adv

The 16 biggest data breaches of the 21st century

13. Stuxnet

Date: Sometime in 2010, but origins date to 2005

Impact: Meant to attack Iran's nuclear power program, but will also serve as a template for real-world intrusion and service disruption of power grids, water supplies or public transportation systems.

Details: The immediate effects of the malicious Stuxnet worm were minimal – at least in the United States – but numerous experts rank it among the top large-scale breaches because it was a cyberattack that yielded physical results.

Its malware, designed to target only Siemens SCADA systems, damaged Iran’s nuclear program by destroying an estimated 984 uranium enrichment centrifuges. The attack has been attributed to a joint effort by the US and Israel, although never officially acknowledged as such.

Read more about the Stuxnet attack...

14. VeriSign

Date: Throughout 2010

Impact: Undisclosed information stolen

Details: Security experts are unanimous in saying that the most troubling thing about the VeriSign breach, or breaches, in which hackers gained access to privileged systems and information, is the way the company handled it – poorly. VeriSign never announced the attacks. The incidents did not become public until 2011, and then only through a new SEC-mandated filing.

As PCWorld put it, “VeriSign buried the information in a quarterly Securities and Exchange Commission (SEC) filing as if it was just another mundane tidbit.”

VeriSign said no critical systems such as the DNS servers or the certificate servers were compromised, but did say that, "access was gained to information on a small portion of our computers and servers." It has yet to report what the information stolen was and what impact it could have on the company or its customers.

Read more about the VeriSign data breach...



Comments