HACKED: Top 10 data breaches

Adobe, Ashley Madison, Gmail and Snapchat are amongst the top 10

Update: 2015-08-26 13:00 GMT

Data breaches have happened in the past and Ashley Madison’s website is not the only one which has made top news. Though the recent breach of the adult dating website is considered to take the number 2 position, previous hacking incidents such as Snapchat, Bitcoin, and Gmail also have made it to the top 10 list. Check out which websites was the worst hit till date.

#10 | Gawker |1,247,574 accounts compromised: In December 2010, Gawker was attacked by the hacker collective "Gnosis" in retaliation for what was reported to be a feud between Gawker and 4Chan. Information about Gawkers 1.3M users was published along with the data from Gawker's other web presences including Gizmodo and Lifehacker. Due to the prevalence of password reuse, many victims of the breach then had their Twitter accounts compromised to send Acai berry spam. Compromised data: Email addresses, Passwords, Usernames

#9 | YouPorn | 1,327,567 accounts compromised: In February 2012, the adult website YouPorn had over 1.3M user accounts exposed in a data breach. The publicly released data included both email addresses and plain text passwords. Credit to squeal.net for providing the data breach.

#8 | XSplit | 2,983472 accounts compromised: In November 2013, the makers of gaming live streaming and recoding software XSplit was compromised in an online attack. The data breach leaked almost 3M names, email addresses, usernames and hashed passwords.

#7 | ?????????.?? | 3,474,763 accounts compromised: In May 2015, ?????????.?? (a the Russian website for anonymous reviews) was reported to have had 6.7 million user details exposed by a hacker known as "w0rm". Intended to be a site for expressing anonymous opinions, the leaked data included email addresses, birth dates and other personally identifiable data about almost 3.5 million unique email addresses found in the leak.

#6 | Adult Friend Finder | 3,867,997 accounts compromised: In May 2015, the adult hookup site Adult Friend Finder was hacked and nearly 4 million records dumped publicly. The data dump included extremely sensitive personal information about individuals and their relationship statuses and sexual preferences combined with personally identifiable information.

#5 | Snapchat | 4,609,615 accounts compromised: In January 2014 just one week after Gibson Security detailed vulnerabilities in the service, Snapchat had 4.6 million usernames and phone number exposed. The attack involved brute force enumeration of a large number of phone numbers against the Snapchat API in what appears to be a response to Snapchat's assertion that such an attack was "theoretical". Consequently, the breach enabled individual usernames (which are often used across other services) to be resolved to phone numbers which users usually wish to keep private.

 

#4 | Bitcoin, Gmail | 4,789,599 accounts compromised: In September 2014, a large dump of nearly 5M usernames and passwords was posted to a Russian Bitcoin forum. Whilst commonly reported as 5M "Gmail passwords", the dump also contained 123k yandex.ru addresses. Whilst the origin of the breach remains unclear, the breached credentials were confirmed by multiple source as correct, albeit a number of years old.

#3 | Mail.ru | 4,821,262 accounts compromised: In September 2014, several large dumps of user accounts appeared on the Russian Bitcoin Security Forum including one with nearly 5M email addresses and passwords, predominantly on the mail.ru domain. Whilst unlikely to be the result of a direct attack again mail.ru, the credentials were confirmed by many as legitimate for other services they had subscribed to.

#2 | Ashley Madison | 30,636,380 accounts compromised: In July 2015, the infidelity website Ashley Madison suffered a serious data breach. The attackers threatened Ashley Madison with the full disclosure of the breach unless the service was shut down. One month later, the database was dumped including more than 30M unique email addresses. This breach has been classed as "sensitive" and is not publicly searchable, although individuals may discover if they've been impacted by registering for notifications. Read about this approach in detail.

#1 | Adobe | 152,445,165 accounts compromised:  The biggest one, yet. In October 2013, 153 million Adobe accounts were breached with each containing an internal ID, username, email, encrypted password and a password hint in plain text. The password cryptography was poorly done and many were quickly resolved back to plain text. The unencrypted hints also disclosed much about the passwords adding further to the risk that hundreds of millions of Adobe customers already faced.

The top 50 list Includes Yahoo!, Forbes, Boxee, Vodafone, Sony, Bell, and many others. Check the entire list below:

Source: Troy Hunt

Similar News