But why is data so valuable? Because it can be sold in almost every form. For example, passport details can be sold to make fake passports<\/a>, credit card numbers fetch upwards of $100<\/a>, and if a hacker wants to make more from stolen information, they can sell full data sets. Referred to as \u2018fullz\u2019 (slang for full information), they typically contain an individual\u2019s name, birthdate, credit card number and social security number. The rounder, more plump the fullz, the more it\u2019s worth.<\/p>\n You\u2019d think that businesses would go over and above to protect their customers\u2019 data. Well yes, in the most part. But, there were times when professionals took their eye of the ball and things went a bit wrong. Let\u2019s take a look at 10 of the biggest data breaches this decade and what situation led up to this epic #FAIL in data security. Some resulted from lazy practices by the business, others from more sinister outside forces. (Disclaimer: they\u2019re in no particular order.)<\/p>\n Date:<\/strong> 2016 According to the UK\u2019s Financial Conduct Authority, Brazilian cyberattackers generated their own Tesco Bank debit card numbers and, using those virtual cards, made thousands of unauthorized transactions from current customers. But when the bank\u2019s systems identified the threat, the team responsible sent an email to the wrong address instead of picking up the phone and explaining. So they only responded a cool 24 hours <\/em>after the breach. But, instead of blocking the transactions in Brazilian real currency, they blocked the euro. As a result, the number of attacks rose even further.<\/p>\n Customers lost hard-earned cash and Tesco got fined nearly $20 million.<\/p>\n Date: <\/strong>2013 After digital thieves hacked Yahoo!\u2019s servers, they cleaned up with a big bounty of personal data. Originally Yahoo! reported that the breach had affected one billion users, but after further investigations it later revised the estimate to say all three billion users were probably affected.\u00a0<\/strong><\/p>\n At the time, Verizon were locked in for the acquisition of Yahoo! for nearly $5 billion\u2026 this \u2018little\u2019 data breach knocked $350 million of its sale price.<\/p>\n Date: <\/strong>2014-8 The cause of this one isn\u2019t so clear, although the New York Times have mused that it may have been a Chinese state cyberattack<\/a> designed to gather intelligence. The fail is a little clearer: the breach actually occurred in 2014\u2026but was only detected in 2018. Scary, really, considering their systems had alerted them to a potential breach when it first happened. Maybe their acquisition of Starwood around that time consumed most of their attention? What we do know is that leaving hackers to play in your system for four years is more than a little unfortunate.<\/p>\n Marriot Group was fined over $120 million.<\/p>\n Date: <\/strong>2016 Some say that wherever there\u2019s sex, there\u2019s technology innovation. These next two examples show innovation \u2013 in cybercrime. For those not familiar, Ashley Maddison \u2013 owned by Avid Life Media (ALM) \u2013 was a dating website for married men and women looking to play away. That was until hackers, who go by the name of The Impact Team,<\/a> gave them an ultimatum: take down the website or we\u2019ll expose every one of your users \u2013 personal details, log-ins and more. This wasn\u2019t an empty threat, as a statement of intent The Impact Team published a teaser: employee salaries and confidential internal business documents. Fair warning. Unfortunately, ALM ignored the threats and assured millions of users that their identities were secure. They were, in fact, not. Shortly afterwards, the inevitable happened.<\/p>\n Account details, log-ins and seven years\u2019 worth of credit card and other payment details leaked<\/a>. Reported suicides<\/a> from around the world as cheating spouses were exposed. As for Ashley Maddison, they agreed to pay a $1.6m fine for \u201clax security.\u201d <\/a><\/p>\n Date: <\/strong>2016 The notoriously vulnerable SHA-1 hashing algorithm\u2026 not the most secure on the block. Adult Friend Finder (a sex and swingers website that also owned other sex cam websites) were, unwisely, using it to protect their entire user base until hackers broke through. According to LeakedSource, hackers were able to crack 99 percent of all passwords<\/a>. Apart from their out-dated security measures, Adult Friend Finder assured users that if they deleted their account, their personal information would be deleted. That wasn\u2019t the case, which led to an additional 15 million \u2018deleted\u2019 accounts being purged.<\/p>\n With such a sensitive subject, if malicious hackers got their hands on the data it could\u2019ve been used for blackmail or spam campaigns.<\/p>\n Date: <\/strong>2014 It doesn\u2019t get much better than this: according to eBay, hackers jumped into their system using the credentials of three employees. The best bit? They had access for 229 days, as well as unprecedented access to complete data sets of eBay customers\u2026 ouch.<\/p>\n A decline in user activity and a somewhat miniscule drop in profits<\/a>. Not a fine in sight. Date: <\/strong>2011 It\u2019s not rocket science or the last level of Donkey Kong: well-known network vulnerabilities can wreak havoc. When Sony PlayStation had one in their ranks, hackers exploited it and made sure they paid the price.<\/p>\n Sony paid out $15 million in compensation<\/a> \u2013 plus a few million dollars of legal fees.<\/p>\n Date: <\/strong>2018 Chances are you\u2019re already familiar with this one. Facebook changed their third-party rules in 2014, limiting developers to user data only. But Cambridge Analytica took it a bit further. They used quizzes to \u2018scrape\u2019 (or harvest, to you and me) data from users\u2019 entire friends lists. They managed to get 50 million complete data sets, which they allegedly used to influence the Clinton v Trump USA election and the Leave or Remain EU \u2018Brexit\u2019 vote in the UK. Evidence shows it could\u2019ve started are early as 2015 but was only detected in 2018. Facebook\u2019s role? Well, they didn\u2019t ever ask Cambridge Analytica where they got the data from\u2026 so who knows how deep the mismanagement went.<\/p>\n Facebook shares plummeted 40 percent in three months<\/a> after the event, but it gets worse \u2013 they\u2019re now staring down the barrel of a $5 billion fine. As for Cambridge Analytica, they\u2019re understandably not trading anymore.<\/p>\n Date: <\/strong>2018 This one, allegedly, lands on the Magecart cybercrime syndicate \u2013 specialists in planting malicious scripts onto websites to steal financial data and sell it on. In this instance, they made light work of British Airways\u2019 outdated cybersecurity defences, setting up a fake site and diverting the airline\u2019s website visitors into their trap.<\/p>\n BA were fined a record-breaking $221m (\u00a3183m)<\/a> for not having the right data security measures in place.<\/p>\n Date: <\/strong>2017 Although the previous examples are all about data breaches that affected businesses and their customers, this cyberattack affected the businesses themselves. And it\u2019s arguably the costliest in history.<\/p>\n ExPetr took its name from the resemblance to ransomware Petya, a piece of criminal code that encrypted files and extorted victims to pay for a key to unlock them. Unlike its predecessor, ExPetr irreversibly encrypted computers\u2019 master boot record, which essentially controls the operating system. The twist? Victims couldn\u2019t make payments to free themselves. There wasn\u2019t even a key to unscramble their computers. This attack had one goal: devastation.<\/p>\n After being released into the wild, ExPetr originally targeted Linkos Group (a Ukranian software company) then quickly spread. From hospitals in Pennsylvania to a chocolate factory in Tasmania, the devastating effects were felt globally.<\/p>\n More than $10b in total damages (estimated by the White House<\/a>.) But, aside from the financial blow, a few other things raised eyebrows<\/a>. Reportedly<\/a>, the Chernobyl nuclear plant\u2019s radiation-monitoring system went down temporarily.<\/p>\n In a nutshell: cyber-breaches are costly to businesses. How costly, you ask? Kaspersky have found that the average enterprise cyber-attack costs around $1.41m<\/a>. The good news: some attacks are preventable.<\/p>\n1. Tesco Bank \u2013 many mistakes in store<\/h2>\n
\nFail level:<\/strong> $3 million stolen from 9,000 Tesco Bank customer accounts<\/a>
\nCountry<\/strong>: UK<\/p>\nWhat was the cyber-fail?<\/h3>\n
What were the consequences?<\/h3>\n
2. Yahoo! \u2013 the largest data breach of personal data. Ever.<\/h2>\n
\nBreach level:<\/strong> Personal data of three billion accounts breached<\/a>
\nCountry:<\/strong> USA<\/p>\nWhat was the cyber-fail?<\/h3>\n
What were the consequences?<\/h3>\n
3. Marriot Group and Starwood \u2013 housing hackers for years<\/h2>\n
\nBreach level:<\/strong> Personal data of 500 million guests leaked<\/a>
\nCountry:<\/strong> USA<\/p>\nWhat was the cyber-fail?<\/h3>\n
What were the consequences?<\/h3>\n
4. Ashley Maddison \u2013 the wrong kind of indiscretion<\/h2>\n
\nBreach level:<\/strong> Personal data of 32 million cheating spouses leaked<\/a>
\nCountry:<\/strong> USA<\/p>\nWhat was the cyber fail?<\/h3>\n
What were the consequences?<\/h3>\n
5. Adult Friend Finder Networks \u2013 a not-so-sexy data breach<\/h2>\n
\nBreach level:<\/strong> Personal data of 412 million accounts leaked<\/a>
\nCountry:<\/strong> USA<\/p>\nWhat was the cyber fail?<\/h3>\n
What were the consequences?<\/h3>\n
6.<\/strong>eBay \u2013 shopped for a cyber-fail<\/h2>\n
\nBreach level:<\/strong> Personal data of 145 million users leaked<\/a>
\nCountry:<\/strong> USA<\/p>\nWhat was the cyber-fail?<\/h3>\n
What were the consequences?<\/h3>\n
\n![\"](\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2019\/10\/21033541\/Cyber_gaffes_inline-1024x768.jpg\")
<\/p>\n7. Sony PlayStation \u2013 a (big) glitch in the mainframe<\/h2>\n
\nBreach level:<\/strong> Personal data of 77 million users leaked<\/a>
\nCountry: <\/strong>UK<\/p>\nWhat was the cyber-fail?<\/h3>\n
What were the consequences?<\/h3>\n
8. Facebook \u2013 rigging all over the world<\/h2>\n
\nBreach level:<\/strong> Personal data of 50 million users leaked<\/a>
\nCountry:<\/strong> USA<\/p>\nWhat was the cyber-fail?<\/h3>\n
What were the consequences?<\/h3>\n
9. British Airways \u2013 flying the flag for outdated cybersecurity<\/h2>\n
\nBreach level:<\/strong> Personal data of 500,000 thousand users leaked<\/a>
\nCountry:<\/strong> UK<\/p>\nWhat was the cyber-fail?<\/h3>\n
What were the consequences?<\/h3>\n
10. ExPetr (AKA NotPetya) \u2013 the cyberattack that\u2019s bad for business<\/h2>\n
\nBreach level:<\/strong> Estimated $10 billion<\/a> in damages.
\nCountry:<\/strong> Global<\/p>\nWhat was the cyber-fail?<\/h3>\n
What were the consequences?<\/h3>\n
Protect your innovations from cyber-breaches<\/h2>\n