2018 has had plenty of notable data breaches. With millions of credentials stolen over the course of the year, we’ve compiled the biggest breaches that may have affected you and/or your business!

Marriott International

Data Breach: Data from 500 million guests

In November, Marriott International disclosed one of the largest breaches in history which comprised of data from up to 500 million guests in the Starwood guest reservation database. Sometime between 2014 and September 2018, threat actors gained unauthorized access of the network  and copied data related to names, phone numbers, email addresses, mailing addresses, dates of birth, passport numbers, and more. About 5.25 million unencrypted passport numbers were obtained. 

Marriott International has contacted those potentially affected and offered resources toward fraud consultation and related services. They have also shut down the database related to the incident.

Under Armour

Data Breach: Data from 150 million accounts

In March, Under Armour revealed a breach of 150 million names, email addresses, and hashed passwords. As of the end of 2018, Under Armour has still not disclosed the hackers or how they obtained access to the data. 

Under Armour notified the users of the app and required them to change their passwords.


Data Breach: Data from 14 million records

In September, a serious vulnerability was discovered on the GovPayNet website, GovPayNow. By just changing the numbers on a customer record, any user could view any customer’s receipt. On these receipts were customer’s names, addresses, phone numbers, and the last four digits of the payment method. 

While GovPayNet did fix the vulnerability, they stated that there was no evidence any hackers used this exposed information.

Cathay Pacific

Data Breach: Data from 9.4 million passengers

In October, airline Cathay Pacific announced a data security event occurred in March of 2018. The personal data of 9.4 million passengers was exposed due to unauthorized access.

According to the airline, “The following types of personal data of Cathay Pacific and Cathay Dragon passengers was accessed: name; nationality; date of birth; phone number; email; address; passport number; frequent flyer programme membership number; customer service remarks and historical travel information.”


Hudson’s Bay Company

Data Breach: Data from 5 million credit cards

In April, a cybersecurity research firm known as  Gemini Advisory released a report indicating 5 million stolen credit card records. Stores affected included Saks Fifth Avenue, Saks OFF 5TH, and Lord & Taylor stores in North America. 

HBC did not officially disclose any specifics related to attack vectors or holes in security, but regardless offered free identity protection services to its customers.


Sign Up to Our Newsletter
For the Latest News and Tips


If your company is like many organizations, your IT infrastructure progressed over time, trying to keep up with the pace of your business. Without the right kind of IT planning and careful technology management all along, your technical environment probably has gaps.

Our IT assessments provide a clear picture of your current IT infrastructure and operations. Whether faced with budget shortfalls, limited resources, aging infrastructure or an outdated strategy, our detailed assessment reports provide relevant findings and recommendations to spur meaningful organizational change.

NetConnect provides comprehensive assessments of both IT infrastructure and IT operations. Our IT infrastructure assessments evaluate all major infrastructure components, including servers, storage networks, security, desktop infrastructure, end-device hardware and applications. Our IT operations assessments evaluate critical operational areas, such as IT strategic planning, IT staffing, IT operational processes, IT governance, IT vendor management and IT support.