2012: Looking back at the major hacks, leaks and data breaches

2012: Looking back at the major hacks, leaks and data breaches

Summary: ZDNet looks back at the year, on a month-by-month basis, at some of the most publicized hacks, leaks and data breaches of 2012.

SHARE:
TOPICS: Security, Cloud, Privacy
4

 |  Image 13 of 20

  • Thumbnail 1
  • Thumbnail 2
  • Thumbnail 3
  • Thumbnail 4
  • Thumbnail 5
  • Thumbnail 6
  • Thumbnail 7
  • Thumbnail 8
  • Thumbnail 9
  • Thumbnail 10
  • Thumbnail 11
  • Thumbnail 12
  • Thumbnail 13
  • Thumbnail 14
  • Thumbnail 15
  • Thumbnail 16
  • Thumbnail 17
  • Thumbnail 18
  • Thumbnail 19
  • Thumbnail 20
  • Nvidia developer forums hacked, company investigates

    Graphics unit maker Nvidia suffered a relatively minor security breach that affected the firm's developer forums. Coming only a few weeks after the LinkedIn, eHarmony, and Last.fm password debacles, by comparison the breach was not as bad as those who suffered breaches earlier.

    The firm said that it had secured the hashed passwords with "random salt values" making it slightly more difficult for the passwords to be decrypted, but Nvidia still sent all of its forum users a temporary password that must be changed on first use.

  • Formspring password breach, mass password reset follows

    Formspring was also next on the list of companies to be attacked and passwords stolen. As soon as the firm realized there had been a security breach, Formspring sent out an email to those affected asking them to change their password. 

    Around 420,000 password hashes were posted to a security forum, but username and other data were not submitted, making it almost impossible to do anything with. However, the form-based question firm used the SHA-256 algorithm to secure its user's accounts and passwords were hashed with random salts. Formspring now uses bcrypt in order to secure accounts even further.

  • August: Dropbox hacked (again…)

    One of the world's most used cloud-storage services was attacked by hackers -- and not for the first time -- which led to spam messages being sent to email accounts used in some cases exclusively for Dropbox. The security community was quick to claim there had been a data breach, but Dropbox held off with any definitive answers for some days.

    Eventually, the firm said that usernames and passwords stolen from other sites, such as LinkedIn, eHarmony, and Last.fm, were used to gain access to some Dropbox accounts. Along with this, a stolen password was also used to access a Dropbox employee's account with passwords as part of an internal project.

    The firm then put in place additional security measures and has since implemented two-factor authentication, requiring two proofs of identity, such as those sent to your mobile device.

Topics: Security, Cloud, Privacy

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

Talkback

4 comments
Log in or register to join the discussion
  • And yet, we still tout the "security" of "the cloud"

    And yet, we still tout the "security" of "the cloud."

    Truth be known - if you're a cloud provider, you've probably been hacked. And you might not even know it.

    Yet, here we are, in an age where we claim cloud computing is "more secure."

    It's not more secure. In fact, the hacks against the cloud are far more scary and the stolen information far more important than anything we've seen against desktop PCs.

    Hack one person? You get one credit card number. Hack a cloud provider? You get EVERYBODY's credit card number.

    Frankly, it's time to re-think "the cloud" and how to provide security. Maybe "the cloud" isn't such a good idea for everything after all.
    CobraA1
    • It's not the cloud.

      It's typical ZDNet propaganda by omission, details were left out. The first thing anyone want's to know in these articles is what OS was hacked. Most problems relate to password breaches, where a single Windows computer was hacked by a "Zero day" or malicious email to get password information and then everything came apart. Administrators can't remember all their information, but keeping it stored on a networked Windows notebook is negligence. For example, like what happened at Google. That's why Google no longer allows Microsoft operating systems to be used by employees. Another ZDNet article without any backbone, specifically for the benefit of MS.
      Joe.Smetona
  • It's not the Cloud????

    Funny . . . the servers, OSs, procedures, etc that a Cloud vendor provides is that part of the Cloud on which your corporate data resides but now with it there instead of in-house you have absolutely NO control over it. Plus, as the Cloud vendor expands its customer base, you will start to see the management and maintenance of your data outsourced offshore to the cheapest bidders who most likely will not care about the security of your company's data or or so underpaid that selling your customer database is the only way that the person can provide for their family.
    j2will
  • Unfortunate Article Format - Poor editorial decision

    I really, really, really, really, really, really, really could have used a 'View as one page' option on this article. In it's present format it is totally useless to me. That also means that I do not have the opportunity to view your ads and sponsors. Think about it.
    Leo Regulus