When it comes to data breaches, 2019 has been a record year. While it’s not the kind of record businesses want to see, there’s no denying that this year has been devastating with regards businesses impacted, and the costs that went with the data breaches in question.
In a recent article on the Security Magazine website, it was reported that, as of the end of Q3, there were 5,183 data breaches, accounting for 7.9 billion records being exposed. The three most exposed industries were:
- Healthcare (343 breaches)
- Retail (307 breaches)
- Public administration (264 breaches)
These data breaches see an increase of just over 33% compared to the previous year, and a whopping 112% increase in the number of records that were exposed because of them.
Here are five data breaches that stood out in 2019, for the sheer size of the breaches and the amount of data released.
Social Media Profile Data Exposed – 4 Billion Records and 1.2 Billion Users
In October of this year, security experts Bob Diachenko and Vinny Troia discovered an unsecured server that had over 4 terabytes of data on it. With 4 billion records available, impacting 1.2 billion people, this is one of the biggest data leaks ever recorded.
Not only were there social media profile details available for Twitter, Facebook, LinkedIn, and Github, but also names, phone numbers, and email information. The data was collated from two data enrichment companies and increased the suspicion of social network users (especially after the Cambridge Analytica scandal).
Orvibo Smart Home Products – 2 Billion Records
Providing smart solutions for both residential and commercial properties, Orvibo positions their solutions as, “…secure, energy-saving, and comfortable”. However, earlier this year, that “security” was put to the test when 2 billion records were exposed on an open database linked to the company’s products.
The impact was global, affecting users in Asia, Europe, North America, South America, and more. The amount of data released was also eye-opening, with everything from personal info to account reset information, scheduling info, and more.
Adding to the impact was the fact that the open database remained online for two weeks, despite security experts alerting Orvibo.
TruDialog Business SMS Solutions – 1 Billion Records
With more than 5 billion subscribers, and with their service on almost 1,000 cell phone carriers, TruDialog is one of the leading SMS providers for small and large businesses alike. It’s these numbers that make a business like TruDialog such an attractive one to go after when it comes to the data they hold.
Last month, that’s exactly what happened, when their database was breached. This database was over 600 GB in size, and stored records for more than a billion people. The data in these records include, but not limited to:
- Names of account holders as well as users
- Content of the messages
- User passwords
- Technical logs
Not only was this data breach the worst kind of news for TruDialog’s users, but the company itself, as its operating procedures and backend procedures were visible to its competitors. With this breach still being fresh, we’ll be monitoring any fallout that comes because of it.
First American Financial Corp – 885 Million Records
In the summer of this year, investigative journalist Brian Krebs published details of a data leak from First American Financial Corp. A Fortune 500 insurance company, First American employs over 18,000 people and brought in almost $6 billion in revenue in 2018.
The data leak shared private information found in 885 million files, including bank account numbers and statements, mortgage and tax records, Social Security numbers, wire transaction receipts, and driver’s license images.
Worse still, this information was available on the organization’s website, with only minor modification of a URL needed to access the data. Because the information was so easily available, it opened up the possibility of further actions, including phishing opportunities, for clients of First American.
Verifications.io Email Verification Solution – 808 Million Records
When your business offers a verification solution enterprise-level organizations, the irony of your security being breached isn’t lost, as discovered by Verification.io in March of this year. Available on a public MonoDB database were three folders from the company that shared email records, email and phone records, and business lead records.
So big was the breach, and the number of email details released, that it was described as “…the second-largest breach in history and the biggest-ever leak of data that traces back to a single source…” by Troy Hunt, who runs Have I Been Pwned, a free breach notification service.