Many imagine that the security of computer systems evolves as other technological advances occur. Unfortunately, not quite. Are not uncommon, for example, online systems have serious security flaws. To cite just one recent case, more than 6 million LinkedIn passwords were stolen .
Often, basic oversights like the lack of update of the platform that runs the site, any network becomes an easy target for script kiddies , for example, crackers inexperienced who download programs from the internet aimed at breaking into machines. In other situations, ideological reasons can lead to true geniuses break the security business.
There is no lack motivation to break into systems . Whatever the case, the fact is that it generates a lot of headaches for network administrators and technicians specialized in security. And, like millions of passwords for services were “stolen” in recent months, has a list with the worst data breaches in the last ten years. Want to know who is on the list? Check it out!
1. PlayStation Network: 77 million people without access
In April 2011, gamers around the world almost had an attack of nerves to know that the PlayStation Network – Sony service that provides digital content and multiplayer games – was off the air. However, the frustration turned to excitement when groups of hackativismo assumed responsibility for the attack that led the network to go offline.
The operation was motivated by the process that Sony filed against the young George Hotz (Geohot), responsible for the release of the Playstation 3. At the time, 77 million people were without access to the service of the company. In addition, data from more than 24 million accounts were stolen, containing valuable information and were not protected by encryption, such as credit card numbers, passwords and purchase history. The damage to the Sony was $ 24 billion.
2. Epsilon: 60 million emails leaked
The Epsilon is one of the largest companies in the world to work with database of email addresses, which are sold to companies wishing to promote their products to potential customers via the Internet. Obviously, these databases are made with the permission of the owners of the accounts, otherwise the practice could be considered spam.
Anyway, the fact is that in March last year, many customers have received emails from Epsilon false and were part of a coup to capture data and present in the particular service. At the time, this type attack phishing captured about 60 million emails used by over 100 customers Epsilon. Now, yes, it is possible that these people have begun to receive unsolicited advertisements.
3. Or RSA escape attack
For those unfamiliar, the RSA is a company specializing in security and encryption founded by three professors from the Massachusetts Institute of Technology: Ron Rivest, Adi Shamir and Len Adleman. For know that neither this company, taken as a reference on the subject, was free of data leakage. In March 2011, it was the turn of the RSA spend time and money to fix security flaws.
At the time, hackers broke into servers at RSA and gained access to more than 40 million authentication keys used by employees to access corporate networks and government. Since then, the company has spent more than $ 66 million (about $ 134 million) to monitor and enhance the security of customer information.
4. Gawker, punished for being “arrogant”
In December 2001, Gawker Media, the group responsible for many successful websites on the internet, just the target of a hacker group known as Gnosis. At the time, the hackers have released a 500 MB file with login, password and email of more than 1.3 million people who registered in the pages maintained by the company. The reason?“We were behind Gawker because of their absolute arrogance,” the group said.
5. The case AOL
In 2006, AOL released a file with information from surveys completed by over 650,000 users of its search engine. The disclosure of such data was organized and carried out with the noble purpose of serving as a database for various purposes such as academic studies.
To maintain the anonymity of research, data logging were replaced by random numbers. But the company did not realize that many of these searches containing Social Security numbers that could lead to the identification of their owners. On occasion, the New York Times was able to identify a person from this list easily, with the help of a phone book.
6. Leak monster information
Monster.com is the largest job bank internet. Therefore, it is expected that this service has a great concern for the security of data hosting, as many people every day in their curricula REGISTER online system. However, we do not live in a perfect world.
More of an attack has already compromised the privacy of data stored by Monster.com. In August 2007, the site has gone through many data leaks, missing information for millions of accounts. That led Monster.com to adopt a new security policy. However, do not help much: In 2009, hackers obtained information of 4.5 million people through an attack on the company’s servers.
7. Loss of $ 68 million for Visa
The TJX Companies is a retail group behind the 2000 flagship stores such as TJ Maxx and Marshalls. But all this size was not enough to rid the company of one of the largest data breaches of all time: in December 2006, information of 94 million customers were in the hands of strangers. Among the victims were even international accounts, containing data such as credit card numbers and debit cards.
Almost a year later, the operator Visa estimated that the damage caused by disclosing this information came to the house for $ 68 million (about $ 138 million).
8. Up to you, Google?
In December 2009, Google said it was the victim of a cyber attack that came from China. In fact, it was not the only company to have broken their safety. At the same time, companies like Adobe, Yahoo, Symantec and others went through the same problem. In total, at least 20 companies in Silicon Valley targeted by hackers, and the attack was successful in most of them.
At the time, Google said that intellectual property was stolen (source code), but did not give details on the subject. In addition, the company also said that limited information of two user accounts were also accessed by criminals.
9. Credit cards, a favorite of crackers
The processing company credit card CardSystems Solution made a grave mistake: most operations went without any encryption for its servers. So, after invading and monitor your company’s computers, criminals had access to more than 40 million card numbers from Visa and Mastercard, complete with names of their respective owners and testers all digits.
After so much exposure, companies like Visa and American Express canceled their contracts with CardSystems Solutions, which was eventually bought by Pay By Touch, and later closed its doors for good. At least with this company, no need to worry more.