The biggest hacks, data breaches of 2020 (so far)

4 of 9 NEXT PREV

Microsoft

In January, Microsoft disclosed a data breach occurring through one of the tech giant's internal customer support databases.
Microsoft said anonymized user analytics, contained in roughly 250 million entries, were exposed. This included email and IP addresses.
Via: ZDNet

Published: June 1, 2020 -- 05:00 GMT (22:00 PDT)
Caption by: Charlie Osborne
US cannabis users

In the same month, researchers found a leaky AWS bucket exposed online that contained the personally identifiable information (PII) of 30,000 individuals linked to the medical and recreational marijuana, including patients.
It is thought that the database belonged to a PoS provider for legal dispensaries across the US.
Via: ZDNet

Published: June 1, 2020 -- 05:00 GMT (22:00 PDT)
Caption by: Charlie Osborne
Estée Lauder

Moving on to February, Estée Lauder was embroiled in a data breach in which 440 million records were compromised, including the exposure of internal company emails and non-consumer email addresses.
Via: Essential Retail

Published: June 1, 2020 -- 05:00 GMT (22:00 PDT)
Caption by: Charlie Osborne
T-Mobile

In March, T-Mobile revealed a security incident in which cyberattackers were able to successfully infiltrate the firm's email services, leading to the compromise of T-Mobile customer and employee information, as well as staff email accounts.
Names, addresses, phone numbers, account numbers, plan information, and billing information may have been stolen.
Via: ZDNet

Published: June 1, 2020 -- 05:00 GMT (22:00 PDT)
Caption by: Charlie Osborne
Marriott

A total of 5.2 million hotel guests were impacted by a data breach in March. Hackers were able to access two accounts belonging to Marriott employees who had access to customer information relating to the hotel chain's loyalty scheme.
A range of PII including names, genders, phone numbers, travel information, and loyalty program data was accessed.
Via: ZDNet

Published: June 1, 2020 -- 05:00 GMT (22:00 PDT)
Caption by: Charlie Osborne
Whisper

In March, Whisper, an anonymous secret-sharing app, was alerted to a security failure that exposed user content and profile information in connection to messages -- including nicknames, stated ages, location data, and group memberships -- caused by a database left open and exposed online.
Via: ZDNet

Published: June 1, 2020 -- 05:00 GMT (22:00 PDT)
Caption by: Charlie Osborne
SBA emergency business loan applicants

The US Small Business Administration (SBA) said in April that approximately 8,000 individuals who had applied for emergency business loans due to COVID-19 disruption were affected by a data breach.
The portal used to apply for the loans may have leaked applicant names, Social Security numbers, physical and email addresses, dates of birth, citizen status, and insurance information.
Via: ZDNet

Published: June 1, 2020 -- 05:00 GMT (22:00 PDT)
Caption by: Charlie Osborne
Nintendo

At the end of April, Nintendo revealed an account hijacking scheme that compromised roughly 160,000 users. Customers claimed that cyberattackers were using their accounts to fraudulently purchase games and Fortnite virtual currency.
A legacy login system, now disabled, was to blame.
Via: ZDNet

Published: June 1, 2020 -- 05:00 GMT (22:00 PDT)
Caption by: Charlie Osborne
easyJet

On May 19, budget airline easyJet said that information belonging to nine million customers may have been exposed, including over 2,200 credit card records, following a cyberattack.
easyJet is now facing an £18 billion class-action lawsuit due to the incident.
Via: ZDNet

Published: June 1, 2020 -- 05:00 GMT (22:00 PDT)
Caption by: Charlie Osborne

Despite a worldwide pandemic, cyberattackers haven't stopped poking holes in our defenses. These are the worst incidents so far in 2020.

T-Mobile

In March, T-Mobile revealed a security incident in which cyberattackers were able to successfully infiltrate the firm's email services, leading to the compromise of T-Mobile customer and employee information, as well as staff email accounts.

Names, addresses, phone numbers, account numbers, plan information, and billing information may have been stolen.

Via: ZDNet

Published: June 1, 2020 -- 05:00 GMT (22:00 PDT)

Caption by: Charlie Osborne

4 of 9 NEXT PREV