The Big Data Breaches of 2018
2017 was a big year for massive data privacy breaches but 2018 is no slouch either. This year has seen many conglomerates, governments, and businesses fall to the savvy of single-minded hackers who want nothing else but to get hands on your information.
Here are the some of the biggest known breaches for this year.
The Facebook Breach
Although this hack happened in 2016, nothing has quite prepared the world of how powerful data is and how it can be used to manipulate people’s perceptions. It all started when an independent third party developer created a quiz app which slotted into Facebook through an API. The quiz itself collected information only on one data point but the social media’s system allowed the app unfettered access to sensitive information culled from Facebook users.
The app extracted the users’s introversion vs. extraversion, life satisfaction, interests, and political views. Much of this data would later be acquired by Cambridge Analytica, a political consultancy which peddled the information to politicians like Trump before the elections. This information helped shaped these politicians’ talk points and rhetoric and would help them win in a landslide.
This breach showed how vulnerable the public is when enough information has been gathered about their preferences and psychographics. It has put Facebook on the centerstage and made people debate about the value of privacy and personal information.
Security researchers breached an app military personnel use in order to track their fitness. This led to these hackers acquiring the personal information of some 6,000 personnel stationed in several army bases overseas. Since the app also tracks the motions of the soldiers while they jogged around their bases, outlines of these facilities could be traced thanks to this tracking motion. Suffice to say the government was thrilled with Polar’s lack of security.
What’s a recipe for a disaster in the information age? Take the entire population of a country, log their facial features, fingerprints, names, addresses, and personal information into one system, and pretend that it’s infallible. That exactly what happened to India’s Aadhar biometrics system which the government envisioned it’ll use to identify all Indian nationals in the subcontinent. Unfortunately, hackers have found a way to gain access to this motherlode of 1.1 billion profiles and have begun selling login credentials for less than $7 in WhatsApp. Needless to say, members of India’s bureaucracy were so pissed at the journalist who discovered the leak and sued her for misreporting the issue. Now that’s what you call a cover-up.
Thanks to data analytics, marketing is becoming closer to science and getting better at segmenting people who are likely to buy a particular product. The data culled by marketing firms can be dangerous in the wrong hands – something Exactis had learned the hard way when a security researcher was able to find its treasure trove of data on 340 million individuals in a publicly accessible server. The researcher reported his findings to the authorities which led to the firm’s upgrading the protection of their data cache.
When you’re staying in a hotel,it’s basically to relieve the stress of flying and traveling in an unfamiliar place. You also believe that your data will be secure. Unfortunately, this has not been the case for Marriott hotel guests. Since 2014, the hotel chain had been suffering from a massive data breach that had seen 500 million people’s data exposed. Investigators believe that the hackers are tied to Beijing and that these unscrupulous individuals now have access to personal information, payment card information, addresses, and flight details.
There you go, five of the biggest information leaks for this year. Although all of these are horrible, it’s important to think about what these breaches teach us. First, our data is important and second, no company or entity is too big to fail when it comes to cybersecurity matters. It’s time we watched what information we share online and how we can pressure businesses and governments to protect what we share with them.
Kevin Jones940 Posts
Kevin Jones, Ph.D., is a research associate and a Cyber Security Author with experience in Penetration Testing, Vulnerability Assessments, Monitoring solutions, Surveillance and Offensive technologies etc. Currently, he is a freelance writer on latest security news and other happenings. He has authored numerous articles and exploits which can be found on popular sites like hackercombat.com and others.