Cybersecurity is, in fact, a constant race between security experts and cybercriminals. The latter are constantly on the lookout for exploits and vulnerabilities to take advantage of, while the former are constantly looking for ways to plug the holes in our digital world to keep us safer online. But not all cybercrime is created equal. Some forms of cybercrime are as simple as assembling IKEA furniture, others require extensive knowledge that goes beyond sending a deceptive email. Here are the biggest such breaches that occurred in 2018.
A football federation to rule them all – this is how we could best describe FIFA. And last year, it was involved in one of the biggest breaches of the year (and certainly the biggest in its history). While there is no way to know if we’re speaking of a whistleblower or a hacker leaking the organization’s internal documents, the fact remains: over 3.4 of data – 70 million internal documents – left its offices and ended up in the hands of journalists from the German publication Der Spiegel.
Apparently, the documents were leaked by a Portuguese football fan whose disgust of the corruption in football led to his actions. While he rejected the accusations that he would be a hacker, specialists agree that such a high volume of documents could only be leaked through a cyber attack.
The problem with many cyber attacks is that companies suffering them often don’t notify their users until years later. This was the case of Uber, the successful ride-hailing service, that has suffered a cyber attack in November 2016 but failed to notify its users and drivers of it. The company’s UK servers were hacked, and several files were stolen from them, including those containing the data of more than 3 million of its users, including their names, phone numbers, email addresses, and the locations where they signed up, as well as the information of its 82,000 drivers. In their case, the information exposed involved weekly pays, daily tips, and in some cases, their drivers’ license information.
Apparently, Uber not only didn’t disclose the attack but also agreed to pay a $100,000 “bug bounty” to the attacker.
Last summer, T-Mobile – one of the big mobile network operators in the United States – announced its subscribers that it has suffered a major data breach. The number of users affected was around 2 million, and the information stolen included their names, addresses, phone numbers, email addresses, and account types. According to the announcement, sensitive information – like financial data, passwords, and social security numbers – was not compromised.
Have you been affected?
To find out if your data has been involved in a data breach, you can visit an online service called “‘have i been pwned?“. Here, you can search for your email address in their database and find out which data breaches that happened in the last few years have included your personal information.