Internet, Networking, & Security Antivirus The Greatest Computer Hacks Vandalism, Theft, and Cleverness on a Large Scale By Paul Gil Writer Paul Gil, a former Lifewire writer who is also known for his dynamic internet and database courses and has been active in technology fields for over two decades. our editorial process Paul Gil Updated October 04, 2019 Hero Images/Getty Images Antivirus Browsers Cloud Services Error Messages Home Networking 5G Antivirus VPN Web Development Around the Web View More Tweet Share Email Hacking is about manipulating and bypassing systems to force them to do the unintended. While most hackers are benign hobbyists, some hackers inflict terrible widespread damage and cause financial and emotional injury. Victimized companies lose millions in repair and restitution costs; victimized individuals can lose their jobs, their bank accounts, and even their relationships. 01 of 13 Ashley Madison Hack 2015: 37 Million Users AndSim/iStock The hacker group Impact Team broke into the Avid Life Media servers and copied the personal data of 37 million Ashley Madison users. The hackers then incrementally released this information to the world through various websites. The effect on people's personal reputations rippled across the world, including claims that user suicides followed after the hack. This hack is memorable not only because of the sheer publicity of the aftermath, but because the hackers also earned some fame as vigilantes crusading against infidelity and lies. Read more about the Ashley Madison breach: Rob Price describes the effects of the Ashley Madison hack scandal Callum Paton tells us how you can check if your spouse was affected by the hack Krebs on Security describes how the hack transpired 02 of 13 The Conficker Worm 2008: Still Infecting a Million Computers a Year Steve Zabel / Getty While this resilient malware program has not wreaked irrecoverable damage, this program refuses to die; it actively hides and then copies itself to other machines. Even more frightening: This worm continues to open backdoors for future hacker takeovers of the infected machines. The Conficker worm program (also known as the Downadup worm) replicates itself across computers, where it lies in secret to either convert your machine into a zombie bot for spamming or to read your credit-card numbers and your passwords through keylogging then and transmit those details to the programmers. Conficker/Downadup is a smart computer program. It defensively deactivates your antivirus software to protect itself. Conficker is noteworthy because of its resilience and reach; it still travels around the Internet eight years after its discovery. Read more about the Conficker/Downadup worm: Kelly Burton describes the technical side of the Conficker worm How to detect and remove Conficker from your computer Symantec can also remove the worm for you 03 of 13 Stuxnet Worm 2010: Iran's Nuclear Program Blocked Getty A worm program that was less than 1 MB in size was released into Iran's nuclear refinement plants. Once there, it secretly took over the Siemens SCADA control systems. This sneaky worm commanded more than 5,000 of Iran's 8,800 uranium centrifuges to spin out of control, then suddenly stop and then resume, while simultaneously reporting that all is well. This chaotic manipulating went on for 17 months, ruining thousands of uranium samples in secret and causing the staff and scientists to doubt their own work. All the while, no one knew that they were being deceived and simultaneously vandalized. This devious and silent attack wreaked far more damage than simply destroying the refining centrifuges themselves; the worm led thousands of specialists down the wrong path for a year and a half and wasted thousands of hours of work and millions of dollars in uranium resources. The worm was named Stuxnet, after a keyword found in the code's internal comments. This hack is memorable because of both optics and deceit. It attacked the nuclear program of a country that has been in conflict with the USA and Israel and other world powers and it also deceived the entire Iranian nuclear staff for a year and a half as it performed its deeds in secret. Read more about the Stuxnet hack: Stuxnet: a modern digital weapon?Stuxnet was like a Tom Clancy novelThe real story of Stuxnet 04 of 13 Home Depot Hack 2014: Over 50 Million Credit Cards Raedle / Getty By exploiting a password from one of its stores' vendors, the hackers of Home Depot achieved the largest retail credit card breach in human history. Through careful tinkering of the Microsoft operating system, these hackers managed to penetrate the servers before Microsoft could patch the vulnerability. After they entered the first Home Depot store near Miami, the hackers worked their way throughout the continent. They secretly observed the payment transactions on more than 7,000 of the Home Depot self-serve checkout registers. They skimmed credit card numbers as customers paid for their Home Depot purchases. This hack is noteworthy because it was launched against a large corporation and millions of its trusting customers. Read more about the Home Depot hack: How CEO Frank Blake responded to his chain of stores getting hackedThe Wall Street Journal describes the hack hereThe Home Depot hack is now an official case study 05 of 13 Spamhaus 2013: The Largest DDOS Attack in History screenshot A distributed denial of service attack is a data flood. By using dozens of hijacked computers that repeat signals at a high rate and volume, hackers will flood and overload computer systems on the Internet. In March of 2013, this particular DDOS attack was large enough that it slowed the entire Internet across the planet and completely shut down parts of it for hours at a time. The perpetrators used hundreds of domain-name servers to reflect signals repeatedly, amplifying the flood effect and sending up to 300 gigabits per second of flood data to each server on the network. The target at the center of the attack was Spamhaus, a nonprofit professional protection service that tracks and blacklists spammers and hackers on behalf of Web users. The Spamhaus servers, along with dozens of other Internet exchange servers, were flooded in this attack. This DDOS hack is noteworthy because of the sheer scale of its brute force repetition: It overloaded the Internet's servers with a volume of data that had never been seen before. Read more about the Spamhaus attack: The New York Times describes the DDOS attackA London teenage hacker pleads guilty to being one of the DDOS hackersMeet Spamhaus, the anti-spam service that was the prime target of the DDOS attack. 06 of 13 eBay Hack 2014: 145 Million Users Breached Kimberly White /Getty Images Some people say this is the worst breach of public trust in online retail. Others say that it was not nearly as harsh as mass theft because only personal data was breached, not financial information. Whichever way you choose to measure this unpleasant incident, millions of online shoppers have had their password-protected data compromised. This hack is particularly memorable because it was public and because eBay was painted as weak on security because of the company's slow and lackluster public response. Read more about the eBay hack of 2014: BGR describes how the eBay hack transpiredeBay does not win any points with its sluggish response to the breachHere's eBay's blog response 07 of 13 JPMorgan Chase Hack 2014: 83 Million Accounts Andrew Burton / Getty In the middle of 2014, alleged Russian hackers broke into the largest bank in the United States and breached 7 million small-business accounts and 76 million personal accounts. The hackers infiltrated the 90 server computers of JPMorgan Chase and viewed personal information on the account holders. Interestingly enough, no money was looted from these account holders. JPMorgan Chase will not share all the results of their internal investigation. What they will say is that the hackers stole contact information like names, addresses, email addresses and phone numbers. They claimed that there is no evidence of Social Security, account number, or password breach. This hack is noteworthy because it struck at where people store their money, raising questions about the security of the U.S. banking system. Read more about JPMorgan Chase hack: The New York Times tells the story of the hackThe UK Register tells us that server technicians failed to upgrade one of its servers that allowed the hackHere is the official report documentation from the U.S. Securities and Exchange Commission. 08 of 13 The Melissa Virus 1999: 20 Percent of the World's Computers Infected screenshot A New Jersey man released this Microsoft macro virus into the Web, where it penetrated Windows computers. The Melissa virus masqueraded as a Microsoft Word file attachment with an email note alleging an "'Important Message from [Person X]." After the user clicked the attachment, Melissa activated itself and commanded the machine's Microsoft Office to send a copy of the virus as a mass mailout to the first 50 people in that user's address book. The virus itself did not vandalize files or steal any passwords or information; rather, its objective was to flood email servers with pandemic mailouts. Indeed, Melissa successfully shut down some companies for days at a time as the network technicians rushed to clean their systems and purge the pesky virus. This virus/hack is noteworthy because it preyed on people's gullibility and the then-current weakness of antivirus scanners on corporate networks. It also gave Microsoft Office a black eye as a vulnerable system. Read more about Melissa virus: 1999: Melissa wreaks havoc on the WebHow Melissa worksWhat can we learn from Melissa? 09 of 13 LinkedIn 2016: 164 Million Accounts screenshot In a slow-motion breach that took four years to reveal, the social networking giant admits that 117 million of its users had their passwords and logins stolen in 2012, to later have that information sold on the digital black market in 2016. The reason this is a significant hack is because of how long it took for the company to understand how badly they had been hacked. Four years is a long time to realize you've been robbed. Read more about the LinkedIn hack: CNN Money describes the incidentLinkedIn publicly responds to the 2012 hack 10 of 13 Anthem Health Care Hack 2015: 78 Million Users Tetra / Getty The second-largest health insurer in the United States had its databases compromised through a covert attack that spanned weeks. Anthem refuses to disclose details of the penetration but the company claims that no medical information was stolen, only contact information and Social Security numbers. No harm has been yet identified for any of the compromised users. Experts predict that the information will one day be sold through online black markets. As a response, Anthem provided free credit monitoring for its members. Anthem is also considering encrypting all its data. The Anthem hack is memorable because of its optics: Another monolithic corporation fell victim to a few clever computer programmers. Read more about the Anthem hack here: Anthem responds to their customer questions about the hackThe Wall Street Journal describes the Anthem hackMore details about the Anthem hack and their response. 11 of 13 Sony Playstation Network Hack 2011: 77 Million Users Djansezian / Getty April 2011: Intruders from the Lulzsec hacker collective cracked open the Sony database at their PlayStation Network, revealing the contact information, logins, and passwords of 77 million players. Sony claims that no credit card information was breached. Sony took down its service for several days to patch holes and upgrade their defenses. There has been no report that the stolen information has been sold or used to harm anyone yet. Experts speculate that the weakness was exploited through a SQL injection attack. The PSN hack is memorable because it affected gamers, a culture of people who are computer-savvy fans of technology. Read more about the Sony PSN hack here: ExtremeTech describes how Sony PSN was hackedHow SQL injection works 12 of 13 Global Payments 2012 Hack: 110 Million Credit Cards PhotoAlto / Gabriel Sanchez / Getty Global Payments is one of the several companies that handle credit card transactions for lenders and vendors. Global Payments specializes in small-business vendors. In 2012, their systems were breached by hackers and information on people's credit cards was stolen. Some of those users have since experienced fraudulent transactions. The signature-based system of credit cards in the United States is dated, and this breach could have easily been reduced if credit card lenders would invest in using the newer chip cards that are used in Canada and the UK. Since the attack, the United States has migrated to a chip-and-pin or chip-and-sign approach for processing point-of-sale card transactions, although migration has been largely voluntary by retailers. This hack is noteworthy because it struck at the daily routine of paying for goods at the store, shaking the confidence of credit card users around the world. Read more about the Global Payments hack: CNN Money describes the GPN hackHow hackers use DoS and SQL injectionsHeartland payment processor was also hacked in 2009 before merging with Global Payments 13 of 13 So What Can You Do to Prevent Getting Hacked? E+ / Getty Hacking is a real risk that all of us must live with, and you will never be 100-percent hacker-proof. You can reduce your risk, though, by making yourself harder to hack than other people and by mitigating your risk by following basic best-practice security standards: 1. Check to see if you've been hacked and outed at this free database. 2. Make the extra effort to design strong passwords as we suggest in this tutorial. 3. Use a different password for each of your accounts; this practice will substantially reduce how much of your life a hacker can access. 4. Consider adding two-factor authentication to your Gmail and other primary online accounts. 5. Consider subscribing to a VPN service to encrypt all of your online traffic.