As the countdown to the New Year has begun the world gets
ready to say its goodbyes to 2015. We roll back the clocks and look into this
year’s most devastating hacking attacks, which resulted in huge financial
losses and data theft. Data breaches have put many organizations out of
business and many others are facing millions of dollar in fines from lawsuits
from their customers. Last year, hackers accessed more than one billion
personal records, most of which include personal information such as social
security numbers, banking codes, home addresses, emails, etc. 

An upsetting thing
is year after year the number of such attacks are increasing.
According to a survey
by Global State of Information in Cybersecurity, this year, 38% more security
incidents were detected than last year. The shortage of certified cyber
security professionals is a big reason why these attacks are on the rise. Most
of the organizations have no idea what policies should be followed to tackle
these threats. 

Here we bring you some of the
list of 10 most destructive hacking attacks the world have seen in 2015. We
rate these attacks according to their severity and how much organization
suffered after its aftermath. Check
out our Top 10 List:

This is one of the most devastating hacking attack in
British history, with more than 157,000 customers records stolen by the
hackers. The records include personal details such as bank account numbers,
sort codes, credit and debit card numbers. This attack on Talk Talk website
happened on 21st of October and it is believed that teenagers are behind this
devastating attack. The company suffered £35 Million in losses as the result of
malicious users exploiting
a SQL Injection vulnerability. 

Another big story of the year is the Ashely Madison Hack. An
online dating site with a motto “Life is Short. Have an affair” has seen the
identities and passwords of its 11 million users stolen. The CEO of the company
had to step down as the result of this much hyped hack attack, which was the
most talked about thing this summer. The Ashley Madison parent company faces a
law suite of $760M as a result of this data breach. Many customers of Ashley
Madison received an email from spammers demanding ransoms, else their
information will be leaked online. 

The personal email account of John Brennan, the director of
CIA was also hacked. The FBI and Secret service treated this as a very
sensitive hacking incident because of the nature of the account and to whom it
was associated with. The person who claimed the responsibility of this hack on
CNN is an American but has yet to be arrested by the FBI. 

The second biggest health insurance company in the United
States also fell victim to cyber criminals this year. The hack has affected
more than 70 million Anthem customers. The hackers stole names, date of births
and social security numbers. The company assured its customers that their
financial details such as bank accounts and credit card numbers have not been compromised. 

Telecom giant Vodafone was also the target of cyber
criminals this year. According to a statement released by the company in
October a group of hackers managed to gain access to sensitive information of
about 1,827 Vodafone customers. The stolen email addresses and passwords have
been sold
on dark web. It seems that the bank account details of the customers were
leaked as well. This news came to light just after the hack of Talk Talk, which
has raised many concerns about the security of the British telecom and
broadband operators. 

The biggest UK phone retailer has also been targeted by
cyber criminals this year. In August Cardphone Warehouse were hacked and
hackers managed to access the personal records of around 2.4 million customers.
The company faced a lot of criticism from its customers for keeping the news secret
for 48 hours. The stocks of the company have been crashed when the news of hack
hits the media. 

Just after a month Samsung bought its payment system company
for $250M, LoopPay was hacked. The group behind this hack is Chinese dubbed as
‘Codoso Group’ or ‘Sunshock Group’, and for the 5 months no one in the company
had any idea that they were hacked. The company said that no user data has been
lost, despite the fact that it took them 5 months to notice that they were
hacked.

One of the biggest financial hacking incident in US history,
which started back in 2012 and was up and running until mid of 2015.  A total number of 9 large financial
institutions were targeted in the United States, during this time. Hackers
manage to access information of more than 100 million customer’s and affected
80 million households. The three hackers behind this big hack were arrested and
were trialed in US Court in New York. This hacking incident is dubbed by many
as the “the largest theft of user data from a U.S. financial institution in
history.”

Just hours after US President Obama called for new cyber
security laws in a summit held in Germany, the official website of the US Army
was taken down by Syrian hackers.  Syrian
Electronic Army were the group who claimed the responsibility of the attack as
per their official twitter account. In this case, this was just a defacement
and no data was stolen because the website did not contain sensitive.  

Most probably the most famous hotel chain, with over 4,112
hotels in around 91 countries, Hilton has also been a victim of cyber-criminal
attacks this year. The credit cards information of many Hilton customers were stolen.
Hackers sold the credit card details and stolen information of Hilton customers
on the Darkweb, which resulted in many of its customers being victims of credit
card frauds.

Most of the above mentioned hack attack could have been
easily avoided should the organizations have taken web
application security more seriously. In all of the above cases hackers have
exploited some of the most common vulnerabilities such as SQLinjection, which
could be automatically found with an automated web vulnerability scanner such
as Netsparker. Don’t let your business become a statistic. Scan your
websites and find vulnerabilities before hackers do.