Frequent Data Breaches are a bitter reality. Organizations and platforms collecting people’s personal information are always under the hackers’ radar who are always ready to exploit any window of opportunity. In the first half of 2017 alone, around 2 Billion records were either lost or stolen worldwide. This number definitely comes as a shock, especially considering the misuse of data for frauds, identity thefts, personal security breaches, etc.

Today we will discuss the 5 biggest data breaches of 2018 and see how they could have been prevented!

1.Quora Data Breach

The Quora breach was discovered in December of 2018. This time, the hackers successfully bagged the personal data of 100 million Quora users. The stolen information included Email addresses, names, passwords, and profile data, record of users’ private and public actions. The details of the attack are still unclear. However, Quora reported its users of a third-party gaining unauthorized access to their servers located on site.

How could the Quora breach have been prevented?

Though the details of the breach are still unclear, it is known that the breach occurred from within the Quora’s server facility. Had Quora officials hired a third-party information & record management company, and stored their data off-site, then the breach could possibly have been prevented.

2.Newegg Transaction Fraud

Credit card transactions are thought to be the safest when it comes to online security, provided that you are transacting with a legit website. It turns out that this is not true anymore. More than 50 Million people lost their credit card information to the online hacker gang called Magecart. The attack occurred between August and September of 2018.

How could this have been prevented?

While online security is more complex to manage, especially if big data is involved, a better security against the malware injections could have saved Newegg’s user data.

3.Adhaar UIDAI Breach

A shocking discovery was made in 2018 about the personal information of 1.1 Billion citizens of India having been compromised by anonymous groups or individual hacker. The information under the UIDAI enrollment included identification number, name, emails, phone numbers, and even physical addresses. The stolen information about the citizens was up for sale for as low as Rupees 500.

How could the breach have been prevented?

The authority in charge of control for UIDAI data is Indian government. Recognizing the vulnerabilities in their system, the Indian government took swift action and made multiple backups of the national data and secured it in multiple locations across the globe. Not to mention, there were a few information & record management companies involved in the mission.

4.Exactis Data Heist

This one is particularly disturbing owing to the attack’s sheer intensity across the whole of internet. Cyber attackers targeted 340 Million people & business by breaching the data collected by the company Exactis. Exactis is primarily a data collection firm that handles people’s and business’ information from around the internet. The breached data included personal information and other sensitive details based on people’s religions, interest, etc.

The attack possibly occurred in June of 2018, and it was discovered when 2 Terabytes of the data collected by Exactis was relocated to a public website visible to everyone.

How could this have been prevented?

Since Exactis is primarily a data collection firm, tight online security and data integrity should have been their priority. Although it is not clear what caused the vulnerability in their system, Exactis could have befitted from consulting a Data management firm.

5.Starwood Data Breach

This cyberattack is also listed under the biggest information breaches of 2018. The targeted victims were all the guests of the hotel chain corporation Starwood. Names, emails, contact numbers, physical addresses, and pretty much every information that a hotel asks for was stolen from 500 million guests. It is suspected that the attack might have been on since 2014, while it was discovered in 2018.

Could it have been mitigated?

From all we know, if the attack was on from 2014, it is most likely an inside job. Offsite storage of the sensitive data by Starwood into confidential locations would have definitely helped them keep it safe.