Equifax
Perhaps the most notorious attack of the year targeted Equifax, one of the largest credit bureaus in the country. Hackers were able to steal data from a reported 145 million people, making it one of the largest hacks of all time. Sensitive information such as birth dates, social security numbers, home addresses and more were stolen.
The hack was discovered two months later and can pose a massive threat to victims for years because of identity theft. The attack on Equifax has lead to some controversy over whether or not data brokers like Equifax should become more tightly regulated. These firms store our personal information and then sell it; and when they lose, we all lose. As of December 2017, the person(s) responsible for the Equifax hack still remains a mystery.
Yahoo
In late 2016, Yahoo CEO Marissa Mayer announced that around 1 billion Yahoo accounts had been compromised. After further investigation in 2017, the reissued a statement claiming that all 3 billion of their accounts had been hacked. This attack is in addition to a separate attack in 2014 that had compromised an estimated 500 million accounts. Hackers deciphered Yahoo’s encryption and made off with user’s names, birth dates, phone numbers, and passwords.
According to the New York Times, while the usage of this stolen data has yet to be discovered, a group of hackers in Eastern Europe has started offering it up for sale. While a Canadian hacker plead guilty to the 2014 attack, no one has been held responsible for the larger attack just yet.
NSA
Last year a group known as the Shadow Brokers released a set of hacking tools believed to be owned by our National Security Agency. The tools allow the user to compromise several Windows operating systems and servers. These tools have been used in a number of cyber attacks around the world, including on the American drug company Merck, as an example. The tools were also used to develop the cyber attack dubbed ‘WannaCry’.