Top security breaches of 2016

Nowadays, all companies are doing their best to fight with those who are fans of identity theft and, despite their efforts, security breaches occur pretty often.

And this wouldn’t be an issue if the amount of data loss is small, but when we’re talking about millions of compromised accounts, things might get a negative turn.

Today we’re making a quick retrospective of what happened in 2016, by discussing the top 10 security breaches companies dealt with. Let’s begin, shall we?

Take a look at the top security breaches of 2016:

10. Snapchat

When? March 3, 2016

Compromised records? 700

When you’re working for one of the biggest companies in the world, you should be aware of the fact that phishing scams are still a thing. However, 700 Snapchat employees had their personal information stolen, after one of them emailed hackers private data.

Their method was simple: post as CEO Evan Spiegel and request information like names, Social Security numbers and wage/payroll data. How they were planning to use this or who actually did it is still a mystery. They did apologize for this, though, says Digital Trends.

9. Verizon Enterprise Solutions

When? March 25, 2016

Compromised records? 1.5 million

We’re not talking about the Big Red, but one of its divisions, known for providing IT services, as well as breach assistance. However, its clients are mostly businesses and government agencies around the world, which makes the fact that 1.5 million accounts got their information stolen by hackers even worse.

Eventually, the data was found for sale on a shady cybercrime forum. In the meantime, Verizon acknowledged the issue and found the security flaw, while the affected customers were contacted.

8. LinkedIn

When? May 17, 2016

Compromised records? 117 million

Back in 2012, a huge data breach led to 117 million email and password combinations being stolen by hackers.

Four years later, everything resurfaced and LinkedIn announced that they will invalidate passwords for each account that was created prior to the 2012 breach, but without undergoing a reset since then.

It is still unknown who was behind this and if the information was published online, but currently, the network is working alongside law enforcement officials, in search for some answers.

7. Oracle

When? August 12, 2016

Compromised records? Unclear.

In case you didn’t know, Oracle owns a point-of-sale system called MICROS, which is being used in more than 330,000 cash registers from all over the world. And yes, you guessed it, all of them were affected by a data breach, announced in August 2016.

It was unclear how many of them were compromised, but it was later found out that a group of Russian hackers were behind this, as they placed malware on the company’s computers, as well as on the MICROS customer support portal, in order to obtain access to usernames and passwords.

Experts believe that the hackers most likely planted malware in several point-of-sale system, which lead to major breaches at retailers throughout the United States.

6. Dropbox

When? September 2, 2016

Compromised records? 68 million

Just like in LinkedIn’s case, Dropbox dealt with a huge data breach back in 2012 and managed to help just a small amount of users secure their accounts.

However, this September, it was revealed that until then, more than 68 million users had their accounts compromised, as they have been illegally accessed all this time!

5. AdultFriendFinder

When? November 13, 2016

Compromised records? 412 million users

No, it’s not a typo! It was the second time when this website was targeted by hackers over the past two years and when they finally hit, the amount of accounts compromised was absolutely ridiculous!

412 million users had their information stolen – emails, passwords, purchases, VIP memberships and so on – and, you guessed it, published in several shady marketplaces. It’s curious that the website didn’t confirm the attack yet, even though they admitted finding a vulnerability in their system.

4. Department of Homeland Security, FBI

When? February 2016

Compromised records? 29,000

Yes, ladies and gents, even one of the safest institutions in the world went through this in 2016. Back in February, the Department of Homeland Security and the Federal Bureau of Investigation were the targets of hackers, which resulted in dumping the records of 9000 DHS employees, as well as 20,000 FBI employees.

Names, titles and contact information were all compromised and the hacker (yes, a single person did this) tried reaching out Motherboard, claiming that he has access to over 200 GB of information!

3. Tumblr

When? Not mentioned

Compromised records? 65 million

The social blogging website wasn’t safe this year either, as it suffered from a serious security breach.

Initially, Tumblr refused to give more details about this, but journalists later found out that more than 65 million accounts were compromised. It is not known what happened with the data yet.

Of course, this doesn’t come as a surprise, considering that Tumblr is owned by Yahoo, a company which experienced something similar this year.

2. Weebly

When? October 20, 2016

Compromised records? 43 million

Just a few months ago, Weebly users found out about a massive data breach which happened in February, but it took eight months to be discovered.

The stolen data included usernames, passwords, IP information and addresses. As for financial information, it’s less likely that it was stolen as well, since the network doesn’t store full credit card details.

1. Yahoo!

When? December and September 2016

Compromised records? 1 billion

There’s no doubt that 2016 marked one of the biggest – if not the biggest – data breaches in history! After people just got used to the idea that back in September a data breach affected 500 million accounts, Yahoo had a ‘really nice’ Christmas present from them.

The company announced that they discovered a data breach from 2013 that may have compromised – get ready for this – over one billion Yahoo accounts, which is pretty much the biggest data breach in history. No other details about this were shared, so we don’t know who’s responsible for the attack, what they stole and, most important, how they managed to get into the system.


Please enter your comment!
Please enter your name here