Schmidt on Nostr: 15 significant data breaches of Big Tech companies Where customer data was openly ...
15 significant data breaches of Big Tech companies
Where customer data was openly shared or stored on servers without proper security.
1. 23andMe (October 2023)
Credential stuffing attacks led to the exposure of 20 million genetic data profiles.
2. DarkBeam (September 2023)
A misconfigured Elasticsearch and Kibana interface exposed 3.8 billion records, including user emails and passwords from previous breaches.
3. ChatGPT (March 2023)
A bug in the Redis library exposed personal information and chat titles of 1.2% of ChatGPT Plus subscribers, including names, email addresses, and partial credit card details.
4. Amazon (January 2023)
A misconfigured server exposed the personal data of over 200 million users, including names, email addresses, and purchase histories.
5. MailChimp (January 2023)
A social engineering attack on employees led to unauthorized access to customer data for 133 accounts, including names, store URLs, and email addresses.
6. Twitter (December 2022)
An internal system breach exposed the data of 5.4 million users, including email addresses and phone numbers.
7. LinkedIn (June 2021)
Data of 700 million users was scraped and sold online. The exposed information included full names, email addresses, phone numbers, and professional details.
8. Microsoft (January 2021)
A misconfiguration exposed 250 million customer service and support records, including email addresses and IP addresses.
9. Zoom (April 2020)
Over 500,000 Zoom account credentials were found on the dark web. This included email addresses, passwords, personal meeting URLs, and HostKeys.
10. Facebook (April 2019)
530 million users had their data, including phone numbers and personal information, exposed due to a vulnerability that was later patched.
11. Google+ (March 2018)
A bug exposed the private data of up to 500,000 users. The platform was shut down in April 2019 as a result.
12. Equifax (July 2017)
Although not a tech company, this breach affected 147 million people, exposing Social Security numbers, birth dates, addresses, and in some cases, driver's license numbers.
13. MySpace (2016)
Hackers stole 427 million passwords, emails, and usernames.
14. Yahoo (2013-2014)
One of the largest breaches, with all 3 billion Yahoo accounts affected. Information such as names, email addresses, and passwords was compromised.
15. Adobe (October 2013)
Data breach exposed information of 153 million users, including encrypted passwords and password hints.
Sources:
- IT Governance UK Blog
- Wikipedia
- NordLayer Blog
Where customer data was openly shared or stored on servers without proper security.
1. 23andMe (October 2023)
Credential stuffing attacks led to the exposure of 20 million genetic data profiles.
2. DarkBeam (September 2023)
A misconfigured Elasticsearch and Kibana interface exposed 3.8 billion records, including user emails and passwords from previous breaches.
3. ChatGPT (March 2023)
A bug in the Redis library exposed personal information and chat titles of 1.2% of ChatGPT Plus subscribers, including names, email addresses, and partial credit card details.
4. Amazon (January 2023)
A misconfigured server exposed the personal data of over 200 million users, including names, email addresses, and purchase histories.
5. MailChimp (January 2023)
A social engineering attack on employees led to unauthorized access to customer data for 133 accounts, including names, store URLs, and email addresses.
6. Twitter (December 2022)
An internal system breach exposed the data of 5.4 million users, including email addresses and phone numbers.
7. LinkedIn (June 2021)
Data of 700 million users was scraped and sold online. The exposed information included full names, email addresses, phone numbers, and professional details.
8. Microsoft (January 2021)
A misconfiguration exposed 250 million customer service and support records, including email addresses and IP addresses.
9. Zoom (April 2020)
Over 500,000 Zoom account credentials were found on the dark web. This included email addresses, passwords, personal meeting URLs, and HostKeys.
10. Facebook (April 2019)
530 million users had their data, including phone numbers and personal information, exposed due to a vulnerability that was later patched.
11. Google+ (March 2018)
A bug exposed the private data of up to 500,000 users. The platform was shut down in April 2019 as a result.
12. Equifax (July 2017)
Although not a tech company, this breach affected 147 million people, exposing Social Security numbers, birth dates, addresses, and in some cases, driver's license numbers.
13. MySpace (2016)
Hackers stole 427 million passwords, emails, and usernames.
14. Yahoo (2013-2014)
One of the largest breaches, with all 3 billion Yahoo accounts affected. Information such as names, email addresses, and passwords was compromised.
15. Adobe (October 2013)
Data breach exposed information of 153 million users, including encrypted passwords and password hints.
Sources:
- IT Governance UK Blog
- Wikipedia
- NordLayer Blog