Cyber for Plan Sponsors

The Great Data Heist: The 21st Century’s Biggest Data Breaches


As we move further into the 21st century, cyber attacks and data breaches are becoming more and more prevalent. Personal information, including social security numbers and private email exchanges are becoming publicly available thanks to these hacks, making identity theft more and more possible.

You may be thinking that if you merely provide proper cybersecurity training for employees and employ an IT consultant that you’ll be safe from cyber attacks. But as the following list shows, some of the biggest and most secure companies fell victim to data breach of personal information of users and customers. If it can happen to them, what’s preventing it from happening to your company?

  1. Equifax

Something as simple as a vulnerability on one of Equifax’s websites led to over 145 million impacted customers. That vulnerability led to stolen Social Security Numbers as well as access to other personal information that could be used for identity theft such as birthdays, addresses, and driver’s license numbers. The breach wasn’t discovered for over two months after it had been initiated.

  1. Marriott International

The breach that would impact over 500 million customers began on systems supporting Starwood Hotels in 2014 before Starwood was acquired by Marriott in 2016. The breach wasn’t discovered until 2018, giving cyber attackers over four years to steal personal data such as contact information, passport numbers, and credit card numbers. A Chinese intelligence group seeking to gain information on United States citizens was ultimately found to be responsible for the breach showing that not all cyber attackers are just hackers; they might be national actors with more cyber know how behind them than your company can possibly imagine aimed at a cyber attack.

  1. Yahoo

The biggest in terms of sheer number of accounts compromised, the 2013-14 Yahoo breach impacted over three billion customers. Real names, email addresses, birthdays and telephone numbers were stolen along with security questions and answers. The breach, which was allegedly committed by an unspecified “state-sponsored actor,” caused Yahoo’s sale price to Verizon to drop by $350 million. There were questions as to whether the breach, once discovered, was adequately communicated outside the security team, leaving it possible for a data breach to occur even with that full time team in place.

  1. Uber

Yup, even one of the companies changing the world with its 21st century technology can fall to a data breach. Fifty seven million Uber users and 600,000 drivers had their personal information hacked. Hackers simply found a way into Uber’s GitHub account where they found credentials for Uber’s AWS account, allowing for the information to be stolen. Partly due to the breach, Uber’s valuation dropped $20 billion.

  1. JP Morgan Chase

The United States’ largest bank was victim to the nation’s largest bank data breach. The cyber attack compromised the information of 76 million households in the United States, more than half of households in the entire country, in addition to seven million small businesses. The data included contact information including names, addresses, phone numbers, and email addresses. Hackers gained “root” privileges on more than 90% of the bank’s servers, meaning they could transfer funds between accounts. JP Morgan Chase spends more than $250 million on security each year and still fell victim to a cyber attack.

So if some of the country’s biggest companies that are most invested in security and technology can’t fend off a cyber attack regardless of how much they spend on security, it could happen to anybody.

Purchase Cyber Liability Insurance

So how do you make sure your company is not on this list? By purchasing Cyber Liability Insurance! Those who lower cyber attack risk by implementing policies and protections of data prior to inquiry have a better chance of being approved for purchase of the cyber policy. Colonial Surety Company offers Cyber Liability Insurance with our ERISA Fidelity Bond packages along with Fiduciary Liability Insurance so your company is protected on all fronts. Contact us today to learn more about cyber liability insurance and how it can safeguard your company’s data.