Cybersecurity disasters/ data breaches take place every now and then; even the minor security breach can incur a great loss. But then there are large-scale security breaches which have paralyzing impacts.
Here, we have compiled some of the biggest cybersecurity disasters:
1) eBay – May 2014
Online auction giant eBay announced a cyber-attack in May 2014 which involved the encrypted passwords, birth date, addresses, and names of its 145 million users to be exposed.
According to the company, the hackers were able to breach the company’s network and gain complete inside access for 229 days using the credentials of three corporate employees. During the time period of 229 days, the hackers were able to access user database. Although the impact of the breach was significant, financial information of the users, including credit card number, wasn’t compromised.
2) Sony’s PlayStation network – April 2011
The April 20 breach of Sony’s PlayStation network has been considered as the worst data breach in the gaming community of all-time. The impact of the hack was devastating as 77 million PlayStation network accounts got hacked.
Hackers were able to gain full access to credit card numbers, purchase history, home addresses, e-mails, passwords, names, and PSN/Qriocity logins. The estimation of total losses accounted for 77 million.
3) Yahoo – 2013-14
In September 2016, Yahoo announced that a large-scale data breach took place in 2014 which compromised telephone numbers, birth dates, email addresses, and real names of 500 million users. According to the company, the passwords involved in the hack had been hashed under the bcrypt algorithm.
4) Home Depot – September 2014
Home Depot, in September 2014, announced a major data breach which involved the theft of debit/credit information of 56 million customers. The company disclosed that its POS systems had been infected with custom-built malware.
5) VeriSign – 2010
VeriSign was a victim of large-scale data breach throughout 2010, and the most surprising fact is that the company handled it poorly and therefore never announced the attacks. It was through a SEC-mandated filing that the incident became public.
According to what the company disclosed, no damage was done to the critical systems such as certificate servers or DNS servers.
It is quite evident From above points that organizations faced large-scale security breaches despite having sophisticated security measures.
Since the number of websites built on CMS Platforms such as WordPress, which is used more than other platforms, SuperAuth introduced WordPress user authentication plugin that helps to integrate no password login within 30 seconds.