14 of 15Image
LinkedIn, Last.fm, eHarmony
In June, LinkedIn, Last.fm, and eHarmony were all subject to user passwords being leaked online, where a hacker posted the files on forums asking for help in cracking them.
The eight million hashed passwords posted appear to belong to the professional social network, music streaming site and dating service.
All posted over several days, the biggest list of 6.46 million passwords was believed to belong to LinkedIn, and were not 'salted' -- which makes cracking hash lists faster and easier. In a blog post, LinkedIn later confirmed that some of the data did relate to user passwords -- and emails were then sent asking users to reset their details.
In October this year, Adobe admitted that 2.9 million user accounts were compromised in an attack which stole names, financial data and customer orders information.
Brad Arkin, senior director of security for Adobe products and services, explained in a blog post that "one of the unfortunate realities of doing business today" was cyberattacks, and unfortunately Adobe's security team discovered sophisticated attacks on the company's networks, although the culprits were not discovered.
In addition to the theft of customer data, Adobe said that illegal access to source code for products including Acrobat, ColdFusion, and the ColdFusion Builder was also discovered, although this was not a risk for customers.
Arkin said that while sensitive data and encrypted credit or debit card numbers were taken, federal investigators did not believe unencrypted numbers were removed from servers.
After the data breach, Adobe reset the passwords on breached Adobe customer IDs and notified customers if their financial details were exposed. In addition, the company offered these customers to enrol in complimentary credit monitoring services for a year.
In November this year, the MacRumors forum was breached by hackers who probably gained access to names, passwords and emails of its users.
In a blog post, administrators said that all of its 860,000 users were affected.
"In situations like this, it's best to assume that your MacRumors Forum username, email address and (hashed) password is now known," Editorial Director Arnold Kim said. "While the passwords are "hashed" (which is a one-way conversion from your actual password to a scrambled version), given computing power these days, if your password isn't very complex, they could brute force figure it out by trying lots of combinations."
The hack involved a hacker gaining control of a moderator account, who then boosted their privileges in order to steal the data.