In 2013, millions of accounts were reported to be breached, usernames and encrypted passwords had been stolen from almost 38 million of its active users and details from many accounts that had been unused for two or more years had been accessed.
Adobe revealed that the source code for its Acrobat PDF document-editing software and ColdFusion web application creation products had also been illegally accessed, furthermore, the hackers also stole parts of the source code to Photoshop, Adobe’s famous picture-editing program. The information that has been collected could allow programmers to analyse how Adobe's software works and copy its techniques.
Later in May, Adobe switched several of its products to a subscription model, meaning its customers needed to register an account and provide their payment card details in order to qualify for upgrades.
In October 2014, hackers broke into the computer systems of Sony Pictures Entertainment and were able to steal a large amount of confidential information from the Hollywood studio and posted them online soon after; documents include details such as recent film productions and extent of the employee data laid vulnerable on the Internet.
Multiple reports suggest U.S. government officials believe the attack is tied to the North Korean government, who expressed outrage over the Sony-backed film "The Interview," an action-comedy centered on an assassination plot against North Korean leader Kim Jong Un.
In November 2013, cyberattackers gained access to Target's computer gateway and were able to steal credentials from third-party vendors. They gained access to customers service database, installed malwares on the system and took sensitive data such as full names, phone numbers, email addresses, payment card numbers, credit card verification codes. It is estimated that the hackers were able to take data from up to 40 million credit and debit cards of shoppers.
Eventually, target’s shares closed down 2.2 percent at $62.15 on the New York Stock Exchange, while the Standard & Poor’s 500 stock index fell 0.06 percent.
Nearly 1 billion accounts were compromised in August 2013, the largest breach in history. “An unauthorised party” broke into the accounts, Yahoo said in a statement posted on its website. The company believes the hacks are connected and that the breaches are “state-sponsored”.
The hackers used “forged cookies”, which are parts of code that are stored in the user’s browser cache so that a website doesn’t require a login every time they visit that specific website. These cookies can allow a third party to access users’ accounts without a password by misidentifying anyone using them as the owner of an email account. The stolen user account information may have included names, email addresses, phone numbers, dates of birth, passwords and encrypted or unencrypted security questions and answers.
The company accidentally made public a file that contained the personal information of 123 million American households by hosting it on an unsecured Amazon Web Services server. Although the data did not include people’s names, Social Security numbers and credit card information or passwords, it contained information across 248 categories, including addresses, phone numbers, mortgage ownership, age, ethnicity and personal interests.
News of this data breach, reignites concerns regarding the sale of personal data by credit card bureaus to third-party companies. Experian, TransUnion and Equifax are known to sell such data to third-party companies, most of the time, customers are unaware of such information.
Marriott International announced in 2018 that the data of more than 500 million guests was compromised in September, which happens to be the biggest in the last 5 years. The compromised details include Passport info, credit card details, and names & phone numbers of guests who checked into the Starwood properties on or before Sept 10 this year.
This intrusion was taking place far back since 2014, but was only detected recently through a data audit conducted by Marriott authorities who now confirm that all the guest info was copied after decryption. And the hackers also tried to wipe out the entire database with a malware.
Initially, 43 million consumers around the world were affected, most of which were US residents, but from countries such as Canada and the U.K.; that number soon raised to over 148 million consumers.
The credit agency failed to patch a disclosed vulnerability in Apache Struts, this server was powering its five-decades-old web-facing system that allowed consumers to check their credit rating. The attackers used the vulnerability of the server to their own advantage and obtained an unencrypted file of passwords on one server, letting the hackers access more than 48 databases containing unencrypted consumer credit data. the hackers sent more than 9,000 queries on the databases, downloading data on 265 separate occasions
In October 2014, JPMorgan, revealed that more than 70 million households and seven million small businesses may have had their private data compromised in a cyberattack, said that hackers had intruded their networks, seeking contact and payment information for 3,500 customers.
The three men behind a huge hacking and fraud operation were charged for giving details of how they allegedly attacked at least 12 companies, including banks, media outlets and a software firm. The proceeds, since the scams started in 2007, amount to hundreds of millions of dollars.