Recently, news broke out that Zoom has to settle a lawsuit after failing to protect its users' personal information during the pandemic. However, Zoom is not the only company to have put its users at risk with online breaches, and a new study reveals the largest cases over the years.
Millions of Zoom users could now be eligible for a payment from the chat app and videoconferencing leader as the tech giant agreed to pay up to $85 million (£61 million) in settlement of a class-action lawsuit, as reported by Reuters The class action was filed Saturday, July 31, and is awaiting approval from a US district judge in San Jose, California.
The plaintiffs' lawyers argue that Zoom shared its user's personal information with other social media channels, Facebook, LinkedIn, and Google, without permission. Furthermore, Zoom supposedly allowed hackers to break into virtual meetings in an activity called "Zoombombing," which became popular during the pandemic.
Once approved, eligible users could get back 15 percent of their Zoom subscription costs or $25, whichever is larger. However, a study from Money, the UK-based priced comparison platform, reveals that Zoom is not the only company to have suffered from online breaches. In its report "Which Brands Have Suffered the Worst Online Data Breaches in the Last 20 Years?" Money gives a broader look at its impact, cost, and which companies are behind it.
Zoom Is Not Alone, Nor Is It The Worst
A blog from Facebook explains that the vulnerability leading to this attack was introduced as early as July 2017. However, social media did not know about it until September 2018. Attackers exploited a vulnerability in its "View As" feature, allowing users to see what their profile looks like to other users. Through this, perpetrators of the attack stole Facebook access tokens, which meant that they could hijack affected accounts.
Facebook has since enlisted help from relevant authorities, updated its codes to address the vulnerability, and reset all access tokens suspected of being targeted by the attack. This two-day effort resulted in people logging in again, even in their devices, in late 2018.
In terms of frequency, eCommerce giant Amazon has suffered the most data breaches throughout the study, with six confirmed major data breaches, according to the Money.co.uk report.
The Worst and The Most Frequent Targets
For the Worst Data Breaches online in the last 20 years based on people affected, the Top 5 cases are the following:
- Facebook: Its 2018 hack resulted in over 2.2 billion people being affected.
- Yahoo!: A 2013 hack on the platform resulted in the personal information of 1 billion people being put at risk.
- Facebook: Its most recent attack, reported this April 2021, caused the personal data such as names, locations, and contact information of about 533 million people to be leaked on a hacking forum.
- Yahoo!: Its security team discovered in December 2014 that Russian hackers obtained personal information for at least 500 million Yahoo! Accounts.
- Estee Lauder: At the end of January 2020, a database containing records for more than 440 million users was found exposed online. Estee Lauder issued a statement saying that the exposed database contained non-consumer information and that there was no evidence of unauthorized use of the data contained in the leaked data.
Meanwhile, the Top 5 companies with the Most Data Breaches in the past two decades are the following:
- Amazon, with six recorded major breaches whose total extent and the number of people affected remain unknown.
- Facebook, with four major breaches affecting almost 2.8 billion people worldwide.
- Yahoo, with three major reported breaches affecting more than 1.5 billion people worldwide.
- Despite suffering only one major breach in two decades, Estee Lauder reportedly affected more than 440 million users.
- Twitter, the microblogging giant, had two data breaches, resulting in sensitive information for more than 330 million users being put at risk.
Published on Tech Times.