The Three Largest Data Breaches of 2014

Did your organization suffer a data breach last year?

Across all industries, information security needs to be a priority – but unfortunately, it often isn’t given adequate attention. Organizations put themselves, and their stake holders, at risk when they use software that provides improper protection.

Could you imagine what would happen if a law firm, for example, didn’t use a secure file and information sharing platform?

But as this infographic shows, many companies had severe data breaches in 2014.

Here are the three biggest examples:

1.     eBay – 145 Million Records Lost

In terms of the sheer amount of lost records, eBay suffered the largest data breach of 2014. Between late February and early March, hackers stole information about emails and addresses from the e-commerce company.

They did it by compromising employee accounts, which let them access eBay’s corporate network.

Fortunately, users didn’t lose any financial or credit card information. In the interest of securing sensitive information, eBay keeps that data in separate encrypted formats.

The company also said there was no evidence of fraudulent account activity. PayPal, its online payment service, was also left unscathed.

Unfortunately for eBay, the breach took a toll on its reputation and stock prices. A share of the company, which now stands at more than $60 on the NASDAQ, fell as low as $48.25.

2.     JPMorgan Chase – 76 Million Records Lost

JPMorgan Chase didn’t lose as much information as eBay. But in July, hackers obtained data that was considerably more sensitive. As the largest bank in the United States, it has financial records in its computer systems that go beyond credit card details.

Though JPMorgan Chase denied it, hackers could have accessed social security numbers.

How did the hackers do it? Stationed overseas, they learned which applications and programs JPMorgan Chase’s computers use. After researching known vulnerabilities, they entered almost 100 of the bank’s servers.

Thankfully, there was no evidence of fraud involving stolen information in the end.

But the bank still suffered considerable damage. At the time, people close to the investigation said it would take months to change programs and applications, as well as negotiate new deals with technology suppliers. The long process cost money, resources, and customers’ confidence.

3.     Home Depot – 56 Million Records Lost

Hackers attacked Home Depot in September, targeting customer data. The Atlanta-based home repair retailer lost information about debit and credit cards used at stores in Canada and the United States.

As well as information security strategies, public relations efforts fell short. Banks announced there was evidence of stolen payment cards at Home Depot stores before the company formally explained the situation.

Home Depot then took 10 days to eliminate malware from its computer networks. This created an opening for hackers to steal more information, though it seems the number of stolen records stopped at 56 million.

Hackers used the Russian-developed BlackPOS malware, which was also behind cyber-attacks against retailers Target and Neiman Marcus.

These data breaches illustrate an important point: even large, multinational corporations are prone to information security issues.

Take them as an example of what not to do. Devote enough resources to data protection, and you’ll hopefully enjoy a safe 2015.

>>With secure servers in Canada, the U.S., and Europe, TitanFile helps organizations keep shared files private and comply with regulatory and jurisdictional requirements. Contact us today to learn more.

Like this post? You’ll also enjoy: