The first ever cyber-attack took place 30 years ago in 1989. The program was written by Robert Tappan Morris. He wanted to see how big the world of internet was, so he wrote the program that would not only travel from one computer to another, but also send a signal back to the control server that would keep count of all the devices. This type of attack is called “distributed denial of service” and is known in the industry as the “Morris worm”. Since then, the number of cybercrimes has only increased. According to Kaspersky Lab, there were 758 million cyber-attacks in 2016 alone. On an average, there is a cyberattack every 39 seconds. While not every cybercrime is malicious and endangers national security, there are a few that stand out against all in terms of social and financial damage. 

We have gone and compiled a list of the worst cybercrimes in the world ever since the Morris worm attacked the first computer in 1989. 

Adobe

The first cybercrime in our list is against Adobe. In October of 2013, Adobe announced that its IT infrastructure has been hacked. Initially, they thought that the personal information of only 2.9 million accounts was stolen. It included names, logins, passwords and credit card information. Later, after discovery of another file on the internet, the number of accounts increased to 150 million, out of which only 38 million were active. However, this is not all. Along with customer information, the hackers also stole their product data. About 40GB of source data was stolen, which included the complete source code for ColdFushion as well as parts of Photoshop and Acrobat Reader. 

Sony 

This next cybercrime will show you how important it is to invest towards your cyber security and how big cybercrime could have easily been avoided if it was paid attention. Sony has been under attack twice, once in 2011 and then in 2014. 

In 2011, the parent company’s PlayStation Network was under attack. The brand had personal information of 77 million users, which was leaked. This included banking information of thousands of players as well. The attack could have been ignored if Sony had encrypted their data. To appease everyone, the company had to pay almost 20 million dollars to everyone affected. 

The second attack was on Sony Pictures Entertainment. It was attacked by a computer work called “Guardians of Peace”. 100 terabytes of data were stolen, which included personal information of about 47000 employees, film scripts and personal emails as well. Again, the company had to pay millions of dollars in compensation to the employees and cancel broadcast of many movies. 

South Korean Credit Cards 

In January 2014, it was discovered that 100 million credit cards of South Koreans were stolen over several years. Along with that, 20 million bank accounts were also hacked. Approximately 2 million South Koreans either replaced their cards or blocked them. It was an employee of KCB (Korean Credit Bureau), a solvency company, who stole the personal data of credit card companies’ customers. 

Target 

Image source- Null Byte

Target is the second largest discount retail chain in America. In December 2013, it became the victim of a large cyber-attack, where information of 110 million customers was hijacked between 27 November and 15 December. The attack was discovered by American secret services. They had detected some unusual bank movements and then warned Target. According to secret services, the hackers were based in Eastern Europe. The used a technique called RAM Scraping to hijack the brand. later, they sold the data on the black market. 

Alteryx 

Alteryx was a marketing analytics firm that left their database online unsecured. The data was about 123 million American households. It included sensitive information on 248 fields including addresses, income, ethnicity, personal interests, mortgage ownership, contact information and even financial history. Basically, every information was available publicly except for the names of the owners of the accounts. 

Equifax 

Equifax is an American credit company that suffered from a cybercrime in 2017. They revealed it to the public since weeks after it was detected. Personal information like names, birthdates, insurance numbers and driver’s license numbers of about 143 million American, British and Canadian customers was stolen along with credit card numbers of 20 lakh people. Several complaints were made against the company regarding insider trading. Even some executive officers of the company sold their stocks just a few days before the attack was made public. 

Adult Friend Finder

Just like Sony, Adult Friend Finder faced 2 attacks- in 2015 and 2016. The first one hacked the company and the personal information of 4 million accounts was made public on Tor, which included their pseudonyms, IP addresses and even sexual preferences. The second attack was way more malicious. This time, instead of 4 million, 400 million accounts were hacked. In totality, 20 years of personal information was stolen. Hackers used a technique called Local File Inclusion (LFI) breach to attach Adult Friend Finder. 

Marriott – Starwood Hotels 

In September 2018, Marriott was alerted of a potential security breach. An internal security tool found out that there has been a rift in their system since 2014. Information of about 500 million customers had been compromised until the breach was spotted. The information included payment information, mailing addresses, passport numbers, phone numbers and more. Due to this breach, Marriott is now facing a fine of $123 million by the British Authorities. 

Hold Security 

In 2014, Hold Security, an IT security company, revealed that some Russian hackers had stolen logins and passwords of over 1.2 billion people from 420000 websites from all over the world. Due to this attack, hacker groups like “CyberVor” could have had access to over 500 million email accounts. While it is one of the biggest cyber-attacks based on the scale, there were no major consequences. The information was only used in a spam campaign on social media. No one knows the real reason behind this breach or the organization responsible for it. 

Yahoo  

This company is said to be a favorite amongst hackers. Yahoo has been attacked 3 times till dates. 2 of them were deemed as the biggest cyber-attacks in the history when they were reported by the company. The first attack was reported in 2016. In 2014, over 500 million users were affected. Except for their banking information, all personal data was hijacked. Before this, a hacker named “Peace” sold around 200 million email id’s and passwords for just $1900 in 2012. The next attack was reported in December 2016, which occurred in August 2013. This was said to be the biggest cyber-attack as over 1 billion accounts were affected. However, in 2017, Yahoo confirmed that all 3 billion users were impacted by the hijacking.