While 2014 was “the year of the data breach”, 2015 is off to a fast start with several prominent data breaches. Below is a list of the top breaches that were made public in January 2015.
If you want to be sure not to miss our lists for upcoming months, follow us on Twitter or sign up for our email list.
IKANOW MAJOR BREACH INDEX: January 2015
| Total Number of Breaches | 8 |
| Total Number of US Gov. Agency Breaches | 0 |
| Total Number of Corporate Breaches | 8 |
| Potential Number of People Impacted (estimate) | 25,985,000 |
| Potential Total Cost of Records Breached (estimate)* | $5,041,090,000 |
*estimate based off the results from the Ponemon Institute’s Cost of a Data Breach (average of $194/record)
Moonpig - Network Vulnerability
Developer Paul Price first notified Moonpig of a vulnerability in their API back on August 2013. When the vulnerability was still there 13 months later, he decided to go public. Moonpig has around 3.6 active users, which could have all been affected. Moonpig has since taken their API offline.
Morgan Stanley - Inside Job
A 30 year old financial advisor stole information on 350,000 of the banks wealthiest clients and tried to sell the data online. According to an article in the NY Post, no passwords or social security numbers were compromised.
MyTF1 - Hacked
MyFT1 in France was hacked by active hacker group “Linker Squad”. The hackers accessed almost 2 million customer accounts containing personal and financial information. Why do they want this information? To simply sell to other hackers.
Banque Cantonale de Geneve - Hacked
On January 9th, Reuters reported “a hacker claiming to be behind a cyber attack on Banque Cantonale de Geneve, or BCGE, used social media to threaten to leak confidential data on the Swiss bank’s clients if its demands for payment weren’t met.” The hacker downloaded more than 30,000 emails from the back.
Malaysia Airlines - Hacked
Malaysia Airlines was hacked on Jan. 26th and customer information was leaked online. Active hacker group, Lizard Squad are the ones taking responsibility for the attack. Malaysia Airlines confirmed their DNS was comprised but resolved this issue in about 1 day.
Topface - Hacked
Topface is a Russian dating site that was hacked and the usernames and email addresses of 20 million users were offered for sale on a website. In a Bloomberg article, the Topface CEO, Dmitry Filatov, gave a statement saying that “while he has no proof of the breach, the St. Petersburg-based company is investigating. He sought to reassure users, saying more than 90 percent of them log onto the site via Facebook or other social networks, and that Topface has no access to their passwords and doesn’t keep secure information such as payment data.”
St. Peter’s Health Partners - Stolen Mobile Phone
A managers cell phone was stolen which had access to personal information of more than 5,000 people. The data was remotely wiped from the phone. In an SC Magazine article, Donald Martin, CEO of St. Peter’s Health Partners stated, “While at this time we believe the risk is low that the data on these individuals was accessed, we are committed to doing all we can to protect each and every one of them.”
Wingstop Restaurants - Hacked
Data stealing malware was found on Wingstop’s POS systems in multiple locations. Wingstop has removed the POS hard drives and replaced with new ones.
Share on FacebookShare on TwitterShare on Google+Share on Linkedin
Significant Data Breaches - January 2015
While 2014 was “the year of the data breach”, 2015 is off to a fast start with several prominent data breaches. Below is a list of the top breaches that were made public in January 2015.
If you want to be sure not to miss our lists for upcoming months, follow us on Twitter or sign up for our email list.
IKANOW MAJOR BREACH INDEX: January 2015
*estimate based off the results from the Ponemon Institute’s Cost of a Data Breach (average of $194/record)
Moonpig - Network Vulnerability
Developer Paul Price first notified Moonpig of a vulnerability in their API back on August 2013. When the vulnerability was still there 13 months later, he decided to go public. Moonpig has around 3.6 active users, which could have all been affected. Moonpig has since taken their API offline.
Morgan Stanley - Inside Job
A 30 year old financial advisor stole information on 350,000 of the banks wealthiest clients and tried to sell the data online. According to an article in the NY Post, no passwords or social security numbers were compromised.
MyTF1 - Hacked
MyFT1 in France was hacked by active hacker group “Linker Squad”. The hackers accessed almost 2 million customer accounts containing personal and financial information. Why do they want this information? To simply sell to other hackers.
Banque Cantonale de Geneve - Hacked
On January 9th, Reuters reported “a hacker claiming to be behind a cyber attack on Banque Cantonale de Geneve, or BCGE, used social media to threaten to leak confidential data on the Swiss bank’s clients if its demands for payment weren’t met.” The hacker downloaded more than 30,000 emails from the back.
Malaysia Airlines - Hacked
Malaysia Airlines was hacked on Jan. 26th and customer information was leaked online. Active hacker group, Lizard Squad are the ones taking responsibility for the attack. Malaysia Airlines confirmed their DNS was comprised but resolved this issue in about 1 day.
Topface - Hacked
Topface is a Russian dating site that was hacked and the usernames and email addresses of 20 million users were offered for sale on a website. In a Bloomberg article, the Topface CEO, Dmitry Filatov, gave a statement saying that “while he has no proof of the breach, the St. Petersburg-based company is investigating. He sought to reassure users, saying more than 90 percent of them log onto the site via Facebook or other social networks, and that Topface has no access to their passwords and doesn’t keep secure information such as payment data.”
St. Peter’s Health Partners - Stolen Mobile Phone
A managers cell phone was stolen which had access to personal information of more than 5,000 people. The data was remotely wiped from the phone. In an SC Magazine article, Donald Martin, CEO of St. Peter’s Health Partners stated, “While at this time we believe the risk is low that the data on these individuals was accessed, we are committed to doing all we can to protect each and every one of them.”
Wingstop Restaurants - Hacked
Data stealing malware was found on Wingstop’s POS systems in multiple locations. Wingstop has removed the POS hard drives and replaced with new ones.
Tags: