2014 in security: The biggest hacks, leaks, and data breaches

15 of 15
  • U.S. security contractor vetting firm hit by breaches

    U.S. security contractor vetting firm hit by breaches

    A contractor for U.S. Homeland Security suffered a data breach, leading to the leak of personal information on employees. The private company, USIS, conducts background checks on behalf of the government agency. USIS came under fire for being the firm that vetted Edward Snowden. The U.S. Justice Dept. also accused the company of faking more than half-a-million background checks.

    Photo by: U.S. Postal Service

    Caption by: Zack Whittaker

  • Sony attack leads to massive data grab

    Sony attack leads to massive data grab

    Sony’s systems were thrown into disarray in late November after unknown assailants hijacked computers.

    North Korea was blamed by some media outlets, but denied any involvement. The rogue state did however call the successful hack a “righteous deed,” but denied involvement.

    The FBI concluded its investigation, saying North Korea was “responsible.” Since then, numerous stories about the company’s executives and Hollywood elite surfaced, including critical remarks about President Obama -- even the celebrities of the movies Sony produces.

    Photo by: CNET/CBS Interactive

    Caption by: Zack Whittaker

  • JPMorgan credit card hack

    JPMorgan credit card hack

    When news broke that hackers attacked JPMorgan’s systems, the message was that it “could’ve been worse”. Tens of millions of Chase customers were affected by the data breach -- even if their bank accounts weren’t affected. The attack is said to have affected around 80 million U.S. households, and 7 million small to medium-sized businesses, making it one of the largest in history. The FBI’s investigation is continuing into attempts on other financial institutions.

    Photo by: CBSNews.com

    Caption by: Zack Whittaker

  • USB security hosed, computers ruined

    USB security hosed, computers ruined

    Researchers this year warned hat an exploit dubbed “BadUSB” can transform keyboards, flash drives, and other USB-connected devices into attack platforms that can evade modern anti-malware programs. The flaw can even be used to infect and replace a computer’s BIOS, making trusted -- even non-Internet connected “airgapped” computers -- vulnerable to attack.

    Photo by: CNET/CBS Interactive

    Caption by: Zack Whittaker

  • Chinese hacked U.S. weather systems

    Chinese hacked U.S. weather systems

    Chinese hackers earlier this year broke into four websites belonging to the U.S. federal agency overseeing weather systems. The U.S. National Oceanic and Atmospheric Administration carries weather data and satellite feeds to its websites. But those services were shut down by the agency for more than a week following the hack. The agency said it was “unscheduled maintenance,” but one congressman said the agency covered it the attack.

    Photo by: CNET/CBS Interactive

    Caption by: Zack Whittaker

  • Celebrity data leaked amid alleged iCloud hack

    Celebrity data leaked amid alleged iCloud hack

    A significant leak of private photos from Hollywood celebrities landed occurred earlier this year, as a result of using "brute force" methods on targeted iCloud accounts. Over a hundred nude photos, some extremely explicit, were posted in total on the infamous discussion board 4chan during that weekend. Apple denied any breach of its systems, but bolstered its security in the wake of the attack.

    Photo by: CNET/CBS Interactive

    Caption by: Zack Whittaker

  • The Intercept releases Belgacom state-sponsored malware

    The Intercept releases Belgacom state-sponsored malware

    Perhaps one of the most public state-sponsored hacking attacks in recent history, news emerged this year that the U.S. and British governments were behind a targeted attack on a Belgian internet provider that served much of the European Union’s executive. The so-called Regin malware was discovered around a year later. It was not long before the pieces of the jigsaw were put together. The Intercept, a website set up to publish the Snowden leaks, released the malware’s code.

    Photo by: Wikimedia Commons

    Caption by: Zack Whittaker

  • U.S. Postal Service networks hit, employee data grabbed

    U.S. Postal Service networks hit, employee data grabbed

    Unknown assailants attacked the U.S. postal system’s networks -- blame was quickly rested on China. Data of more than 800,000 employees has been compromised, including Social Security number and postal addresses. The news broke as both U.S. and Chinese leaders met in Beijing to discuss, among many items on the agenda, cybersecurity and state-sponsored hacking.

    Photo by: U.S. Postal Service

    Caption by: Zack Whittaker

  • Snapchat data posted on 4chan after backup hack

    Snapchat data posted on 4chan after backup hack

    Around 13 gigabytes of data -- including photos and videos -- were pilfered by hackers, which eventually made its way to image sharing site 4chan. Known as “The Snappening,” shady backup services that were said to store snaps indefinitely quickly became the focus of blame. Snapchat cautioned its 100 million active users to stay away from such unauthorized services.

    Photo by: CNET/CBS Interactive

    Caption by: Zack Whittaker

  • One tweet can lead to a back account hack

    One tweet can lead to a back account hack

    One inane tweet from mid-2012 was enough to start a chain reaction of information gathering that could have rivaled the work of a government intelligence agency. The target in question may not have been a chief executive, a rock star, or a celebrity, or a government employee with access to state secrets. But it was enough to throw that privacy-conscious person off base.

    Photo by: via CNET

    Caption by: Zack Whittaker

  • Target breach woes spread into 2014

    Target breach woes spread into 2014

    An estimated 110 million records were pilfered from the company, announced at the end of 2013, but spread well into 2014. The brick-and-mortar and online retailer said its U.S. sales were “meaningfully weaker.” The company’s chief information officer, tasked with internal security, resigned three months into the new year. The total cost of the breach hit $110 million by the mid-year.

    Photo by: Target

    Caption by: Zack Whittaker

  • European Central Bank hit by data breach

    European Central Bank hit by data breach

    The central bank monitoring and overseeing the Eurozone in Europe suffered a security breach earlier this year that led to the theft of personal data. No internal systems or market sensitive data were compromised, but email and postal addresses, along with phone numbers were stolen.

    Photo by: Wikimedia Commons

    Caption by: Zack Whittaker

  • eBay hit by whopping 145 million user data breach

    eBay hit by whopping 145 million user data breach

    In a shocking breach revealed in May, more than 145 million users were affected by a massive hack of eBay’s systems, including email and postal addresses, and login credentials. Financial data was not stolen. The UK’s data watchdog launched a probe into the breach. Months after the breach, eBay said it took a $200 million hit to its annual revenue as a result the security breach.

    Photo by: CNET/CBS Interactive

    Caption by: Zack Whittaker

  • ​Home Depot breach saw hundreds of millions of records stolen

    ​Home Depot breach saw hundreds of millions of records stolen

    The company suffered in September a massive 109 million records leak, including 56 million credit cards and 53 million email addresses. Home Depot said a third-party vendor was at fault for the breach, which also led hackers to spread through networks to steal credit card data at point-of-sale terminals.

    Photo by: Home Depot

    Caption by: Zack Whittaker

  • Spotify warns of “unauthorized access”

    Spotify warns of “unauthorized access”

    Android users of Spotify were warned to upgrade after an isolated incident led to the breach of just one user’s data. Despite not having any financial or payment information taken, the company contacted the individual. Spotify has an estimated 40 million users. Android users were also warned to update, leaving some to speculate the app was to blame.

    Photo by: CNET/CBS Interactive

    Caption by: Zack Whittaker

15 of 15

Spotify warns of “unauthorized access”

Android users of Spotify were warned to upgrade after an isolated incident led to the breach of just one user’s data. Despite not having any financial or payment information taken, the company contacted the individual. Spotify has an estimated 40 million users. Android users were also warned to update, leaving some to speculate the app was to blame.

Caption by: Zack Whittaker

15 of 15

Related Topics:

Security TV Data Management CXO Data Centers

Related Galleries

    • 1 of 3