The biggest internet data leaks in history

Data breaches are one of the main risks to information security and personal privacy.

When one of these incidents occurs, personal, financial and corporate data held by a company or institution is exposed and may be accessible to people or organizations that do not have legitimate rights to use it.

In fact, data can be used for illicit or improper purposes, which increases the negative consequences of the event.

The most serious data leaks in the history of the Internet

In this article, you will find a review of some of the most important data leaks that have marked the history of the Internet.

Yahoo! (2013-14)

One of the most serious leaks in the history of the Internet, due to the amount of data compromised, occurred between 2013 and 2014, when Yahoo! suffered a security breach that affected approximately 3 billion user accounts.

The attackers, believed to be sponsored by a nation-state, were able to access personal information such as names, email addresses, encrypted passwords and security questions.

All of this was made public in 2016, revealing the impact of this leak on online security and the trust of users who used the service. In 2017, the company suffered another breach, affecting 32 million users.

Equifax (2017)

In 2017, Equifax, known for being one of the main credit reporting agencies in the United States, suffered one of the most critical data breaches in history.

It exposed highly sensitive personal information of nearly 147 million Americans, including names, Social Security numbers, dates of birth, and even home addresses.

The leak was apparently due to a vulnerability in the company’s software that was not patched in time.

Facebook and Cambridge Analytica (2018)

In 2018, it was revealed that Cambridge Analytica, a political consulting firm, had gained unauthorized access to the data of around 87 million users of the social network Facebook at the time.

In fact, the information could have been used to influence public opinion during the electoral campaigns of those years.

It is still remembered as a major scandal, especially for the way in which data may have been manipulated to favour a political trend, the real consequences of which are unknown. Cambridge Analytica ended up closing in 2018.

Capital One (2019)

Another of the largest breaches in history was that of Capital One, one of the main financial institutions in the United States, which in 2019 was the victim of a breach that affected more than 100 million customers.

A former Amazon Web Services employee who was familiar with the company’s security system was allegedly responsible for breaching the systems in order to obtain personal and financial data, including names, addresses, social security numbers and even details associated with bank accounts.

CAM4 (2020)

In 2020, a massive data breach hit adult entertainment platform CAM4, revealing private details of 10 million users. This occurred against the backdrop of a vulnerability in the platform’s database, which was discovered and subsequently exploited by hackers.

The leak included a significant amount of personal information, such as usernames, email addresses, encrypted passwords and, in some cases, even payment data.

Although the platform assured that the passwords were indeed encrypted, this did not prevent the impact of the leak, since end-to-end encryption methods are not always foolproof.

LinkedIn (2021)

In 2021, LinkedIn was involved in a major data breach that affected nearly 700 million users of the platform.

The leak occurred when an attacker managed to access the platform’s user database using scraping techniques, a process that allows large amounts of data to be extracted from websites without the owner’s authorization.

The stolen data included profile information such as names, email addresses, phone numbers and even professional details that were publicly available on LinkedIn profiles.

National Public Data (2024)

On April 8, 2024, the American background check company National Public Data suffered a cyberattack that resulted in the exposure of data belonging to approximately 2.9 billion people.

The compromised information includes full names, Social Security numbers, residential addresses and even details of deceased relatives.

The data was published on the Dark Web by the hacker group USDoD and was reportedly for sale for nearly $3.5 million.

The leak came to light following a class-action lawsuit filed by California resident Christopher Hofmann in the Southern District Court of Florida.

In it, the man accuses National Public Data of negligence and demands that the agencies in charge delete and encrypt all the information that was affected, in order to avoid future leaks.

National Public Data, known for collecting personal information from non-public sources for advertising purposes, is currently facing an unprecedented security and privacy crisis.

In fact, the case could surpass in scope the Yahoo! breach, which involved 3 billion users.

RockYou2024

On July 4, 2024, a file named “RockYou2024.txt” was posted on a hacking forum, exposing a total of 9.9 billion stolen passwords.

This file was apparently the result of a combination of old and new data breaches. However, these passwords could have been used to perform brute force attacks, which could result in unauthorized access to online accounts.

It is worth noting that this leak had a precedent, the “RockYou2021” leak, which had been the largest of its kind with more than 8.4 billion passwords published.

More than 26 billion records leaked

Security researchers from Security Discovery and CyberNews reported in January 2024 what could be the largest data breach to date, with a database of 26 billion records with an average size of 12 terabytes.

This alleged leak contained user information from platforms such as X (formerly Twitter), Dropbox, LinkedIn, Adobe, Canva, and Telegram. However, its magnitude has not been able to be certified since it seems that most of the data is not the product of a new leak, but a compilation of data obtained from thousands of previous data breaches and leaks.

Click to rate this entry!
(Votes: 0 Average: 0)
Share!

Leave a Comment