Cybercrime 2019: top 5 data breaches

Cybercrime is the biggest threat to all companies worldwide and one of the biggest problems in modern society.

In 2019, as in 2018, there were several sectors affected by hacker attacks. According to Juniper’s research, the losses last year were $2 trillion.

And yet, cybercrime is expected to cost the world $6 trillion annually by 2021


In this article we present the top 5 companies that failed to escape the biggest data breaches of 2019:


5. Quest Diagnostics

11.9 million users compromised 

What company? Quest Diagnostics is an American clinical laboratory. The company operates in two segments: Diagnostic information services and Diagnostic Solutions.

What happened? In early June, the company announced that it detected a data breach. This affected its billing provider, the American Medical Collection Agency.

The breach exposed the medical, financial, and personal information of about 11.9 million customers over eight months.

This included:

  • credit card numbers
  • bank account information
  • medical information
  • Social Security numbers

When did it happen? Between August 2018 and March 2019.

4. Houzz

48.9 million users compromised

What company? Houzz is an American website and an online community on architecture, interior design and décor, landscaping, and home improvement.

What happened? The company began the year to inform its customers that hackers had accessed encrypted usernames and passwords. The company’s FAQ on the breach was vague, but the ITRC (Interstate Technology and Regulatory Council) revealed that 48,881,308 accounts were affected. However, no financial information has been accessed.

When did it happen? In December 2018.

3. Capital One

100 million users  compromised

What company? Capital One Financial Corporation is a banking holding company specializing in credit cards, car loans, banks and savings accounts based in McLean, Virginia.

What happened? In July, Capital One announced the personal data breach of more than 100 million Americans and 6 million Canadians who have requested credit cards since 2005.

The company admitted that the applications that hackers accessed:

  • names
  • addresses
  • postal codes
  • emails
  • mobile phone numbers
  • dates of birth

The banking and Social Security numbers of about 140,000 U.S. customers were also compromised.

When did it happen? In March 2019.

2. Dubsmash

162 million users compromised

What company? Dubsmash is a video messaging app for Android and iOS. The service consists of doing a playback of some famous, musical, movie, comic, or any other phrase that users choose and upload to the channel.

In February, the company announced that hackers accessed nearly 162 million:

  • account owner names
  • email addresses
  • hash passwords

Afterward, hackers put the data up for sale on the dark web. The attack was part of a data dump that included more than 600 million accounts from 16 hacked sites.

When did it happen? In December 2018.

1. Zynga

218 million users compromised

What company? Zynga is one of the largest successful smartphone social gaming companies such as “Farmville”.

What happened? Mobile game producer Zynga announced in October that a hacker accessed login information from customer accounts playing the popular games “Words with Friends” and “Draw Something”.

The hacker accessed:

  • usernames
  • email addresses
  • login IDs
  • IDs do Facebook
  • some mobile phone numbers
  • Zynga’s account IDs of about 218 million customers who installed iOS and Android versions of the games before September 2, 2019.

When did it happen? In September 2019.


With these attacks as an example, we can conclude that the focus on adapting to data protection laws such as the GDPR and LGPD is urgent.

Therefore, companies must implement systems to prevent, identify, and resolve cases of personal data breaches.

To do this, they should invest in solutions designed to help them comply with the law, to ensure a safe business for their customers and avoid sanctions!

We’ve developed GetComplied to help businesses suit data protection laws and it’s super easy! You can edit your policies, cookies, and user rights on one platform!



Was this post helpful?