5 Biggest Security Breaches of the 21st Century

Security and data breaches are some of the caveats of the internet and all the convenience it offers. Paying bills online, staying connected through social media and donating to our favorite charities could put us at risk for identity theft and fraud. Here are the five top security breaches in the 21st century, based on the number of consumers affected and information stolen:

1.   Yahoo

Occurred: 2013-2014 Reach: 3 billion user accounts

Yahoo was once known as a giant in the internet industry. When preparing for its sale to Verizon in 2016, the mega-corporation announced it had been subject to perhaps the largest security breach in history in 2014. Yahoo claimed the attack was carried out by “a state-sponsored actor.” This breach stole 500 million users’ personal information that could be used in any type of wire and mail fraud scheme, including their real names, birthdates, phone numbers and email addresses. Hackers obtained the information by using an algorithm to determine passwords.

It was later revealed that 1 billion users’ accounts were breached in 2013 by different hackers that also obtained security questions and passwords. In 2017, Yahoo revised the estimated number of affected accounts to all 3 billion of its users at the time.

2.   Adult Friend Finder

Occurred: October 2016 Reach: More than 412. million accounts

Account holders at Adult Friend Finder were searching for casual hookups and adult websites when their information was breached in 2016. The hackers obtained account information gathered over 20 years in the FriendFinder Network databases, including names, birthdates, email addresses and passwords.

3.   eBay

Occurred: May 2014 Reach: 145 million

Hackers obtained all account holders’ names, passwords, addresses and dates of birth by using credentials of three of eBay’s corporate employees. The cybercriminals reportedly had access to the information for 229 days.

Account users were asked to create new passwords for the site and were told that financial information was not compromised in the attack.

4.   Equifax

Occurred: July 2017 Reach: 143 million

The data breach at Equifax affected 143 million consumers – 209,000 of which had credit card information exposed to the hackers. Equifax said the attack likely started in the middle of May 2017 but wasn’t discovered until July 29. This has been one of the largest threats to consumers and increased the threat of wire and mail fraud in the modern century.

5.   Heartland Payment Systems

Occurred: March 2008 Reach: 134 million

Heartland processed 100 million credit card transactions a month for approximately 175,000 smaller retailer merchants. The breach was discovered in 2009 after multiple suspicious transactions were reported by Visa and Mastercard.

The processing company was ordered to pay $145 million back in fraudulent charges and was found to be in violation of the Payment Card Industry Data Security Standard.

In 2009, Albert Gonzalez and two Russian accomplices were indicted for stealing the cards in 2009. Gonzalez was convicted and sentenced to 20 years in prison in 2010.