Real People. Real Stories. Real Business.
Chris Bell

Learning from the Biggest Hacks in History

Cyber attack, the words alone can be enough to incite panic. Between a lack of understanding and media sensationalism, any mention of a cyber attack brings to mind catastrophic levels of damage. Recently, Labour leader Jeremy Corbyn came under scrutiny for claiming his party had been the victim of a “very serious” cyber attack attempt — only for industry experts to review the incident as being comparatively low-level and commonplace.

Like the difference between a cold and pneumonia, there are varying levels of severity when it comes to cyber attacks. A DDoS (distributed denial of service) attack, for instance, is a very common cyber attack that can be used for something as petty as forcing a fellow video gamer to disconnect from an online server. On the other side of the spectrum, a sophisticated ransomware attack can cripple a whole conglomerate.

These high-level hacks are rarer by comparison to the average DDoS attack but can do a lot more damage. In this article, we’re taking a look at some of the truly “very serious” cyber attacks that have occurred in history, and the lessons we must learn from them.

Yahoo! data breach

Date of breach: 2013
Date breach was reported: 2016

Type of cyber attack: Yahoo! described the attack as an exploit of the Company’s account management tool. Expert analysis suggested that the hack was achieved through forging cookies, which allowed the attackers to access user accounts without entering a password.


  • Yahoo! originally reported the hack in 2016, three years after the breach took place, and noted one billion user accounts were affected.
  • Yahoo! then updated their assessment of the matter in 2017, saying that every single account held by Yahoo! at the time had been breached. This included extended companies of Yahoo!, such as Tumblr. The total number of Yahoo! accounts active in 2013 topped three billion.
  • It cost the company $16 million in forensic and lawyer costs.


As far as cyber attacks go, having every single user account on your servers compromised