Lessons Learned from 5 Biggest Data Breaches
New details about Equifax breach unveil every day. What could we learn from this and other recent data breaches?
First and foremost: never stop updating your software and, more importantly, your knowledge. Hackers are doing their best to create sophisticated ways to gain access to personal data. We, in turn, should become a community that shares the knowledge and is proactive about cybersecurity.
Take a look at the biggest recent data breaches and see what you can do about it.
Credit reporting agency Equifax has client info exposed
Due to poor cybersecurity practices, names, social security numbers, addresses, birth dates of 143M Americans were stolen as well as credit card numbers of 209,000 people.
When? Initially discovered on 29th July 2017 Problem: Breach put customers at a high risk of identity theft
What should you do if you suspect hackers have stolen your social security number?
- Set up a fraud alert
- Request a credit freeze
- Check your credit status
- File taxes early
- Monitor your credit statements for unusual behavior
Payment processing company Heartland Payment Systems lost user financial data
Security breach resulted in 130M records stolen, including credit and debit card numbers of clients. Related to this breach, more than 650 other financial service companies were compromised as well.
When? Disclosed on January 2009
Problem: High risk of financial fraud for individual clients, reputation and financial loss for companies.
What to do if your credit/debit card information is stolen?
- Check your credit/debit card statements
- Contact your bank and credit bureaus
- Change your login information on online shopping websites
- Cancel your credit/debit card and get a new one
- File a report at Federal Trade Commission
- Track purchases on your new card
Social network LinkedIn has user data stolen
117 million Linkedin emails and passwords stolen and 167 million accounts compromised. Later on, there was an attempt to sell the information for 5 bitcoins ($2,200). When? Data stolen and leaked in 2012, tried to be sold in 2016 Problem: Users that use the same password for various accounts might get their email compromised.
What to do to prevent losing control of your social media accounts?
- Check websites for encrypted session (HTTPS) and valid certificates
- Do not use the same password for various types of accounts
- Use complex passphrases and a password manager
- Enable two-factor authentication (2FA)
- Click (or open attachments) only from senders you know
Windows operating system compromised by ransomware
Over 200,000 victims and 300,000 machines affected during a Wannacry ransomware attack. It encrypted user information and asked bitcoin in return.
When? Initially discovered on May 12th, 2017 Problem: Not paying the ransom leads to loss of information or exposed private data.
How to protect yourself from ransomware?
- Backup your data
- Patch your machines
- Set up automatic updates
- Do not pay the ransom
- Use antivirus program
Web services provider Yahoo leaks client account information
Two massive data breaches happened that left more than 1.5 billion accounts hacked. Hackers leaked names, email addresses, birthdates, passwords, telephone numbers and answers to security questions of 500M users.
When? Happened in 2013-14, announced in September 2016 Problem: Email account is most of the time linked to social media and other important
What to do if your email password gets hacked?
- Change your email password
- Use password generator and 2-factor authentication
- Modify the passwords in your social media and service accounts
- Update the email information on accounts where you used the said email
Data breaches are getting just too common. Make sure you always stay safe online and build great cybersecurity habits:
And of course, make sure you always stay safe online. CUJO helps to protect yourself from hacking, phishing, and malware. Read more here.