Data breaches have undoubtedly become increasingly popular as technology has advanced. There is a lot of personal data that these cyber attackers can access, and the potential for sabotage and espionage is enormous. Data security doesn’t seem like it can get much worse than it already is. Thanks to three major data breaches that forever changed the business industry, we’ve reached new levels of terror…and, for some, a new level of security.
1- The TJX Companies
Between 2005 and 2007, hackers infiltrated the databases of discount retailer T.J. Maxx and several other stores in the TJX Companies family, which also included HomeGoods, Sierra Trading Post, and others. What they found as they combed through our financial information, social security numbers, and other personal data was shocking: the hackers made off with the names, addresses, birthdates, and social security numbers of millions of people.
The attacks were said to have started in 2005 with a phishing email sent to company employees that contained a malicious executable file. Once opened by an unsuspecting employee, this file installed malware on the employee’s computer that gave hackers access to internal networks and databases. The damage was so extensive that the hackers could gain access to internal company email and use those emails in combination with stolen credit card information to create a “false sense of legitimacy.”
So how much damage did the TJX Companies, Inc. breach do? In 2007 their stock price had dropped more than 35%, and they lost $1.3 billion in market value. In total, they’re estimated to have lost $256 million–the most significant loss ever reported by a company because of a data breach.
2- The Heartland Payment Systems
Heartland Payment Systems. began experiencing very odd activity on their credit card processing systems in December 2007. Still, it was in January 2008 that they could pinpoint the entry point for an intrusion. Upon discovering a malicious code inserted into the company’s Windows-based payment application, Heartland immediately shut its payment processing system down.
But by that time, the hacker had stolen a staggering amount of personal data from Heartland’s database, including more than 100 million credit card numbers and more than 25 million cardholders’ names and addresses. This massive breach put the company out of business, and suffered financial losses of $467 million. First Data Corporation has since acquired the company (which is itself an acquisition target).
3- The J.P. Morgan Chase & Co.
One of the most recent data breaches occurred in the summer of 2014, when cyber criminals could penetrate a financial software application and steal data from 83 million households. The hackers could access names, addresses, phone numbers, emails, and loan histories. Although there is debate on whether or not social security numbers may have been stolen (J.P. Morgan Chase has denied this), this breach is still considered one of the largest and most destructive in history.
This data breach affected J.P. Morgan Chase customers, which includes more than 30 million credit cards and 36 million bank accounts, among other things. The company was still determining where the attack originated for some time but eventually traced it back to Russia and North Korea. After a lengthy investigation by the FBI, they confirmed that this attack was a carefully orchestrated cyber-espionage operation designed to gather information about military technology and U.S. nuclear programs for later use by foreign governments.
If you’re a business owner, it’s your responsibility to do everything in your power to keep your customer’s data safe. This is why hiring the right data security company can help alleviate a lot of that stress for you. Consider hiring a company like Media Motion, which offers web application security scanning and penetration testing services, as well as other methods to help you stay ahead of cybercriminals. Before anything happens, make sure you have coverage if something does happen.