Another year, another slew of data breaches.
Here are a few of the worst data breaches that occurred in 2019:
The personal health information of nearly 15 million Canadians was stolen from LifeLabs — Canada’s largest healthcare lab testing firm — in a ransomware cyberattack that occurred Nov. 1.
News of the hack became public on Dec. 17. LifeLabs claimed they have paid the hackers off to get the data back and said in an open letter to customers that information, including “names, addresses, emails, logins, passwords, date of birth, health card numbers and lab test results,” was taken.
A majority of the affected Canadians were in Ontario and British Columbia — with the firm claiming the test results of 85,000 Ontarians from 2016 or earlier were compromised in the breach.
The company offered one year of identity theft and dark web monitoring insurance to compensate those affected by the breach.
It was originally believed the June. 20 data breach affected 2.9 million Desjardins members and 173,000 business members, however, the insurance co-operative revealed on Nov. 1 the actual number of people affected totalled 4.2 million across Ontario and Quebec.
The data breach was linked to a single suspect — a former employee.
In a statement following the breach, Desjardins claimed members’ personal information such as first and last name, date of birth, social insurance number, address, phone number, email address and banking details was compromised.
Some 419 million Facebook user’s phone numbers linked to their Facebook accounts were breached by hackers on an unencrypted database.
The leaked data involved 133 million U.S. users, 18 million in the U.K. and 50 million in Vietnam, Tech Crunch reports.
The social media giant has been riddled with privacy and data breach issues since the Cambridge Analytics U.S. election scandal that saw an estimated 80 million U.S. user’s profiles targetted maliciously in 2016.
The financial data of nearly 885 million Americans was exposed after a bug in the website of financial firm First American, Tech Crunch reported.
Krebs On Security released a report claiming personal information — including, bank account numbers, statements, mortgage and tax records, social security numbers and driving licence images — was exposed by changing a single digit in First American’s web address where it was storing the information.
The breach exposed data from as far back as 2003.
The servers of credit lender Capital One were hacked in March, exposing the personal information of more than 100 million Americans and six million Canadians, CNET reported.
The stolen data included names, addresses, dates of birth, credit scores, transaction data, Social Security numbers and linked bank account numbers — reportedly from 2005 to 2019.
Hackers gained access to “140,000 Social Security numbers of our credit card customers,” Captial One wrote in a press release.
Also stolen were 80,000 linked bank account numbers of “secured credit card customers.”