Data Breaches Are All Too Common: 10 Examples From the Past Two Years
It's a scary reality, but data breaches happen far too often. In recent months, some of the world’s largest companies have reported data breaches impacting millions – or even billions – of customers. With each breach, our data is put at risk, and we have to worry about whether our information was compromised and what steps we need to take to protect ourselves.
In this blog post, we look at 10 data breaches in the past couple of years and explore how these events can impact us as individuals. We will provide summaries of each breach and discuss their potential consequences. Finally, we’ll share advice on protecting your data from being divulged by a future breach.
The real problem is that you may have been a victim of one of these breaches and was never informed, or if you were informed, the time from breach to notification of the breach could be lengthy.
Cafe Press - 2019
For example, consider the data breach of CafePress - a go-to online shop for custom prints.
In February 2019, CafePress underwent a significant data breach that revealed the confidential information of millions of users. As if it weren't bad enough, hackers managed to access social security numbers that were not encrypted. This incident disclosed names and addresses in addition to their corresponding security questions.
In February, the data breach occurred, but consumers were not alerted until much later in the summer. For its reckless security methods, the FTC recently took action against this company.
It's disquieting to think that your confidential data might have been compromised without you even suspecting it. The fact is, breaches of this kind can go unnoticed for months or years unless one chances upon the right website. Thankfully, some browsers now offer features like password breach notifications. However, they may not be able to detect other types of sensitive information beyond passwords in specific scenarios.
Microsoft Customer Data Breach - 2022
On October 19, 2022, Microsoft revealed a catastrophic breach that endangered customer data due to the misconfiguration of one server. Reports indicate that this incident could have exposed up to 65,000 entities worldwide and compromised their business transaction data.
EdFinancial and the Oklahoma Student Loan Authority (OSLA)
Are you a former student loan recipient from EdFinancial or the Oklahoma Student Loan Authority (OSLA)? If so, pay attention: over 2.5 million individuals' personal information was exposed in a breach from June through July 2022 - and you may be one of them! That data included social security numbers, email addresses, home addresses, and phone numbers. The organizations have already contacted impacted individuals by letter with complete details about what happened; be sure to check whether yours is among them.
NelNet servicing was used for these accounts, so luckily, not all EdFinancial account holders were affected. Nevertheless, student loan borrowers can still be susceptible to phishing attempts, social engineering strategies, and impersonation scams. Given the sensitive nature of loans in general, this risk is magnified even further.
U-Haul - 2022
U-Haul, the renowned rental firm, recently announced a massive data breach exposing its customers' information. The affected contracts were from November 5th, 2021, to April 5th, 2022 – making this an event we should take notice of. U-Haul alerted their clients of the intrusion in August 2022 and has implemented measures to ensure that such a situation does not occur again.
Personal information loss included names, driver's license ID information, and state identification numbers.
Neopets Breach May Have Compromised 69 Million Accounts
You wouldn’t suspect a cute site like Neopets to be a cybersecurity risk. Many users that may have forgotten their accounts on the site and others that still use the platform got a rude awakening when a hacker offered to sell their account information for four bitcoin (about$100,000)! The current owner was not aware that the breach had even occurred. An estimated 69 million accounts may have had emails and passwords and other possible personally identifiable information leaked.
The ownership brought a research company to identify the source of the breach, but that information was not currently available.
Marriott - 2022
In July 2022, the infamous Marriott chain endured yet another data breach. They cited a single employee computer that was left unsecured as the cause of this latest incident, with approximately 300-400 people having their details, such as credit card numbers and other confidential information, exposed in the process.
Unfortunately, it appears to be all too common for these giants; within just four years, they have been hit by three massive breaches, which should leave any potential customer wary if considering staying at one of their properties - cash or pre-paid cards are probably your safest bet!
Shield Health Care Group - 2022
In March of 2022, Shields Health Care Group experienced a catastrophic data breach. The breach was reported to victims in May of 2022. Approximately 2 million customer records were compromised and vulnerable to malicious hackers – containing private medical information, social security numbers, and other confidential personal documents.
The number of medical facilities this breach affected was over 50 in the New England region, so the potential for patients to be affected was significant.
Flagstar Bank - Sometime In 2021
In December 2021, Flagstar Bank was informed by a service vendor about a massive breach that resulted in the exposure of 1.5 million customers' social security numbers. Unfortunately, it took them six months to identify those affected by this destructive hack. The resultant effect was far-reaching and has caused severe damage since its inception six months before informing its customers.
Block (formerly Square) - 2022
Last April, Block (formerly Square) made a shocking revelation that in the preceding December, they had suffered an attack when one of their ex-employees accessed customer names and brokerage account numbers. Furthermore, approximately 8.2 million customers were affected as this data breach exposed more than just those details; some accounts also revealed stock trading info!
Cryptocurrency is currently in high demand, but also highly vulnerable to malicious cyber attacks. In January 2022, the security systems of Crypto.com were breached and 483 users had their wallets compromised.
Despite the two-factor authentication measures usually being highly effective, hackers managed to steal an estimated $18 million worth of Bitcoin along with another $15 million in Ethereum and other currencies for a total of over thirty million dollars!
How Would You Deal With These Breaches?
In conclusion, it's important to stay up to date on the latest news about data breaches, as this can help you proactively protect your personal information. Ensure you are utilizing browser tools such as Microsoft Edge's breached password notifications to be immediately alerted if your passwords have been exposed in a previous breach.
Consider using a password manager to store your passwords securely and keep track of any changes that need to be made. Finally, if you find out that your personal information has been exposed to an attack, act promptly and consider changing your passwords or enrolling in identity theft protection services to stop any potential misuse of your information.