Close this search box.

The 7 Biggest Cyber Security Breaches of All Time

Table of Contents

[fusion_builder_container type=”flex” hundred_percent=”no” equal_height_columns=”no” menu_anchor=”” hide_on_mobile=”small-visibility,medium-visibility,large-visibility” class=”” id=”” background_color=”” background_image=”” background_position=”center center” background_repeat=”no-repeat” fade=”no” background_parallax=”none” parallax_speed=”0.3″ video_mp4=”” video_webm=”” video_ogv=”” video_url=”” video_aspect_ratio=”16:9″ video_loop=”yes” video_mute=”yes” overlay_color=”” video_preview_image=”” border_color=”” border_style=”solid” padding_top=”” padding_bottom=”” padding_left=”” padding_right=””][fusion_builder_row][fusion_builder_column type=”1_1″ layout=”1_1″ background_position=”left top” background_color=”” border_color=”” border_style=”solid” border_position=”all” spacing=”yes” background_image=”” background_repeat=”no-repeat” padding_top=”” padding_right=”” padding_bottom=”” padding_left=”” margin_top=”0px” margin_bottom=”0px” class=”” id=”” animation_type=”” animation_speed=”0.3″ animation_direction=”left” hide_on_mobile=”small-visibility,medium-visibility,large-visibility” center_content=”no” last=”true” min_height=”” hover_type=”none” link=”” border_sizes_top=”” border_sizes_bottom=”” border_sizes_left=”” border_sizes_right=”” first=”true”][fusion_text columns=”” column_min_width=”” column_spacing=”” rule_style=”default” rule_size=”” rule_color=”” content_alignment_medium=”” content_alignment_small=”” content_alignment=”” hide_on_mobile=”small-visibility,medium-visibility,large-visibility” sticky_display=”normal,sticky” class=”” id=”” margin_top=”” margin_right=”” margin_bottom=”” margin_left=”” font_size=”” fusion_font_family_text_font=”” fusion_font_variant_text_font=”” line_height=”” letter_spacing=”” text_transform=”none” text_color=”” animation_type=”” animation_direction=”left” animation_speed=”0.3″ animation_offset=””]

Cyber security is becoming a growing concern in the modern day as cyber criminals develop further their means of attack. Without extensive cyber security measures in place you leave yourself and your business increasingly vulnerable to a cyber attack.

From phishing to ransomware and much more, if you fail to prepare for attack then you might as well prepare to fail – as the saying goes.

However, some cyber breaches are bigger than others. With some of the biggest companies in the world falling victim to cyber attack, it proves that an attack can happen to anyone.

Here are the 7 biggest cyber breaches of all time:

7) Adobe (October 2013)

38 million usernames and passwords were stolen from active accounts (BBC). That number doesn’t include inactive accounts who may have also suffered from the breach as well. Trying to contact inactive users proved to be a struggle for Adobe.

Adobe users’ passwords were hashed and user names were stolen making it tricky for adobe customers to access the software that they require. With this theft taking place, there was also increased risk of Adobe customers being hacked on other websites if they had used the same login credentials.

The cyber attack on Adobe triggered the software company to send out password reset emails to all the affected accounts.

It was reported that nearly 3 million encrypted customer credit card details and login information for an undisclosed number of accounts.

As well as the stolen passwords, hackers also stole some of the source code for the picture editing software, Photoshop.

6) Uber (2016)

The hackers gained access to Uber’s GitHub account where they managed to steal 57 million users’ information including usernames and passwords (Guardian).

They also stole 600,000 driver license numbers off uber drivers. These credentials should have never been on GitHub in the first place. This was the first of Uber’s cyber security mistakes.

To make matters worse, Uber failed to announce that they had been hit by a cyber security breach until a year after the event.

And it doesn’t stop there!

Uber actually paid the attackers £79,000 to destroy the data that was stolen. There is no proof that the attackers did delete this data either.

When the attack was announced Uber was planning a sale for £54 billion which, in the end, sold for £38 billion. Uber stated that the attack didn’t impact the figure but, analysts have found it difficult to see how it wouldn’t have.

5) PlayStation Network (April 2011)

Hackers stole 77 million users’ information (Guardian) including data such as; usernames, email addresses, passwords, security questions, and payment history.

Viewed by many in the gaming community as the worst data breach of all time – the now defunct hacking group, ‘Anonymous’, claimed responsibility. They attacked Sony with a series of DDOS attacks which brought down the PlayStation Network for an entire month.

This was a personal attack on Sony after Anonymous was unhappy with the legal actions against George ‘Geohot’ Hotz. However, Anonymous stopped their attacks quickly as they realised the biggest effect the attack was having was on the end user.

After Sony realised the attack, they informed customers that some of their credit card numbers and expiration dates had been stolen.

Three years following the breach, Sony agreed a £12 million settlement. On top of the settlement, PlayStation experienced estimated losses of £135 million while the network was down for over a month.

4) Equifax (July 2017)

A high volume of personal information from 143 million consumers was stolen following the Equifax cyber security breach, including; social security numbers, dates of birth, and addresses. Credit card details were stolen from a further 209,000 consumers.

It took Equifax little over two months to realise that they have been hit by a cyber attack. After the cyber security breach became public, Equifax was unsure how their stolen data had been used.

There were financial implications to the US company, with Equifax handed a £500,000 fine by ICO (Information Commissioner’s Office), the UK data watchdog (Telegraph). This is because they failed to protect 15 million people in the UK whose personal details were also stolen in the cyber security breach.

The seriousness of this breach was that hackers could pose as the victim to take out credit cards, mortgages, and loans. In this event, being hacked could have meant an enormous cost to the individual, not to mention significant risk of identity fraud, without the victim even knowing.

3) eBay (May 2014)

The cyber attack affected around 233 million user accounts (Guardian) and took eBay an entire 3 months to recognise that the attack had occurred.

Hackers got into the company network using the credentials of three corporate employees. Following the attack, eBay was light on the details of how this came about. What it did demonstrate however was that even eBay, a huge business that oversees thousands of transactions a day, had insufficient cyber security practices in place.

eBay asked users to change their passwords immediately. However, any financial information such as credit card numbers were proven to be secure.

The impact on the company was a decline in user activity and significant damage to eBay’s reputation.

2) Marriott (2014 – 2018)

Based on how long the attack lasted (over a period of four years!), you could argue that the Marriott data breach was the most devastating. Upon discovering the hack, Marriott found that hackers had access to their network a whole 4 years before Marriott found out. This cyber breach was kept out of the public for a very long time and as the details developed, questions were raised over Marriott’s cyber security.

Cyber thieves had stolen 500 million user accounts (Forbes) where they acquired information such as;

  • Payment details,
  • Names,
  • Mailing addresses,
  • Phone numbers,
  • Email addresses; and
  • Passport numbers.

As you can see, the nature of the data breached from this attack was very serious. The data was stolen through their guest reservation database, which had been compromised by an unauthorised party.

The cyber attack was a breach of GDPR which was introduced in May 2018. Therefore, the financial impact could be enormous with the fine being up to 4% of Marriott global turnover. To Marriott, with an annual turnover of around £20 billion (Marriott Annual Report 2018) – a fine will be a large chunk of their profits.

It is unknown why it took the company so long to announce the attack. Under new GDPR rules, an attack should be announced within 72 hours of the attack being known.

1) Yahoo (2013 – 2014)

Yahoo arguably suffered the biggest data breach ever. The attack had an impact of 3 billion user accounts in total (CSO) – every single account in Yahoo’s system.

Passwords were stolen by cyber criminals through a hashing technique. Yahoo users were unable to access their accounts because there password didn’t not match the username. As well as passwords, hackers stole; names, email addresses and security questions and answers.

This cyber breach knocked a total of £275 million off the sale price of Yahoo and the internet company eventually sold for £3.52 billion dollars. Still a significant amount of money, but for context – only a few years before the breach, Yahoo had been valued at £78 billion.

Simply put, this breach all but wiped out Yahoo, paving the way for Google to dominate.These are examples of big business suffering significant damages as a result of insufficient cyber security.

However, the size of your business doesn’t matter. If you don’t take your cyber security seriously, you will get found out. But with the right systems in place you can help prevent a cyber security breach.To make sure that your business is secure from cyber attacks or you want advice on cyber security contact us at or on 01283753333.


Want to keep up with our blog?

Get our most valuable tips right inside your inbox, once per month!

Latest IT News & Insights
Microsoft Dynamics 365 Business Central Main Product Mockup Showcase ERP
Why Business Central enhances and streamlines solutions
See how Microsoft Dynamics 365 Business Central enhances business solutions and streamlines the processes...
Read More
Neuways artificial intelligence
Artificial Intelligence: The Good, The Bad & The Ugly
AI is the Marmite of the IT world. Love it or hate it, the reality is it filters into our everyday lives...
Read More
Choose Neuways for your IT Support, Cyber Security and Business Central needs.
Cyber Security Acronyms Part 1: Neuways
We are helping clients to understand cyber security. We're making it easy for you, as we are jargon busting...
Read More
Password Manager and Security with neuways
Password Managers just became an even more important tool for Employees
The Government has brought in a ban on employees and manufacturers using default passwords.
Read More
Dark Web monitoring
What is the Dark Web?
Dark Web Monitoring identifies whether any of your company data (including login credentials and confidential...
Read More
Password Manager and Security with neuways
Password Security
Business Password Manager Tool Protect your remote workforce with Password Manager Tool, the business...
Read More
WatchGuard WiFi Security
WatchGuard User Services Platform – Simple, Secure and Intelligent WiFi
Why do Neuways partner with WatchGuard? Find out below to see how we improve the cyber security of your...
Read More
Endpoint Security
Endpoint Security
Protect your business with the best in Endpoint Security – How Neuways can help you Protect Your...
Read More

Frequently Asked Questions

Managed IT support is a comprehensive solution where an expert IT provider, like Neuways, handles your technology infrastructure. This includes proactive monitoring, maintenance, cyber security, and support.

Contact us

Support: 01283 753300

Business Development: 01283 753333

Purchasing: 01283 753322

Admin and Accounts: 01283 753311


Yes we do. Your business needs Cyber Security due to the increasing number of cyber threats that are affecting businesses in all industries. If your business has data and technology systems implemented, you will need Managed Cyber Security.

Yes we can. We have our own dedicated Microsoft Dynamics 365 Business Central teams who work to ensure that we can implement the right systems and solutions into your website that are absolute right for you. 

Got a question?

Reach out
& Connect

Please enable JavaScript in your browser to complete this form.