2020 In Review: Biggest Hacks & Data Breaches

December 29th · 8 min read

This past year has certainly been one for the history books. We’ve dealt with a pandemic, toilet paper shortages, wildfires, and so much more. With these changes, many companies were forced to move their workforces online with little preparation. This led to security holes and an increase in hacks and data breaches.

From Wawa and Microsoft, Amtrak, and government agencies, 2020 has been full of data breaches, many of which could have involved your personal information. While you might not think you have anything of value to hackers, you’d be surprised to learn what your information is really worth to a cybercriminal, not to mention the effects of Identity theft if not caught in time.

If this year has taught us anything about our digital lives, it’s that our personal privacy and online security need to be a priority. If you don’t already use data breach protection for yourself, there has never been a more important time to start. Here are some of the biggest hacks and data breaches of 2020.


Travelex: Travelex experienced a malware attack, resulting in ransomware. Previously a provider or currency exchange services and travellers checks, Travelex has since shut down all online sales.

IRS Tax Refunds: A US resident stole the identities of US citizens to file fraudulent tax returns worth $12 million, made possible through data leaked in data breaches.

Wawa: 30 million records containing customers’ personal information, including financial data was made available for sale online.

Microsoft: Five servers used to store anonymized user analytics were exposed and open on the Internet without adequate protection.


Denmark’s Government Tax Portal: Taxpayer identification numbers of 1.26 Danish citizens were inadvertently made public.

DOD Defense Information Systems Agency: This agency, which handles IT for the White House admitted to a data breach that potentially compromised employee records.

Estée Lauder: 440 million internal records were exposed due to middleware security failures.

General Electric: GE alerted employees that an unauthorized person gained access to their personal information as a result of security failures with supplier Canon Business Process Service.


Marriott: Email accounts of 5.2 million hotel guests were impacted in a cyberattack.

T-Mobile: A hacker gained access to employee email accounts which allowed data belonging to customers and employees to be accessed.

NutriBullet: Payment card skimming code was found on NutriBullet’s ecommerce store.

Marriott: A second cyberattack in the same month impacted 5.2 million hotel guests.


US Small Business Administration: Nearly 8,000 emergency loan applicants were involved in a data leak involving their personally identifiable information.

Nintendo: A mass account hijacking campaign led to a beach of 160,000 users’ information.

Email.it: This Italian email provider failed to protect the data of 600,000 users, resulting in their data being sold on the dark web.


EasyJet: The data of 9 million customers, including financial records were involved in a data breach.

Blackbaud: Ransomware hijacked customer systems which resulted in data leaks online. The company later paid ransom to stop additional leakage of information.

Mitsubishi: A data breach affecting Mitsubishi also resulted in confidential cutting-edge missile design data being stolen.

Toll Group: The logistics giant was hit by a second ransomware attack in three months.

Wishbone: This popular sharing site experienced a data breach resulting in 20 million user records being shared online by the ShinyHunters hacking group.

Pakistani Mobile: Data belonging to 44 million Pakistani mobile users were leaked online.


Amtrak: Hackers accessed customers’ personal data and gained access to many Amtrak Guest Rewards accounts.

University of California SF: After ransomware threatened the integrity of their COVID-19 research, the university paid hackers $1.14 million.

NASA: IT contractor networks belonging to NASA were infiltrated by The DopplePaymer ransomware group.

Claire’s: This accessories company found in most shopping malls fell victim to a card-skimming Magecart infection.


CouchSurfing: 17 million records belonging to users of CouchSurfing.com were found on an underground forum.

University of York: Staff and student records for this United Kingdom University were stolen in a data breach.

MGM Resorts: 142 million records belonging to guests of MGM Resorts were put online for sale by a hacker.


Cisco: A former engineer pleaded guilty to causing large scale damage to Cisco networks, which cost the company $2.4 million to fix.

Canon: This company best known for photography was struck by ransomware attributed to Maze.

LG, Xerox: Another ransomware attack from Maze resulted in data belonging to LG and Xerox being made public.

Intel: 20 Gigabytes of sensitive data was published online.

Check if your information has been leaked

Protect yourself from identity theft & other scams, begin with a free scan.


German Hospital Ransomware: A hospital patient passed away after hospital employees directed him away from a hospital amidst a ransomware infection affecting hospital networks.

Belarus Law Enforcement: Private information belonging to 1,000 high-ranking police officers was leaked.

US Satellites: Iranian hackers were charged for compromising United States-owned satellites.


Barnes & Noble: Ransomware group Egregor leaked stolen records from this well-known bookseller.

Google: Google reportedly mitigated a 2.54 Tbps DDoS attack.This is one of the largest DDoS attacks ever recorded.


Manchester United Football Club: A security incident impacting internal systems was reported as being under investigation in a multi million pound hack.

Mashable: A copy of a Mashable database was posted online by a hacker.

Home Depot: After a PoS malware infection impacted millions of shoppers, this US retailer paid a $17.5 million settlement.

Embraer: A cyberattack led to data theft for this Brazillian aerospace company.


Leonardo SpA: Italian police arrested suspects they believed to have stolen up to 10GB of sensitive corporate and military data from Leonardo SpA defense contractor.

Vancouver TransLink: Compass metro cards and Compass ticketing kiosks were disrupted for two days as a result of a ransomware attack.

Absa: A rogue employee at this South Africa-based bank was responsible for the leak of personally identifiable information belonging to its customers.

Check if your information has been leaked

Protect yourself from identity theft & other scams, begin with a free scan.

Be the first to know!

Subscribe to our exclusive mailing list and get the freshest stories from the Guardio team

You may also like