Security breaches continue to make headlines as more and more data is being compromised each day. With no end in sight, this threat is growing at a fast rate. Here are some statistics about data breaches in recent times:

  • Data breaches since 2013: 14.7 billion
  • A major chunk of breaches: North America (86%)
  • Data breaches responsibility: System glitches (29%), Employees (25%)
  • Breakdown of data breaches in the US by sector (2019): Business (45.9%), Healthcare (29.2%), Banking/Financial (10.9%), Government/Military (8%)

This data is extracted from a report by “Hosting Tribunal”. Perhaps, the most interesting of these facts is the one which shows who’s responsible. It emphasizes that threats start from within and statistically, around 54% of the attacks are due to internal causes. Therefore, strengthening your internals must be a primary goal. This goal can be achieved with the help of a security testing company which will enable you to detect vulnerabilities in your system and resolve the issues.  

In recent times, data breaches have cost companies billions of dollars. Following are the 5 biggest data breaches of the 21st century:

1) Yahoo!

Yahoo announced in 2016 that it had been a victim of a security breach during 2013-2014 which compromised all 3 billion of its accounts. The compromised data included real names, email addresses, dates of birth and telephone numbers of 500 million users. The breach was viewed as an attempt to threaten Verizon’s $4.8 billion deal to buy Yahoo. The hack knocked an estimate of $350 million off Yahoo’s sale price.

2) Marriot International

In November 2018. Marriot announced that hackers had stolen data of 500 million of its customers. The breach occurred in 2014 and wasn’t discovered until 2018. Marriot believes that stolen data included names, mailing addresses, phone numbers, email addresses, and all the relevant customer information. It was also feared to be a state-sponsored attack by china to gather data on US citizens.

3) eBay

With login credentials obtained from a small number of employees, a group of hackers known as the “Syrian Electronic Army” hacked eBay and had full access to its servers for 229 days. Attackers had access to all user records and copied a large part of those credentials. Compromised data included email addresses, names, phone numbers, encrypted passwords, etc.

4) Equifax

Equifax breach included 209,000 credit card numbers and 182,000 documents with personal identifying data. Hackers were able to access Equifax servers, exposing the personal information of 143 million customers. CEO Richard Smith had to testify before Equifax in which he repeatedly blamed a single employee who failed to update the software on one server.

5) Target

In 2013, hackers compromised 110 million accounts and stole the credentials of an HVAC supplier who had been accessing Target’s network through an external vendor portal. Compromised data included names, email addresses, addresses, and phone numbers.


Slightest of errors in some cases made these companies an example for others. It's not just the big players, attackers look for any prey they can hunt irrespective of its size. Therefore, securing your systems with the help of a security testing company is recommended.

E-mail me when people leave their comments –

You need to be a member of CISO Platform to add comments!

Join CISO Platform