Every store, restaurant, and retailer that has been hacked
If you're a person in the world in 2018, there are probably two words you remain in constant fear of: data breach. In recent history, several businesses used regularly by modern consumers have been targets of hacks, resulting in compromised data for millions of people. Perhaps one of the most notable cases was the 2017's Equifax hack, infamous for a multitude of reasons including: the scale of the hack (143 million customers with compromised data); the sensitive nature of the information lost (social security numbers, license numbers, and more); and the way the company bungled the recovery (in the aftermath of the hack, they accidentally directed concerned customers to a phishing scam posing as security site). But it's not just Equifax. Fast food chains like Wendy's and Chipotle, health insurers like Anthem and Premera, and retailers such as Under Armour and Saks Fifth Ave have all been hacked. For anyone trying to keep all of the breaches in order, here's a list of all of the retailers that have been hacked, starting with 2013's Target hack. In 2013, Target fell victim to a massive data breach, where hackers stole credit card data from up to 40 million customers. The hack took place between Nov. 27 and Dec. 15 that year — right after Black Friday— due to a breach in Target's point-of-sale systems, compromising customer data from Target stores all over the country. Target confirmed the hack in a memo and told Mashable in December 2013, "We're asking everyone who shopped at a Target location since Black Friday to monitor their credit card accounts and contact their banking establishments to see if there is any suspicious activity." Later it was revealed that hackers were able to gain access to Target's systems by hacking an outsider contractor that was working with Target. The breach cost Target a reported $148 million, according to The New York Times. Hate to break it to you, but if you're an eBay user, you may have been affected by a hack. In May 2014, the ecommerce platform discovered that it had been victim to a hack which compromised a database holding information for 145 million customers with active or inactive accounts. In the breach, hackers were able to see users' usernames, email addresses, physical addresses, phone numbers, dates of birth, and account passwords. In response, eBay urged users to change their passwords. Fortunately for anyone worried about repercussions from the hack, an eBay spokesperson told Mashable that "there is no evidence that any financial information was accessed or compromised." Also, Pay Pal and a host of other sites that use eBay's marketplace to operate including StubHub, eBay Classifieds, Tradera, Gmarket, GumTree and GittiGidiyor were also safe from the hack. Target isn't the only mega-corporation to have been hacked. In September 2014, just months after Target was hacked, Home Depot had to deal with a breach of its own. The Home Depot hack was first reported by cyber security expert Brian Krebs on Sept. 2, who noted that a batch of credit card information had gone on sale on an underground cybercrime site, and that multiple banks were seeing evidence that Home Depot may have been the source of the hack. At the time, Home Depot only said that it was investigating unusual activity. A week later, on Sept. 7, the home improvement store confirmed the hack, but the brand didn't email customers about the data breach until Sept. 21, when Home Depot once again confirmed the hack and offered customers 12 months of fraud detection services. In February 2015, Anthem, the second largest health insurer in America, was breached when hackers broke into the company's computer system. The hack compromised the personal data — including names, addresses, social security numbers, and more — of up to 80 million people, including Anthem's CEO Joseph R. Swedish. It is believed that hackers were able to breach Anthem after the stealing the login information of an Anthem employee. The company's CEO stated that the hack was the result of a sophisticated cyberattack. But according to The New York Times, experts say that Anthem did not complete vital cybersecurity steps like encrypting personal data which could have helped protect customer info. Wendy's is a brand known for getting into beefs (pun intended, I'm sorry) with other restaurants, but in 2015, the fast food chain had some less playful news to share: Wendy's had been hacked. Wendy's first broke the news at the end of January that year, when the brand confirmed that it was looking into suspicious activity. Later, in May, the brand revealed that it had been targeted by malware that collected customer credit card information but estimated that fewer than 300 restaurants were affected. By July, however, that number dramatically increased when Wendy's said that actually over 1,000 restaurants were targeted. In March 2015, health insurance company Premera Blue Cross announced that sensitive user info, including medical, financial, and personal information had been compromised when hackers broke into the company's computer system. The cyberattack reportedly took place between May 2014 to January 2015, exposing data of 11 million customers. The company did not reveal how hackers were able to breach Premera's systems, but as CNN notes, once they were in, the attackers were able access customer data going as far back as 2002. If you love moderately priced burritos and questionable queso, we have some bad news for you: Chipotle was hacked in 2017. The company first reported the hack in April 2017 during a investor call, according to Fortune, where Chipotle's CFO told analysts "We want to make our customers and investors aware we recently detected unauthorized activity on a network that supports payment processing for purchases made in our restaurants." Then in May 2017 Chipotle revealed more about the hack — malware reportedly infected Chipotle's point of sale system, allowing hackers to steal credit card data from "most, but not all" restaurants. If there is one hacking scandal that'll go down in the history books, it's the Equifax data breach. In September 2017, the credit reporting agency revealed that it had been victim to a hack, resulting in data from approximately 143 million people being stolen. According to a statement posted by Equifax, the hack lasted from May to July in 2017, allowing hackers to steal sensitive personal information from customers, including social security numbers and drivers license numbers. Following the hack, former Equifax CEO Richard Smith, who stepped down soon after the data breach, apologized to customers, saying, "This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do." But that was only the first part of the scandal. Briefly after the hack, Equifax accidentally directed customers to a fake security website that was actually a phishing scam. Also, the company went through yet another scarewhen security researcher Randy Abrams revealed that some pages on the company's website redirected to another website which offered a fake Flash update which contained malware. Equifax looked into the incident and found that its systems were not compromised because of the issue. Though the hack took place in 2017, the Equifax scandal found a way to come back to 2018 when *plot twist* the company revealed in March that an additional 2.4 million people were hacked. Yikes. In September, Whole Foods announced that it was investigating information the company received about unauthorized access of payment card information used at Whole Foods properties. It's still unclear what information was stolen, if any, and to what scale, but Whole Foods noted that the breach didn't affect all of Whole Foods, just "certain venues such as taprooms and full table-service restaurants located within some stores." "These venues use a different point of sale system than the company’s primary store checkout systems, and payment cards used at the primary store checkout systems were not affected," Whole Foods wrote in a statement about the hack. In September 2017, Krebs reported that fast-food company Sonic had been hacked, and the credit card information of 5 million customers were put on sale on cybercrime website Joker's Stash. The hack revelation involved a little bit of detective work on Krebs part. The cybersecurity expert first began keeping an eye out for info about a potential hack after hearing from "sources at multiple financial institutions who noticed a recent pattern of fraudulent transactions on cards that had all previously been used at Sonic," Krebs wrote. He then asked those sources to look into a batch of credit card info that had been posted to Joker's Stash and "sure enough, two sources who agreed to purchase a handful of cards from that batch of accounts on sale at Joker’s discovered they all had been recently used at Sonic locations." Sonic then confirmed the breach, telling Mashable via email that the company it uses to process credit cards had seen "unusual activity regarding credit cards used at Sonic." The fast-food chain also posted a memo about the breach to its site, writing, "Sonic Drive-In has discovered that credit and debit card numbers may have been acquired without authorization as part of a malware attack experienced at certain Sonic Drive-In locations." In addition to working with law enforcement to investigate the hack, Sonic also offered customers two years of free fraud and identity theft detection. In March 2018, Under Armour notified customers that its food and nutrition app "MyFitnessPal" had suffered a data breach and that 150 million users' data was compromised. The company explained the breach in a press release, stating, "On March 25, the MyFitnessPal team became aware that an unauthorized party acquired data associated with MyFitnessPal user accounts in late February 2018." Included in the stolen information were usernames, email addresses, and hashed (or encrypted) passwords. That last bit — hashed passwords — may be one small consolation from the breach. Of the hack, Mashable tech reporter Jack Morse noted, "The fact that the passwords were hashed is good news to those affected, as it suggests that their accounts may not have been immediately compromised following the breach." But users should still change their passwords just to be safe. "Still, anyone who has used the MyFitnessPal should absolutely change their password — a recommendation that Under Armour is making as well," Morse advised. On the first day of April, security firm Gemini Advisory revealed that cybercrime syndicate Fin7 hacked Saks Fifth Avenue, Saks Off Fifth, and Lord & Taylor, stealing credit and debit card data from approximately 5 million customers between May 2017 - April 2018. "Based on the analysis of the available data, the entire network of Lord & Taylor and 83 Saks Fifth Avenue locations have been compromised. The majority of stolen credit cards were obtained from New York and New Jersey locations," Gemini Advisory wrote. Saks later confirmed the breach, saying "Once we have more clarity around the facts, we will notify our customers quickly and will offer those impacted free identity protection services, including credit and web monitoring." Sometimes customer data gets exposed not because of a hack but because of some terrible, horrible, no good, very bad decision making on a businesses part. And that's definitely the case with Panera Bread's 2018 data breach. In April, Krebs reported that PaneraBread.com listed, in plain text, customer data including names, email addresses. To make matters worse, Panera Bread reportedly knew of the leak for eight monthsbefore the leak was revealed. In an essay published on Medium titled "No, Panera Bread doesn't take security seriously," cybersecurity expert Dylan Houllihan says he alerted Panera Bread about the flaw but the company "sat on the vulnerability and, as far as I can tell, did nothing." Not cool, Panera. Not cool. Hackers don't always have to go through your business to get your customer information. On April 4, both Delta and Sears put out statements that hackers may have been able to access customer payment information after [24]7.ai, a software company that both brands use, had been breached. The [24]7 breach lasted from Sept. 26 to Oct. 12, and hackers were also able to see information for shoppers at Kmart, which is owned by Sears. The investigation is ongoing but Delta tried to comfort customers by saying that just because 24[7] had been breached it doesn't mean that customer data was actually exposed. "At this point, even though only a small subset of our customers would have been exposed, we cannot say definitively whether any of our customers' information was actually accessed or subsequently compromised," Delta said in a release.Target
In 2013, Target fell victim to a massive data breach, in which hackers stole credit card data from up to 40 million customersCredit: Justin Sullivan/Getty ImageseBay
In May 2014, eBay discovered that it had been victim to a hack which compromised a database holding information for 145 million customers with active or inactive accounts.Credit: Justin Sullivan/Getty ImagesHome Depot
In September 2014, just month's after Target was hacked, Home Depot fell victim to a breach of its own.Credit: Mark Makela/Getty ImagesAnthem
Anthem, the second largest health insurer in America, was breached when hackers broke into the company's computer system in 2015.Credit: Aaron P. Bernstein/Getty ImagesWendy's
Over 1,000 restaurants were affected by a Wendy's hack in 2015.Credit: Justin Sullivan/Getty ImagesPremera
In May 2014, health insurance company Premera Blue Cross discovered sensitive data had been compromised when hackers broke into the company's computer system.Credit: Premera.comChipotle
If you love moderately priced burritos and questionable queso, we have some bad news for you: Chipotle was hacked in 2017.Credit: Scott Olson/Getty ImagesEquifax
Not only was the Equifax massive — affecting 143 million people — but the company also poorly handled all of the follow up.Credit: AP/REX/SHUTTERSTOCKWhole Foods
Whole Foods said "certain venues such as taprooms and full table-service restaurants located within some stores" were victim to a data breach.Credit: Joe Raedle/Getty ImagesSonic
5 million customers had credit card information stolen and put for sale in Sonic's 2017 hack.Credit: SONIC/BUSINESSWIREUnder Armor
Usernames, email addresses, and hashed passwords were stolen in Under Armour's March 2018 data breach.Credit: JUSTIN SULLIVAN/GETTYSaks Fifth Avenue / Saks Off Fifth / Lord & Taylor
Not even luxury retail brands are safe from data hacks.Credit: PETER BRANDT/GETTY IMAGESPanera Bread
Sorry bread lovers... Panera Bread hasn't been very careful with your data.Credit: GETTY IMAGESDelta / Sears / Kmart
Credit: DAVID L. RYAN/THE BOSTON GLOBE VIA GETTY IMAGES
Featured Video For You
AI will become the criminal hacker's best friend—and worst enemy
-
上一篇
-
下一篇
相关推荐
-
夏凤俭与四川建安工业有限责任公司董事长耿海波座谈
-
5 things to do right now if your Yahoo account was hacked
-
Serena ‘absolutely’ had doubts about competing again
-
Descendant of Robert E. Lee rebukes Trump for praise of ancestor
-
Aricell CEO arrested in first case under industrial accidents law
-
Melania Trump believes she's the most bullied person in the world. Hmm.
- 最近发表
-
- Top 10 Tech Pranks
- 7th grade boy nails his extra credit question by telling the best joke
- What is ProtonMail, the service used by Cambridge Analytica to cover its tracks?
- Giggs resigns as Wales manager
- Pressure boost squeezes out more hydrogen from artificial leaves
- Google Maps is now officially a gaming platform
- Moon gov't losing ground in NK
- US swimmer rescued from World Championship pool after fainting
- 11 Places to See Tiny Trains
- 21 incredible innovations that improved the world in 2016
- 随机阅读
-
- 'Metaphor: ReFantazio' hands
- Get a sneak peek at January's 'Chicago Fire' and 'P.D.' crossover
- Muguruza gets much
- FIFA increases squads to 26 players for World Cup
- How much for Oasis tickets? Fans joke about splurging on reunion shows
- 石棉县公安局出入境办证大厅启用
- Gov't to provide support for over 500 North Korean defectors facing tough living conditions
- 我市2009年度矿山企业年检工作12月1日启动
- Giant dual
- US swimmer rescued from World Championship pool after fainting
- Snap Map Explore adds text statuses automatically for Snapchat users
- Star Trek Discovery casts Sonequa Martin
- Pragmocracy Now
- After YouTube ban, gun vloggers find a new home on Pornhub
- The most Googled 'can I get pregnant if' questions, answered
- Park's approval rating edges up amid N. Korea's possible nuclear test
- Pope says England are not 'one
- 热血男儿 蓝天追梦——记雅安几代空军战士
- O'Callaghan continues teenage revolution
- PGA Tour boosts prize money
- 搜索
-
- 友情链接
-