The revenue generated by a multibillion-dollar company not only benefits its shareholders, but it also helps to boost the GDP of the business’ home country, as well as potentially bolstering other economies around the world. Typically, such a company will employ tens of thousands of employees, providing them with a source of income, and enabling them to contribute to the public purse through their taxes, as well as generating economic growth via their spending.
The positive economic impact of large-scale businesses is not limited to who the company pays. Companies also benefit the customers they serve, with household names like Google, Walmart, and Amazon enabling millions of consumers to access the products they want and need, be that for entertainment, or to help them generate an income.
With billions of dollars in play, a big corporation is an obvious target for criminals. With large workforces often dispersed across multiple countries, they are high profile, dealing in huge sums of money, making them an attractive prospect for hackers and scammers.
Regardless of the motive behind a cyberattack, the impact is always negative. Ransomware attacks can result in companies losing significant amounts of money, while leaked documents and files relating to upcoming products can potentially cost billions, particularly if they fall into the hands of a competitor. However, the most harmful and lasting consequence arises in a security breach where users’ personal information is made public. This information could range from something as basic as names, ages, and phone numbers to taxpayer identification numbers and bank details. Should this sensitive information fall into the wrong hands, the effects could be dire. A poll by Poneman Institute revealed that among participants who had been a victim of a data breach, 65% reported a subsequent lack of trust in the company, while 27% ceased doing business with them completely.
Although small and medium-sized businesses are an easier and therefore more common target, for criminals who do manage to infiltrate a large corporation, the financial rewards can be vast. In this article, we look at three of the biggest companies to fall afoul of cybercriminals.
1. Adobe
In October 2013, Adobe announced that its IT infrastructure had been breached on a colossal scale. Infiltrating 38 million active accounts, hackers not only accessed names, logins, and passwords, but also credit card numbers and expiration dates.
To access this data, the cybercriminals exploited a security breach related to security practices around passwords. Rather than being chopped, as recommended, the stolen passwords had been encrypted. Fortunately, this rendered any stolen bank data unusable due to the high quality of Adobe’s encryption. However, the cybercriminals targeted Adobe not just for customer information, but for product data, and the 40 GB of source code they managed to steal was the most worrying problem of all for Adobe.
2. Yahoo
2013 marked a busy year in cybercrime, with not only Adobe falling foul of hackers, but Yahoo too. However, in the latter case, it was not until four years later that the true scope of the breach was revealed.
In August 2013, hackers accessed 3 billion user accounts. Investigations revealed that the attackers accessed account information such as plaintext passwords and security questions and answers, although bank data and payment card details were not exposed.
The attack represented the largest breach of any company’s computer network, potentially providing hackers with the requisite information required to break into government computers around the world.
Despite revelations over the true scale of the attack hitting the headlines in 2016, Verizon went ahead with its $4.48 billion acquisition of Yahoo, albeit shaving $350 million off of its original offer.
3. Marriott
A security breach at the hotel group that opened up in 2014 was not spotted until 2018. It came to light that a lapse in security exposed the personal information of some 500 million guests of the Starwood hotel group, a Marriott subsidiary. The implications were huge, with information accessed ranging from names, phone numbers, email addresses, and mailing addresses, to payment information, passport numbers, and even details about users’ Starwood Preferred Guest accounts, a high-end card program launched by American Express for regular travelers.
In the United Kingdom alone, Marriot was fined $123 million by authorities for the breach. In July 2022, the hotel group revealed that it had become the victim of another attack, with another unknown actor breaching one of its properties, stealing 20GB of files. In this episode, however, the hackers only managed to breach just one property, gaining access to its network for a limited time.
David Geithner 