The year 2017 marks some of the most tumultuous data breach incidents. From the Equifax hack, which forced three chief executives to step down to Uber's attempt to cover-up hacking, here are four of the biggest and worst data breaches in 2017:
Owing to the nature of credit reporting agencies, they are always on top of the radar among cybercriminals who wish to syphon off large sums. Equifax, the biggest firm in the industry, failed to dodge the bullet recently.
In September, the company announced that data of 145.5 million Americans were breached. Later on, it found out 15.2 million people in the UK and 19,000 in Canada were affected by the data hack as well.
Experts believe hackers were able to penetrate Equifax due to poor security practices, lack of encryption for sensitive personal data and inadequate network segmentation.
The Uber data breach forced the ride-sharing service to hide the hack for exactly a year after the incident took place in October 2016. This makes it worse for millions of Uber users around the world.
The hack exposed the personal details of 57 million Uber users and drivers worldwide. The company admitted it paid the hackers US$100,000 to keep the breach a secret. There was no reported case of data misuse.
The ransomware that brought down government agencies, private corporations and even small businesses worldwide, WannaCry could be the biggest malware that attacked in 2017. Hackers behind WannaCry massively spread it in old Windows computers for three days before the kill switch was delivered by security researcher Marcus Hutchins.
WannaCry locked down computer systems and demanded a ransom to access them again. Some institutions attacked include FedEx, the UK's National Health Service (NHS), Spain's Telefonica and Russia's Megafon, among many others. Alleged perpetrators were North Korea-connected Lazarus Group, which was also responsible for the 2015 Sony Pictures breach.
Petya is the original variant of the malware, which first appeared in 2016. The 2017 version, which cybersecurity firm Kaspersky Labs called NotPetya, was deployed to attack companies in Ukraine using the accounting software MeDoc. Approximately, 400,000 companies in Ukraine use MeDoc.
Affected organisations included national and local banks in the country, state-run agencies and transportation systems. Unlike WannaCry, NonPetya encrypts individuals files and overwrites them. This renders affected files impossible to retrieve. According to reports, NotPetya was aimed at inflicting damage rather than generating a profit.