North Korean hackers had been blamed for the “DarkSeoul” attack in March 2013. It caused $700 million in damage to South Korean banks and broadcasters. The attackers posted a notice featuring images of skulls.
Photo: KCNA/Reuters

Companies from Target to Chipotle have been victimized by cybercriminals.

By Jeff John Roberts
June 22, 2017

Who has been hacked? It might be easier to ask who hasn’t been hacked, as Fortune explores in the cover story of our Jul. 1 issue. The list below is just a sample of big companies and institutions struck by major data breaches in the past five years. As you can see, no industry has been spared. By now, the damage has afflicted billions of consumer accounts and is costing the companies tens or hundreds of millions. Alas, cyber-crime tools are getting cheaper and more prolific—which means the hacking nightmare is unlikely to end anytime soon.

LinkedIn, 2012

In 2012, the professional network said 6.5 million accounts had been hacked. In 2016, it emerged that the breach was much worse: Hackers were selling name and password info for more than 117 million accounts.

Target, 2013

In December 2013, 110 million customers’ personal and financial information was ­exposed. CEO Gregg Steinhafel later resigned as part of the fallout from the massive breach.

JPMorgan, 2014

Hackers hijacked one of ­JPMorgan Chase’s servers and stole data about millions of the bank’s accounts, which they allegedly used in fraud schemes yielding some $100 million.

Home Depot, 2014

Hackers stole email and credit card data from more than 50 million customers. The breach cost the retail chain at least $179 million in settlements with consumers and credit card companies.

Sony, 2014

Hackers believed to be associated with North Korea rampaged through the servers of Sony Pictures Entertainment in retaliation for a film comedy showing North Korean leader Kim Jong-un’s face ­being melted off.

Hilton Hotels, 2015

Hackers got inside the chain’s payment system and reportedly stole customer credit card data from dozens of ­Hilton and Starwood chains from across the country.

Law Firms, 2015

Chinese hackers accessed email accounts at firms Cravath Swaine & Moore and Weil Gotshal & Manges—and learned about upcoming corporate mergers. They allegedly made $4 million trading on the information.

Swift, 2016

North Korean hackers reportedly exploited weaknesses in the SWIFT payment system to steal $81 million from the Bangladesh Central Bank’s account at the New York Federal Reserve.

Tesco, 2016

Hackers drained a total of around $3.2 million from more than 9,000 accounts in Tesco Bank, the bank run by the giant grocery chain. Tesco was forced to reimburse customers for the stolen money.

Chipotle, 2017

An Eastern European criminal gang reportedly used phishing to steal the credit card information of millions of Chipotle customers. The breach was part of a larger scam targeting restaurants.

A version of this article appears in the Jul. 1, 2017 issue of Fortune as part of the feature titled “Hacked.”

SPONSORED FINANCIAL CONTENT

You May Like