The Master List of 2018 Breaches

The Master List of 2018 Breaches

2017 was a record setting year for data breaches, but we might have to call 2018 “The Year of the Breach.”

According to Verizon, there have been more than 2200 data breaches across the globe, and about 68 percent of these breaches were not detected for months. This is not good news for any business or organization.

Here are some of the major breaches of 2018:


Facebook is part of the list of 2018 breaches but NOT because of the Cambridge Analytica scandal. Instead, it’s because of the breach that occurred in late September, when about 50 million people had their data exposed. This hack took advantage of vulnerabilities in Facebook’s code, and hackers were able to control the accounts of

Department Store Hacks

Several department stores were also hacked this year including Saks Fifth Avenue and Lord & Taylor, which were hacked in April. These stores had their customer payment cards compromised. Macy’s also was hacked. This time, it was the names and passwords of its customers that hackers obtained.

The Master List of 2018 Data Breaches Hacks Robert Siciliano

Fitness Hacks

There were also hacks against fitness companies like Adidas and Under Armour. In the case of Adidas, hackers accessed the data of several million customers. In the case of Under Armour, the hackers targeted the brand’s app, MyFitnessPal, and were able to access the information from about 150 million users. In neither case were Social Security numbers, payment information, nor driver’s license numbers accessed.

Exactis Hack

The biggest hack of the year was also the one that most people don’t even know about. You probably don’t even recognize the name Exactis, but it is a marketing and data aggregation firm. In June, the company leaked the data of more than 340 million Americans. In this case, the company did not secure its database, and this left records
open to anyone who wanted them. Not only were people affected here, but so were businesses. Phone numbers, emails, addresses, and even interests of these people were exposed.


Marriott also makes the list of the major breaches of 2018 (but it originated as early as 2014), and in this case, about 500 million people were affected. This hack was done through the Starwood Hotels guest database. It was later realized that the hackers who did this were very likely working for the Chinese government, which was trying to gather intelligence. China has denied being involved in the hack, but experts claim that the methods used in the hack and evidence found all point towards the Chinese government.


There were a few other hacks that are worth mentioning too. Google, for instance, though not technically hacked, did expose data of its users thanks to a security bug. In this case, about 50 million accounts were compromised.

We hope, of course, that lessons were learned in 2018 so that 2019 looks a bit more promising, but as most security professionals know, hackers like to stay one step ahead. So keep your data as safe as possible.

What can you do? Move to Montana, find a cave, live in it. Toss your mobile, PC and credit cards and eat off the land.