3 Most Notorious Cyber Heists & Security Lessons to Learn

By   ISBuzz Team
Writer , Information Security Buzz | Dec 02, 2014 05:03 pm PST

Until identify theft personally devastates you or your business undergoes a major security breach, adopting security protection can seem financially unjustifiable. Consumers overlook the threat of cyber crimes. Organizations with a tight budget choose to opt out of essential security software to cut expenses. Yet, forgoing security monitoring and protection to save money can result in exponentially damaging financial consequences.

Featured Download: Social media access at work. Do your employees know the rules?

Consumers and businesses can’t afford to bypass security precautions. No entity is exempt from cyber threats and crimes. And the steep financial repercussions of such a gamble far outweigh the risk. The following three epic cyber heists draw awareness to the importance of identity theft and security breach prevention, whether you’re protecting your personal bank account or company assets.


It’s nearly the one-year anniversary of Target’s massive data breach. The data breach affected 70 million customers whose personal information was hacked, and as many as 40 million customers had their credit or debit card information stolen, reported Money.CNN.com. The Target data-security hack began over the Thanksgiving weekend and was reported as the second-largest credit card breach in the nation’s history. Target shoppers who made purchases with their cards during a certain period of time were at high risk for having account information exposed to fraud. Millions of victims who had personal information compromised were highly vulnerable to identity theft. The major retailer faced state and federal investigations, class-action lawsuits, dropped sales and lost revenue. Target responded to the scandal by offering free credit monitoring and identify theft protection to Target shoppers for one year.

Lesson Learned: Target was only one of 600 publicly disclosed data breaches in 2013, reports CNBC.com. No retailer can be 100 percent safeguarded from data theft, and it’s the responsibilities of consumers to also implement fraud protection practices. Use a credit card instead of debit card for extra protection, check your bank statements for unauthorized charges, use financial alerts, be aware of email scams, and consider subscribing to an identity theft protection service.


As the Target scandal settled into 2014, e-commerce site eBay disclosed in May that it was a victim of a cyber attack. Hackers used employee login credentials to access the corporate network containing encrypted passwords, along with other information like addresses, telephone numbers and dates of birth. eBay quickly urged its 145 million users to change their passwords. Mashable reported that fortunately no credit card information was compromised due to financial information being stored on a separate system. Personal or financial information on PayPal had no signs of unauthorized activity or compromise.

Lesson Learned: Changing passwords is one way consumers can take action to avoid personal information theft. To create strong passwords, be random and even use words intentionally misspelled or made up. Avoid names, birth dates or places, recommends Matthew Sparkes, Deputy Head of Technology for The Telegraph. Ensure passwords are at least eight characters long and contain uppercase and lowercase letters, numbers and even symbols. Use different passwords for different sites, change passwords regularly, or even use a password manager.

Home Depot

In the Fall of 2014, 53 million Home Depot customers had their email addresses stolen, and 56 million debit and credit cards were exposed during a five-month data breach. Hackers gained access to the company’s network with a stolen username and password of a third-party vendor. Within the network, the hackers were able to deploy malware that compromised the self-checkout systems. The breach set off a number of fraudulent transactions draining customer bank accounts. The breach signaled Home Depots’ susceptible data security systems, mostly because the attack went on for several months without any notice.

Lesson Learned: As an organization, protecting your business and customers with enhanced security measures is non-negotiable. Home Depot released a press release stating the company implemented cyber security enhancements, including enhanced encryption of payment data and EMV Chip-and-PIN technology (amplified payment card protection). We also recommend the following security solutions for small businesses that want to take action against attacks like the Home Depot, eBay or Target breaches.

By Abby Terlecki, Writer, Social Monsters

abby terleckiBio: Abby Terlecki sees herself as one of those creative writer-types who always prefers to tell stories with her keyboard than through her mouth. When Abby’s not writing freelance articles, text messages, to-do lists, or CrossFit scores, she’s perfecting her craft as a full-time writer for a digital content marketing agency in Phoenix.