2017: The year of the hack (again)
Cyber-attacks have become worryingly common occurrences in recent times as the value of data has increased, thanks to a world that is now always online.
Some experts have suggested that data, and not oil or gold, is now the most valuable commodity in the world – driving the desire of hackers, rogue states and other agents targeting companies that deal in data.
This year, just like 2016, a series of high-profile data breaches – or the disclosure of such incidents – made headlines around world.
Here is a look back at the notorious breaches of 2017.
An on-going saga in the world of cyber breaches, Yahoo has suffered two separate data breaches in recent years – in 2013 and 2014.
This year the full scale of those attacks became apparent, with the company confirming that in the larger 2013 attack, all three billion of its user accounts were affected.
The initial diagnosis suggested around one billion users had been hit, however outside forensic analysis brought in after the company was bought by Verizon discovered it was more far-reaching than first thought.
Usernames, passwords and security questions were accessed in what experts believe is the largest data breach in the history of the internet.
The disclosure drew criticism in some quarters, with Yahoo accused of taking too long to fully discover and report the fallout from the attacks – a issue some argued is industry-wide when it comes to responding to data breaches.
In a generally bad year for the car-hailing service, one of its most notable low points was the admission that hackers had accessed around 57 million customers and driver accounts in late 2016.
The admission was only made in November by new chief executive Dara Khosrowshahi – who succeeded Travis Kalanick in August.
The incident was further soured by the company’s revelation that it had paid the hackers around £75,500 to delete the stolen data and keep the leak under wraps.
“None of this should have happened, and I will not make excuses for it,” Mr Khosrowshahi said at the time of the disclosure.
“While I can’t erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes.”
The US-based credit report firm was the biggest victim of 2017, confirming a security breach in the summer had affected more than 145 million customers globally.
The information stolen included names, social security numbers, birth dates and addresses
The breach was attributed to “both human error and technology failures”, including Equifax not keeping its security software up to date.
The incident was held up as another example of large firms lacking the education and urgency to adequately respond to such attacks, an issue likely to be high on the technology agenda in 2018.
A cyber-attack of a different kind, the WannaCry ransomware hit thousands of businesses around the world in May, locking them out of files and demanding payment to release them.
In the UK, the NHS was the biggest victim, with hospital computer systems shut down by the attack, resulting in cancelled appointments and re-routing of patients on their way to wards.
With vulnerabilities in ageing security software to blame, the amount of time devoted to cyber security by key services was pulled into focus once again.