Skip to Content

These Were the Worst Data Breaches and Vulnerabilities of 2018

More than a billion of people were affected by corporate data breaches in 2018.

From the Marriott International hotel breach, which impacted half a billion customers, to the highly-profile scandal in which a political consulting gained access to Facebook users’ information, major corporations are increasingly victims of large hacks or bungling the data they store.

Daniel Markuson, blog editor at NordVPN, a virtual private network service provider based in Panama, released a review of 11 of the worst data breaches last year. No company is immune to data breaches, which is particularly concerning as corporations continue to collect more data from users.

“The scope of these attacks shows that even the biggest corporations are vulnerable and are prone to errors,” he said. “This means that it’s becoming more difficult to trust them as we never know when our data is going to end in the wrong hands.”

Here’s a look at last year’s biggest breaches and vulnerabilities ranked by the number of people impacted, as determined by NordVPN:

  1. Marriott International (500 million users)
  2. Twitter (330 million users) The company said it mistakenly stored user passwords in plain text on an internal log accessible only to employees, and that no outsiders accessed them
  3. My Fitness Pal (150 million users)
  4. Facebook (147 million users in multiple breaches)
  5. Firebase (100 million users)
  6. Quora (100 million users)
  7. MyHeritage (92 million users)
  8. Uber (57 million users)
  9. Ticket Fly, owned by Eventbrite (27 million users)
  10. Google+ (500,000 users)
  11. British Airways (380,000 users)

Update: This story was updated with more information from Twitter. The headline was also adjusted for clarity.