
When This Texan Company Was Breached, So Was the US Government
LinkedIn
It Took LinkedIn 4 Years to Come Clean About the Millions of Passwords Stolen in 2012
#1: WhatsApp
Boasting end-to-end encryption and the ability to totally erase all your data, WhatsApp is built on its promise of total privacy – but in 2019, it turned out that this might be too good to be true. WhatsApp was targeted by some aggressive spyware that year, putting users’ private information, messages, and even hardware at risk. The spyware was developed by the NSO Group, known for building complex malware, and could infect a phone simply by making a call; users didn’t even have to answer the call to be hacked. Thankfully, it looked like the exploit wasn’t really taken advantage of, but it still meant every single WhatsApp user had to update their app to fix it ASAP.