Cybercrime is a risk that will always loom over all modern businesses and their customers. The hackers who commit this cybercrime are primarily motivated by money. They “hold hostage” important company and consumer data for monetary ransom.
Cybercrime is not only about money, but it is also politically motivated. Companies can be caught between countries trying to disrupt or steal secrets from their geopolitical rivals.
This article will discuss three of the most costly cybercrime attacks in history.
Cyberattack on Sony Playstation Network in 2011
Leading technology company Sony admitted that the names, addresses and personal data of around 77 million PlayStation Network (PSN) users were stolen in 2011. Gamers’ PSN accounts were inaccessible for a week to prevent more data leaks.
The hacking of the 77 million PSN accounts was done by “an illegal and unauthorized person”. He gained access to names, addresses, email addresses, usernames, passwords, security questions, and in some cases, even payment details. The stolen data may also contain information about users who are minors (children).
To date, this attack is considered one of the largest credit card data breach attacks in the world. More than 12,000 credit card numbers – albeit in encrypted form – of non-US cardholders and additional information from 27.4 million accounts were accessed. Despite this, Sony claimed to have found no evidence that any credit card information was stolen while still asking its users to be cautious.
A month after the attack, Sony stated that the cost of the outage reached USD 171 million. Sony USA, Sony Canada, and Sony Japan also claimed damages of up to 1 billion Canadian dollars from a lawsuit filed in Canada. Then, the UK Information Commissioner’s Office also fined Sony 250,000 Pounds for violating the UK Data Protection Act.
Cyberattack on Yahoo in 2014
Yahoo in 2016 revealed that there was a theft of personal data linked to at least 500 million accounts. The theft incident occurred in 2014 and is believed to have been carried out by state-sponsored individuals.
The stolen data included email addresses, passwords, phone numbers, birth dates and names. However, protected passwords, payment information, and bank account information do not appear to have been compromised.
The mastermind behind the Yahoo hack is Aleksey Belan, a Latvian hacker hired by Russian agents. Belan was able to gain access to Yahoo’s User Database and account management tools through phishing attacks that specifically targeted Yahoo employees.
Yahoo suffered severe economic losses, including a sale to Verizon Communications Inc. for acquisition purposes. Yahoo’s stock price also fell 3% the day after the attack, and lost $1.3 billion in market capitalization. Yahoo also had to pay a lot of fines to various global institutions that sued it.
RockYou2021 – The world’s largest password leak
A password compilation called “RockYou2021” contains 8.4 billion leaked passwords – claimed to be the largest collection of stolen passwords of all time. The name of the compilation was inspired by the 2009 RockYou data breach – more than 32 million users lost their passwords.
RockYou2021 is a 100GB txt file containing 8.4 billion password entries, in addition to previous data leaks. Hackers claimed that the list contained 82 billion passwords. However, the exact number turned out to be ten times smaller.
Troy Hunt, a cybersecurity expert, explained on Twitter that the 100GB of RockYou2021 data did not actually contain 8.4 billion passwords. The contents of the txt file appear to be a compilation of old password leaks, possible and frequently used passwords, and word lists. Regardless, RockYou2021 is still considered the biggest data leak due to the sheer amount and weight of the actual data.
