The Growing Threat of Data Breaches
Technology advances at a breakneck pace, and much of that technology needs our personal information to function. Many devices and applications won’t allow you to use them unless you share your personal, identifying information first. In an age of information brokering, your personal data becomes worth more than gold. Leading to Data Breaches.
Data breaches, or the release of secure and private information to the public, occur often. Login and password data is taken and shared amongst hackers who use that data to take your identity and steal your funds. Data breaches are serious and can happen to anyone, but some technology and applications are more susceptible to others. Read on about the biggest security breaches in that past few years, and what was stolen.
The Biggest, Baddest Data Breaches
Over the course of the 19 years that make up the 21st century, there have been nearly 300 data breaches, and those are just the ones that have been recorded and catalogued. There is a potential that many more have happened without knowledge. The top known breaches of private data to date are:
Yahoo
Yahoo experienced a breach in 2013-2014 and is the single largest data breach to date. Over 3 billion user accounts were compromised, including usernames, emails, passwords, real names, dates of birth, and phone numbers.
Equifax
The Equifax breach made headlines on national news. The credit company lost login credentials, including passwords, of over 148 million users, but that wasn’t the end of it. They also lost social security numbers, drivers license numbers, addresses, birth dates, and credit card information.
eBay
In May of 2014, eBay experienced a breach of confidential information from over 145 million users. Hackers stole usernames, passwords, names, dates of birth, and addresses.
Marriott
Marriott revealed a security breach in 2018 that compromised private data of over 500 million people. Most of the stolen data included names, identifying information, phone numbers, credit card numbers, and passwords.
What Do These Data Breaches Have in Common?
Data breaches on the curated list are confined to a small group of people or don’t have private login credentials, but the large breaches do. They may also include identifying information such as social security number, credit card number, names, and dates of birth, but the most common form of stolen information is usernames/emails and passwords.
The Speed at Which Passwords are Hacked
Passwords are kept in a safety system called a “hash,” a method for scrambling and encrypting the password so that, if the data is read from the back end, no passwords can be deciphered. Certainly a strong hashing method can help keep passwords safe, but many hackers have sophisticated computers that can crack hashed passwords in seconds. Long lists of passwords stolen from websites through breaches could take as little as a couple of hours to decipher, making these hashes practically useless in defending password data.
Passwordless Authentication
However many professionals who work to defend data from hackers agree that traditional passwords are obsolete. Most common passwords are available to hackers on “libraries,” or massive hashed or un-hashed password lists, and are shared frequently. Likewise this data sharing makes any password that has ever been misused unsafe to use again, as they can easily be cracked in the future. (check Have I been Pwned to see if your Password has been compromised previously)
Two-factor authentication and multi-factor authentication are important in keeping your data safe. Using more than just a password, such as receiving a code on your phone or a magic link through your email, can help keep you protected. Still, if a password breach happens, your password will still be out there.
Passwords are unsafe. Full stop. Don’t let your online security fall victim to another data breach; it’s time to switch to passwordless authentication. TraitWare’s patented QR-code passwordless authentication method is the most secure multi-factor authentication application on the internet. Forget losing a password to a security breach and make the safe switch to passwordless.