Recent Cyber Attacks on Companies [+ Healthcare, Manufacturing, Finance & More]

From the military to e-commerce and beyond, cyberattacks are an existential threat to every organization on the planet. If you haven't been paying attention to the danger of these phantom-like enemies, you probably should. Just think of the havoc a cybercriminal could cause—stolen company secrets, access to sensitive employee personal information, and, possibly the worst of all, theft of your customer base’s information.

Cyberattacks are on the rise and expected to only grow in the years to come. Falling victim to one could spell doom for your business, from financial loss to a damaged brand reputation. A data breach would hurt your bottom line. If you’re not convinced of the dangers of cybercriminals, read on.

Cybersecurity Best Practices for Data Protection

According to a Statista survey, 90% of global online consumers have at least one major concern regarding data privacy. Yet the majority still provide you and other companies with personal information in exchange for a better experience. Your customers trust you and expect you to keep their information secure. The ramifications of not doing so are enormous.

$10.5 trillion: That’s how much cybercrimes will cost companies by 2025—a 15% year-to-year growth. And financial loss isn’t the only thing at stake—there’s brand reputation, legal liabilities, and loss of productivity, too.

Small to medium-sized firms are often victims, not just enterprises. 43% of cyberattacks target small businesses. Phishing, malware, ransomware, credential stuffing, and social engineering are among the most common methods.

To mitigate the chances of a cyberattack, implement a world-class cybersecurity education program for employees. In a study by TalentLMS, 61% of employees who receive cybersecurity training still fail a test. In addition to employee training, use scanning and detection tools, advanced encryption, DNS filtering, and other safeguards.

Case Studies: Major Cyberattacks on Leading Companies

E-Commerce Cyberattacks: Lessons from Best Buy, eBay

Best Buy, 2017

Best Buy fell victim to cybercriminals who hacked into the company’s computer system and installed malware in customer service chatbots. Only a small fraction of customer information was stolen, but it’s a warning about neglecting chatbot security.

eBay, 2014

Hackers accessed personal information of 145 million customers. Techniques included SQL injections, phishing, and malware. eBay reportedly did not use multi-factor authentication, making the breach more damaging. Sales projections dropped by $200 million due to the data breach.

#1 Recent Cyberattacks on Companies: Best Buy, 2017

As part of a string of cyberattacks staged on companies in 2017, Best Buy fell victim to the dangers of outsourcing customer service.

Cybercriminals managed to hack into Best Buy’s computer system and installed malware (malicious software) in the chatbots used as part of customer service.

Fortunately, only a small fraction of customer information was stolen.

But it still serves as a warning of neglecting the security apparatus of a chatbot.

And chatbots are only going to become more popular.

As stated by Outgrow, chatbots can answer roughly 80% of all standard questions.

So it’s vital that your e-commerce store's chatbot provider takes security seriously.

According to CNN, the outsourcing company used in this instance was [24]7.ai — the same chatbot that compromised Sears and Delta previously.

Our next recent cyber attack on a company comes from the financial sector.

Watch Matt unpack how AI-driven shifts and societal behaviors are reshaping risk—and what that means for proactive cybersecurity today.

#2 Recent Cyberattacks on Companies: eBay, 2014

Re-seller giant eBay is the next company to fall prey to a cyber attack in recent memory.

In September 2014, cybercriminals hacked into eBay’s corporate network and accessed the personal information of 145 million customers.

Hackers used a variety of techniques to access company servers — including SQL injections, phishing campaigns and malware attacks.

Supposedly, eBay didn’t use multi-factor authentication (MFA). For example, requiring a user to confirm a code sent to their mobile device before logging in.

And that’s a big letdown, as Microsoft reports that an account is 99.9% less likely to be compromised if it uses MFA.

Like other cyberattacks, it compromised users’ full names, encrypted passwords, email addresses and physical addresses from the corporate network.

According to Kaplan, Bailey and O’Halloran’s “Beyond Cybersecurity: Protecting Your Digital Business,” eBay lowered its 2014 sales projections by $200 million due to the data breach.

Financial Sector Data Breaches: Capital One, Equifax

Capital One, 2018

Over 100 million customers had personal information stolen due to a misconfigured firewall in Capital One’s cloud service provider, Amazon Web Services. The breach resulted in an $80 million fine and a 15% stock dip for Amazon.

Equifax, 2017

Credit monitoring service Equifax suffered a breach that compromised data of up to 143 million Americans. The main cause was a poorly run security apparatus. Market value dropped 31% in one week, and 40% of consumers lost trust in Equifax.

#3 Recent Cyberattacks on Companies: Capital One, 2018

Over 100 million Capital One customers had their personal information stolen from one hacker in 2018.

The company only found out about it from a concerned citizen’s email tip, as can be seen below.

The hacker was former Amazon software engineer Paige Thomson.

According to Thompson’s statement, she took advantage of a misconfigured firewall to successfully infiltrate Capital One through its cloud service provider, Amazon Web Services.

Normally, the cloud is considered highly secure.

And Amazon Web Services is the most popular cloud hosting service among businesses — with a 31% market share, according to Statista.

But this recent example of a cyberattack on a company shows just how vulnerable even the big-name brands are to a data breach.

One little exploit wreaked massive security ramifications.

In the end, Capital One was ordered to pay an $80 million fine for negligence, according to CBS.

And in a case study, MIT cited a 15% stock dip for Amazon in the two weeks following the revelation, damaging brand reputation.

After numerous trial delays, Thompsons still hasn’t seen a courtroom as of January of 2022. She’s scheduled for an appearance in March and faces up to 20 years of jail time.

#4 Recent Cyberattacks on Companies: Equifax, 2017

Credit monitoring service Equifax reported a cyberattack in 2017 that compromised the personal information of up to 143 million Americans, or nearly half the U.S. population.

Hackers accessed critical data belonging to consumers including names, social security numbers, birth dates and addresses.

According to the U.S. General Accounting Office and Bloomberg Businessweek, there were several reasons for the breach.

Chiefly among them, Equifax had a poorly run security apparatus.

As a result, the hackers were able to infiltrate and browse through the network at ease.

As reported by MarketWatch, Equifax’s market value dropped 31% in just one week.

When compared to similar cyberattacks on credit bureaus, this one from Equifax was the worst.

CreditCards.com reported that 40% of consumers did not trust Equifax at all after the data breach.

Technology Sector Breaches: Yahoo, LinkedIn, Myspace

Yahoo, 2013

Every single Yahoo account in 2013 was compromised, totaling 3 billion accounts. The breach was caused by a phishing scheme and resulted in a $350 million discount in Verizon’s acquisition of Yahoo.

LinkedIn, 2021

Information on 700 million users was stolen, exposing names, emails, and phone numbers—enough for identity theft.

Myspace, 2013

A hacker accessed 360 million accounts, stealing usernames, emails, and encrypted passwords, later selling the data on the black market.

#5 Recent Cyberattacks on Companies: Yahoo, 2013

It wasn’t until 2017 that it was revealed that every single Yahoo account that existed in 2013 had been compromised.

Originally, it was thought that 1 billion accounts were hacked, as they reported in late 2016.

Either way, Yahoo shattered records.

With the breach, account information like names, email addresses, phone numbers, birth dates and passwords were stolen.

According to Cyber Security Hub, the hackers gained access to Yahoo’s network with a phishing scheme.

And it takes just one employee to click on the link for the hacker to break through.

Yahoo was later bought by Verizon in 2017.

But not before a $350 million discount because of the loss in market valuation after the revelation, as per TechCrunch.

The next cyber attack on a company is the most recent one on the list.

Marketing Team, Without the Payroll. Delegate landing pages, emails, ads, and more—for just $7. Start My 7-Day Trial

#6 Recent Cyberattacks on Companies: LinkedIn, 2021

In June 2021, a hacker by the name of “God User” stole information on 700 million LinkedIn users.

That’s 92% of its user base.

Although no financial or private messaging data was hacked, users’ email addresses, names, phone numbers and other information was.

That’s enough information for someone to steal someone’s identity.

Even though identity theft has been cracked down in recent years, it still affected 1,387,615 U.S. citizens in 2020, according to the Federal Trade Commission.

Moreover, fraud and other similar crimes are on the rise.

#7 Recent Cyberattacks on Companies: Myspace, 2013

In 2013, a cybercriminal hacked into Myspace and accessed 360 million accounts.

The hacker stole login credentials, the usernames of all registered users, emails and encrypted passwords.

And in 2016, the hacker resurfaced. This time, to sell off the data on the black market.

But this isn’t a surprise.

According to Verizon, at least 63% of all cyberattacks are financially motivated.

As for who the attacker is, Myspace confirmed it was the same person that hacked LinkedIn in 2012.. Someone by the name of “Peace.”

Our next recent cyber attack on a company comes from a leader in the apparel industry.

Others

#8 Recent Cyberattacks on Companies: Under Armour, 2018

In late February of 2018, cybercriminals hacked into Under Armour’s MyFitnessPal app.

And as a result, 150 million accounts were breached.

The cybercriminal group gained access to user information by exploiting a credential leak on the fitness app developer’s systems.

According to CNBC, Under Armour shares dropped 3.8% once the story broke out on news outlets, such as ABC Baltimore as seen below.

All in all, Under Armour was fortunate that it learned about the breach after just a month.

As reported by IBM, it takes 207 days, on average, to identify a breach.

#9 Recent Cyberattacks on Companies: Uber, 2016

Not only did the recent cyber attack on Uber in 2016 expose personal information of 57 million customers, the company upset the public and broke a Pennsylvania law.

You see, Uber tried covering up the data breach by paying the hackers $100,000. They didn’t even inform their customers either.

And in the state of Pennsylvania, companies are obliged to notify customers of a data breach within a reasonable amount of time — not a year, which is how long Uber took in this instance.

So once Uber finally admitted to the breach in 2017, its consumer perception took a massive hit.

According to Varonis, Uber’s Brand Index Rating decreased by 141.3% in 2017.

But this isn’t surprising, as 7% of ride sharing customers are willing to use the same brand after a data breach.

According to TechCrunch, the hackers accessed an Amazon web server owned by Uber when an Uber engineer left login credentials in a GitHub repository.

And this is quite in line with how cybercriminals infiltrate company servers.

As reported by Cybint, 95% of all cyberattacks stem from human error.

#10 Recent Cyberattacks on Companies: Target, 2013

During the holiday season of 2013, cybercriminals were able to gain access and steal the personal and financial information of 70 million Target customers.

According to Card Connect, the cybercriminals launched a phishing attack by gaining access to the information stored in the magnetic stripe on the back of their payment cards.

In all, about 40 million credit cards were compromised.

As reported by cybersecurity blog Hashed Out, Target reported a loss of $292 million from the data breach.

And brand perception took a 54.6% hit in 2014, according to data security company, Varonis.

#11 Recent Cyberattacks on Companies: Marriott, 2018

Marriott Hotel’s recent cyber attack in 2018 compromised the personal information of up to 500 million guests.

Sensitive data breached included names, phone numbers, email addresses, passport numbers and travel information.

Following this cyberattack, Marriott’s stock dropped as much as 6.9% shortly after the incident, according to Bloomberg.

Moreover, the Information Commissioner’s Office fined Marriott 18.4 million euros ($23.98 million USD).

Brand Reputation and Recovery After a Data Breach

Brand reputation is often severely damaged after a breach. For example, Uber’s Brand Index Rating decreased by 141.3% after its 2016 breach. Target’s brand perception took a 54.6% hit in 2014. Companies must have a response plan to rebuild trust, communicate transparently, and invest in security improvements.

Recent Healthcare Data Breaches & Their Impact

Healthcare organizations are prime targets for cybercriminals due to the sensitivity and value of patient data. Notable recent attacks include:

• Anthem (2015): Hackers accessed the records of nearly 79 million people, including names, birthdates, and social security numbers.
• Universal Health Services (2020): A ransomware attack disrupted hospital operations across the U.S., impacting patient care and resulting in millions in losses.

Protecting Patient Data: Healthcare Cybersecurity Best Practices

• Implement multi-factor authentication for all staff and systems.
• Encrypt all patient and operational data, both at rest and in transit.
• Conduct regular vulnerability assessments and penetration testing.
• Provide ongoing cybersecurity training for staff to recognize phishing and social engineering attempts.
• Maintain robust backup and disaster recovery protocols.

Recent Manufacturing Cyberattacks

How Cybercriminals Target Manufacturing Companies

Manufacturers face increasing risks from ransomware, industrial espionage, and supply chain attacks. Recent incidents include:

• Honda (2020): A ransomware attack halted global production lines, demonstrating the vulnerability of operational technology (OT) systems.
• Visser Precision (2020): Data breach exposed sensitive information related to aerospace and defense manufacturing contracts.

Data Protection Strategies for the Manufacturing Sector

• Segment IT and OT networks to reduce lateral movement of attackers.
• Regularly update and patch all software and firmware on production equipment.
• Monitor network traffic for unusual activity indicating a potential breach.
• Establish incident response plans tailored to manufacturing operations.
• Collaborate with supply chain partners to ensure end-to-end security.

Add new revenue streams without new hires. Get a branded portal, automated onboarding, and a team that works under your name. Learn About White-Labeling with Growbo

Conclusion

Cybersecurity is an ongoing battle, but it’s one that should be fought with full force. As these 11 recent cyberattacks and industry-specific cases illustrate, protecting your customers’ data and your company’s reputation is critical. Invest in employee training, robust security tools, and a proactive incident response plan to safeguard your business from evolving threats. If you’re stretched thin, consider delegating your marketing and digital operations to a trusted partner so you can focus on what matters most—security and growth.

Are these cyberattacks enough reason for your company to commit more resources into security?

Let us know your thoughts or reach out for more resources on building a cybersecurity strategy.

Let me know in the comments below.

Keep Growin’, stay focused.

Mark

Image Credits:

1. https://cybersecurityventures.com/cybercrime-damage-costs-10-trillion-by-2025/

2. https://www.talentlms.com/blog/cybersecurity-statistics-survey/

3. https://www.businessinsider.com/capital-one-hack-data-breach-email-tip-off-2019-7

4. https://www.creditcards.com/credit-card-news/equifax-consumer-trust-after-breach/

5. https://www.businessinsider.com/yahoos-data-breach-will-go-down-as-the-biggest-ever-chart-2017-10

6. https://www.definefinancial.com/blog/identity-theft-credit-card-fraud-statistics/

7. https://www.youtube.com/watch?v=oqkva-7UxIM

9. https://www.varonis.com/blog/company-reputation-after-a-data-breach/

10. https://www.varonis.com/blog/company-reputation-after-a-data-breach/

11. https://www.bloomberg.com/news/articles/2018-11-30/marriott-found-unauthorized-starwood-database-access-since-2014-jp3xbq64

Share

PREVIOUS
NEXT