Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityTechnologies & SolutionsSecurity Enterprise ServicesSecurity Leadership and ManagementLogical SecuritySecurity & Business ResilienceSecurity Education & TrainingCybersecurity News

The top data breaches of 2021

By Maria Henriquez
SEC_Web_Top10_databreaches-1170x658.jpg
December 9, 2021

2021 will be a record-breaking year for data breaches. According to Identity Theft Resource Center (ITRC) research, the total number of data breaches through September 30, 2021 has already exceeded the total number of events in 2020 by 17%, with 1,291 data breaches in 2021 compared to 1,108 breaches in 2020.

In particular, manufacturing & utilities sector's data security was deeply impacted, with 48 compromises and a total of 48,294,629 victims. The healthcare sector followed, with 78 compromises and more than 7 million victims. Other sectors with more than 1 million victims included financial services (1.6 million victims), government (1.4 million victims) and professional services (1.5 million victims).

Even more worrisome, there has been an increase in a lack of transparency in data breach notices at both the organization and government level. If the trend was to continue, the ITRC says, it could lead to a significant impact on individuals and organizations.

This year, Security magazine brings you a list of 2021’s top 10 data breaches and exposures, and a few other noteworthy mentions.

 

10. Android Users Data Leak — 100+ million

In May, security researchers discovered the personal data of more than 100 million Android users exposed due to several misconfigurations of cloud services. Unprotected in real-time databases used by 23 apps, the downloads ranged from 10,000 to 10 million and included internal developer resources.

Check Point researchers discovered anyone could access sensitive and personal information, including names, email addresses, dates of birth, chat messages, location, gender, passwords, photos, payment information, phone numbers and push notifications.

In addition, of the 23 apps that Check Point researchers analyzed, a dozen had more than 10 million installations on Google Play. Most of them had the real-time database unprotected, exposing sensitive user information. While the misconfigured databases are not a surprise, the findings show the lack of basic security practices in many applications. The misconfigurations also put users’ personal data at risk.

 

9. Thailand Visitors — 106+ million

In August, Comparitech cybersecurity researcher Bob Diachenko stumbled across his own data online after discovering an unsecured database, which contained the personal information of millions of Thailand visitors.

The unprotected Elasticsearch database dated back ten years and contained the personal information of more than 106 million international travelers, including:

  • Date of arrival
  • Full name
  • Sex
  • Passport number
  • Residency status
  • Visa type
  • Arrival card number

Diachenko alerted Thai authorities, who acknowledged the incident and secured the data the following day.

 

8. Raychat — 150 million

Iran business and social messaging application Raychat suffered a large data breach. Millions of its user records were exposed to the internet and then destroyed by a cyberattack involving a bot.

According to a Gizmodo report, the company stored its user data on a misconfigured MongoDB database, a NoSQL database used by companies who handle large volumes of user data. When misconfigured, the database can leave millions of documents vulnerable. Diachenko, who discovered the breach, said he found the vulnerability using publicly accessible open-source search tools. In a Twitter DM to Gizmodo, Diachenko said that several NoSQL databases like Mongo are targets “for bot attacks operated by malicious actors who scan the internet for open and unprotected dbs [databases] and wipe their contents, with only a ransom note left.” Diachenko says a README ransom note demanded 0.019 in bitcoin (or $700).

 

7. Stripchat — 200 million

Diachenko discovered an Elasticsearch database containing 200 million records belonging to Stripchat — an adult cam site. The database included 65 million user records that contained email addresses, IP addresses, the number of tips they gave to models, a timestamp of when the account was created and the last payment activity.

Diachenko also found another database containing about 421,000 records for the platform's models, including usernames, gender, studio IDs, tip menus and prices, live status, and the model's “strip score.”

Stripchat’s Max Bennet told Threatpost by email, “Information on 134 million transactions occurring were exposed; however, no information was leaked regarding the payment details. Finally, information on at least 719,000 chat messages (was exposed). No content of the private messages was revealed, though.”

Diachenko said the exposure could pose risks for both Stripchat viewers and models.

 

6. Socialarks — 214+ million

Safety Detectives researchers, led by Anurag Sen, discovered a server belonging to Socialarks — a cross-border social media management company — that contained scrapped profiles of more than 214 million social media users, obtained from Facebook, Instagram and LinkedIn. The database had more than 408GB of data and more than 318 million records.

Safety Detectives discovered:

  • 11,651,162 Instagram user profiles
  • 66,117,839 LinkedIn user profiles
  • 81,551,567 Facebook user profiles
  • A further 55,300,000 Facebook profiles were summarily deleted within a few hours after our team first discovered the server and its vulnerability.

Given the size of the data leak, Safety Detectives said it was challenging for the team to unravel the full extent of the potential damage caused. But, from the data examined, researchers could determine people's full names, country of residence, place of work, position, subscriber data and contact information and direct links to profiles.

 

5. Brazilian Database — 223 million

In January, the largest personal data breach in Brazilian history was discovered. The data sets were discovered by PSafe and then reported by Tecnoblog. The databases included names, unique tax identifiers, facial images, addresses, phone numbers, email, credit score, salary and more. The data also contains the personal data of several million deceased individuals. In addition, 104 million vehicle records were available.

The information, Open Democracy says, is typically used by credit scoring bureaus, which led researchers to suspect the leak may have originated from Serasa Experian, the leading Brazilian credit-scoring bureau.

The data was offered for free on a Darknet forum.

 

4. Bykea — 400 million

Led by researcher Sen, the Safety Detectives team discovered an Elastic server vulnerability during routine IP-address checks on specific ports. The exposed server contained API logs for Bykea — transportation, logistics and cash on delivery payments company with headquarters in Karachi, Pakistan.

Researchers discovered Bykea publicly exposed all its production server information without password protection or encryption and allowed access to more than 200GB of data containing more than 400 million records. The data contained people's full names, locations, and other personal information that hackers could potentially harness to cause financial and reputational damage.

Bykea’s CEO, Muneeb Maayr, described the cyberattack as “nothing out of the ordinary given that Bykea is a mobility-based tech firm, Safety Detectives reports. It remains unclear whether this latest breach is related to a hack the company suffered earlier, during which attackers reportedly deleted the company’s entire customer database.”

 

3. Facebook — 553 million

Security researcher Alon Gal discovered a leaked database belonging to Facebook, containing 533 million accounts.

The data includes the personal information of Facebook users from 106 countries, including more than 32 million records on users in the U.S., 11 million on users in the U.K. and 6 million on users in India. Insider reviewed a sample of the leaked data and verified several records by matching known Facebook users’ phone numbers with the IDs listed in the data set. Insider also confirmed records by testing email addresses from the data set in Facebook's password-reset feature, which can be used to partially reveal a user's phone number.

According to Gal, “A database of that size containing the private information such as phone numbers of a lot of Facebook's users would certainly lead to bad actors taking advantage of the data to perform social-engineering attacks [or] hacking attempts.”

 

2. LinkedIn — 700 million

The personal data of 700 million LinkedIn users, nearly 93% of the company’s members, was on sale online. The data appeared to be recent, with samples from 2020 and 2021. Though the data did not include login credentials or financial information, it did include personal information that could be used to assume someone’s identity, including:

  • Full names
  • Phone numbers
  • Physical addresses
  • Email addresses
  • Geolocation records
  • LinkedIn usernames and profile URLs
  • Personal and professional experiences and backgrounds
  • Genders
  • Other social media accounts and usernames

In a statement to Fortune, a LinkedIn spokesperson disputes this, saying, “We’ve investigated, and there is no evidence that this is new data or that the data is from 2020 and 2021. LinkedIn’s current investigation indicates phone number, gender, inferred salary, and physical address in this data set did not come from LinkedIn.”

The threat actor said they had used the same method to obtain the data that was used in an April infiltration, which also saw data from 500 million users being sold online. The company issued a statement, saying the data was not the result of an attack but a threat actor pulling data that was publicly available on a large scale.

“Our teams have investigated a set of alleged LinkedIn data that has been posted for sale,” the company said. “We want to be clear that this is not a data breach and no private LinkedIn member data was exposed. Our initial investigation has found that this data was scraped from LinkedIn and other various websites and includes the same data reported earlier this year in our April 2021 scraping update. When anyone tries to take member data and use it for purposes LinkedIn and our members haven’t agreed to, we work to stop them and hold them accountable.”

 

1. Cognyte — 5 billion

Diachenko discovered a massive database of more than 5 billion records, collected from previous data incidents, exposed on the web without a password or any other authentication required to access it, according to Comparitech.

The database was stored by Cognyte, a cybersecurity analytics firm that stored the data as part of its cyber intelligence service, which is used to alert customers to third-party data exposures. Diachenko alerted Cognyte, who secured the database three days later.

“Thanks to the information provided by the security researcher, Volodymyr “Bob” Diachenko, Cognyte was able to rapidly respond to and block a potential exposure. We appreciate such a responsible and constructive approach, which helps raising awareness and induces companies and organizations to implement security safeguards and better protect their data,” Cognyte said in a statement to Comparitech.

Stored on an Elasticsearch cluster, the database was exposed for four days and contained 5,085,132,102 records. Not all of the data breaches from which the data was sourced included passwords, however we could not determine an exact percentage of records that contained a password, Comparitech says.

 All or some contained the following information:

  • Name
  • Email address
  • Password
  • Data source

Some of the previous data breaches from which data was sources include Zoosk, Tumbler, Antipublic, MySpace, Canva, Verification.io, iMesh, Edmodo, VK, Exploit, Master Breach Comp, Rambler, Onebip, Scentbird, Appen.com, Toondoo, Wishbown, Wattpad, Mathway, Promo.com, MGM, and Estante (Brazilian book shop).

Though the data breach had been breached before, it could have posed risks to end users if threat actors had accessed it.

 

Other noteworthy data breaches include:

  • Ubiquiti
  • Clubhouse
  • USCellular
  • Robinhood
  • Twitch
  • T-Mobile
  • Panasonic
  • GoDaddy
  • Verkada
  • Rapid7
  • DreamHost
  • Colonial Pipeline

 

*Editor’s note: All care is taken to provide up-to-date information with the aim to publish accurate and relevant information. 

Check out 2020’s Top 10 Data Breaches here. For 2019’s Top 12 Data Breaches, click here. 

 

This article originally ran in Today’s Cybersecurity Leader, a monthly cybersecurity-focused eNewsletter for security end users, brought to you by Security Magazine. Subscribe here.

KEYWORDS: cyber security data breach data protection ransomware risk management Top Data Breaches

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Maria Henriquez is a former Associate Editor of Security. She covered topics including cybersecurity and physical security, risk management and more.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Cybersecurity
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Enterprise Services
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity Education & Training
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Pills spilled

More than 20,000 sensitive medical records exposed

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

Coding on screen

Research reveals mass scanning and exploitation campaigns

White post office truck

Department of Labor Sues USPS Over Texas Whistleblower Termination

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

2025 Security Benchmark banner

Events

May 22, 2025

Proactive Crisis Communication

Crisis doesn't wait for the right time - it strikes when least expected. Is your team prepared to communicate clearly and effectively when it matters most?

September 29, 2025

Global Security Exchange (GSX)

 

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • cybersecurity breach

    The Top 12 Data Breaches of 2019

    See More
  • top 10 data breaches

    The top 10 data breaches of 2020

    See More
  • cyber-security--data-freepik

    Data breaches in the first half of 2021 exposed 18.8 billion records

    See More
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing