Top-10 Data Breach Discoveries by MacKeeper Security Research Center in 2016

Share Article

2016 has been one of the most active years in cyber security history with massive email hacks, data leaks and cyber election meddling. MacKeeper takes a look back at the previous year and shares top 10 discoveries.

News Image
2016 has been one of the most active years in cyber security history with massive email hacks, data leaks and cyber election meddling

It has been a productive first year and MacKeeper Security Research Center helped secure the private data of literally hundreds of millions of people from around the world. Nearly all of the databases discovered by the MacKeeper Security Research Center contained some type of sensitive information that affected the privacy and data security of those individuals.

The year in review gives a chance to highlight significant discoveries like in 2015 when MacKeeper Researcher Chris Vickery discovered the voter database of the entire United States! The misconfigured database contained personal information of 154 million Americans including addresses, estimated income, ethnicity, phone numbers, political affiliation, and voting history.

MacKeeper’s Top 10 Discoveries of 2016:

10. Marijuana Chat Messages leaked: 10 Million Messages
In 2016 several more states legalized Marijuana for both recreational and medical use, but in many states weed is still a major crime that can land users in jail serving long sentences. MacKeeper discovered a Marijuana-enthusiast site and forum database that stored and contained over 10 million chat messages coming from over 44,000 users. Many of these could be self-incriminating if law enforcement were to investigate the database or users.
http://www.ibtimes.co.uk/treesnetwork-marijuana-website-leaks-more-10-million-messages-toke-loving-users-1560482

9.Dating Site Database “Cheating Spouses": 1.5 Million Users
The exposed database contained more than 1.5 million users’ data, including usernames and passwords in plain text among the others (height, weight, DOB, gender, gay body type, race, IP, country etc). Proof of a cheating spouse is highly sensitive and private data and could cause devastating effects on those whose information was leaked or publically available online.
http://www.nzherald.co.nz/business/news/article.cfm?c_id=3&objectid=11724448

8. PC Support Service Exposed Data -
Perhaps, one of the most ‘underrated” leaks in 2016. The database contained and estimated 180 thousand log records and Personally Identifiable Information for 5500 customers unsecured, unencrypted and leaked online. Most of the records (not all, thankfully, but many) included IP / billing addresses / names / credit card information, with CVV, credit card number, expiration month/year etc. - in PLAIN text - for US and international customers.
http://www.ibtimes.co.uk/luxury-hotel-chain-allegedly-left-thousands-customer-credit-card-details-exposed-1578926

7. Critical Infrastructure Data Breach- Pacific Gas and Electric
The publicly exposed database appeared to be PG&E’s asset management system. Among other things, it contained details for over 47,000 PG&E computers, virtual machines, servers, and other devices. All of it completely unprotected. No username or password required for viewing.
http://news.softpedia.com/news/pacific-gas-and-electric-claims-recent-data-breach-only-exposed-fake-data-504680.shtml

6. Ameriprise Data Breach - Social Security Numbers and More!
Ameriprise Financial has a fresh data breach mystery on their hands. Around December 5th, we discovered Social Security numbers, bank authorization details, confidential internal company documentation, decryption keys, and certificates all alongside approximately 350 client directories (representing millions of invested dollars).
http://www.forbes.com/sites/leemathews/2016/12/17/poor-backup-security-leads-to-ameriprise-client-data-leak/

5. BeautifulPeople.com Databreach - 1.2 Million Users
MacKeeper Security Researcher Chris Vickery discovered the unsecured database in late 2015 and contacted BeautifulPeople.com to secure the user data. The bad part of this story is that the data was downloaded by cyber criminals sometime between this gap of when the database was unsecured, when it was discovered by Vickery, and when beautifulpeople were notified to secure the database. Now in 2016 criminals are selling the data of 1.2 million users online.
http://www.forbes.com/sites/thomasbrewster/2016/04/25/beautiful-people-hack-sexual-preference-location-addresses

4. Amazon eBook Sales Scam
Thanks to our discovery and an in depth investigation carried out by Zack Whittaker from ZDnet we helped uncover one of the biggest Amazon scam sales schemes of 2016. For years, thousands were tricked into buying low-quality eBooks. That database discovered by the MacKeeper Security Research Center, identified clues in the scam, but they also left the door open for anyone to peek in at their files and fake accounts -- if they knew where to look. MacKeeper security researchers did just that, sparking the investigation, which led to Shershnyov's eBook scam unravelling.
http://www.zdnet.com/article/exclusive-inside-a-million-dollar-amazon-kindle-catfishing-scam

3: Mexican voter data leak: 93.4 Million People
This database contained confidential government data that was moved out of Mexico and stored on a server located in The United States (against Mexican Federal Law). The data contained 93.4 million downloaded voter registration records. This posed a significant risk in a country where many fear kidnapping, extortion, or criminal drug gangs. This data listed home addresses and much more.
http://www.bbc.com/news/technology-36128745

2: Trump Website Lea - Intern Resumes Leaked
If you want to be Commander in Chief and in charge of some of the most sensitive information on planet Earth, you can’t have a leaky website. Until just a few days ago, Donald Trump’s official website (http://www.DonaldJTrump.com) suffered from a serious misconfiguration that, among other things, was exposing campaign intern résumés to the public internet. Embarrassing and hopefully not a sign of things to come from his cyber security team.
http://motherboard.vice.com/read/donald-trump-website-leaked-interns-personal-data

1. World-Check Database Breach: 2.2 Million People
The MacKeeper Security Research Center discovered a copy of the “World-Check” database with over 2.2 million names of "heightened-risk individuals allegedly involved in financial crime and terrorism. This secret list can influence everything from loans to Visas, travel, and more. The cost of the list was apparently being sold for as high as $3,000 per person.
http://fortune.com/2016/06/29/thomson-reuters-database-leak/

MacKeeper has a fully functioning security center to keep implementing responsible privacy practices, avoid future breaches and help other companies to secure their data.

Check the full story online at MacKeeper blog.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Communications Team
MacKeeper
+1 415-683-7165
Email >
@MissDira
Follow >
MacKeeper
Like >
Follow us on
Visit website