It was an interesting year for cybersecurity and the fight against data breaches in the world of information technology. It has been a pretty bountiful year for hackers who has gained unauthorized access to countless corporate and government databases. Here is the list that hauled in the largest amounts of personal data, with most of them tallying into the millions.
Number 5: Patreon
Number of people affected: 2.3 million
This is the best site for crowdfunding with the majority of YouTube channels that I watch using it to help make more content and videos to watch. The had their member data dumped onto the internet for everyone to see on October 1st, 2015. Adding insult to the injury, this was nearly 15GBs of data including the source code for the website itself. Information regarding passwords, emails, and private messages was revealed about the artists and donors.
Number 4: LastPass
Number of people effected: 4.4 Million
The best thing about having a password manager is that it can store a multitude of your logins for websites, with only having to remember one password to gain access to all of them. The downfall of this setup is that if someone gains access to your personal information for the password manager itself, you are screwed. This is what happened to LastPass. It announced the breach June 15, 2015. The reported that their servers were compromised, and the hackers gained access to emails, password reminders, and other important details. Yet the most important piece of information, which wasn’t leaked, was the personal passwords to the LastPass service.
Number 3: Ashley Madison
Number of people affected: 32 million
It was reported that someone stole the personal information of the members of the infamous, and stupid, dating site. They threaten to release all of the information unless Ashley Madison was shut down permanently. This breach was reported on August 18, 2015. They managed to dump 9.7GB of data into the dark web. The members of Ashley Madison had their names, addresses, passwords, phone numbers, and payment translations leaked to the public going all the way back to 2008. The more interesting part of the breach was that celebrities, and general statistics, such as how many member accounts were women, of members were released.
Number 2: U.S. Office of Personnel Management
Number of people affected: 25.7 million
On June 5th, 2015, it was reported that personal information on a little over 4 million current and former employees for the U.S. Federal government was stolen from the systems and database of the Office of Personnel Management. Then almost a month later, it was reported that yet another intrusion was discovered where records for a staggering 21.5 million people were taken from the background check database. This second leak was reported that social security numbers and fingerprint images were taken. The hackers of this data breach are suspected to originate from China.
Number 1: U.S. Heath Insurers
Number if people affected: 114 million
There was quite a few of the health insurers within the United States had their customer databases attacked and leaked to the public within the 2015 year. Because of this, we are grouping all of them together, otherwise if each leak was listed on it’s own, the whole list would be just of the health insurance companies. In ascending order, here is the list: CareFirst (1.1 million), UCLA Health (4.5 million), Premera Blue Cross (11 million), and Anthem (97.6 million). By the attack itself, Anthem’s systems came out as the number one breach by itself for the whole year. Its tally alone of exposed personal information, which also possibly includes people who are not Anthem customers, but are customers of other companies that share the same insurance network as Anthem.