Wednesday, June 19, 2024

The 10 Biggest Data Breaches of 2018

Hackers have become more sophisticated, dangerous and with the built in advanced automated tools they carry out a wide variety of processes to breach data.

Here is the lookback of Top 10 Biggest Data Breaches and leaks reported in 2018 which made a huge impact on the organizations.

Biggest Data Breaches – 2018

Starwood Hotels

Marriott International announced a security breach that affected more than 500 million guests who made a reservation at Starwood Hotels and resorts.

Hackers gained unauthorized access to the Starwood network since 2014, they copied, encrypted information and taken steps to remove it.


Marketing Firm Exactis exposed more than 340 Million Americans sensitive records Online which is estimated more the Equifax data breach that occurred a few months before.

Leaked data contains millions of peoples personal sensitive information phone number, home address, email address, even how many children have in leaked users data.


MyFitnessPal data breach affected more than 150 million user accounts. Attackers stole the usernames, email addresses, and hashed passwords.

The breach occured in February of last year and the company identified the unauthorized data access from their servers on March 25, 2018.

Quora Hacked

Quora exposed more than 100 million users accounts. Hackers gained unauthorized access to the servers and stolen account information, Public content and actions, and Non-public content and actions.

CPF Exposed

120 Million Unique CPF of Brazilian citizens exposed online form a misconfigured Apache server. The highly personal information is openly available for everyone.

The exposed data contains sensitive information that linked CPF includes banks, loans, repayments, credit and debit history, voting history, full name, emails, residential addresses, phone numbers, date of birth, family contacts, employment, voting registration numbers, contract numbers, and contract amounts.

U.S Citizens Records

An unprotected database that contains more than 114 million U.S Citizens records exposed online and the estimation of affected peoples are 82 million and more.

It was completely available for the public including the information of the first name, last name, employers, job title, email, address, state, zip, phone number, and IP address.


MyHeritage Announced its massive data breach that leaked around 93 Million registered users sensitive data.

Leaked files contains email addresses and hashed passwords of 92,283,889 users who all are signed up the MyHeritage up to and including Oct 26, 2017.

Facebook – Cambridge Analytica

Over all 87 Million affected Facebook Users has been identified and most of them in the US but at least 1 million Facebook Users in the UK and More than 1 Million Facebook Users affected in Indonesia, the Philippines alone.

Google+ Shut down

Google announced Google+ shut down following the security breach that exposed 500,000 Google+ accounts.

The bug allows third-party developers to access user’s name, email address, occupation, gender, and age.

E-marketing Database Exposed

A huge customer database with 11 million records that containing personal details such as email, full name, gender and physical address exposed online. The data to be available from the unprotected MongoDB instance and it is open for anyone to access it.

Cathay Pacific

Cathay Pacific limited suffered a major data breach that affected more than 9.4 million passengers personal data.

According to Cathay Pacific, the following data are details accessed by hackers such as passenger name, nationality, date of birth, phone number, email, address, passport number, identity card number, frequent flyer programme membership number, customer service remarks, and historical travel information.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.


Latest articles

Amtrak Data Breach: Hackers Accessed User’s Email Address

Amtrak notified its customers regarding a significant security breach involving its Amtrak Guest Rewards...

Chrome Security Update – Patch for 6 Vulnerabilities

Google has announced a new update for the Chrome browser, rolling out version 126.0.6478.114/115...

Hackers Weaponize Windows Installer (MSI) Files to Deliver Malware

Cybersecurity researchers have uncovered a sophisticated malware campaign orchestrated by a threat actor group,...

Hackers Using VPNs To Exploit Restrictions & Steal Mobile Data

Hackers are offering "free" mobile data access on Telegram channels by exploiting loopholes in...

New PhaaS Platform Lets Attackers Bypass Two-Factor Authentication

Several phishing campaign kits have been used widely by threat actors in the past....

Stuxnet, The Malware That Propagates To Air-Gapped Networks

Stuxnet, a complex worm discovered in 2010, targeted Supervisory Control and Data Acquisition (SCADA)...

Threat Actors Claiming Breach of AMD Source Code on Hacking Forums

A threat actor named " IntelBroker " claims to have breached AMD in June...
Guru baran
Guru baran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Free Webinar

API Vulnerability Scanning

71% of the internet traffic comes from APIs so APIs have become soft targets for hackers.Securing APIs is a simple workflow provided you find API specific vulnerabilities and protect them.In the upcoming webinar, join Vivek Gopalan, VP of Products at Indusface as he takes you through the fundamentals of API vulnerability scanning..
Key takeaways include:

  • Scan API endpoints for OWASP API Top 10 vulnerabilities
  • Perform API penetration testing for business logic vulnerabilities
  • Prioritize the most critical vulnerabilities with AcuRisQ
  • Workflow automation for this entire process

Related Articles