• Home
  • Blog
  • More Than a Billion People Were Affected by Corporate Data Breaches in 2018
More Than a Billion People Were Affected by Corporate Data Breaches in 2018

More Than a Billion People Were Affected by Corporate Data Breaches in 2018

Jul 23, 2020 / Kron

2018 was an alarming year signaling the need for data security after various data was exposed through cyberattacks. Billions of people’s personal data was breached in 2018, and surprisingly 765 million people were affected in April, May, and June alone.

It is believed that tens of millions of dollars were lost as per the reports of global digital security firm Positive Technologies.

The personal data of half a billion customers of the Marriott hotel groups’ Starwood Properties was exposed, including those who stayed at the St Regis, Westin, Sheraton, Aloft, Le Meridien, Four Points, and W Hotel brands, and is considered the biggest breach of the year. 

The Marriott corporation said hackers broke into the booking system to access the data of customers over the last 4 years, which includes name, contact details, passport numbers, and much more.

Another well-known breach happened to be at Twitter, when a software bug exposed passwords and affected 330 million users. Twitter quoted that something went wrong with their password hashing system and caused the password encryption problem.

Twitter also suggested users change their passwords while the problem was fixed.

MyFitnessPal, a food and nutrition app, was also caught up in the wave of data breaches, which leaked 150 million users’ data. While personal information was exposed and accessed by the hackers, credit card information wasn’t compromised, as it was stored separately.

Under Armour, who owns the MyFitnessPal app, is investigating the attack with data security firms and implementing preventive measures to avoid other break-ins.

Quora, an infamous Q&A platform, was also hacked. The Quora representatives noticed that a ‘third party’ accessed sensitive information, which seems to be malicious. 100 million users were affected, and attacks are still under investigation.

One of the biggest breaches in 2018 was none other than Facebook, leading to a data breach of 147 million accounts.

There was much controversy when the first breach in a series of three breaches came into light, and it emerged that Cambridge Analytica was granted permission to use over 50 million Facebook profiles for their research purposes.

Again, in September, Facebook saw the security of 90 million users jeopardized when a bug was used to access users’ tokens. Hackers managed to steal personal information included on the users’ profile.

In December, a third data breach occurred when it came to light that numerous third-party apps had authorization to access the photos of seven million users. It is not known if there was any misuse of the photos, but the incident definitely revealed the lack of cybersecurity at Facebook.

The event ticketing website Ticket Fly was also a victim of a data breach when a hacker who calls himself IsHaKdZ stole the data of 27 million accounts. The hacker asked for a ransom of one bitcoin, which the company refused, and currently, the website is running well.

Google+ was exposed to a data breach when third-party developers got access to 500,000 accounts. The bug seemed to exist for 3 years, and revealed information such as names, birth dates, gender, photos, and places where they lived.

British Airways suffered a data breach when 380,000 transactions were compromised, allowing hackers to access customers’ names, addresses, emails, and payment details. Luckily, passport and travel details were not revealed.

The hackers found a loophole in the BA (British Airways) booking website and inserted their malicious code to send the customers’ data to their own server.

In 2018, many large firms got caught up in this wave of data breaches and were forced to take significant precautions to tackle their cybersecurity vulnerabilities. Regardless, customers still find it difficult to trust companies, large or small, with their data.

One solution to this is to take excessive precaution.

Users should implement widely recommended security measures to keep their data secure and less prone to errors, by using techniques such as strong passwords, updating the software, carefully using their credit card, among others.

And enterprises should implement layers of security, including multifactor authentication, identity access management, privileged access management, physical security of their infrastructure, and comprehensive software-based security for all networks, applications, clouds, databases, and endpoints like mobile phones, computers, servers, Point-of-Sale systems, kiosks, and more.

We’ll continue to track major breaches in 2019. With stronger measures in place, let’s make 2019 a record year of a different sort – one where incidents are thwarted and violations of consumer privacy and businesses goes down, instead of up.

Author: Evgin Duyarli

Highlights

Enhancing Cybersecurity with AI-Powered Privileged Access Management

Enhancing Cybersecurity with AI-Powered Privileged Access Management

Mar 20, 2024
Reducing Cyber Insurance Costs with Kron PAM: A Smart Move for Businesses

Reducing Cyber Insurance Costs with Kron PAM: A Smart Move for Businesses

Apr 18, 2024
Unlocking Efficiency: The Strategic Advantages of SaaS PAM in Business

Unlocking Efficiency: The Strategic Advantages of SaaS PAM in Business

May 06, 2024
UK’s Telecommunications Security Act (TSA) Code of Practice

UK’s Telecommunications Security Act (TSA) Code of Practice

May 09, 2024
Exploring PAM Deployment Options and Choosing Between SaaS and On-Premise Solutions

Exploring PAM Deployment Options and Choosing Between SaaS and On-Premise Solutions

May 16, 2024
Elevating Privileged Access Management with Kron PAM and Microsoft Entra ID Integration

Elevating Privileged Access Management with Kron PAM and Microsoft Entra ID Integration

May 23, 2024
Enhancing Security with Kron PAM's Multitenancy: A Game-Changer for Large Organizations

Enhancing Security with Kron PAM's Multitenancy: A Game-Changer for Large Organizations

Jun 10, 2024
Safeguarding Your Business from Misuse of AI with Kron PAM

Safeguarding Your Business from Misuse of AI with Kron PAM

Jun 24, 2024

Other Blogs

Blog
Don’t Get Held Hostage: Innovations Address Ransomware

Don’t Get Held Hostage: Innovations Address Ransomware

Feb 08, 2019 Read More

Blog
What is Network Performance Monitoring? How Does It Work?

What is Network Performance Monitoring? How Does It Work?

May 09, 2023 Read More

Blog
What Is Zero Trust?

What Is Zero Trust?

Mar 07, 2021 Read More

Blog
Meet the Krontech Team at Cloud&Cyber Security Expo Asia 16-17 May, in Hong Kong

Meet the Krontech Team at Cloud&Cyber Security Expo Asia 16-17 May, in Hong Kong

Apr 25, 2018 Read More

Blog
Human Error to Intentional Misdeeds: From Downtime to Disaster

Human Error to Intentional Misdeeds: From Downtime to Disaster

Oct 04, 2017 Read More

Blog
The First Step to Avoid Cyber Risks in Cloud Security

The First Step to Avoid Cyber Risks in Cloud Security

Jul 31, 2022 Read More

Contact Us

Contact us to learn more about Kron Technologies' telecom and cybersecurity products.