In This Article

Top 20 Data Breaches of 2020

Philip Robinson
| Read Time 6 min read| Updated On - January 15, 2022

Let us start the new year with some positive news. Despite the coronavirus pandemic, the number of data breaches in 2020 fell by 52%, at least in the first six months anyway.

That said, we’ve still seen a large number of high-profile cases, some of which involving billions of exposed records.

Top Data Breaches of 2020

Below is a round-up of the 20 biggest data breaches we saw in 2020.

Breach Name What When
The United States Federal Government Emails and other documents were stolen in a cyberattack that was said to be “among the worst cyber-espionage ever suffered by the U.S”, affecting at least 200 organizations around the world. The attackers exploited software from at least three U.S. firms: Microsoft, SolarWinds, and VMware. The breach was first publicly reported on December 13, 2020, although the initial attack began no later than March 2020./td> A database containing 10.88 billion records was exposed to the internet on a misconfigured Elasticsearch cluster. The leak was discovered on March 16, 2020.
Advanced Info Service (AIS) A database containing approximately 8 billion records was exposed to the internet without a password. AIS were alerted about the open database on May 13, 2020
Keepnet Labs A database containing approximately 5 billion records was exposed for 24 hours by one of Keepnet’s contractors. The database was indexed on the 15 of March, and was exposed until the 16th of March, 2020.
BlueKai Approximately 4 billion records were exposed due to an unsecured database. The data that was exposed included names, home addresses, email addresses and web browsing activity – including purchases and newsletter subscription information. Technically speaking, the breach took place towards the end of 2019 (November). However, given the scale of the incident, I thought it was worth adding to the 2020 list.
Whisper An unprotected database containing 900 million “secret confessions” was exposed to the internet. The Whisper posts, including additional information, such as a user’s age, ethnicity, gender, home-town, nickname and group membership, were later found online. The exact date of exposure is not clear, however, the story was first published by the Washington Post on March 10, 2020.
Estée Lauder An unsecured database containing approximately million records was exposed to the Internet. The exposed database was discovered on January 30, 2020.
Broadvoice Over 350 million customer records were leaked due to a configuration error, which lead to several online databases being exposed to the Internet. The unprotected Elasticsearch database was discovered by researcher, Bob Diachenko, on the 1st of October, 2020.
Wattpad The credentials of approximately 268 million users were leaked from a compromised Wattpad database. The credentials were unique email address and password combinations. Researchers from Risk Based Security discovered the breach on July 14, 2020, although Wattpad were originally breached in June 2020.
Microsoft Approximately 250 million records were exposed when a cloud-based database used for “support case analytics” became visible to the Internet. The database was exposed between the 5th of December and the 31st of December, 2019.
Instagram, Tik Tok And YouTube A database belonging to Social Data – a company that sells social media data to marketers – was exposed to the Internet. The database contained personally identifiable information (PII) belonging to users of Instagram, Tik Tok And YouTube, and consisted of names, contact information, images and statistics about followers. The data was exposed on August 1, 2020.
Tetrad Security researchers have discovered a publicly exposed Amazon S3 bucket containing personal data and behavioural profiles belonging to 120 million Americans. Security company UpGuard found the misconfigured bucket on February 3, 2020.
Antheus Tecnologia An Elasticsearch server containing over 81.5 million records was exposed to the Internet. The records consisted of employee emails and telephone numbers, and 76,000 unique fingerprints. Security research team SafetyDetectives discovered the leak in March, 2020.
Wishbone Personal details of over 40 million users have been put up for sale by hackers on the dark web for 0.85 bitcoin (£6,445). These details include names, email addresses, phone numbers, geographical locations, genders, social media profiles, and hashed account passwords of users. The Wishbone user database was leaked in full in May, 2020.
EasyJet Email addresses and travel details of around 9 million people were stolen, and around 2,208 also had their payment card details ‘accessed’, in a ‘highly sophisticated cyber attack’. The attack took place in January 2020.
Marriott International Around 5.2 million guests were affected by a new Marriott data breach. Names, birthdates, telephone numbers, language preferences and loyalty account numbers were amongst the data that was stolen. The breach was identified at the end of February, but records date back to mid-January 2020.
Slickwraps Databases containing personal data, such names, home addresses and email addresses, were “mistakenly made public via an exploit” and “accessed by an unauthorized party”. Fortunately, the database didn’t contain passwords or personal financial data. Slickwraps disclosed the breach after many of their customers received an email from a hacker informing them that they had stolen their data. The breach was disclosed in February 2020.
ExecuPharm Various ExecuPharm servers were hit by a ransomware attack, which affected “select corporate and personnel information”. The attacked arrived via phishing emails that were sent to ExecuPharm employees. The attack took place on March 13, 2020.
Nintendo 300,000 user accounts were breached by hackers exposing personal information such as the account owner’s name, email address, date-of-birth and country of residence. The breach was first disclosed in March 2020, although Nintendo said the number of breached accounts “increased as a result of its continuing investigation”.
Zoom Over 500,000 Zoom accounts are being sold on the dark web and hacker forums in what was said to be a “credential stuffing attack” – where the threat actors attempt to login to Zoom using accounts leaked in older data breaches. The attack took place around April 2020.

How Lepide Helps Companies Prevent Data Breaches

With the Lepide Data Security Platform, enterprises can get full visibility into the security states and changes being made to their permissions, configurations, and sensitive data. With pre-defined reports, real time alerts, and intelligent anomaly spotting, security teams can identify events and changes taking place that could indicate data breaches.

The Lepide Data Security Platform allows you to identify where your valuable data is, see who has access to it, analyze the behavior of your users, and audit security states and changes. If you’d like to see this in action, schedule a demo with one of our engineers or start a free trial today.

Philip Robinson
Philip Robinson

Phil joined Lepide in 2016 after spending most of his career in B2B marketing roles for global organizations. Over the years, Phil has strived to create a brand that is consistent, fun and in keeping with what it’s like to do business with Lepide. Phil leads a large team of marketing professionals that share a common goal; to make Lepide a dominant force in the industry.

Popular Blog Posts