Famous Privacy Breaches

Over the years many companies have been subject to data privacy breaches:

Some examples:

Company: Yahoo
Year(s): 2013-14

Affected Users: 3 billion users accounts

During the time Yahoo was in the talks to sell itself to Verizon, the company announced that it had been subject to one of the biggest data breaches in history. It was considered one of the largest privacy breaches in the history of internet.Crucial user information which includes names, email addresses, telephone numbers, both encrypted and non-encrypted security questions and answers, dates of birth, and hashed passwords have been identified by the hackers. Yahoo also announced that this privacy breach likely used manufactured web cookies to falsify login credentials, allowing hackers to gain access to any account without a password.

Yahoo! believes the breach was committed by "state-sponsored" hackers, but did not mention a name of a country. These three billion user accounts also include users of Flickr, Sky and BT who do not realize that they have a Yahoo account as a result of past agreements made with Yahoo or Yahoo users who terminated using their accounts years earlier.

Company: Uber
Year(s): 2016

Affected Users: 57 million uber users and 600,000 drivers

This breach took place in the United Kingdom affecting personal information of both the uber users and drivers. Uber confirmed that names, email addresses and mobile phone numbers of uber users were exposed and of the 57 million impacted, 600,000 drivers had their names and licence details compromised. It is also reported that the company took efforts to pay the hackers $100,000 (£75,000) to delete the stolen data.

The security officer, Joe Sullivan, has been fired, who was a prominent figure in the information security industry. He joined Uber as the company’s first chief security officer in 2015, after serving as the head of security at Facebook for seven years.

Company: JP Morgan Chase
Year(s): 2014

Affected Users: 83 million household and business accounts

JPMorgan, is one of the largest banks in the nation, has financial information in its computer systems that contains customer credit card details and a large amount of customer personal data. It was initially discovered that only one million was affected by the breach, but later it amounted to 76 million households and 7 million small businesses.

The attackers breached 90 of JPMC's servers, effectively giving them high-level admin privileges in the bank's systems. It appeared that the stolen data included contact information such as customer names, addresses, phone numbers and email addresses -- and "internal JPMorgan Chase information relating to such users." Luckily, financial information, passwords, or Social Security numbers have not been affected.

JPMorgan Chase reported that the customers who were using its websites and mobile applications - Chase.com, JPMorganOnline, Chase Mobile and JPMorgan Mobile - had been affected by the breach. It has been said by the law enforcement officials that the attacks came from hackers in Russia with loose ties to the Russian government. However, it has not been confirmed the reason behind this enormous privacy breach.