Many companies have felt the effects of data theft over the last several years. It's 2014 and it doesn't look like the going is getting any easier. The technology sector seems most at risk with every week bringing the world another reported data breach. Here we look at the largest breaches in the last year. A Look Back at Recent Data BreachesRecent security breaches prove that regardless of the technology you have in place, if you are targeted by cyber-attackers — whether through social engineering, a phishing attack or an employee opening a malicious file on the company network — they will penetrate your defenses and steal whatever data they choose. Smart organizations are evolving their approach from a perimeter defense to a more a multi-layered, risk-based security approach, but in the meantime it seems as if most organizations are vulnerable.California DMV Investigates a Suspected Data BreachAs early as last week, the California Division of Motor Vehicles reported a potential credit card data breach. Former Washington Post journalist Brian Krebs, in his column, “Krebs on Security,” reports that these breaches were relative to online transactions that occurred on their website between August 2013 and January 2014 and could possibly affect the more than 11.9 million credit card transactions. There is also fear that that additional data such as driver’s licenses, Social Security numbers, email and physical addresses could have been stolen as well.Although officially no breach has been detected there, the DMV is performing a full forensic investigation and has reported a possible breach to banks and other related financial institutes.University of Maryland HackedLast month, the University of Maryland reported a data breach that affected anyone who has had a campus ID since 1998. That’s 16 years of records that included Social Security numbers, date of birth and the University ID number putting nearly 300,000 staffers, students and employees at risk.Four weeks later, University of Maryland CIO, Ann Wylie reported yet another cyber-intrusion, which brought in the FBI and Secret Service to work with the university’s IT security staff. This attack netted the personal data of only a single senior university official, according to Wylie.Sally Beauty Reports Attempted Data BreachIn late February 2014, Sally’s Beauty Holdings noticed unusual network activity. Using an intrusion detection technology from Tripwire, which sends alerts when key system files are modified, Sally’s IT security were notified and shut down all external communication and began the investigation. Shortly thereafter they contacted Verizon’s cybersecurity and forensics teams.Sally Beauty originally reported that no credit card or personal data had been stolen, but experts weren’t so sure. Then earlier this month, Sally Beauty announced that there had, in fact, been data loss of roughly 25,000 records. These stolen records contained credit card data, according to reports.Target’s POS Devices TargetedLate last year, retail giant Target reported a data breach that included personal data, credit card data and encrypted PIN numbers from debit cards from more than 70 million consumers. In one of the largest data breaches in history, attackers installed malicious software on point of sale (POS) devices in Target’s checkout lines.In an effort to help soothe its customer base, Target has have assured users that they will not be held liable for any charges resulting from this data breach and are offering free credit monitoring and identity theft protection.Neiman Marcus Data BreachOn the heels of Target’s breach came Neiman Marcus’s announcement that more than 1.1 million credit and debit card numbers may have been compromised from mid-July to late October 2013. It was reported that cybercriminals infiltrated and infected terminals at Neiman Marcus stores using the same methods as the Target data breach. Neiman Marcus doesn’t use PIN pads, so it appears as though no PIN data was stolen, but rather only track data from the credit card’s magnetic strips.Neiman Marcus is trying to repair its image by offering a year of free credit monitoring and identity-theft protection to anyone compromised in this data breach.Apple Developer Portal Hacked Last July, Apple’s developer site, where users can find tools and resources for programming Apple products, fell victim to cybercriminals and was taken offline for three days. Apple is reporting that it is possible that paid users accounts may have been compromised in the attack. Here is a quote from the email delivered to Apple community developers:“An intruder attempted to secure personal information of our registered developers from our developer website. Sensitive personal information was encrypted and cannot be accessed, however, we have not been able to rule out the possibility that some developers’ names, mailing addresses, and/or email addresses may have been accessed.”Adobe Breach Impacts MillionsLast October, Adobe announced that nearly three million customer credit card records and login data for an undetermined number of Adobe user accounts were impacted by an attack. According to some media outlets, 38 million users were affected by the cyberattack. Credit card data appears to have been encrypted, making it more difficult for criminals to exploit. Along with user data, Adobe reported that source code for Photoshop was also part of the data heist.Adobe has offered one free year of credit monitoring to those users who encrypted credit card data was stolen.Vodafone Germany Insider Steals Customer DataLast September, Bloomberg reported that Vodafone suffered a data breach that could affect two million customers. The company later revealed that the attacker was an insider with intimate knowledge of their IT infrastructure. Deep inside its systems, the insider was able to grab what Vodafone refers to as a “Master Data” with details on more than two million users.Cyberattackers got away with customer names, customer addresses, date of birth and partial bank account data. No credit card data, mobile passwords or PINs were reportedly taken in the breach. Vodafone identified the unspecified individual and, according to reports, Vodafone has filed charges.The NSA/Snowden DebacleLast June, the U.S. suffered what is regarded as one of worst leaks of classified material in its history. Booz Allen Hamilton IT contractor and infrastructure analyst Edward Snowden had access to and leaked classified materials to media outlets. Since then he has released details of unwarranted NSA hacking of friends and foe alike, the fallout damaging U.S. relations abroad and putting a spotlight on current security issues facing the U.S.Some hail Snowden as a whistleblower while others consider him treasonous. Since June he has been on the run and reportedly living in Russia.Evernote Users Indirectly HackedWhile Evernote was not directly hacked, its customers were impacted as a part of the Adobe data breach. Vigilant workers at Evernote analyzed leaked data from the Adobe breach (it was reported that Facebook did as well) and came to the conclusion that many of its customers had mirrored the username and login of their Adobe accounts. Its users were required only to reset their passwords, but that’s 50 million people who had to reset their password.Ubuntu Forum Users Data ExposedUbuntu Forums, a volunteer, developer-centric website that focuses on the Ubuntu Linux distribution, reported a massive data breach in July 2013. Hackers were able to obtain encrypted passwords, email addresses and usernames of the site’s community that consists of approximately 1.8 million users. Hackers also defaced the homepage of the site with an image of a machine gun carrying penguin and the Twitter handle @sputn1k_.Data Stolen on 50 million LivingSocial.com UsersLast April, daily deal website Living Social was the target of a massive data breach that affected 50 million people. Personal information that attackers stole included names, emails, date of birth and encrypted passwords. All of the Washington D.C.-based companies registered users were asked to reset their passwords.Data Breaches WebsiteJudging the severity or visualizing the scope of data breaches can be difficult, but thanks to the team at Information is Beautiful you can get a glimpse of how many organizations were attacked, the method of attack, how sensitive the data was and how many people were affected by looking at its chronological bubble chart. Related content brandpost Sponsored by Huawei Beyond gigabit: the need for 10 Gbps in business networks Interview with Liu Jianning, Vice President of Huawei's Data Communication Marketing & Solutions Sales Dept By CIO Online Staff Dec 04, 2023 9 mins Cloud Architecture Networking brandpost Sponsored by HPE Aruba Networking Bringing the data processing unit (DPU) revolution to your data center By Mark Berly, CTO Data Center Networking, HPE Aruba Networking Dec 04, 2023 4 mins Data Center brandpost Sponsored by SAP What goes well with Viña Concha y Toro wines? Meat, fish, poultry, and SAP Viña Concha y Toro, a wine producer that distributes to more than 140 countries worldwide, paired its operation with the SAP Business Technology Platform to enhance its operation and product. By Tom Caldecott, SAP Contributor Dec 04, 2023 4 mins Digital Transformation brandpost Sponsored by Azul How to maximize ROI by choosing the right Java partner for your organization Choosing the right Java provider is a critical decision that can have a significant impact on your organization’s success. By asking the right questions and considering the total cost of ownership, you can ensure that you choose the best Java p By Scott Sellers Dec 04, 2023 5 mins Application Management Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe