It's been a very active year for cybercriminals. We've seen a huge increase in the number of ransomware attacks in 2016, as well as the largest data breach ever discovered.
Things were so bad that there are even allegations of Russia tampering with our presidential election. As we enter a new year, we thought it would be a good idea to take a look back at some of the most frightening cyberattacks of 2016.
Yahoo's terrible year
We first learned of a massive data breach at Yahoo in September. That breach actually happened in 2014 but wasn't reported until 2016. Yahoo confirmed 500 million user accounts were affected in this attack, which at the time was the largest breach ever.
Fast forward to December and Yahoo broke its own undesirable record. We found out then that the tech giant had another enormous breach that occurred in 2013. This time over 1 billion user accounts were hacked, which is nearly every Yahoo customer in the world.
To make matters worse, when Yahoo reported the 2013 breach, it also informed us of a more recent incident involving forged cookies that could allow scammers to access users' accounts without a password.
Voter databases compromised
As if the presidential election wasn't already considered a circus, this past June, 154 million voters had sensitive information stolen in a massive breach.
Earlier this year, a database with around 191 million voter records was hacked and released online. This list included personal details for millions of voters, including their names, addresses, political affiliation, phone numbers and voting history.
Another breach was also reported where the records of 54 million voters were compromised. Fortunately, the source of these leaks was eventually identified, and the breaches themselves were contained.
Cyberattack shuts down major sites
In October, massive cyberattacks targeting the internet infrastructure company Dyn occurred. These attacks severely disrupted the accessability of popular websites across the entire United States including Amazon, Netflix, Reddit, GitHub, Etsy, Spotify, Comcast, PayPal, Pinterest, Tumblr, CNBC.com and others.
These outages were the result of a Distributed Denial of Service (DDoS) attack. DDoS attacks occur when servers are overwhelmed with more traffic than they can handle. These types of attacks are performed with something called a botnet.
Google, Yahoo, Microsoft - 273 million passwords stolen
Back in May, a hacker who calls himself "The Collector" claimed to be behind one of the largest security and email breaches in recent history. This breach affected almost every single person with an email account, whether you have Gmail, Microsoft Outlook (or Hotmail), Yahoo Mail or many others.
Although only 273 million email accounts were posted for sale online, cybersecurity experts estimate that The Collector has up to 1.7 billion email account passwords in his or her possession.
Dailymotion - 85 million accounts breached
The popular video sharing website, Dailymotion, has confirmed that details from 87.6 million accounts have been stolen. The hijacked information includes email addresses, usernames and over 18 million passwords.
With so many reported cyberattacks, it's a good idea to take some safety precautions. Here are some helpful ideas:
Protect your private data with these steps:
- Change your password - Whenever you hear news of a data breach, it's a good idea to change your account passwords. Read this article to help you create hack-proof passwords.
- Check HaveIBeenPwned - this site will tell you if your information has been stolen in a previous breach.
- Close unused accounts - Here's an easy way to manage all of your online accounts at once.
- Beware of phishing scams - Scammers will try and piggyback on huge breaches like this. They will create phishing emails, pretending to be the affected company, hoping to get victims to click on malicious links that could lead to more problems. Take our phishing IQ test to see if you can spot a fake email.
- Manage passwords - Many people use the same username and password on multiple sites. This is a terrible practice and you should never do it. If you're using the same credentials on multiple sites, change them to make them unique. If you have too many accounts to remember, you could always use a password manager.
- Keep an eye on your bank accounts - You should be frequently checking your bank statements, looking for suspicious activity. If you see anything that seems strange, report it immediately.
- Check email security settings - Make sure the email account associated with the hacked site has updated security settings.
- Have strong security software - Protecting your gadgets with strong security software is important. It's the best defense against digital threats.