Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Biggest data breaches of 2015

Tim Greene | Dec. 3, 2015
From Ashley Madison to VTech it has been a nasty data breach year.

IRS

Data compromised – Tax records for 330,000 taxpayers used to collect bogus refunds

How they got in – Using apparently stolen credentials and knowledge-based authentication information they gamed the IRS filing and refund systems.

How long they went undetected – Uncertain

How they were discovered – Attackers sent so many requests for old tax returns the IRS IT team thought it was a DDoS attack and investigated.

Why it’s big – The thieves collected tens of millions of dollars in fraudulent refunds as well as all the data included on the tax forms they scammed from the IRS.

Slack

Data compromised – Its database of usernames, email addresses and hashed passwords and some phone numbers and Skype IDs

How they got in – Undisclosed

How long they went undetected – Four days

How they were discovered – Undisclosed, but afterwards Slack activated two-factor authentication and noted it had seen suspicious activity in some accounts.

Why it’s big – Slack is a popular collaboration platform in which businesses work on critical projects where security is a must.

Experian breach affecting T Mobile

Data compromised – names, addresses, dates of birth and encrypted Social Security numbers and other ID numbers that could have been compromised anyway

How they got in – Undisclosed

How long they went undetected – 15 days

How they were discovered – Undisclosed

Why it’s big – The theft points out the lines of trust – warranted or not – that exist among businesses and how consumers can be affected by the security lapses of companies they don’t deal with directly.

mSpy

Data compromised – Customer screenshots, geolocation data, chat logs, location records on up to 400,000 users

How they got in – Undisclosed

How long they went undetected – Undisclosed

How they were discovered – Became public when security blogger Brian Krebs posted he’d been tipped to hundreds of gigabytes of mSpy customer data posted to the Dark Web

Why it’s big – Demonstrates the danger of dealing with spyware companies.

 

Previous Page  1  2  3 

Sign up for CIO Asia eNewsletters.