Top 5 data breaches of 2018

Sadly, data breaches are now a part of our lives. They happen so often that when many people hear about them, they barely register anymore.

Even so, the following breaches that occurred or were discovered in 2018 still had the power to shock. That’s because they involved so many people and so much private information. In scope, they were overwhelming.

1. Aadhar

Aadhar is an online platform where the government of India stores citizens’ biometric statistics and other info. In March 2018, a faulty third-party patch gave way to a breach. Consequently, names, bank accounts and other sensitive data were exposed. A staggering 1.1 billion individuals were affected.

The Unique Identification Authority of India (UIDAI), the agency that administers Aadhar, has denied reports of this breach. Even so, it’s moving forward with extra security elements like fingerprint scans and facial recognition technology.

2. Marriott Starwood

In late 2018, Marriott International announced that its Starwood reservations database was breached.

Starting as early as 2014, hackers entered this database with access to the names of 500 million people, along with their phone numbers, passport numbers, mailing addresses and other data points.

In response, Marriott contacted law enforcement and regulatory officials, emailed customers who may have had data stolen, set up a call center and began an inquiry to see which security enhancements it could implement.

3. Exactis

The Florida-based data broker Exactis, which consults with advertisers, revealed in June 2018 that detailed information about millions of people – possibly every person who lives in the U.S. – had been kept on a server that anyone could gain access to. A security researcher who doesn’t work for Exactis discovered it and alerted the company and the FBI.

It’s possible that no criminals acquired these statistics, but no one is sure. Exactis has since hidden this database from public view.

4. Under Armour

MyFitnessPal is an app released by the popular sportswear label Under Armour. It helps users meet their fitness goals by tracking diet- and exercise-related numbers. Unfortunately, in February 2018, the app was compromised and hackers were able to glean 150 million usernames and email addresses.

Upon learning of this crime, Under Armour enlisted law enforcement officials and private investigators to help find the perpetrators and determine how to prevent another hack.

5. Facebook

Between July 2017 and September 2018, criminals used Facebook coding weaknesses to infiltrate 29 million Facebook accounts. They stole data from approximately 50 percent of those people – information that included their searches on the social network and their locations when using Facebook.

Facebook fixed the code and is cooperating with authorities.

Final thoughts

At this point, you might be saying to yourself: If these enormous entities couldn’t protect themselves from data breaches, what chance does my small business have? Well, if you collaborate with outstanding IT pros, you actually stand an excellent chance of fighting off – or at least minimizing – such a breach.

Probably the largest misconception we hear today is that small businesses don’t feel like they are a target or at risk and that simply couldn’t be further from the truth. While your data might not be particularly important to a hacker, your access to your data is important to you – and if they can disrupt that, you’ll generally be willing to pay to remediate the situation. That absolutely does make you a target.

Make sure you’re working with a managed IT security provider with the expertise necessary to help with cybersecurity and threat detection. They should provide continuous security monitoring via a SOC/SIEM, antivirus software, cloud data storage, and employee security training. And, in a hacking event, they can help you take the right steps toward business continuity and data recovery.

As a result, your brand would survive and keep on thriving. That’s the best an entrepreneur could hope for in this era of cybercrime.