Cloud security firm Bitglass released a report detailing the biggest security breaches of the past three years and the fallout that affected companies experienced. The report notes that the largest breaches “were caused by external cyber attacks that leveraged phishing, malware, technical vulnerabilities, and more.”

See: How to protect against 10 common browser threats (free PDF) (TechRepublic)

Employee negligence and internal threats were cited as a leading cause for breaches in general, but large breaches that affect the biggest companies (and their massive customer bases) are coming from external sources, indicating that large enterprises may need to focus their efforts on fighting off predators rather than worrying about disgruntled or untrained employees.

The five biggest breaches

Marriott

In 2018, Marriott found a security breach in its Starwood Hotel branch that exposed 387 million guest records, including names, birth dates, gender, addresses, and passport numbers. Marriott said it wasn’t sure how the breach occurred, and that it could have begun as far back as 2014.

Facebook

Facebook’s massive security breach has been well documented. The root of the September 2018 breach was bad code, the report said. Two bugs found in a privacy tool, and one in Facebook’s video upload software, led to the theft of user names, gender, email addresses, location check ins, and relationship statuses.

Chegg

Education technology company Chegg had a database exposed in 2018 that allowed attackers to steal millions of customer’s records that contained names, email addresses, shipping addresses, usernames, and passwords. The breach was reportedly caused by the cracking of Chegg’s database encryption algorithm.

Equifax

Easily one of the most devastating breaches in the past several years, Equifax’s breach resulted in the theft of customer social security numbers, credit card numbers, names, birth dates, and addresses. Even worse, it took two months for Equifax to catch the breach, which was caused by a flaw in open-source software the company was using.

Dun and Bradstreet

Data analytics firm Dun and Bradstreet suffered a massive breach in 2017 that exposed customer names, personal and business email addresses, home addresses, job titles and functions, and other data. What’s worse is that the flaw came from a database Dun and Bradstreet inherited when it acquired another company, serving as a warning to companies adding data from outside sources, even if they’re presumably trustworth.

The cost of a massive breach

Breaches of this scale have massive effects on customer data, and on victim company’s bottom line, the report said:

  • The mean number of customers affected by each breach was 257 million.
  • The average cost to companies (in legal fees, penalties, remediation costs, etc.) has been $347 million.
  • The average stock price loss for affected companies has been 7.5%, which equates to a market cap loss of %5.4 billion.
  • The average breach victim needed 46 days to recover to their pre-breach market value.

Those numbers don’t account for the loss of customer faith in the businesses they patronize, the identity theft and fraud potentially suffered by customers who have their data stolen, or other kinds of fallout.

There are several other companies listed in the report, and each of their breaches is a learning tool for enterprise security professionals. Whether internal or external, security breaches are a constant threat to businesses large and small. It may cost extra money to improve security, but it’s an essential detail to consider in the modern world.

For tips on how to stay protected, check out this TechRepublic article on the four ways your company can avoid a data breach.

Subscribe to the Cybersecurity Insider Newsletter

Strengthen your organization's IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday

Subscribe to the Cybersecurity Insider Newsletter

Strengthen your organization's IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday