It's the digital age, and the future is NOW. We don't have flying cars (yet), but we do have most, if not all, of our personal data, financial information, and best Instagram photos online. Unfortunately, this has made the masses easy targets for hackers and digital thieves. This list of the worst consumer security breaches shows just how vulnerable our information is...and how little privacy we have.
It seems like once a week another retail chain announces a security hack, with data compromised over months or even years. Websites and information we thought were secure online clearly aren't, and in the wake of data breaches at stores like TJ Maxx and Michaels, how are consumers supposed to feel safe shopping for essential scrapbooking supplies and saving big on designer brands?!
The massive, famous security breaches on this list have affected millions of users, account holders, and consumers worldwide. Some companies respond instantly and effectively, while others simply shrug their shoulders, throw you some credit monitoring services and cross their fingers that it won't happen again.So get ready to change those passwords, order a new credit card, or return to the age of keeping wads of cash stuffed in your mattress. The Internet has connected us all, hackers included. Read up on the worst consumer security breaches and data hacks below and try your best to sleep tonight.
The Breach: During the last week of September 2018, hackers attacked Facebook's computer network, exposing personal information of roughly 50 million users. The attackers took advantage of a bug in the "view as" feature, which lets users see what their profile looks like to strangers or other friends.
The Aftermath: Facebook Chief Executive Mark Zuckerberg spoke to the press and said "We're taking it really seriously. I'm glad we found this, but it definitely is an issue that this happened in the first place." Facebook has been working to fix its public image after the backlash of Russia's role in the 2016 election.
Members of Congress criticized the social media platform. Senator Mark Warner, a Deomcrat from Virginia, noted, "This is another sobering indicator that Congress needs to step up and take action to pretct the privacy and security of social media users. A full investigation should be swiftly conducted and made public so that we can understand more about what happened."
The Breach: In late March 2018, Under Armour announced their popular app MyFitnessPal had been hacked. Hackers gained access to usernames, e-mails, and passwords. However, the company remains unsure as to whether information like food and exercise logs were also compromised.
The Aftermath: Under Armour quickly alerted the authorities and advised users to change their passwords immediately and watch for suspicious activity on their accounts. They also warned users to refrain from opening new emails with links, as the hackers may attempt to use personal information in a phishing scam.
The Breach: On March 20, 2018, the hacking crew SamSam struck the city of Atlanta with a ransomware attack. Ransomware is a malware that encrypts computer files and then puts a message on screen demanding the users pay a specific sum of money by a certain date. If the money is not paid in time, the files are permanently lost. SamSam locked various government computer networks tied to vital aspects of city operations, leaving citizens unable to do basic tasks like pay bills online or report things like graffiti and potholes. Wi-fi was also inaccessible from Atlanta airports. SamSam demanded $51,000 in payment.
The Aftermath: By the end of March, the hack was largely under control and citizens could resume normal online activities, but security workers were still trying to secure some of the city's systems. The mayor did not disclose whether the city intended to pay the ransom. While the SamSam hackers remain at large, the Atlanta hack revealed a pattern. The group seems to strike on the 20th of any given month. This could potentially be a major breakthrough in terms of eventually finding the hackers and preventing further breaches.
The Breach: In January 2018, Google researchers discovered major security risks involving speculative execution. Speculative execution is the technical term for tasks performed by a computer's central processing unit (CPU) that essentially prevent delays and help the computer run smoothly. The malicious programs discovered by Google were dubbed Meltdown and Spectre, which could potentially allow hackers to access sensitive personal information (such as credit card numbers, private emails, and passwords) from a person's computer. Virtually every device created in recent history - from mobile phones to laptops - is vulnerable to the hack.
The Aftermath: Various news organizations reassured the public that, while the hack was wide reaching, average consumers were unlikely to be specifically targeted or effected. Additional information was released advising users on how to protect their information. Researchers and hardware vendors immediately got to work on getting the hacks under control, but the full range of consequences remains to be seen.