2018 witnessed some of the biggest data breaches with the Facebook data breach garnering the most publicity and ire. While the Facebook data breach sent shockwaves across the globe, there are many others that make it to the list of the major data breaches in 2018. Read on to know what a data breach is and some of the recent data breaches that created some not-so-praiseworthy headlines!

What is a Data Breach?

Data breach is a term used for the unauthorized possession or access to personal information. A data breach can be executed through various means such as dumpster diving, shoulder surfing, social engineering, physical heist etc. The more technologically advanced methods of effecting a data breach include hacking, phishing, vishing, skimming and much more.

Did you know that over 1,378,509,261 data records were breached since 2016? In fact, the year 2018 witnessed some of the biggest data breaches in the history of data leaks.

As one would guess, the loss of personally identifiable information or any business-critical data does not come cheap! Every stolen or lost record costs an individual or an organization nearly $141 USD on an average. Likewise, you will discover in the following sections, how some of the recent data breaches in 2018 have cost organizations their stakes and reputation.

India’s Combat with Data Breaches & Data Misuse

The cost of data breaches witnessed an increase of 7.9% from 2017 and shot up to ₹11.9 crore in 2018. The study conducted by the Ponemon Institute revealed that malicious attacks cause 43% of the data breaches. Furthermore, the second most common reason for data breaches were system glitches, followed by human errors.

Globally speaking, India is still better off when it comes to the average cost of a data breach. Studies show that the US experiences the highest average cost of data breaches at $7.91 million. India and Brazil stand at the lower end with $1.77 million and $1.24 million as the average data breach cost.

Interestingly, the incidents of a data breach in India are more than the global average. In a survey, 52% of respondents in India confirmed a data breach as opposed to a global average of 36%. Experts feel this is because Indian cyber security teams spend their budget in the wrong places!

The Biggest Data Breaches of 2018

With every passing day, technology and digitization are becoming the panacea for all problems! The world is taking significant strides towards the adoption of technology and digitization in almost all walks of life. However, this comes for a price. And the price is the risk of a breach of identity or information!

Here are some of the biggest data breaches of 2018 that compromised the personal data of millions of people worldwide.

1. Aadhaar Data Breach

Aadhaar – India’s ambitious digital ID initiative, is one of the largest government databases till date.

In January 2018, the UIDAI (Unique Identification Authority of India) that issues the Aadhaar number to Indian residents was first accused of data leaks. There were allegations that one could buy personal data stored on the UIDAI’s database for as less as ₹500! On May 1, two CIS researchers allegedly found 4 government websites revealing the personal information of over 130 million Aadhaar card holders!

Since the onset of 2018, several allegations of data breach and misuse have surrounded the UIDAI time and again. Though many remain uncorroborated, the allegations are not completely unlikely given the carelessness with which public and private agencies in India handle such data.

Records Breached: Nearly 130 million (as alleged by The Center for Internet and Society – CIS)

2. MyHeritage

MyHeritage is an online genealogy platform that enables one to create and access family tree and history. The MyHeritage data breach came to light only in June 2018 even though hackers attacked the website back in 2017. It was when the company’s CSO received a file containing the email IDs and passwords of 92 million users.

On further inspection of the file, MyHeritage found that it contained the email addresses of all users who had signed up with the platform before October 2017. The news of this data breach spread panic waves across its user base like wildfire. This is because the service stores the DNA information and family trees of users.

However, MyHeritage was quick to assure its user base that their DNA information is safe being stored on segregated systems.

Records Breached: 92 million

3. Facebook Data Breach

Recall the momentary feeling of quitting Facebook back in March 2018 post the allegations against our favorite social media platform? The Facebook data breach was one of the most unpopular and major data breaches in 2018. It allegedly resulted in the compromise of personal data of nearly 87 million users worldwide.

With users quitting Facebook overnight, the data misuse subjected it to a market cap loss of nearly 30 billion dollars. It also subjected Facebook Inc. to a rigorous investigation in the US and EU, notwithstanding the mudslinging by a host of other nations.

Records Breached: Nearly 87 million

4. TicketFly

For those who haven’t heard about TicketFly, let us enlighten you first. TicketFly is a US-based company that offers a unified platform for finding and buying tickets to events across North America.

In May 2018, a hacker supposedly warned TicketFly of possible security vulnerabilities on its website. The hacker allegedly demanded a ransom to notify the company of the security issues, which TicketFly refused to respond to. In response, the hacker attacked and sabotaged its website, and fled with the data of nearly 27 million TicketFly users! The data included the names, addresses, phone numbers and email IDs of the users.

The TicketFly data breach is one of the major data breaches in 2018. Apart from data loss, it brought down TicketFly’s websites along with those of several clubs associated with it for days.

Records Breached: 27 million

5. Cathay Pacific Airlines

The Cathay Pacific data breach is also one of the recent data breaches that are worth a mention. The data breach exposed the personal data of up to 9.4 million passengers of Cathay Pacific Airlines Ltd. The Hong Kong-based carrier confirmed this massive data breach in May 2018. Reports reveal that hackers accessed the passport numbers, ID card numbers, and credit card details of over 9 million customers!

Additionally, personal information such as names, birthdates, telephone numbers, email IDs, nationalities and travel history were also leaked.

Though the airlines confirmed no misuse of data, it sure gave no solace to the millions whose personal details were leaked!

Records Breached: Over 9 million

How to Prevent Data Breaches?

With the year nearing an end, we hope that the list of major data breaches in 2018 encounters a closure!

Although, it is quite challenging to keep data breaches at bay with one data breach occurring every single second. Nonetheless, implementing small steps such as the following are instrumental in warding off data breaches.

• Encrypt the devices used at work
• Implement 2-factor authentication
• Use strong firewalls
• Use a strong password for your devices/files
• Regularly update all applications and software
• Implement role-based access when sharing data at work
• Take a regular back-up of data
• Store devices containing critical data safely

Strengthen Cyber Security with Incognito Forensic Foundation (IFF Lab)

Incognito Forensic Foundation (IFF Lab) is a private cyber and digital forensics lab based in Bangalore. With its latest insights into cyber crime vulnerabilities, IFF Lab seeks to assisting organizations with up-to-date cyber defense mechanisms.

IFF Lab’s strength is its top forensics experts and its cognizance of the latest data breaches and cyber crime landscape. This enables IFF Lab to not only engages in investigations of data breaches but also provide robust cyber security solutions.

The Biggest Data Breaches of 2018

With every passing day, technology and digitization are becoming the panacea for all problems! The world is taking significant strides towards the adoption of technology and digitization in almost all walks of life. However, this comes for a price. And the price is the risk of a breach of identity or information!

Here are some of the biggest data breaches of 2018 that compromised the personal data of millions of people worldwide.

1. Aadhaar Data Breach

Aadhaar – India’s ambitious digital ID initiative, is one of the largest government databases till date.

In January 2018, the UIDAI (Unique Identification Authority of India) that issues the Aadhaar number to Indian residents was first accused of data leaks. There were allegations that one could buy personal data stored on the UIDAI’s database for as less as ₹500! On May 1, two CIS researchers allegedly found 4 government websites revealing the personal information of over 130 million Aadhaar card holders!

Since the onset of 2018, several allegations of data breach and misuse have surrounded the UIDAI time and again. Though many remain uncorroborated, the allegations are not completely unlikely given the carelessness with which public and private agencies in India handle such data.

Records Breached: Nearly 130 million (as alleged by The Center for Internet and Society – CIS)

2. MyHeritage

MyHeritage is an online genealogy platform that enables one to create and access family tree and history. The MyHeritage data breach came to light only in June 2018 even though hackers attacked the website back in 2017. It was when the company’s CSO received a file containing the email IDs and passwords of 92 million users.

On further inspection of the file, MyHeritage found that it contained the email addresses of all users who had signed up with the platform before October 2017. The news of this data breach spread panic waves across its user base like wildfire. This is because the service stores the DNA information and family trees of users.

However, MyHeritage was quick to assure its user base that their DNA information is safe being stored on segregated systems.

Records Breached: 92 million

3. Facebook Data Breach

Recall the momentary feeling of quitting Facebook back in March 2018 post the allegations against our favorite social media platform? The Facebook data breach was one of the most unpopular and major data breaches in 2018. It allegedly resulted in the compromise of personal data of nearly 87 million users worldwide.

With users quitting Facebook overnight, the data misuse subjected it to a market cap loss of nearly 30 billion dollars. It also subjected Facebook Inc. to a rigorous investigation in the US and EU, notwithstanding the mudslinging by a host of other nations.

Records Breached: Nearly 87 million

4. TicketFly

For those who haven’t heard about TicketFly, let us enlighten you first. TicketFly is a US-based company that offers a unified platform for finding and buying tickets to events across North America.

In May 2018, a hacker supposedly warned TicketFly of possible security vulnerabilities on its website. The hacker allegedly demanded a ransom to notify the company of the security issues, which TicketFly refused to respond to. In response, the hacker attacked and sabotaged its website, and fled with the data of nearly 27 million TicketFly users! The data included the names, addresses, phone numbers and email IDs of the users.

The TicketFly data breach is one of the major data breaches in 2018. Apart from data loss, it brought down TicketFly’s websites along with those of several clubs associated with it for days.

Records Breached: 27 million

5. Cathay Pacific Airlines

The Cathay Pacific data breach is also one of the recent data breaches that are worth a mention. The data breach exposed the personal data of up to 9.4 million passengers of Cathay Pacific Airlines Ltd. The Hong Kong-based carrier confirmed this massive data breach in May 2018. Reports reveal that hackers accessed the passport numbers, ID card numbers, and credit card details of over 9 million customers!

Additionally, personal information such as names, birthdates, telephone numbers, email IDs, nationalities and travel history were also leaked.

Though the airlines confirmed no misuse of data, it sure gave no solace to the millions whose personal details were leaked!

Records Breached: Over 9 million

How to Prevent Data Breaches?

With the year nearing an end, we hope that the list of major data breaches in 2018 encounters a closure!

Although, it is quite challenging to keep data breaches at bay with one data breach occurring every single second. Nonetheless, implementing small steps such as the following are instrumental in warding off data breaches.

• Encrypt the devices used at work
• Implement 2-factor authentication
• Use strong firewalls
• Use a strong password for your devices/files
• Regularly update all applications and software
• Implement role-based access when sharing data at work
• Take a regular back-up of data
• Store devices containing critical data safely

Strengthen Cyber Security with Incognito Forensic Foundation (IFF Lab)

Incognito Forensic Foundation (IFF Lab) is a private cyber and digital forensics lab based in Bangalore. With its latest insights into cyber crime vulnerabilities, IFF Lab seeks to assisting organizations with up-to-date cyber defense mechanisms.

IFF Lab’s strength is its top forensics experts and its cognizance of the latest data breaches and cyber crime landscape. This enables IFF Lab to not only engages in investigations of data breaches but also provide robust cyber security solutions.