7 of 20Image
April: Anonymous attack Chinese Web sites, defense contracts stolen
A hacker associated with hacktivist collective Anonymous posted thousands of internal documents claimed to be associated with the Chinese government, most notably defense contracts signed by the country.
By hacking the Beijing-based China National Import & Export Corp. (CEIEC), the hacker was able to acquire and publish a range of contracts and business memos linked to the U.S. military, including many relating to the U.S.-led war effort in Afghanistan. The CEIEC denied the claims and called them "groundless" and "defamatory."
May: U.K. government caught snooping on citizen data
A U.K. government department was found snooping on citizen data and many civil servants were reprimanded for looking at medical records, National Insurance numbers, (the U.K. version of 'Social Security') and even criminal records, according to a series of Freedom of Information requests.
Ultimately, it was found that there were 150 'breaches' of data security by staff at the U.K. Department for Work and Pensions, and the National Health Service (NHS)-running U.K. Department of Health over a 13-month period.
While the secure and confidential data may not have ended up in the hands of criminals or anyone outside of the department, it was a gross invasion of citizen privacy nonetheless.
June: LinkedIn password breach affects 6.46 million users
A Russian forum user claimed to have downloaded 6.46 million passwords belonging to LinkedIn users, though the stolen passwords were cryptographically hashed. However, many of those passwords weren't salted, meaning it was relatively easy to convert the simpler passwords into a readable format.
LinkedIn shortly confirmed the data breach but did not explain how the passwords were accessed. Affected accounts were disabled and password reset emails were sent out. The later cleanup effort cost the professional social networking company around $1 million, and another $2-3 million in forensic work and security upgrades.