This document summarizes data breach incidents from 2013. It reports that there were 2,164 data breach incidents in 2013, resulting in over 822 million records being stolen. The largest breaches exposed over 100 million records each. Most breaches were caused by hacking from external sources, with the top causes being malware, stolen computers, and exploitation of vulnerabilities. The largest breaches of 2013 compromised personal information like names, email addresses, passwords, credit cards, and social security numbers from major companies and government agencies. The document emphasizes that data breaches are increasingly common and that all organizations are at risk of being hacked.
18. 54 MILLION
ID‘s, addresses, names
“in two hours hackers downloaded all the information.”
70%
of whole Turkish
population
Hacked system (for Database and
website Management) didn’t have
ANY security product installed.
20. 50+ MILLION
names, encrypted passwords, emails, date of birth
Good Job: credit card info stored on separate system
Bad Job: SHA1 hashing algorithm used – low protection
24. 6 MILLION
email and/or phone number
Bug in DYI (Download Your Information) feature
Allowed downloading contacts from friends
Facebook keeping it as small story as
possible outcome is companies
blocking access to FB from work again
25. 4.6 MILLION
Usernames and phone numbers
Announced on 31st December, soon after
declining Facebook offer. Coincidence?
27. 2nd largest HIPAA
breach ever reported to HHS
4+ MILLION
names, addresses, social security number, date of birth
How? 4 unencrypted computers were stolen from HQ
28. 2.4 MILLION
social security numbers, bank accounts, drivers licenses.
Waited 7 months to notify affected persons!
29. 2.4 MILLION
full credit card details
Started by infecting PC‘s with Malware!
It will cost Schnucks several millions of $$$
35. 860.000+
usernames, emails, hashed passwords
Zero Day Remote Code Execution
“We found a critical vulnerability in
all vBulletin versions 4.x.x and 5.х.x. and
have successfully uploaded our shell on
the official vBulletin server and dumped
their database after getting root access. ”
36. Critical breach!
850.000
credit card numbers, expiry dates and
associated names and addresses
241.000
high or no-limit American Express
including Fortune 500 CEOs and A-list celebrities