10 Most Remarkable Data Breaches of 2020

Data Breaches
Data Breaches

Hackers are relentless in their pursuit of people’s personal data. They do not just go after people’s personal data through phishing schemes either. They love to get their hands on some of the biggest companies in the world, as it opens a treasure trove of millions and even billions of personal emails and accounts.

Last year alone, they managed to break into the accounts of tens of large companies. This problem has become so widespread that companies are starting to talk about the concept of “breach fatigue” in which they take out insurance ahead of a breach and simply brace for the worst, posing worrying consequences for the safety of people’s data worldwide.

This guide will go through ten of the most impressive data breaches of the year, including those that were successful hacks and those that were thankfully stopped before anyone could get their hands on the data. Read on to see what we have picked! If you realize that you have an account with any of these companies, it is worth changing all of your personal passwords right away to make sure that you have not been compromised!


Number of records exposed: 10.88 Billion

If you have not heard of CAM4, they are a popular adult entertainment site that offer free live sex cams. There is no record that they were formally hacked, yet due to a misconfiguration of their site, they left a treasure trove of personal data, including names, sexual orientations and transcripts. It has been reported that around 6.6 million US users were involved in the leak, including millions more from Italy, France and Brazil, totaling a whopping 7TB in personal data.


Number of guests exposed: 33 Million

The hack of the popular hotel chain started much earlier than 2020, but it was only in the last year that the huge scale of the issue has come to light. The attacker had access to millions of hotel guest’s information, including their names, email addresses, phone numbers, arrival information, loyalty points and passport numbers. Once Marriott finally addressed the issue, they have made huge steps to change their set up, but it still remains a deeply worrying breach of their system. In the end the UK government fined the company £18.4 million for their gross negligence.

Advanced Info Service

Number of records exposed: 8.3 Billion

Advanced Info Service is home to Thailand’s biggest cell network. Like CAM4, their database was configured using ElasticSearch, which left it wide open for hackers to steal personal information. Thankfully, the data breach was found by researcher Justine Paine, who quickly alerted Thailand’s National Computer Emergency Response Team, who then contacted AIS. The server was quickly taken down, making the people of Thailand thankful that it was discovered by an ethical hacker rather than somebody with more nefarious purposes. If you are interested in becoming an ethical hacker, why not study a computer science degree online to achieve that aim!


Number of people exposed: 9 Million

As one of the most popular low-cost carriers in Europe, EasyJet sees millions of people using its online portal to book flights, hotels and hotel transfers every year. Early in 2020 however, a highly sophisticated data cyber attack took place, stealing both the email addresses and travel details of nine million people. Even more worrying, 2,208 people had their credit card details accessed. If you booked with EasyJet between October 2019 and March 2020, you might even be entitled to join in on a group action claim against the low-cost carrier.


Number of records exposed: 250 million

Microsoft’s data breach, reported at the top of 2020, was quite remarkable due to how long it went on for. Covered a whopping 14 years, it turns out that hundreds of millions of Microsoft customers were exposed without password protection. There were five unsecured servers hosted by Elasticsearch which contained records spanning from 2005 to 2019, with anyone accessing the data able to check these records online. Thankfully, they were spotted by intelligence search engine Binary Edge, Microsoft were quickly notified and the servers were secured within 24 hours.

Sina Weibo

Number of records exposed: 538 million

The Chinese microblogging page Sina Weibo — basically their version of Facebook — was severely compromised earlier in 2020. This includes a whopping 172 million phone numbers as well as countless names, usernames, locations and genders! A very concerning outcome is where the data has now gone, with a large chunk rumoured to be on sale on the dark web! The company itself has been reluctant to respond thoroughly to these claims.

Estée Lauder

Number of records exposed: 440 million

Cybercriminals broke into the beauty company in early 2020, managing to gain access to hundreds of millions of internal emails. This issue came up due to the type of middleware used by the company, which had notable security flaws easily allowing hackers to break through the system. Despite this worrying development, there is no evidence that any personal details were at risk.


Number of records exposed: 40 million

Wishbone is a popular app that allows people to compare two items on their phone on a poll. The entire user database of the app was leaked online by a hacker known as ShinyHunters and sold across the dark web for 0.85 bitcoins. The data included passwords, email addresses, location and phone numbers.

Antheus Tecnologia

Number of records exposed: 80 million

If you are a company that specializes in fingerprint data, you are probably the last company that should be comprised as the result of a data breach. Unluckily for the Brazilian company, there was a significant breach last year, with 16 gigabytes of data found on the Elasticsearch server containing important personal and biometric details.


Number of records exposed: 350 million

Due to a configuration error, millions of records belonging to users of the VoIP Phone System Broadvoice were breached, with a configuration error across ten databases discovered by security consultant Bob Diachenko along with technology research firm Comparitech. Their calls are meant to be more secure than traditional calls, but this breach has put their services under the spotlight.

Also See: 27 Million Biometric System Data Breached- Used By Banks And Defense Firms

Join Our Club

Enter your Email address to receive notifications | Join over Million Followers

Previous Article
CyberSecurity in Business

Why Businesses Need To Take Cyber Security Seriously

Next Article
Physical CyberSecurity

Why Does Physical Cybersecurity Deserve All Attention In Post-Pandemic Era?

Related Posts