What Can Attackers Do with Stolen Data?
Attackers tend to target high-value data such as corporate data or personally identifiable information (PII), which they can sell for financial gain or cause harm to the individual or organization. As attackers become increasingly sophisticated, their methods become meticulously planned to unearth vulnerabilities and identify individuals who are susceptible to an attack.
Once they gain access to data, the effects can be hugely damaging. A data breach can lead to organizations not only losing their data, which could be sensitive financial information or corporate secrets, but they can also suffer fines, financial loss, and reputational damage, which are often irreparable. An attack on a government agency could leave confidential and highly sensitive information, such as military operations, national infrastructure details, and political dealings, exposed to foreign agencies, which could threaten the government and its citizens.
Individuals who suffer a breach could lose their personal data, such as banking details, health information, or Social Security number. Armed with this information, a cyber criminal could steal the individual’s identity, gain access to their social accounts, ruin their credit rating, spend money on their cards, and even create new identities for future attacks.
Some of the biggest data compromise events in history had long-lasting effects on the organizations that suffered them. These data breach examples include:
Yahoo
In 2016, internet giant Yahoo revealed that it had suffered two data breaches in 2013 and 2014. The attacks, which affected up to1.5 billion Yahoo accounts, were allegedly caused by state-sponsored hackers who stole personal information, such as email addresses, names, and unencrypted security questions and answers.
Equifax
A data breach against financial firm Equifax between May and June 2017 affected more than153 million peoplein Canada, the U.K., and the U.S. It exposed customers’ personal data, including birth dates, driver’s license numbers, names, and Social Security numbers, as well as around 200,000 credit card numbers.The breach was caused by a third-party software vulnerability that was patched but not updated on Equifax’s servers.
X (formerly Twitter)
In 2018, Twitter urged its330 million usersto change and update their passwords after a bug exposed them. This was the result of a problem with the hashing process, which Twitter uses to encrypt its users’ passwords. The social networking site claimed it found and fixed the bug, but this is a good example of potential vulnerability exploits.
Twitter also suffered a potential breach inMay 2020, which could have affected businesses using its advertising and analytics platforms. An issue with its cache saw Twitter admit it was “possible” that some users’ email addresses, phone numbers, and the final four digits of their credit card numbers could have been accessed.
First American Financial Corporation
In May 2019, insurance firm First American Financial suffered an attack that saw more than885 millionsensitive documents exposed. The attack resulted in files containing bank account numbers and statements, mortgage records, photos of driver’s licenses, Social Security numbers, tax documents, and wire transfer receipts dating back to 2003 digitized and made available online.
The attack is believed to have been caused by an insecure direct object reference (IDOR), a website design error, which makes a link available to a specific individual. Unfortunately, that link became publicly available, meaning anyone could view the documents.
In September 2019, a server containing phone numbers linked to more than419 millionFacebook users’ account IDs was exposed. The server was not password-protected, which meant that anyone could find, access, and search the database. Three months later, a database containingroughly 300 millionFacebook users’ names, phone numbers, and user IDs was exposed by hackers and left unprotected on the dark web for around two weeks.