The Sony Security Breach and Other Hacks that Compromised Personal Information
Last week, the Sony Online Entertainment network was breached by hackers who may have been able to obtain customers’ credit and debit card information. The network is still down, and the company has alerted customers whose information may have been compromised. Here are five other examples of security breaches that have resulted in information being compromised.
In December 2010, the Gawker Media servers were hacked, and thousands of usernames and passwords stolen. At face value, this doesn’t seem too terrible, since no banking or similar information was attached to the accounts. However, because so many people use the same password for accounts on multiple sites – and hackers know this- their security on those sites was compromised, too. Obviously, this could affect anything from Facebook to banking information. If you’re a same-password-for-multiple-accounts kind of person, read Farhad Manjoo’s advice on creating secure passwords.
In June 2010, a group of hackers exploited a security hole in AT&T’s 3G network that compromised information belonging to approximately 114,000 Apple iPad users. This information included email addresses as well as ICC-IDs, which are the IDs assigned to mobile subscribers that allow them to connect to connect to mobile networks. Some of this information belonged to high-profile customers like Harvey Weinstein and Diane Sawyer. AT&T has since apologized, but not admitted much blame for what was apparently a fairly large security flaw.
In July of 2009, Twitter was hacked by someone operating under the name Hacker Croll. No user date was compromised (at least according to press releases), but the individual gained access to many highly confidential company documents, and then released them to various news websites. As a result, the public gained access to things like financial projections and product plans way before Twitter had planned to release them.
In late March of this year, hackers targeted Epsilon, an online marketing firm that many companies use to manage customer email subscriptions. Because so many large companies use Epsilon, including Walgreens, Citigroup, and Best Buy, the breach compromised the names and email addresses of thousands of customers. All companies involved have assured their customers that no other data was compromised.
5. Heartland Payment Systems
In 2008, credit card processing company Heartland Payment Systems was hacked, resulting in what was arguably “one of the largest data breaches ever reported.” It took investigators months to discover the source of the problem: malicious software that recorded payment information as it was sent to Heartland by their clients (which include over 250,000 businesses). Tens of millions of transactions may have been compromised this way. Heartland disclosed this information on January 20th, 2009–President Obama’s inauguration day. Some people raised an eyebrow at their timing, wondering if they hoped news of the breach would fall to the wayside in light of the day’s other historic events.
Have you ever been a victim of this type of security breach?