contador web Saltar al contenido

Yahoo and Marriott are among the 10 biggest data leaks in history | Security

The international hotel chain Marriott said on Friday (30) that hackers had access to a bank that contained confidential information from more than 500 million guests worldwide. Although the crime has been ongoing since 2014, the company's internal security tool only detected the problem in September. The leakage of data from the Marriott network is just one of the many cases that have occurred in the virtual era.

READ: TV operator failure hits millions in Brazil; Look

Criminals are always looking for personal information from users registered on the companies' system to carry out irregular transactions, steal passwords or obtain email addresses to spread viruses and malware. Next, the TechTudo highlights the ten biggest data leaks that have occurred so far.

Check out the history of the biggest data leaks Photo: Reproduo / Pond5Check out the history of the biggest data leaks Photo: Reproduo / Pond5

Check out the history of the biggest data leaks Photo: Reproduo / Pond5

Want to buy cell phones, TV and other discounted products? Meet Compare TechTudo

In August 2013, Yahoo suffered a cyber attack that affected all 3 billion email accounts on the service at the time. The investigation, which took years and only had its final balance released later, concluded that user data, such as credit card payments or bank account information, were not accessed by the hackers.

However, according to the official report released by Yahoo itself, the criminals did in fact have access to names, email addresses, phone numbers, birth dates and passwords for all accounts that were affected by the cyber attack. The company ensured that users received messages explaining the situation.

Yahoo! has experienced two data leaks in the past five years Photo: Divulgao / YahooYahoo! has experienced two data leaks in the past five years Photo: Divulgao / Yahoo

Yahoo! has experienced two data leaks in the past five years Photo: Divulgao / Yahoo

Unauthorized access to the hotel network database has occurred since 2014, but the invasion was only detected this year. After a thorough investigation, it was discovered that criminals had free access to the database of Starwood, a company that merged in 2016 with Marriott and that renews hotel brands like Sheraton, Four Points, W Hotels, Westin and Le Mridien.

As a result, hackers obtained information such as name, address, telephone number, e-mail, date of birth, gender, dates of arrival and departure of reservations, communication preferences, account information, passport number and credit card. millions of guests. The Marriott chain has asked everyone who made reservations until September 10 to be on the lookout for any suspicious banking transactions or contact.

At the end of 2014, Yahoo suffered a new attack, which was not directly related to the one suffered in the previous year. This time, the personal data of 500 million users were stolen. Once again, the target of the criminals was to capture names, e-mail addresses, phone numbers, dates of birth, security questions and password registration data.

The information can be sold to third parties or used by hackers themselves, who create different types of scams. Like the 2013 attack, in 2014 Yahoo ensured that there was no theft of bank data or credit card numbers.

500 million Yahoo users had data stolen in 2014 Photo: Divulgao / Yahoo!500 million Yahoo users had data stolen in 2014 Photo: Divulgao / Yahoo!

500 million Yahoo users had data stolen in 2014 Photo: Divulgao / Yahoo!

In 2016, the Friend Finder Network, the company that controls some of the world's largest adult entertainment and relationship sites, such as AdultFriendFinder, suffered an attack that leaked data from more than 400 million accounts. Among the leaked information were the username, e-mail, password, information about the last visit and the language configured on the site, IP used for login and passwords.

The company said the leak was resolved shortly after its identification, to prevent further attacks. But in the previous year, in May 2015, the AdultFriendFinder website had already suffered a similar attack, affecting 3.5 million accounts.

MySpace, a social network that was very popular in the 2000s, suffered a cyber attack in 2016, at a stage when the site was no longer at its peak and had become a platform for the dissemination of independent bands.

About 360 million accounts had their data stolen and all of them had been created before June 11, 2013. Criminals collected e-mail addresses, usernames and passwords to access the MySpace profile. The site located the hacked accounts and returned them only to users who verified their identity by email registered prior to the attack.

MySpace, a social network that was already very popular, suffered a hacker attack in 2016 Photo: Divulgao / MySpaceMySpace, a social network that was already very popular, suffered a hacker attack in 2016 Photo: Divulgao / MySpace

MySpace, a social network that was already very popular, suffered a hacker attack in 2016 Photo: Divulgao / MySpace

In March, the sports company Under Armor, responsible for the application MyFitnessPal, had its database attacked. More than 150 million users have leaked personal information such as their full name, email addresses and passwords.

As soon as the problem was detected, users of the MyFitnessPal app started to be notified immediately by requests to change their passwords as soon as possible.

Equifax, one of the three largest credit management companies in the United States, suffered in 2017 an attack on its databases that exposed information of 147 million people. The company reported that access by criminals occurred between May and July of that year.

Equifax confirmed that hackers stole personal information from consumers in the United States, the United Kingdom and Canada, such as names, social security numbers, dates of birth, personal addresses and credit card numbers. The invasion caused a further $ 400 million loss to the company and can be considered the most expensive in corporate history to date.

Hacker attack on eBay had access to the entire website database Photo: Divulgao / eBayHacker attack on eBay had access to the entire website database Photo: Divulgao / eBay

Hacker attack on eBay had access to the entire website database Photo: Divulgao / eBay

In May 2104, eBay published a note stating that it had been the victim of a hacker attack. Criminals had access to the entire database, which gathered 145 million registered users on the site.

In the statement, the company asked users to change their passwords immediately. As the e-commerce site works in conjunction with PayPal, users were concerned that banking data had been accessed as well, which they did not. Information such as e-mail, names, physical address, telephone number and date of birth were stolen.

9. Heartland Payment Systems

In 2009, Heartland Payment Systems, an American company that processes payments made with credit cards, found a malicious code in its system. The attack reached 130 million victims, who had their data stolen.

The following year, Miami hacker Albert Gonzalez pleaded guilty to hacking into the systems of major financial and retail groups in the United States and stealing data from tens of millions of credit and debit cards. Among the aggrieved companies was Heartland Payment Systems.

In 2013, the American retail chain Target suffered an attack on its database, which affected about 70 million consumers. Criminals obtained data such as names, credit and debit card numbers, validity and security code. The attack, in addition to damaging Target's reliability index, also caused a potential loss estimated at more than 3 billion dollars.

Does Facebook listen to user conversations? Leave your opinion on TechTudo's Forum.

Facebook: tips to prevent onlookers from looking at your information

Facebook: tips to prevent onlookers from looking at your information