It’s fair to say that 2019 has been the year of the data breach. Billions of people around the world have had their personal data stolen or exposed, and there has been a notable increase in the frequency and severity of breaches taking place. A recent report conducted by digital security company
Gemalto,revealed that 945 data breaches led to a staggering 4.5 billion data records being compromised in the first half of 2019. This is the highest number of breaches ever recorded in a single six-month period and a
133% increase since the same time last year. Regulators across Europe, including the UK’s Information Commissioners Office, have noted a steep increase in the number of data breaches being reported since the GDPR came into force on the 25th
Under the GDPR,
External hackers have been behind the majority of all data breaches and Phishing remains the number one attack method. 72% of data breaches are related to employees receiving phishing emails, closely followed by accidental loss of data. Data breaches have affected every industry and corner of the world and below are 5 examples of the most prominent security breaches to have hit the headlines this year:
5 Examples of Security Breaches in 2019
In one of the largest data breaches in history, Florida based marketing and data aggregation firm
The data didn’t contain social security numbers or credit card information. However, it did include other types of Personally Identifiable Information (PII) such as phone numbers, home addresses, and email addresses. All the information needed by a criminal to commit identity theft. Each consumer record also contained more than 400 variables that could be used to build a detailed personal profile of the individual. This included information such as hobbies, purchasing habits, marriage status, religious and political affiliations, vices and pet ownership.
Facebook In September 2018, Facebook announced that an attack on its computer network exposed the personal data of over 50 million users. According to Facebook, hackers were able to gain access to the system by exploiting a vulnerability in the code used for the ‘View as’ feature.
Once this feature was exploited, the attackers were able to steal ‘access tokens’, which could be used to take over
The Irish Data Protection Commission has subsequently opened a formal investigation into the breach which could result in a fine of up to $1.63bn for the social media giant.
3. Cathay Pacific
Cathay Pacific Hong
Full data exposed in the breach included passenger names, nationality, date of birth, address, telephone number, email address, passport number, identity card number, frequent flyer membership number, customer service comments noted on accounts and historical travel information. The airline faced severe criticism for its 7-month delay in reporting the breach and Hong Kong's privacy commissioner has since launched a compliance investigation, stating the carrier may have violated privacy rules.
4. Dixons Carphone
Dixons Carphone In June 2018, Dixons Carphone revealed a major data breach involving 5.9 million bank cards and the personal data of up to 10 million customers. The hacked data included names, addresses
The electronics retailer announced that in a review of its systems, it uncovered an attempt to gain
5. British Airways
British Airways In yet another attack on the aviation industry, British Airways announced that a major security breach had exposed the personal data of 380,000 customers. The airline confirmed that over a two-week period, the personal and financial details of customers making or changing bookings had been compromised.
The breach took place between 21 August and 5 September 2018, and within this time frame, hackers were able to gain access to names, addresses, email addresses, credit card numbers, expiry dates and security codes. Travel and passport details were not affected by the breach. The airline recently disclosed that the data of a further 185,000 customers who made reward bookings between 21 April and 28 July was also exposed, bringing the total number of affected customers to 565,000.