DATA

BREACH
from
2010-2023
GROUP 3:
CANONIZADO, JOHN RAI
GAMBO, ZEVEDY
ORDOÑEZ, BERNADINE
SAGUID, ARIANE MAE
DATA BREACH from 2010-2023
 DATA BREACH from 2010-2023
2500
2245
2053
2000 1862
1715
1544
1500 1472
1352

1047
1000 936 972
761 721 772
637
500

0
2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020 2021 2022 2023
 DATA BREACH from 2010-2023
Most Vulnerable Industries
Others 1367

Travel and Hospitality 1300

Logistics and Transportation 1433

Media and Entertainment 1566

Education 1699

Government 1832

Technology 1964

Financial Services 2191

Retail 2494

Healthcare 3375

0 500 1000 1500 2000 2500 3000 3500 4000


Key points
Number of data
breaches:
The number of data breaches has increased from 637 in
2010 to 2,245 in 2023. This is a 240% increase in the
number of data breaches over the past 13 years.
Average cost of Data
Breach:
The average cost of a data breach has increased from $2.7
million in 2010 to $9.6 million in 2023. This is a 350%
increase in the cost of data breaches over the past 13
years.
Most Common Cost of Data
Breaches:
Phishing attacks are the most common cause of data
breaches.
Most common type of data stolen in
data breaches:
Personally identifiable information (PII) is the most
common type of data stolen in data breaches. PII includes
information such as names, addresses, Social Security
numbers, and credit card numbers.
Most vulnerable industries to data
breaches:
The healthcare, financial services, and retail industries are
the most vulnerable to data breaches
 DATA BREACH
from 2010-2023

TWITTE
Data breach timeline

R
 Hacker Hijacks 33 High-Profile
User Accounts

January
a hacker used an automated password-guessing tool
to access the Twitter administrative control panel.
The password used was considered a weak
password, being an all-lower-case word you can

2009
find in the dictionary.

April 2009
 Hacker Breaches Twitter
Administrator Account

April 2009 a hacker guessed a Twitter administrative password

after gaining access to an employee’s personal
email account and finding two other passwords
stored there in plain text. Once inside the system,
the hacker changed at least one Twitter account
password

February20
13
 Hack Leaves 250,000 Accounts
Compromised

February20 A hack left 250,000 Twitter accounts compromised. The

hackers were able to gain access to user accounts by

13
exploiting a vulnerability in Twitter's password reset
system.

The company said that attackers were able to gain access

to account information, specifically user names and email
addresses.

MAY 2018
13 Bug Leaves 330 Million Passwords
Exposed

MAY 2018 A bug left 330 million Twitter passwords exposed. This
was one of the largest data breaches in history.

Twitter advised every user to change their password after

the company discovered a bug that left passwords exposed
in an internal system. While there was no evidence of a
breach or misuse, the passwords were unencrypted in an
internal log, making them readable to anyone who
accessed that system.

DECEMB
ER 2018
 Twitter Security Flaw Leaks User
Phone Number Country Codes

DECEMB reports emerged describing a security flaw that exposed

the phone number country codes of Twitter users. This
potentially allowed malicious actors to determine the

ER 2018
countries accounts were based in, something that could
have ramifications for political dissidents, protestors,
whistleblowers, activists, and other users who may be
targeted for retaliation or silencing.

OCTOBER
2019
ER 2018  Twitter Uses Data Provided for
Two-Factor Authentication for Ad
Targeting

OCTOBER  a privacy issue involving phone numbers and other data

provided to Twitter for two-factor authentication came to

2019
light. The company said it mistakenly incorporated phone
numbers and email addresses provided for two-factor
authentication into its ad systems, namely its Tailored
Audiences and Partner Audiences.

NOVEMB
ER 2019
2019
Two Former Employees Charged
with Spying

NOVEMB two former Twitter employees were charged with spying

for Saudi Arabia. They were accused of exploring and
gathering personal information on specific users at the

ER 2019
behest of the foreign nation, focusing on accounts that
were critical of the Saudi Arabian government. However,
other account data was potentially exposed as the spies
compiled some data in bulk.

NOVEMB
ER 2019
ER 2019
Data from Hundreds of Twitter
Accounts Exposed

NOVEMB While the incident was small-scale, hundreds of Twitter

users learned in November 2019 that some of their personal
data was exposed. The One Audience development kit

ER 2019
allowed developers to access usernames and email
addresses. If a Twitter user used their Twitter account to log
into an impacted app, the developer could see a limited
amount of personal information, as well as some recent
tweets.

JULY 2020
ER 2019 Hacker Takes Over High-Profile
Accounts in Bitcoin Scam

JULY 2020  It involved a hacker that targeted the accounts of approximately 130
high-profile individuals, including Elon Musk, Bill Gates, Barack
Obama, and Kanye West.

The attackers accessed the accounts by using Twitter internal

administration tools to bypass some security measures, indicating that
the hacker was using Twitter’s own system. The hackers were able to
obtain over $100,000 in transfers as a result of this incident.

Once the hacker obtained access to a target account, they posted scam
messages involving Bitcoin, claiming the account holder was “giving
back” to their community by doubling all Bitcoin sent to their address
and sending those funds back to the sender

JULY 2022
 Hacker Posts Data on 5.4 Million
Twitter Users For Sale

 a hacker under the alias ‘devil’ posted on

JULY 2022
BreachForums that they had obtained personal data on
5.4 million Twitter users, including email addresses and
phone numbers. The hacker had apparently exploited a
vulnerability to scrape this data from Twitter, and posted
it for sale with an asking price north of $30,000.

AUGUST
2022
 Former Twitter Employee Found
Guilty of Spying for Saudi Arabia

AUGUST a federal jury in California found a former Twitter

employee guilty for acting as an unregistered agent of

2022
the Saudi government. The jury found that Ahmad
Abouammo had used his position at Twitter to
investigate Saudi dissidents and convey information on
them to Bader al-Asaker, an aide to Saudi Crown Prince
Mohammed bin Salman.

August
2022
 Whistleblower Alleges “Egregious
Deficiencies” in Cybersecurity at

August Twitter
Twitter’s former head of security, Peiter “Mudge” Zatko, went
public with allegations that the company’s cybersecurity
practices were woefully insufficient. In the 200-page complaint

2022
he filed with the SEC on July 6, he described “egregious
deficiencies, negligence, willful ignorance, and threats to
national security and democracy.”

He alleged that the platform was vulnerable to foreign hacking,

allowed hundreds of engineers broad access to change Twitter’s
algorithm in real time, and did not follow through on user’s
requests to delete their data.

NOVEMB
ER 2022
2022
Hacker Publishes Data on 5.4
Million Twitter Users

NOVEMB a hacker published data including email addresses and

phone numbers of 5.4 million Twitter users on a hacker
forum. This hacker had exploited an API vulnerability in
late 2021 to scrape this data, and attempted to sell it for

ER 2022
$30,000 in July 2022. But those 5.4 million users were
not only ones affected; as detailed above, north of 200
million Twitter users were ultimately implicated in a
related data leak.

JANUARY
2023
ER 2022
Database of Over 200m Twitter
Users Goes Public

JANUARY
Following a string of ransom attempts and leaks, a trove
of data on over 200 million Twitter users circulated
among hackers in December 2022, and was published in
full on BreachForums on January 4th. This data includes
email addresses, names, and usernames, but does not

2023
appear to include passwords or other highly sensitive
data.
4.5
4
3.5
3
2.5
2
1.5
1
0.5
0
2008 2010 2012 2014 2016 2018 2020 2022 2024
 Summary
Are there any attackers left?
It is difficult to say for sure if there are any attackers left. Twitter has taken steps to improve its security, but
it is possible that some attackers may still have access to the company's systems.

Did the data leak stopped?

The data leak has not stopped completely. There have been a number of smaller leaks since the initial leak in
January 2023. However, Twitter has taken steps to mitigate the damage from these leaks.

How did they get into the it environment?

The attackers were able to get into Twitter's IT environment through a variety of methods. These methods
include exploiting security vulnerabilities, phishing attacks, and social engineering.
 Summary
What led to the attacks, and why?
The attack was lead by a number of different groups, including state-sponsored actors, criminal
organizations, and hacktivists. The attacks were motivated by a variety of factors, including financial gain,
political ideology, and social justice.

Was the leak unintentional or the result of carelessness?

The leak was unintentional in some cases, but it was also the result of carelessness in others. For example,
some Twitter employees were using weak passwords and were not following security best practices.

Who was in charge?

The security of Twitter is overseen by a number of different people, including the Chief Security Officer, The
head of Information Security, and the Director of Security operations. these individuals are responsible for
developing and implementing security policies, procedures, and technologies.
Thank you for
listening