The Hacking Economy

10 high-profile cyberhacks still impacting consumers today

Digital warfare heats up

Mikko Lemola | Getty Images

This year is not even half over, and it's already looking like a banner year for hackers.

A rash of high-profile digital breaches and large-scale data dumps has affected hundreds of millions of users of prominent websites, with millions more impacted by breaches of brick-and-mortar businesses. According to the Identity Theft Resource Center, over 6 million records have been exposed already this year. This follows high-profile attacks on sites like Ashley Madison (nearly 31 million accounts) last year and Adobe (152 million accounts) in 2013.

More often than not, hacks are more of an inconvenience for the victims than a traumatic life event. If you have been impacted and don't take action (like changing your password and monitoring other sites you frequent), that information can be used for everything from identity theft to more serious forms of harassment — and continue to unfold years later as information gets sold and resold.

Wondering if you've been impacted? Take a look at some of the year's biggest data dumps — and pay a semi-regular visit to the Have I Been Pwned? website to make sure an attack of a site you frequent (or once frequented and subsequently forgot about) hasn't occurred.

MySpace (People affected: 360 million)

Website pages from
Chris Ratcliffe | Bloomberg | Getty Images

It's pretty certain that the actual breach of MySpace happened quite some time ago, but it was just last month that stolen user login data was found in an online hacker forum. The compromised data includes a portion of the site's usernames, passwords and email addresses from the old Myspace platform prior to June 11, 2013. Time Inc., which owns MySpace these days, says none of its other sites were impacted.

LinkedIn (People affected: 117 million)

LinkedIn headquarters in Mountain View, Calif.
David Paul Morris | Bloomberg | Getty Images

Like MySpace, the LinkedIn hack took place a little while ago (2012). But it wasn't until this year that the data — consisting of email and password combinations — was offered for sale, making users more vulnerable. and contacted people who were affected.

Tumblr (People affected: 65 million)

Lionel Bonaventure | AFP | Getty Images

In May the social media/blogging site let users know that email addresses and passwords stolen in a 2013 attack had been exposed. While company officials said they did not believe the information had been used to access Tumblr accounts, the site did require all users to reset their passwords immediately. (People affected: 41 million)

Tom Merton | OJO Images | Getty Images

While the release of data from this sexually themed site came after the high-profile hack of Ashley Madison, the attack itself seems to have occurred prior to that event. Regardless of timing, a hacker began offering data in May from the adult dating site that included not only account information, like user names and passwords, but dates of birth and details about those users' sexual desires and preferences.

21st Century Oncology (People affected: 2.2 million)

Hero Images | Getty Images

This Florida-based operator of 145 cancer treatment centers announced in March that hackers had breached its database and stolen a wealth of personal information from current and former patients. Among the data collected were patient names, Social Security numbers, insurance data and their diagnoses. The company says it has no indication so far that the data has been misused.

Verizon Enterprise Solutions (People affected: 1.5 million)

Buchachon | iStock | Getty Images

Contact information for 1.5 million customers of Verizon's business-to-business arm was hacked this year, a surprising revelation given the company's cybersecurity strength (and the fact that Verizon Enterprise Solutions is a unit Fortune 500 companies often call for help when they get hacked). Officials said no proprietary data was taken, just contact info for customers.

Internal Revenue Service (People affected: 724,000)

Getty Images

While this hack took place and was first announced in 2015, the agency drastically revised its numbers in February. Originally, the IRS believed hackers had stolen Social Security numbers, addresses and birth dates of 114,000 people through its IRS Get Transcript application. This year, though, it said the number turned out to be 724,000.

University of Central Florida (People affected: 63,000)

A file photo of the University of Central Florida campus
Source: University of Central Florida

Hackers attacked the school's computer systems in January, gaining access to personal information of current and former students as well as staff and faculty members. No grade transcripts, credit card numbers or medical information was stolen, but the hackers did take off with Social Security numbers of affected people.

FDIC (People affected: 44,000)

The Federal Deposit Insurance Corp. headquarters in Washington, D.C.
Andrew Harrer | Bloomberg | Getty Images

This data breach, which occurred in February, was less the work of hackers and more the result of clumsiness. An employee leaving the agency "inadvertently and without malicious intent" downloaded data for 44,000 customers of the Federal Deposit Insurance Corp. onto a personal storage device. FDIC officials did not disclose what data was taken but said the former employee had legitimate access to it as part of his job.

Wendy's (People affected: Unknown)

People wait on line at a Wendy's location
Scott Mlyn | CNBC

The burger chain is still investigating the impact of the hack that occurred in late 2015 and was announced in May. Malware that targeted the point-of-sales system was found at roughly 300 locations, the company said originally. In June it said it had discovered the number of affected locations was likely "considerably higher" than the initial estimate. On Thursday, July 7, Wendy's said hackers were able to steal customer's credit and debit card information at 1,025 of its U.S. restaurants. There are 5,700 Wendy's nationwide. The company has not yet said how many customers might have been affected.