2017 Breaches

published by Anna Pleshakova

Want to create a visual like this?

Get Started
This infographic displays statistics about the most impactful security breaches that occurred in 2017 so far.
Jan 8th, 2017
Xbox 360 ISO and PSP ISO
Security expert Troy Hunt, of the website "Have I Been Pwned?", revealed that Xbox 360 ISO and PSP ISO had been hacked back in September 2015. The website also housed sensitive user information that was taken. 1.2 million Xbox 360 ISO users and 1.3 million PSP ISO users were affected and may have had their e-mail addresses, IP addresses, usernames, and passwords stolen in the breach. 
Feb 7, 2017
IHG, the company that owns popular hotel chains like Crowne Plaza, Holiday Inn, Candlewood Suites, and Kimpton Hotels, announced a data breach that affected 12 of its properties. Malware was found on servers which processed payments made at on-site restaurants and bars; travelers that used cards at the front desk did not have information taken. The malware was active from August 2016 to December 2016. Stolen data includes cardholder names, card numbers, expiration dates, and internal verification codes. 
InterContinental Hotels Group (IHG)
Feb 17, 2017
The national fast food chain acknowledged a data breach after being pressed by KrebsOnSecurity. The company admitted that they had been notified in mid-January about a possible breach in select restaurants, but the FBI asked them not to go public yet. Malware was placed on payment systems inside certain Arby’s corporate stores, which make up about one-third of all Arby’s in the nation. The company said that the malware has been removed, but the scope of the breach is not yet known. Arby’s did not say when the breach occurred, but one credit union believes it may have been between October 25, 2016 and January 19, 2017.
Mar 6, 2017
A group of spammers, operating under the name River City Media, unknowingly released their private data into cyberspace after failing to properly configure their backups. The leak known as Spammergate included Hipchat logs, domain registration records, accounting details, infrastructure planning, production notes, scripts, business affiliations, and more. The biggest discovery, however, was a database of 1.4 billion email accounts, IP addresses, full names, and some physical addresses. Thankfully, the “good guys” found the information—in this situation, it was Chris Vickery, a security researcher for MacKeeper—and reported everything to the proper authorities. 
River City Media
Mar 7, 2017
KrebsOnSecurity revealed that Verifone, the largest maker of point-of-sale credit card terminals used in the U.S., discovered a breach of its internal network in January 2017. When asked, Verifone said the breach didn’t affect its payment services network and was only within the corporate network. The company claims they responded to the breach immediately and “the potential for misuse of information is limited.” Sources say there’s evidence that a Russian hacking group is responsible for the breach, and that the intruders may have been inside Verifone’s network since mid-2016, but nothing has been confirmed.
Dun & Bradstreet, a huge business services company, had its marketing database with over 33 million corporate contacts shared across the web in March 2017. The firm claims its systems were not breached, but that it has sold the 52GB database to thousands of companies across the country; it’s unclear which of those businesses suffered the breach that exposed the records. Millions of employees from organizations like the DoD, UPS, AT&T, Wal-Mart, and CVS Health had information leaked, and the database may have included full names, work email addresses, phone numbers, and other business-related data.
Dun & Bradstreet
Mar 15, 2017
BuzzFeed broke the news that customer information was available in plain text via a specific link on the Saks Fifth Avenue website. The information for tens of thousands of customers was visible on a page where customers could join a waitlist for products they were interested in. While payment details were not exposed, it was possible to see email addresses, phone numbers, product codes, and IP addresses. When BuzzFeed contacted Hudson Bay Company, the Canada-based organization that owns Saks Fifth Avenue, the pages containing customer information were taken down. At this time, it’s not clear how this happened, how customers may have been affected, and who was responsible.
Saks Fifth Avenue
Mar 19, 2017
1,300 letters were sent to prenatal patients who had received care in the University of North Carolina Health Care System about a potential data breach they may have been affected by. Women’s Hospital and UNC Maternal-Fetal Medicine at Rex may have mistakenly had their personal information transmitted to local county health departments. Breached information included full names, addresses, races, ethnicities, Social Security numbers, and a variety of health-related information. The county health departments are subject to federal and state privacy laws and must protect all information they received; it was also requested that they electronically purge electronic information about non-Medicaid patients.
UNC Health Care 
Mar 20, 2017
America’s JobLink, a web-based system that connects job seekers and employers, revealed its systems were breached by a hacker who exploited a misconfiguration in the application code. This person was able to gain access to the personal information of 4.8 million job seekers, including full names, birth dates, and Social Security numbers. The code misconfiguration was discovered and eliminated on March 14, 2017, so anyone who had an account with America’s JobLink before March 14, 2017 may have been affected and had their personal information compromised.
America’s JobLink 
Mar 21, 2017
The IRS revealed that up to 100,000 taxpayers may have had their personal information stolen in a scheme involving the IRS Data Retrieval Tool, which is used to complete the Free Application for Federal Student Aid (FAFSA). In March 2017, federal officials observed a potential data breach and took the tool down. The IRS said it shut down the Data Retrieval Tool because identity thieves that had obtained some personal information outside of the tax system were possibly using the tool to steal additional data. Currently, the agency suspects that less than 8,000 fraudulent returns were filed, processed, and returns issued, costing $30 million. 52,000 returns were stopped by IRS filters and 14,000 illegal refund claims were halted as well.
FAFSA: IRS Data Retrieval Tool 
Apr 6, 2017
Chipotle posted a “Notice of Data Security Incident” on its website to let customers know about unauthorized activity it detected on the network that supports in-restaurant payment processes. It believes payment card transactions that occurred from March 24, 2017 through April 18, 2017 may have been affected. The investigation is still ongoing and at the time the notice was published, the company did not have any additional information; it just said that it believes it has stopped the unauthorized activity and it’s too early to give more details.
Apr 25, 2017
Sabre Hospitality Solutions, a tech company that provides reservation system services for more than 36,000 properties, revealed a breach that allowed hotel customer payment information to be compromised. The company shared the information in its quarterly filing report and did not say when the breach happened or which locations may have been affected. The unauthorized access has been shut off and the company does not believe any other Sabre systems have been compromised.
Sabre Hospitality Solutions 
May 2, 2017
Gmail users were targeted in a sophisticated phishing scam that was seeking to gain access to accounts through a third-party app. The emails were made to look like they were from a user’s trusted contact and notified the individual that they wanted to share a Google Doc with them. Once clicked, the link led to Google’s real security page where the person was prompted to allow a fake Google Docs app to manage his or her email account. Google put a stop to the scam in about one hour and the company says they estimate about 1 million users may have been affected.
May 3, 2017
If you shopped at a Brooks Brothers retail store or outlet in the last year and used a credit or debit card, you may have had your card data stolen. Brooks Brothers revealed a breach that affected some of their stores between April 4, 2016, and March 1, 2017; the retailer has not revealed which exact locations were targeted yet. A forensic investigation showed an unauthorized individual installed malicious software on some payment processing systems that was capable of collecting payment card information. Brooks Brothers said the issue has been resolved but did not provide any other details upon announcing the breach.
Brooks Brothers 
May 12, 2017
Customers and users of the electronic signature provider DoguSign were targeted recently by malware phishing attacks. DocuSign says that hackers breached one of its systems, but they only obtained email addresses and no other personal information. The hackers used the email addresses to conduct a malicious email campaign in which DocuSign-branded messages were sent that prompted recipients to click and download a Microsoft Word document that contained malware. If you received a suspicious DocuSign email, forward it to [email protected]; moving forward, only access documents directly through the DocuSign website and not by clicking email links.
May 17, 2017
May 31, 2017
Sears Holdings, the parent company of Kmart, revealed that Kmart’s store payment systems were infected with malware; and Sears shoppers were not impacted by this breach. The malicious code has been removed, but the company has not shared how long the payment system was under attack and how many stores were affected. No personal identifying information was compromised, but certain credit card numbers may have been. Kmart suffered a very similar data breach back in 2014, that we also told you about at the time.
May 31, 2017
The University of Oklahoma’s (OU) student-run newspaper, The Oklahoma Daily, was the first to discover an on-campus data breach connected to the university’s document sharing system, Delve. Educational records, dating back to at least 2002, were unintentionally exposed through incorrect privacy settings. The Oklahoma Daily reported that in just 30 of the hundreds of documents made publicly discoverable on Microsoft Office Delve, there were more than 29,000 instances in which students’ private information was made public to users within OU’s email system. Sensitive information included Social Security numbers, financial aid information, and grades. The file sharing service has been shut down until further notice.
University of Oklahoma 
Jun 14, 2017
Last year, the Republican National Committee hired Deep Root Analytics, a data analytics firm, to gather political information about U.S. voters. Chris Vickery, a cyber risk analyst, discovered that the sensitive information Deep Root Analytics obtained–personal data for roughly 198 million American citizens–was stored on an Amazon cloud server without password protection for almost two weeks this month. Exposed information includes names, dates of birth, home addresses, phone numbers, and voter registration details. Deep Root has taken full responsibility, updated the access settings, and put protocols in place to prevent further access.
Deep Root Analytics 
Jun 20, 2017
Jun 27, 2017
Jul 10, 2017
A reported 14 million Verizon subscribers may have been affected by a data breach, and you might be one of them if you have contacted Verizon customer service in the past six months. These records were held on a server that was controlled by Israel based Nice Systems. A consultant at UpGuard informed Verizon of the data exposure in late-June, and it took more than a week to secure the breached data. The actual data that was obtained were log files that became generated when customers of Verizon contacted the company via phone.
Jul 13, 2017
Equifax, one of the three largest credit agencies in the U.S., suffered a breach that may affect 143 million consumers. Due to the sensitivity of data stolen—including Social Security numbers and driver’s license numbers—this is being called one of the worst breaches ever. Hackers were able to gain access to the company’s system from mid-May to July by exploiting a weak point in website software; the breach was discovered by Equifax on July 29th, 2017 and at that time, they sought assistance from an outside forensics firm.
Sep 7, 2017
People across all states have been impacted by the breaches described above. 

This map only highlights the states the breached companies were located in.
Follow us and stay updated on the latest cybersecurity trends.
Source: Identity Force
Created by: