The 5 biggest data breaches in 2018 so far
Data breaches are seriously bad news when your business and your customers are affected. Many companies, big and small, representing a wide range of industries have all been shaken by data breaches this year alone. These breaches have come about in a variety of ways; some companies were targeted by fiendishly technical scams while others were let down by their own oversights in maintaining data security. This means millions of user accounts have been compromised and their personal information is likely being traded on the dark web. These are five of the biggest data breach stories of 2018 so far.
1. Jason’s Deli
This delicatessen chain, and their customers, were victims of a malware attack on their point-of-sale devices. This malware extracted information from the magnetic strip on customers’ cards, including names, card numbers, expiry date and service codes. The breach was confirmed when information was found for sale on the dark web. It’s now estimated that 2 million cards have been compromised.
2. SunTrust Bank
In a less technical but no less worrying breach, a former employee stole the data of 1.5 million bank customers. This included names and account balances but, thankfully, not Social Security details, account numbers or passwords. The bank state that no significant fraudulent activity resulting from this has been identified, it has been reported that the stolen account data was shared with a third party.
A huge name in shipping and deliveries, and a huge oversight in data security. FedEx acquired another company back in 2014, and one of the assets that came with the deal was a server holding 119,000 scanned documents. The problem being that this server had been left publicly accessible. The documents included scans of customers’ passports and photo IDs, as well as forms detailing names, home addresses and phone numbers.
4. Saks Fifth Avenue, Lord & Taylor
Some of the biggest names in department store retail have been struck by a mysterious group of hackers known as Fin7 who seem to be particularly disciplined and well-organised. In this case, they hacked payment systems at stores in New York, New Jersey and beyond to steal customers’ card information. It has been reported that over than 5 million customers were affected, and 125,000 have had their information released for sale on the dark web.
5. Under Armour
This health and fitness company hold the dubious honour of 2018’s biggest data breach to date, affecting 150 million users of their nutrition logging app ‘MyFittnessPal’. This came to light when in March when they discovered an unauthorised party had accessed customer data and stolen usernames, email addresses and passwords. Payment card data is processed separately and was fortunately not compromised. Under Armour have, nevertheless, urged users to change their passwords.
Sadly, stories like these are all too common and show how technology makes us a target for damaging data breaches. Contact MSP Blueshift to find out how we can help improve your data security.