It's the digital age, and the future is NOW. We don't have flying cars (yet), but we do have most, if not all, of our personal data, financial information, and best Instagram photos online. Unfortunately, this has made the masses easy targets for hackers and digital thieves. This list of the worst consumer security breaches shows just how vulnerable our information is...and how little privacy we have.
It seems like once a week another retail chain announces a security hack, with data compromised over months or even years. Websites and information we thought were secure online clearly aren't, and in the wake of data breaches at stores like TJ Maxx and Michaels, how are consumers supposed to feel safe shopping for essential scrapbooking supplies and saving big on designer brands?!
The massive, famous security breaches on this list have affected millions of users, account holders, and consumers worldwide. Some companies respond instantly and effectively, while others simply shrug their shoulders, throw you some credit monitoring services and cross their fingers that it won't happen again.So get ready to change those passwords, order a new credit card, or return to the age of keeping wads of cash stuffed in your mattress. The Internet has connected us all, hackers included. Read up on the worst consumer security breaches and data hacks below and try your best to sleep tonight.
2018 - MyFitnessPal Hack
The Breach: In late March 2018, Under Armour announced their popular app MyFitnessPal had been hacked. Hackers gained access to usernames, e-mails, and passwords. However, the company remains unsure as to whether information like food and exercise logs were also compromised.
The Aftermath: Under Armour quickly alerted the authorities and advised users to change their passwords immediately and watch for suspicious activity on their accounts. They also warned users to refrain from opening new emails with links, as the hackers may attempt to use personal information in a phishing scam.
2018 - Atlanta Ransomware Attack
The Breach: On March 20, 2018, the hacking crew SamSam struck the city of Atlanta with a ransomware attack. Ransomware is a malware that encrypts computer files and then puts a message on screen demanding the users pay a specific sum of money by a certain date. If the money is not paid in time, the files are permanently lost. SamSam locked various government computer networks tied to vital aspects of city operations, leaving citizens unable to do basic tasks like pay bills online or report things like graffiti and potholes. Wi-fi was also inaccessible from Atlanta airports. SamSam demanded $51,000 in payment.
The Aftermath: By the end of March, the hack was largely under control and citizens could resume normal online activities, but security workers were still trying to secure some of the city's systems. The mayor did not disclose whether the city intended to pay the ransom. While the SamSam hackers remain at large, the Atlanta hack revealed a pattern. The group seems to strike on the 20th of any given month. This could potentially be a major breakthrough in terms of eventually finding the hackers and preventing further breaches.
2018 - Meltdown And Spectre CPU Security Flaw
The Breach: In January 2018, Google researchers discovered major security risks involving speculative execution. Speculative execution is the technical term for tasks performed by a computer's central processing unit (CPU) that essentially prevent delays and help the computer run smoothly. The malicious programs discovered by Google were dubbed Meltdown and Spectre, which could potentially allow hackers to access sensitive personal information (such as credit card numbers, private emails, and passwords) from a person's computer. Virtually every device created in recent history - from mobile phones to laptops - is vulnerable to the hack.
The Aftermath: Various news organizations reassured the public that, while the hack was wide reaching, average consumers were unlikely to be specifically targeted or effected. Additional information was released advising users on how to protect their information. Researchers and hardware vendors immediately got to work on getting the hacks under control, but the full range of consequences remains to be seen.
2016 (revealed 2017) - Uber
The Breach: Hackers accessed the personal information of millions of Uber customers in 2016. The company paid the hackers $100,000 to delete the data, and kept the story under wraps until November 2017.
The Aftermath: Besides the obvious P.R. nightmare, the effects of the hack are potentially damaging to customers. The hackers had access to email addresses, phone numbers, and names of 57 million customers, as well as the names and license numbers of 600,000 drivers. Uber said it is keeping an eye on the situation and offered free credit monitoring to drivers, but clients don't get the same courtesy.