2015, like last year, could almost be dubbed the year of the data breach. We all know about the IRS data breach and the scandalous breach of Ashley Madison because they’re all over the news. But what are the major data breaches that didn’t get as much coverage? Surely, we’re not only concerned with the breaches that the media decides to cover, but all data breaches, especially those that affect services we ourselves use.
Here are five data breaches of 2015 that you may not have heard about:
CVS Pharmacy
CVS made headlines this year when the decided to stop selling tobacco in their stores, a move many thought would bring the company down. The opposite happened, in fact, and CVS has done quite well since the switch. However, they didn’t do so well in the cyber security department. In July CVS suspected a hack via their online photo ordering system. Turns out credit card information, email addresses, as well as home addresses were stolen.
Patreon
Patreon is a crowdfunding site to help fund lazy people’s hobbies…just kidding. Patreon helps artists and ‘creators’ fund their projects through crowdfunding. It’s an extremely popular site with millions of users. It was also the subject of a data breach – today actually! The website’s user information was posted online in a 15GB file that contained names, emails, credit card and social security numbers, as well as certain posts to the site.
Experian/T-Mobile
Of course, we wouldn’t hear about a data breach at a credit bureau would we! One of the “big three” in credit reports, Experian was hit with a data breach in September. The breach mostly affected T-Mobile customers as the cellular services company enlists Experian to run its credit checks for new customer accounts. What’s more is that encrypted social security numbers were also stolen, but the company warned that the encryption may have been compromised. Can someone say free credit report?
LastPass
LastPass, ironically, is a password vault that is designed to keep your passwords safe and accessible on different websites without having to type in your password each time. While passwords are heavily encrypted making it extremely difficult to do anything with the stolen data, if a user has a weak master password it can be easy to figure out all the passwords in the keychain. What happens next? Well, a hacker could potentially access any website that you have a password for that you store with LastPass.
UCLA Health
A lot of people have concerned with medical security this year, especially as many institutions around the country have been tasked with amending their coding system. Despite the extended efforts for better security mistakes are still made often, and UCLA found this out the hard way. . The UCLA health centers were hit with a huge attack that affected almost 5 Million records and included social security numbers as well as medical data. The worst part? The data itself was not encrypted – a totally amateur move.
Perhaps the scariest part about all of this is that even though we have rules and regulations in place that are designed to help protect our data in a more connected world, we still see major data breaches all the time. They happen each and every day, and while many of us have yet to be affected, it often seems like it’s only a matter of time before we experience it for ourselves.