Sunday, June 15, 2025
HomeSecurity NewsTop 10 Biggest Data Breaches Of 2017

Top 10 Biggest Data Breaches Of 2017

Published on

SIEM as a Service

Follow Us on Google News

Last year many cyber incidents were reported. Here is the lookback of Top 10 Biggest Data Breaches and leaks reported in 2017 which made a huge impact on the organizations.

Here we have listed Top 10 Biggest Data Breaches which costs companies in million dollars and loss in reputation.

Also Read:  TOP 10 Cyber Attacks and Critical Vulnerabilities of 2017

- Advertisement - Google News

1. Equifax

Hackers had breached the company’s system and accessed people’s names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers.

They also stole credit card numbers for about 209,000 people and dispute documents with personal identifying information for about 182,000 people.

2. Yahoo

Yahoo announced that all user accounts were affected in the August 2013 theft. Previously they announced that “more than one billion user accounts” may have been stolen by hackers during the attack that took place in August 2013.

Leaked details still remain secret, besides the range of affected users and that hackers stole names, email addresses, date of birth, phone numbers, hashed passwords, safety questions and answers.

3. American Households

A massive database that contains 123 Million American households sensitive personal information leaked online by California-based data analytics firm.

An unsecured cloud-based data repository was left publicly due to the bad misconfiguration in Amazon Web Services S3 cloud storage and the repository are massive data sets belonging to consumer credit reporting agency Alteryx partner Experian.

4. Accenture Data Leak

An Unsecured Server Hosted on Amazon’s S3 storage service which is holding 137 gigabytes of Customer data has completely left unsecured which Could be affected tons Accenture Cloud Platform Customer Sensitive Data.

Exposed Cloud Data servers belong to Accenture’s enterprise cloud offering, Accenture Cloud Platform, a “multi-cloud management platform” that is used for Accenture Customers.

5. Uber Data Breach

Uber data Breach, Hackers stole 57 million Uber users around the world and 600,000 drivers names including their license numbers.

The breach took place in October 2016 and the leaked data includes names, email addresses and mobile phone numbers that related to Uber accounts.

6 .California Voter Database Exposed

An unprotected MongoDB database contains a large volume of data which belongs to California state voters information exposed online. It can be accessed by anyone by having the just simple internet connection and the database named as ‘cool_db’.

Also, it was open to view, edit and modifying the entire database by anyone which contains 2 collections of the database.

one collection contains set of voter registration data and other collections contain entire California state voters that are holding 19,264,123 records, all open for public access.

7. Malaysian Data Breach

Malaysian’s Biggest Data Breach Exposed around 46.2 Million Mobile phone numbers have been leaked online from Malaysian telecoms and mobile virtual network operators (MVNO).

The information that has got out includes postpaid and prepaid numbers, customer details, addresses, IMEI and IMSI numbers.

8 .Verizon Data Breach

Telecommunications giant Verizon’s Customers 6 Million Sensitive personal data leaked online due to misconfigured cloud-based file repository and this Misconfiguration leads to exposed customer phone numbers, names, and some PIN codes publicly available online.

This Data Breach occurred due to “Human Error” and  Verizon’s Cloud-based file server was operated by Verizon’s Third Party vendor  NICE Systems.

9. Pentagon’s Data Leak

Pentagon Data Leak, Amazon Web Services S3 cloud storage buckets that contain social media surveillance data configured in the way that users with free AWS account can read and download the contents.

Leaked data consist of billions of public internet posts, news commentary and other writings from individuals from the US and other Countries.

10. Ai.Type keyboard Cata Breach

Millions of customer personal data exposed online due to a Misconfiguration with MongoDB that belongs to Ai.Type, the company that well know for developing the personalized virtual keyboard app for Android and iOS.

the company exposed their entire 577GB Mongo-hosted in public, anyone with internet connection can access the database.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Kali Linux 2025.2 Released: New Tools, Smartwatch and Car Hacking Added

Kali Linux, the preferred distribution for security professionals, has launched its second major release...

Arsen Launches AI-Powered Vishing Simulation to Help Organizations Combat Voice Phishing at Scale

Arsen, the cybersecurity startup known for defending organizations against social engineering threats, has announced...

NIST Releases New Guide – 19 Strategies for Building Zero Trust Architectures

The National Institute of Standards and Technology (NIST) has released groundbreaking guidance to help...

Spring Framework Flaw Enables Remote File Disclosure via “Content‑Disposition” Header

A medium-severity reflected file download (RFD) vulnerability (CVE-2025-41234) in VMware's Spring Framework has been...

Credential Abuse: 15-Min Attack Simulation

Credential Abuse Unmasked

Credential abuse is #1 attack vector in web and API breaches today (Verizon DBIR 2025). Join our live, 15-min attack simulation with Karthik Krishnamoorthy (CTO - Indusface) and Phani Deepak Akella (VP of Marketing - Indusface) to see hackers move from first probe to full account takeover.

Discussion points


Username & email enumeration – how a stray status-code reveals valid accounts.
Password spraying – low-and-slow guesses that evade basic lockouts.
Credential stuffing – lightning-fast reuse of breach combos at scale.
MFA / session-token bypass – sliding past second factors with stolen cookies.

More like this

Don’t Click “Unsubscribe” links blindly It May Leads to Loss of Credentials

Imagine your inbox is overflowing with promotional emails—some from familiar companies, others less so....

ConnectWise to Update Code Signing Certificates for ScreenConnect, Automate, and RMM

ConnectWise, a leading provider of remote management and cyber protection tools for managed service...

ESET Details on How to Manage Your Digital Footprint

ESET, a leading cybersecurity firm, has shed light on the intricate nature of digital...