Alexa metrics
Live Chat

Welcome to UKFast, do you have a question? Our hosting experts have the answers.

Chat Now
Sarah UKFast | Account Manager

2017: A Year In Cybersecurity Breaches

29 November 2017 by Al McCloud

2017 has been a transformative year for cybersecurity. What was once the interest of a few professionals is now at the front of mind for every consumer who hands over personal information online.

Because those who cannot remember the past are condemned to repeat it, let’s take a look back at the most impactful data breaches to see if there are any learnings we can bring with us into a new year.



11 January
LLoyds Bank

A DoS attack was levelled at the bank, usually implemented to disrupt or completely take down a service, but this attack came with no ransom or calling card. This DoS attack lead the bank’s IT security experts to methodically switch off services in different locations, which affected customer’s services for the next few days.

20th March

Mobile company Three experienced their second data breach in 2017. The quirky technical issue, flagged first by their customers, would display a different customer’s details when logging in to Three’s online portal. In effect, customers had access to the complete details of another Three customer’s data, at random. The issue is now cleared up.

9th April

UK payday lender Wonga discovered that the data and bank details of up to 270,000 of its current and former customers might have been compromised. The company recognised the breach and provided a premium-rate helpline alongside advising more concerned customers to change their passwords.

2nd May
Handbrake Video Converter

One of the download mirrors for the video converter software was compromised by malware. OSX.PROTON, a remote access Trojan, allowed attackers access to users webcam, logged keystrokes and allowed for the uploading and downloading of files and screenshots.  The issue was caught quickly and rectified, with the company making an announcement on their blog as soon as the issue was discovered.

19th May

One of the biggest font sharing websites, DaFont compromised its users with its outdated encryption methods. The theft of its users data was possible thanks to an SQL injection vulnerability, and the fact that the website was storing passwords with an outdated algorithm. 637,000 usernames, email addresses and passwords were compromised as a result.

29th July

Credit rating agency Equifax was arguably the victim of the year’s biggest data breach. Reported figures suggest that as many as 143 million customers could have had personal data stolen, and their efforts to rectify the situation were made worse by yet more failures and uncertainty on their website.

31st July
HBO and Game of Thrones

In what would become a series of leaks, hackers breached HBOs servers, getting away with 1.5 terabytes of data on the cable network’s biggest show. Hackers levelled a $6.5 million ransom to stop release of the stolen content, but HBO refused to negotiate with the demands.

1st September
River City Media

The email marketing firm, or spam farm (depending on how you look at it) exposed its database of 1.37 billion email addresses thanks to a faulty backup. In January of this year the company made a backup of their database which was, somehow, accidentally published to the internet without any password protection.

28th October
Heathrow Airport

Proving that cybersecurity means more than just computers, this data breach was the result of a lost USB stick. The unencrypted, unprotected stick was found in the street, and contained 76 folders with maps, videos, and other security arrangements at Heathrow, even including the Queen’s precise route when passing through the airport.


UKFast webinar

Webinar: Cybersecurity Predictions for 2018

What cybersecurity concerns can we predict for 2018 and how should you prepare your business accordingly? Sign up now to hear from the experts.

Date:Wednesday 6th December
Time: 11am
Duration: 1 hour

Register Now