10 Most Significant Hacks since 2010Veridium Author | February 2, 2016
Over the last five years the scope and significance of cyberattacks has grown exponentially. From massive breaches at some of the world’s leading retailers to numerous attacks on Sony, these hacks have, and will continue to have, a lasting impact on how consumers and enterprises handle cybersecurity. We haven’t seen the end of these attacks either, with the potential for a foundation-shaking “megahack” increasing every year.
No company wants to be the next Home Depot, Target, or JPMorgan Chase, and CIOs and CISOs are scrambling to ensure they are doing everything they can to protect their data assets. Taking a look over some of the largest attacks in the past few years, you can see a pattern of both increasing intensity of the hacks and increasing problems for the victims following these events.
There are a variety of factors to consider in any major cyberattack, from the data stolen to who ultimately took the blame. We also have to consider the damage done to the employees and customers of the company. While some attacks may seem smaller than others, the ultimate severity has to be judged on who was affected. From Sony to VTech, we have ranked some of the most significant attacks since 2010, and taken a close look at the different factors at play in each.
One of the first things anyone considering a major attack needs to review is the amount of people they affect. In the infographic above you can see the various hacks that have occurred over the last five years and the number of individuals, be they customers of these businesses or employees, who had their information stolen.
Through each of these attacks, millions of customers and/or employees were affected by the breach, either because their personal data was stolen, or because the impact to the business itself affected their lives. In the eBay hack of 2014, all 233 million of the company’s customer accounts could have been compromised. And over the course of the last five years, no one even knows how many accounts have been compromised across the various hacks of Sony properties.
The sheer volume of potentially affected victims is enough reason to invest in better access controls, but there are other factors to consider as well.
In addition to the people affected, the amount of data stolen in any hack can be a critical consideration. Sometimes hackers aren’t after accounts, they want intellectual property. In the latest attack on Sony, hackers stole some 100 terabytes of data, including unfinished movie scripts, internal emails, salary lists for employees, and several unreleased films themselves.
Protecting data access is critical because it can mean completely losing a product or a competitive edge against a competitor. It can also affect the lives of employees, when that data is sensitive personal information, such as insurance or payment records.
Cost to the Company
Digging deeper, past the lives affected and data at risk, companies need to consider their bottom line. Any data breach costs money to recover from, whether it’s paying legal fees, offering restitution to customers or employees, investigating the cause and source of the attack, or simply investing in new security tools. Anthem was attacked just last year, and the firm is expected to spend most of, if not all, of its $100 million loss coverage insurance, with some reports indicating it might exceed that amount.
As a result of the Target breach, the firm has spent more than $252 million, including what their loss insurance covered, to stabilize and investigate the breach. According to TechRepublic, this was only 0.1 percent of the company’s sales in 2014.
Jobs at Stake
For business leaders, the stakes are even higher. In nearly half of the attacks on this list, a CEO, CIO, or CISO resigned as a direct result of the hack. When target was attacked, both CEO Greg Steinhafel and CIO Beth Jacob resigned. Jacob remained unemployed for a length of time before becoming the chief customer success officer at SPS Commerce, nearly a year later.
As these hacks continue to grow in both scale and impact, companies are going to see these numbers increase as well. The risks will amplify, the challenges and cost of recovery will climb and more C-suite leaders will see their jobs at stake. Rather than risk everything, it is critical for businesses to invest the pennies a day it would cost to implement true data access protection.
VeridiumID, the only end-to-end global biometric authentication infrastructure solution, can provide this protection and the assurances of real data access security, knowing exactly who, when and from where data was accessed.