With an increasing number of products and services being dependent on the internet, consumers entrust more and more of their personal information to businesses online. However, businesses don’t often see the vulnerabilities of their cybersecurity systems which lead to devastating data breaches.
Data breaches are costly for companies, and many are realizing the need to ramp up their investments in the field of cybersecurity. The last decade has seen a lot of notable data breaches that businesses these days can learn from. In this article, we’ll look at cybersecurity lessons from the biggest data breaches of the decade. To train on the leading security tools and learn best practices to prevent destructive data compromises, check out Cloud Academy’s Security Training Library.
Impact: 3 billion user accounts
In 2016, two years after the breach, Yahoo announced that it had been the victim of the biggest data breach in history. The cyber-attack was said to compromise 500 million users’ personal information including real names, e-mail addresses, birthdates, and telephone numbers. A couple of months later, Yahoo issued another statement talking about a separate breach in 2013 by a different group of hackers that compromised 1 billion accounts. Aside from personal information, passwords, security questions and security answers were also compromised. Fast-forward to 2017, and the former internet giant revised its estimate saying that all 3 billion user accounts had been compromised as a result of the data breaches. Yahoo, which had once been valued at $100 billion, was bought by Verizon for $4.48 billion following the aftermath of the scandal.
One of the most notable lessons to be learned from how Yahoo approached the situation is not to downplay the risk of breaches. Inc noted how Yahoo discussed in its press release that the stolen passwords were “hashed passwords (the vast majority in bycrypt)” without