15 of the Biggest Cyberattacks Launched on U.S. Sites This Year

Do you know how vulnerable you are to a cyberattack? Turns out many cyberattacks have already happened in 2015, but not much of a deal was made about them.

One of the biggest cyberattacks in recent history was the State Department breach – what officials called the “worst ever cyberattack against a federal agency.” It was revealed on April 7 that Russian hackers were behind the State Dept.’s email systems breach that originally started in November 2014.

At the time, the State Dept. shut down its email system and assured employees that the “activity of concern” by cyber-attackers only affected unclassified emails. Counter-hackers still have not managed to eradicate the invasion 100%.

This incident is particularly alarming because, according to government officials who spoke at the press conference, sensitive information is sometimes exchanged in non-classified emails.

That’s a threat to national security. And that’s a huge problem.

cyber secutiry attacksFor a cyberattack of this magnitude to make national news is no big surprise. And the State Dept.’s hack is speculatively linked to the Hillary Clinton scandal. It raises the question: Could foreign spies have used the information they found on Clinton’s private server as a launching pad to attack other government sites?

According to The Washington Times, Hewlett-Packard CEO Carly Fiorina is not surprised Hilary was hacked. She then chastised the weak security measures implemented by the former secretary of state: “They’re worried about it getting hacked,” said Fiorina. “And when we have Sony, JPMorgan Chase, Home Depot, Target, all of these companies being systemically hacked, they certainly can get into Mrs. Clinton’s private email server.”

Fiorina brings up a disconcerting issue here: hackers are powerful and the public is vulnerable. If it’s so easy to break into the government’s servers, then it must be even easier for hackers to invade ours. But hacks that affect consumers aren’t always granted a press conference to make them known.

And while some of these hacks breaches do make the news, most of them don’t. We did some research and found several major companies that suffered cybersecurity breaches in 2015 alone.

Here Are 15 of the Biggest Cyberattacks Launched on U.S. Sites This Year

  • Jan. 1, 2015: A group of hackers calling themselves H4LT, publishes the Xbox One SDK (software development kit). Access to this information allows experts at home to develop their own “homebrew” Xbox apps to run on their own gaming console. It is not a huge threat to anyone outside of the gaming community.
  • Jan. 3, 2015: On the 2nd anniversary of Aaron Swartz’s death – an Internet “hacktivist” and talented computer developer who helped found Reddit, Infogami, and the organization Creative Commons – a hacker defaced 15 sites of Massachusetts Institute of Technology (MIT).
  • Jan 12, 2015: U.S. military command officials who oversee operations in the Middle East are hacked via Twitter Inc. (NYSE: TWTR) and YouTube. Several maps and diagrams of various places (none specifically mentioned) were leaked and subsequently posted, though the military maintains no sensitive material was compromised.
  • Jan 12, 2015: American Airlines Group Inc. (OTCMKTS: AAMRQ) admits it was hacked. Ten thousand accounts within the airline’s domain are breached. Passwords and usernames are stolen, subjecting the victims to illegitimate transactions of miles.
  • Jan. 17, 2015: Hackers break into Payivy.com – a virtual marketplace online – and dump 10,000 users and clear text passwords. A “dump” is a hacker term for the raw data typically found on credit/debit cards strips. Dump data can be obtained through a physical transaction, malware, or hacking into a retailer’s internal network. The average payment for one U.S. credit card data dump is $20 to $80.
  • Feb. 1, 2015: Several banks and financial institutions report information being taken after card owners stayed at Marriott International Inc. (Nasdaq: MAR) hotels across the country. Marriott properties are run by White Lodging Services Corp., who may have experienced an internal systems breach.
  • Feb. 5, 2015: Tens of millions of Anthem Inc. (NYSE: ANTM) customers have their information stolen in a massive data breach that is considered to be among the largest in corporate history. The information taken includes names, birthdays, medical IDs, social security numbers, street addresses, and employment information, including income. Estimates allege that 80 million customer records were compromised.
  • Feb. 8, 2015: Chipotle Mexican Grill Inc.’s (NYSE: CMG) Twitter is hacked and is used to post racist, homophobic, anti-government tweets. The popular chain issues an immediate apology.
  • Feb. 10, 2015: A notoriously heinous net hacker known as CyberCaliphate hacks Newsweek’s Twitter and threatens the U.S. president.
  • March 1, 2015: Attackers try to access Toys R’ Us’ rewards program profiles. This prompts the company to email customers a notification requesting that they change their passwords.
  • March 10, 2015: Hackers breach internal system of San Francisco-area Bistro Burgers locations. It’s suspected that many “CVVs” were compromised. A CVV is the three-digit code on the back of credit cards. When a hacker wants to illegally purchase something online with someone’s credit card, he purchases a CVV – which comes with the other necessary information as well: expiration date, name, card number, etc. They are not as expensive as “dumps” because they’re less versatile in the purchasing world. In regards to Burger Bistro, it’s unknown how many credit cards were compromised because it was later determined the breach had been active for a couple months already.
  • March 14, 2015: The State Dept. is breached by Russian hackers and subsequently shuts down to remove malware.
  • March 15, 2015: The email account of one employee belonging to Sacred Heart Health System’s third-party healthcare billing vendor was hacked. That gave hackers the ability to reach billing information of more than 14,000 patients. This is often how hackers gain access to major networks – via the email address of one person or company indirectly related to the target network.
  • March 27, 2015: The Direct Marketing Association is breached by malware installed onto its site via its online bookstore.
  • March 28, 2015: After Indiana’s Gov. Mike Pence signed the controversial RFRA into law, the Official Website of Indiana is hacked and taken down.

PASSWORD 123456789: Cybersecurity firms are representative of a budding and necessary new industry. They create the firewalls, network safeguards, malware protection, and web security software that’s necessary for the online safety of us all. These companies are also winning the market. Here are the best types of cybersecurity companies to invest in now…