Have you been hacked? A recent report revealed that one in four consumers has been hacked, and they probably don't know it.
1. Yahoo - 1 billion accounts breached
Yahoo just recently reported two separate security events. The first was the data breach that occurred in 2013 and the second was a more recent incident involving forged cookies that could allow scammers to access users' accounts without a password. The 2013 breach is believed to have impacted over 1 billion Yahoo customers, which is pretty much everyone who uses Yahoo Mail.
2. Yahoo - 500 million accounts breached
Until just recently, the biggest news this year was the confirmation by Yahoo of a massive breach of their customers' data, exposing over 500 million Yahoo accounts.
Information stolen may include names, email addresses, telephone numbers, birthdays, hashed passwords and even encrypted or unencrypted security questions and answers. Yahoo claimed that a "state-sponsored actor" was behind the attack, which means a foreign government was responsible for the data breach. This breach went beyond Yahoo Mail accounts and affected many other Yahoo services.
3. Adult FriendFinder - 412 million accounts breached
In late October, news broke that 73 million accounts were exposed when Adult FriendFinder's database was hacked. Well, it was later discovered the hack is much worse. Over 412 million accounts under the FriendFinder Network brand (which includes the sites AdultFriendFinder.com, iCams.com, Cams.com, and StripShow.com) were actually impacted.
FriendFinder Networks actually made it pretty easy for the hackers. Passwords were stored in their database without any encoding or encryption. Some passwords were hashed but the algorithm that was used was easy to decipher. Yikes!
4. Voter databases - 399 million records compromised
As if the presidential election wasn't already considered a circus. This past June, 154 million voters had sensitive information stolen in a massive breach.
Earlier this year, a database with around 191 million voter records was hacked and released online. This list included personal details for millions of voters, including their names, addresses, political affiliation, phone numbers and voting history.
Another breach was also reported where the records of 54 million voters were compromised. Fortunately, the source of these leaks was eventually identified, and the breaches themselves were contained.
5. Google, Yahoo, Microsoft - 273 million passwords stolen
Back in May, a hacker who calls himself "The Collector" claimed to be behind one of the largest security and email breaches in recent history. This breach affected almost every single person with an email account, whether you have Gmail, Microsoft Outlook (or Hotmail), Yahoo Mail or many others.
Although only 273 million email accounts were posted for sale online, cybersecurity experts estimate that The Collector has up to 1.7 billion email account passwords in his or her possession.
6. LinkedIn - 117 million accounts leaked
LinkedIn was attacked before, but just this year it was revealed that there was the massive data breach in 2012, putting 117 million people at risk. That was just the beginning.
LinkedIn filed a lawsuit in an attempt to find out who, or what, created the botnet that has been constantly attacking the site, stealing an "undisclosed amount of data."
7. Rambler - 100 million logins leaked
In September, LeakedSource discovered a mega data breach of the Russian website and email service Rambler. The hack was just reported but was actually carried out in 2012. Over 98 million username/email addresses and passwords were stolen from the site.
Rambler is a very popular site and is thought of as the "Russian version of Yahoo." Hackers were able to steal the data pretty easily since Rambler did not encrypt the sensitive data. The stolen database has been verified to be accurate by security experts.
8. Dailymotion - 85 million accounts breached
The popular video sharing website, Dailymotion, has confirmed that details from 87.6 million accounts have been stolen. The hijacked information includes email addresses, usernames and over 18 million passwords.
9. Modern Business Solutions - 58 million records breached
Although only 58 million records were compromised in this breach, there's something unique about it that makes it scary to think about.
This wasn't your typical data breach. Modern Business Solutions (MBS) is a company you've probably never heard of. It doesn't deal with the general public; other businesses make up this data management firm's customer base. But, here's what's scary: Even though you've never used MBS personally, your private information could still be sitting on one of its servers. And worse, it could have been stolen.
10. Weebly - 43 million accounts stolen
The popular website creating service, Weebly, had information on 43,430,316 users leaked back in February. Usernames, email addresses, passwords and IP addresses were all leaked in the breach. The good news is, passwords at Weebly were stored with Bcrypt hashing. This means the passwords were encrypted when they were stolen, making it much more difficult for the cybercriminal to crack them.
Protect your private data with these steps:
- Change your password - Whenever you hear news of a data breach, it's a good idea to change your account passwords. Read this article to help you create hack-proof passwords.
- Check HaveIBeenPwned - this site will tell you if your information has been stolen in a previous breach.
- Close unused accounts - Here's an easy way to manage all of your online accounts at once.
- Beware of phishing scams - Scammers will try and piggyback on huge breaches like this. They will create phishing emails, pretending to be the affected company, hoping to get victims to click on malicious links that could lead to more problems. Take our phishing IQ test to see if you can spot a fake email.
- Manage passwords - Many people use the same username and password on multiple sites. This is a terrible practice and you should never do it. If you're using the same credentials on multiple sites, change them to make them unique. If you have too many accounts to remember, you could always use a password manager.
- Keep an eye on your bank accounts - You should be frequently checking your bank statements, looking for suspicious activity. If you see anything that seems strange, report it immediately.
- Check email security settings - Make sure the email account associated with the hacked site has updated security settings.
- Have strong security software - Protecting your gadgets with strong security software is important. It's the best defense against digital threats.