Top five biggest data breaches of 2017
The previous year has been marked by the largest data breaches in the history of cybersecurity. Hardly a week went by without news that some company had exposed and leaked consumer and commercial data. In fact, according to the Breach Level Index (BLI,) 1454 organizations in various industries failed to safeguard their databases, resulting in the entirety of their user’s information being exposed for all to see. And all this happened in 2017 alone.
To help put all this in perspective, we’ll recap the five most recent, and notable, data breaches in America, and the consequences to which they’ve led. Each of the following data breaches has a “risk score,” based on many factors: financial loss, the amount of sensitive information lost, and the damage it caused to the company in question, its customers, and its partners. The following data breach ratings are presented in descending order.
Headquarters: Atlanta, Georgia, United States
July 12, 2017
Risk Score: 10.0
143 million records
Equifax, one of the three major credit reporting agencies, suffered a massive data breach in mid-May through July 2017. If you have a credit report, there’s a good chance you’re one of the 143 million Americans whose sensitive personal information was exposed in this Equifax data breach. During the attack, malicious outsiders managed to steal data containing people’s names, Social Security Numbers, birth dates, addresses, and in many cases, driver’s license numbers. They also hacked credit card numbers for 209,000 people, and dispute documents with personal identifying information for about 182,000 people.
River City Media
Headquarters: Jackson, Wyoming, United States
June 3, 2017
Risk Score: 9.8
1.3 billion records
River City Media, a huge email marketing organization, failed to safeguard backups of its database containing 1.3 billion email accounts. Besides emails, the database included users’ real names, IP addresses, and often physical address. River City Media used the following personal data in its spam email campaign. In the emails, the company promised “credit checks, education opportunities, and sweepstakes.” There’s a risk that your personal data, or the data of someone you know, was made public.
Deep Root Analytics/ Republican National Committee
Headquarters: Arlington, Virginia, United States
June 13, 2017
Risk Score: 9.6
198 million records
Deep Root Analytics, a marketing company working for the Republican National Committee, inadvertently left sensitive personal details for roughly 62% of the US population on a public domain. The data breach was named the largest breach of electoral data in the United States to date. Along with information about 200 million US citizens’ home addresses, birthdates, phone numbers and political views, the breach also included analyses used by political groups to predict where individual voters fall on controversial issues such as gun ownership, stem cell research and abortion rights. The data was placed on a public Amazon cloud server and could be accessed and downloaded by anyone with a link.
Headquarters: Irvine, California, United States
December 19, 2017
Risk Score: 9.4
123 million records
Alteryx, a California based marketing and analytics firm, accidentally left an unsecured database online, exposing sensitive information for about 123 million U.S. households. The personal details included street addresses, demographics, and family finances, as well as information pertaining to home and auto ownership, and even specifics about children in the household. The database was accessible to anyone with an Amazon Web Services account, the storage service Alteryx used to host the files.
Center for Election Systems at Kennesaw State University
Headquarters: Kennesaw, Georgia, United States
March 3, 2017
Risk Score: 9.1
7.5 million records
During a breach of the Kennesaw State University (KSU) Center for Election Systems, sensitive data on Georgia’s 6.7 million voters was exposed to potential hackers, and remained accessible for months. The data included Social Security Numbers, party affiliation, and birthdates — as well as passwords used by county officials to access election management files. The center was notified about the possible vulnerabilities in August 2016, however, didn’t take the necessary security measures rectify the problem.
What if my personal data was exposed?
There’s literally thousands of data breaches we could discuss, but we chose the biggest breaches that could potentially affect you, your family, and your friends. With that in mind, we urge you to take a moment and visit OneRep.com and see exactly which websites are posting information about you online. OneRep’s service has proved itself invaluable to many customers and is a “must have” for anyone who cares about their online privacy and security. OneRep can automatically remove your name, address, credit history, birthdate, and other information from the Internet, and their ongoing privacy protection continually monitors the internet for relisted records and removes them on your behalf. We also recommend to try OneRep 5-day free trial plan which includes the Internet scanning, removal of your personal information from 62 people-search websites and premium support.