In this article, we’ll some of the worst cybersecurity attacks that occurred in the 21st century. This list is based on the number of victims. Moreover, the data stolen on these cybersecurity attacks were used for malicious intent. Without further ado, here are them.
Adult Friend Finder
This breach occurred in October 2016 and impacted around 412.2 million accounts. Adult Friend Finder is part of the FriendFinder Network. This is a sensitive data breach for account holders because of the services offered.
Stolen data included the following:
- names
- email addresses
- passwords.
According to reports, hackers cracked an estimated 99% of passwords because only the weak SHA-1 hashing algorithm protected the passwords.
Heartland Payment Systems
Occurred in March 2008, hackers exposed the details of 134 million credit cards. At that time, Heartland processes 1000 million payment card transactions monthly. Moreover, Heartland serves 175,000 merchants and most of them are small to mid-sized retailers.
At that time, SQL injection was the most common method hackers use. Hence, hackers used that method on Heartland. Heartland greatly suffered from the breach. For instance, the Payment Card Industry (PCI) did not allow heartland to process the payments of major credit card providers. The suspension lasted until May 2009.
Furthermore, Heartland paid an estimated $145 million in compensation for fraudulent payments. Fortunately, authorities caught the attackers and that is quite rare. A federal grand jury sentenced Albert Gonzales, the alleged mastermind, to 20 years in federal prison. Gonzales started his prison time in March 2010.
LinkedIn is the major social network for business professionals. The company announced in 2012 that hackers stole 6.5 million unassociated passwords. Afterward, hackers posted the passwords onto a hacker forum consisting of Russians.
After 4 years, LinkedIn revealed that the hacker offered the information of the affected users. The company notified the 165 million affected users and reset their passwords.
Sina Weibo
Sina Weibo is Twitter’s equivalent in China. Hackers stole the information of over 500 million Sina Weibo users in March 2020.
Moreover, the stolen data included real names, site usernames, gender, and location. Furthermore, hackers posted the phone numbers of 172 million users for sale on dark web markets.
Yahoo
This is currently the biggest data breach among the worst cybersecurity attacks in history. Yahoo announced in September 2016 that hackers stole the data of around 500 million users. Thus, the compromised data included:
- real names
- email addresses
- birth dates
- telephone numbers.
In December 2016, Yahoo announced another data breach from 2013. Furthermore, the company estimated that the cybercriminals compromised the data of all of its 3 billion user accounts.
NetEase
NetEase is a provider of mailbox services. It was reported that DoubleFlag sold login credentials of around 235 million NetEase accounts. DoubleFlag is a vendor in the dark web marketplace. However, NetEase denied the hack. Moreover, according to HaveIBeenPwned, this breach is “unverified”.
Zynga
Zynga is the creator of Farmville and was a giant of the Facebook gaming scene. Yet, Zynga still has millions of mobile game players worldwide.
Zynga confirmed the claims of a Pakistani hacker hacking the company’s database. The hacker gained access to 218 million accounts in September 2019. The stolen data included the following:
- salted SHA-1 hashed passwords
- phone numbers
- user IDs for Facebook and Zynga
- email addresses