Request a quote

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Blog

Review of the top 4 most costly data breaches

We already know that data breaches can cost businesses greatly, both in terms of their reputation and monetary value. In fact, the average cost of a data breach is predicted to reach a shocking $150 million in 2020, and the chance of your company being affected by one is only going to rise with viruses getting stronger and Trojan horses and phishing scams getting more and more convincing all the time.

Unfortunately, organizations of all sizes can be hit by a devastating cyberattack, such as a data breach. The good news, however, is that you can safeguard your business by setting secure passwords, making sure your systems are updated regularly, and installing firewalls and antivirus software on all business devices. Educating your workforce on how to spot these threats is also essential.

Sadly, data breaches still happen on a daily basis, and even the biggest companies can be affected by them, as the below examples show. Here are 4 of the most costly data breaches in recent years…

1. Yahoo (2013-2014)

What happened? Yahoo has been the victim of two major data breaches in the past 6 years, with both combined being named as the largest corporate data security breach to occur. However, news of these incidents wasn’t made public until a few years after they occurred.

In September 2016, Yahoo revealed that 500 million of their users’ real names, email addresses, dates of birth and telephone numbers had been stolen in 2014. Then, just two months later, they announced that they had been first been targeted in 2013 by a different group of hackers. As well as names, dates of birth, email addresses and passwords, the answers to users’ security questions were also leaked. In the end, a total of 3 billion user accounts were compromised due to the second data breach.

How much did it cost them? The breaches knocked $350 million off Yahoo’s sale price. After the 2014 breach, they also agreed to pay a $50 million settlement to around 200 million users.

2. Uber (2016)

What happened? This data breach impacted both drivers who provided their services to Uber, as well as users of the app. At the end of 2016, it was discovered that personal information such as the license numbers of 60,000 Uber drivers were stolen, along with the names, email addresses and mobile phone numbers of app users. They got this information by gaining access to Uber’s GitHub account, which is where the username and password for their AWS (Amazon Web Services) account were stored.

It has been argued that Uber’s username and password credentials shouldn’t have been accessible on GitHub, and Uber came under fire for how they handled the incident. They fired their COS because of the data breach, and they paid the hackers to destroy the data, without receiving proof that they did.

How much did it cost them? Uber paid the hackers $100,000 to destroy the personal information they took. Additionally, Uber was valued at $64 billion before the breach, but this fell to $46 billion after it occurred. Although this drop isn’t directly blamed on the breach, analysts believe it had an impact.

3. Ashley Madison (2015)

What happened? Due to the nature of the service they provide, this is perhaps one of the most talked about data breach on this list! Although Ashley Madison is already controversial as it’s a dating website aimed at married people, this reached new heights in August 2015 when the company suffered a huge data breach. This saw over 300 GB of users’ very personal information, such as their real names, home addresses, search history and credit card transaction history being released on a dark web site.

It was revealed that a hacking group called The Impact Team was behind the attack, and it began with the group criticizing and threatening Ashley Madison. When their demands weren’t met, they released this personal data, justifying themselves by saying that Ashley Madison lied to their customers. This is because they claimed that user accounts weren’t being deleted when requested.

How much did it cost them? The company paid $11.2 million to settle a class-action suit in July 2017. Groups not related to The Impact Team have also continued to demand money from the company by threatening to release users’ information to their families.

4. Sony Pictures (2014)

What happened? Sony was also hit by a hacker group, The Guardians of Peace (GOP), when they stole and leaked the company’s data in November 2014. This information (much of which was deleted from Sony’s computers) included personal information on around 4,000 past and present employees, email communications between employees, unreleased movies, and other confidential documents. A lot of this information was sent to journalists.

The U.S. government says it has strong evidence that North Korea was responsible for the attack. The hackers demanded that Sony cancel the release of their (then) new film The Interview, a comedy about two Americans who assassinate Kim Jong Un. They continued to release the film, and GOP threatened Sony with messages referencing the September 11 attacks.

How much did it cost them? In 2017, Sony Pictures settled breach-related lawsuits for $115 million.

One of the ways to protect your business against data breaches and other cyberattacks is by having secure telecoms solutions. Contact TelcoCompare and we will compare the best business phone and internet deals for you.

June 12, 2019