Running a business in 2023 can be difficult. There are many reasons why businesses might come into some difficulties, such as financial reasons, dips in the economy, and marketing pitfalls. However, one of the worst and most devastating reasons why businesses might take a hit is down to cyber attacks. Cyber attacks can cost thousands if not millions, whether that be through stolen money to getting information back. Hackers can cause exponential financial and reputational damage to a company.
But which have been the most famous and most harmful cyber attacks? Here are some of the most devastating and talked about business cyber attacks in recent history.
WannaCry Ransomware Attack – Microsoft – 2017
This attack was one of the biggest ransomware attacks ever conducted. Ransomware is when a virus software holds important information for ransom, and until the money is inputted, the software will remain inaccessible. The WannaCry software attacked over 200,000 computers in over 150 countries.
This ransomware exploited a vulnerability in Microsoft Windows which was not previously known of. It spread incredibly quickly, and it could have completely devastated millions of computers had a cyber security expert not discovered a killswitch which stopped the attack in its tracks. This is one of the most memorable cyber attacks in history.
Data Breach – Equifax – 2017
Equifax, the credit report company, was a victim of a massive breach in 2017. A large quantity of the customer’s private and supposedly private information was hacked into. Over 149 million Americans were victims of this cyber attack, alongside over 15 million British citizens. The hackers gained access to millions of people’s sensitive information, such as their social security numbers. This puts those people at a high risk of identity theft and other scams, which is why it was so devastating to Equifax as a company.
It was found that Equifax had not patched a vulnerability in their system which allowed the hackers to exploit their customer’s sensitive information. This harmed the reputation of the company massively and led to huge losses.
NotPetya – Multiple Businesses – 2017
This virus was discovered in June 2017 and spread very quickly all over the world. NotPetya caused billions in damages. This virus completely encrypted the user’s files and prevented them from accessing them. Many businesses were forced to completely shut down because of this virus, as it completely deleted all of their important files. What made NotPetya particularly dangerous was the fact that it masqueraded to be ransomware- however, it completely deleted all of the important files, and didn’t hold them for ransom. It hit businesses of all sizes, but it was particularly damaging for Ukrainian businesses, as it spread very quickly through a piece of business software popular there. One of the things that are most interesting about NotPetya is that its origins are unknown- some people think it could simply have been a prank gone wrong. However, it is remembered as one of the worst cyber attacks in history.
Massive Data Breach – Marriott Hotels – 2014
Marriott Hotels announced that it had fallen victim to a huge data breach in 2018. It was fined a whopping £18.4 million for its cyber security negligence. The Information Commissioner’s Office revealed that Marriott had kept everyone’s passport numbers and credit card details on the same server as the encryption key, which meant that they could easily be hacked into. It is estimated that this data breach could have affected over 330 million Marriott Hotel guests. What makes this data breach even more shocking is the fact that it went unnoticed for 4 whole years – the attack began in 2014 and had not been rectified until 2018. This was a devastating cyber attack on a huge scale- and definitely deserves its place on this list as one of the worst business cyber attacks in history.
Data Theft- Sony Playstation – 2011
In 2011, Sony announced that 77 million of its Playstation users had their personal information stolen. The information that had been stored as part of their accounts on the PlayStation Network (PSN) was compromised by an unauthorised person. Names, addresses, credit card information, and security questions were compromised by the unknown attacker. PlayStation gamers were locked out of the system to prevent any more data breaches while Sony investigated the matter. Sony estimated that the breach cost them a whopping $171 million. They were also fined £250,000 in the UK for breaching the Data Protection Act. It was revealed that Sony failed to properly encrypt the data, which lead to lawsuits from the US and other countries. In total, this ended up costing Sony over $1 billion.
Data Theft – Yahoo – 2014
2 years after the attack happened, Yahoo announced that they were victims of a massive cybercrime. They estimated that over 500 million accounts had been stolen in 2014. Passwords, email addresses, telephone numbers and names were stolen from Yahoo databases. The attack ended up being the work of Russian agents spying on the United States. Although the hackers were caught, it ended up being devastating for Yahoo. It lost 1.3 billion dollars in market capitalisation, and it ended up paying over $200 million in fines and legal expenses. They didn’t tell anyone about the suspected data breach for over two years as they didn’t want to lose customers- this however lead to them losing even more. It is definitely one of the most devastating cyber crimes throughout internet history.
Data Breach – Uber – 2016
Just last year, Uber admitted to covering up a huge data breach that happened way back in 2016. The company failed to notify regulators or any business cyber security teams, or even the public. Hackers had used stolen information to gain access to Uber’s information about both its users and drivers. Uber confessed to paying the hackers over 100 million dollars to delete the information and not tell anyone about the cyber attack. Because of the deceit, lead to lots of Uber’s leaders stepping down, and even in some cases, having to go on trial. It is by far one of the most damaging and concerning cyber attacks in business history.