Not long after the birth of the internet, the online community was introduced to hackers and data breaches. Over time, these technology hacks have become bigger, faster, and more severe, with no signs of slowing down. With Halloween right around the corner, we thought we’d take a trip down the online memory lane, ranking the top six scariest tech hacks and data breaches.
6. TalkTalk hacked for the third time
For the third time this year, British broadband provider TalkTalk was hacked. This time, up to four million of its customers were potentially affected, with hackers claiming to have stolen customer’s names, addresses, contact information, and bank details. The most current data hack on this list, TalkTalk saw its shares instantly plummet by 9% after news of the data breach was revealed. Despite a Russian jihadist cyberterrorist group claiming responsibility, and a 15 year old boy from Northern Ireland recently being arrested on suspicion, no one has yet been charged.
The hackers reportedly demanded a ransom of £80,000 payable in bitcoins, an online virtual currency, or they would publish the customer data online. Scotland Yard declined to comment on the ransom, stating its cyber crime unit’s investigation was ongoing. Despite TalkTalk’s attempts to downplay the hack, claiming that the hackers were not able to access customer’s bank details, many users have seen money stolen from their back accounts. Whether TalkTalk is able to publicly recover from yet another data breach is yet to be seen.
5. Sony Pictures’ Hollywood hack
On November 24, 2014, employees at Sony Pictures Entertainment were greeted with an image and message on their computer screens. The picture of a grinning skull, accompanied by the message “If you don’t obey us, we’ll release data shown below to the world,” was posted by a group called Guardians of Peace. They revealed that they had hacked Sony’s data and would release company information if demands were not met.
In what was seen as one of the most damaging corporate data breaches in history, gigabytes of internal Sony data was leaked online, including social security numbers, emails, and private information of some of the company’s 6,800 employees, along with 40,000 other people that Sony had worked with over the years. All were at a potential risk of identity theft. Financial and legal information, passwords, unpublished scripts and four unreleased Sony movies were also released during the hack.
4. AOL releases its own data
Unlike the other four on this list, AOL stands alone as being the only one to have leaked its own data. In 2006, AOL accidentally released 650,000 AOL users’ private data, which included a combined 20 million web queries. The data showed what users had searched for throughout a three month period, along with whether they clicked on the links. To make things far worse, the leaked data also included AOL users’ names, social security numbers, addresses and many other pieces of personal information.
AOL spokesman Andrew Weinstein would go on to put out a press release, stating, “This was a screw up.” He wasn’t wrong. Despite the AOL usernames having been changed to random ID numbers, analysing all searches by a single user allowed people to figure out who the user was. Needless to say, the people who had their private searches leaked to the public were unlikely to be using AOL for much longer, and the self-inflicted leak damaged the company's credibility as a whole.
3. Ashley Madison data breach
One of the more recent tech horror stories featured here, Ashley Madison, an online dating service marketed to those married or in long-term relationships, recently suffered a substantial and highly public data breach. The Ashley Madison hackers claimed to have personal information, such as email addresses and bank details, of all 32 million members, and intended to make it public. The hackers had two reasons for doing so. They disapproved of the company promoting and encouraging adultery, and disagreed with its business practices, such as asking users to pay $19 to have all your data deleted - despite it later being revealed that the users’ data was not removed entirely.
Between August 18th to 20th, the hackers would release more than 25 gigabytes of company data, including user details for a large number of members. The public was able to view long lists of people who had signed up to the service. In retaliation, Ashley Madison put out a $500,000 reward for anyone who could provide information on those responsible of the data leak. As of today, no one has been caught for the data breach, and Ashley Madison and many of its users have been put in an extremely precarious position.
2. Sony’s first hack
Not to be outdone by anyone else in this ranking, Sony features yet again. This time however, it’s Sony Online Entertainment that was subject to an account hack. And not just any old hacking. In April 2011, 77 million Playstation Network accounts were breached, gaining full access to names, emails, passwords, addresses, credit card numbers, and PSN/Qriocity logins and passwords. Of the 77 million account hacked, 12 million had unencrypted credit card numbers.
Due to the severity of the breach, Sony had no other option but to close the online gaming network down. The Playstation Network went dark worldwide for over three weeks, and cost Sony a reported $171 million, which included fighting 65 class-action lawsuits brought against the company. No one was ever caught for the hack and it's considered the worst gaming community breach in history.
1. Heartland Payment Systems' humungous data breach
Despite being arguably the least known corporation on this list, Heartland Payment Systems’ data breach almost makes the other hacks listed above appear trivial in comparison. Heartland, a provider of credit and debit processing, payment and check management services, announced in 2009 that it had been the victim of the largest data breach to ever impact an American company. The company processed payments for more than 250,000 businesses in the US, with the hack leaking information from over 130 million credit and debit cards.
Malware was planted on the company’s network, recording data as it arrived from retailers. The digital information encoded onto the magnetic stripe built into the backs of credit and debit cards were stolen, enabling cards to be counterfeited with considerable ease. In 2010, Albert Gonzalez was convicted on the hack, along with another data breach, and sentenced to 20 years in prison. To date, this remains the longest sentence ever given for a computer crime in a US court.
Avoid the horror
Security hacks and data breaches aren't always avoidable. You can, however, make precautions, choose a service to protect your data and implement stringent security measures to decrease the chances of falling victim to a tech hack. Whatever you do, don't be that character in the horror film who believes 'everything's fine and there's nothing to worry about.' That person's life expectancy is almost guaranteed to plummet after that, so don't let your guard down or start to think a security breach couldn't happen to you, otherwise you could find yourself featured here in next year's list.
