Top 10 Biggest Data Breaches In History|              Shadow Cyber Security




Data breached: 3 billion user accounts

According to data breach statics, the largest data breach in history is the one that Yahoo, Suffered for several years. Not only is it the biggest breach

according to the number of affected users, but it also feels like that most massive one because of all the headlines.

Data breaches occur for many reasons, as evidence in this list of the biggest data breaches in history. From an outdated, vulnerability network to an employee clinking a phishing email, data breaches can be deter mental to a business and its reputation.



1. Aadhaar




This records of 1.1 billion Indian citizens were exposed after a breach of Adhara, the country's government ID database. While it's not mandatory for citizens to register with the database, it is required for those who want access to certain government resources.

After reported paid someone on Watt app 500 Indian rupees for a code that enabled unauthorized access to birth dates, names, email, phone numbers from the database.


Given billow following the tips for prevent this type of attack:

- Enforce policies to detect and prevent insider threats.

- Adhere to identity and access management best practices.

- Use API security tools to mitigate risk.

- Follow API security testing best practices.


Disclosure date: January 2018


Breach date: Unknown


Records Compromised: 1.1 billion



2. Yahoo



Yahoo originally announced in 2016 that its 2013 breach only affected 1 billion accounts. After Version acquired Yahoo in 2017, that the figure was actually 3 billion.

 The breach affected Yahoo email accounts and other company services, Flickr, Yahoo Fantasy Sports.

Malicious hackers obtained users names, dates of birth, phone numbers as well as security questions and email addresses used to reset passwords No financial data, such as credit card numbers or bank account details, was exposed.


Following the tips for prevent this types of attack:

-Perform regular vulnerability and penetration testing to enable security teams to repair gaps before cyber criminals can take advantages of them.

- Conduct continues security monitoring and testing.


3. First American Financial


In may 2019, security researcher brian krebs reported 885 million of first American Financials files were leaked on the insurance company's website, which dated back to 2003, included bank account info, Social security numbers, mortgage records, Tex documents and photocopies of driver's licenses.


Tips for prevent this kind of attack:

- Follow an API security testing guide.

- Keep IDORs and uniform resource identifiers in mind when security APIs.


Disclosure date: May 2019


Breach date: Unknown


Records compromised: 885 million


4. Facebook




A 2021 data breach at Facebook was reported after a leaked database containing the sensitive data of 533 million users was posted on a hacking forum page. Scraping is a process that enabled users and bots to pull data from publicity available websites.

The company changed the feature in September 2019. after it found out it was being used maliciously, to prevent future scraping.

Tips for prevent this kind of attack:

- Implement a DevSecOps strategy

- Mitigate risks associated with scraping.

Records compromised: 533 million


Disclosure date: April 2021


Breach date: Unknown


5. Onliner spambot


 Onliner spread via a data stealing Trojan horse for at least a year before its detection.In 2017 security researcher Troy Hunt reported that Benkow, a Paris based security researcher, discovered an exposed spam server known as onliner.


Tips for prevent this kind of attack:

- Follow password security hygiene best practices

- Avoid reusing passwords

- Enforce an enterprise password policy.

- Require employees to change their passwords after a suspected breach.


Records compromised: 711 million


Disclosure date: August 2017


Breach date: Unknown



6. Microsoft

This is a disclosed bin 2020 that 250 million customer service and support records spanning service and support records spanning a 14 years period were leaked online.The personal data was redacted from the records before being stored, but some plain text email and IP addressed were exposed.


 Tips for prevent this king of attack:
- Adopt a zero trust model
- Follow enterprise database security best practices.


Records compromised: 250 million

Disclosure date: January 2020

Breach date: December 2019



7. Twitter




This recommended its more then 330 million users change their passwords followings a glitch in 2018 that caused some passwords to be stored in plain text in an internal logging system.It discovers the bug itself and had since removed the unwashed passwords, putting measures in place to prevent future glitches.


Tips for prevent this king of attack:
- Consider creating an enterprise bug bounty program.
- Follow patch management best practices.

Number of records: 330 million

Disclosure date: May 2018

Breach date: Unknown



8. Marriott International

The breach was discovered following an alert from its internal security systems. Attackers had infiltrated the database and encrypted and extradition sensitive data. Marriott originally believed the breach exposed the information of 500 million guests, but, after further internal investigation, the company announced the breach affected approximately 383 million guests.


Tips for prevent of this kind of attack:
- Involve CISOs in mergers and acquisitions planning.
- Implement a patch management program.
- Regularly update IT infrastructure.


Disclosure compromised: November 2018

 Breach date: 2014

 Rerecords compromised: 383 million


9. FriendFinder Networks

A 2016 breach exposed 412 million users accounts of the adult data and entertainment company, FriendFinder Networks. The leak included 20 years worth of usernames, email, passwords, addresses and other sensitive information as well as 15 million deleted accounts that were still in its systems.
The company confirmed to ZDNet that it forced an injection vulnerability that enabled access to source code.

Tips for prevent this kind of attack:
- Test for web app and injection vulnerabilities.
- Secure your public key infrastructure.
- Use source code best practices.

Records compromised: 412 million

Breach date: Unknown

 Disclosure date: November 2016



10. Collection

2019 kicked of with a massive data breach when the so called collection surfaced in mid January. It contained a staggering mass of credentials 773 million unique email addresses and more than 21 passwords. The data, approximately two or three years old, was a collection of credentials acquired in previous high profile company data breaches, including the Linked and Dropbox breaches of 2016.

-year of breach: 2019
- Data breached: 2.2 billion usernames and associated passwords.







I hope you enjoy reading my blog? You can give any idea from your side and on which topic you can tell to write the next blog, thank you sincerely for reading our blog. Associated :- 

Shadow Cyber ​​Security


    
    our service is :-
   
    1.  web-application-penetration testing
    2.  network penetration testing
    3.  mobile app penetration testing
    4.  latest security patches
    5.  customer cyber solutions
    6.  iot penetration testing
    7.  cloud testing security
    8.  system penetration testing
    9.  malware family threads protraction
   10.  social media security provide
   11.  social engineering security
   12.  website/app design and development
   
    these time cyber attack increase every year all company regular basis
    for any cyber security advise ya question plz contact
       
      phone no 8700320447
       
      website- http://shadowcybersecurity.com/
       
       -----------Thanks for watching--------------