The Worst Cyberattacks and Data Breaches of 2019


Put your email address in the have i been pwned? website and see what results you get. How secure do you feel? By 2020, it’s safe to assume that most people with an online presence have had a least some of their Personally Identifiable Information (PII) compromised in a data breach.

SonicWall has been tracking and reporting on major data breaches throughout 2019 and we’ve compiled a list of not necessarily the biggest cyberattacks and data breaches of 2019, but the ones with the worst overall impact, giving us insight into the direction cyberattacks are heading in 2020.

Notable cyberattacks of 2019

Quest Diagnostics

Breaches that result in the loss of medical data can be damaging due to the possibility of highly personal information being released, whether that data is medical records themselves or identifiable data like Social Security numbers that could aid a cybercriminal in carrying out identity theft, or even blackmail. With this in mind, 2019 unfortunately set breach records in this category, with the biggest single breach likely being Quest Diagnostics, where 11.9 million patients were affected. Data taken included credit card numbers, medical information and personally identifiable data but, small consolation prize, lab results were not included.


The gaming industry is now bigger than both the entire music industry and Hollywood combined, making it a prime target for cybercriminals. It should come as no surprise then that cyberattackers would aim squarely for one of the biggest games on the planet.

In January 2019, a vulnerability found in Fortnite’s login system allowed hackers to impersonate real players, including viewing chat logs and other in-game details. More worryingly, the vulnerability allowed malicious users to purchase in-game currency using credit cards on file. This currency could then be siphoned off to other, legitimate, accounts — essentially money-laundering.

It is unclear how many accounts were affected, but considering there were over 80 million people logging in to Fortnite a week at the time the vulnerability was discovered, the number of players impacted is potentially huge. The vulnerability was quickly fixed but a class-action lawsuit was launched in August, the same month that a known exploit in Fortnite was used to install ransomware.

The Fortnite vulnerabilities serve as a warning to gamers and the wider gaming industry: you are a target.

US Customs and Border Protection

When U.S. Customs and Border Protection officials announced in June that a federal subcontractor had been hacked, 100,000 global travelers joined the ranks of people who have had their personal information and photos exposed. The hack included a large cache of images of car license plates, often including the face of the driver. The incident stands out as one of the more distinctive cyberattacks on U.S. public institutions in 2019, a year in which the most high-profile attacks were a rash of ransomware attacks on Texas government agencies that temporarily brought the state’s municipal infrastructure to a standstill.

Capital One

Over 100 million Americans and 6 million Canadians were affected by the Capital One data breach, where the data taken stretched from 2019 all the way back to 2005. Names, addresses, ZIP codes/postal codes, phone numbers, email addresses, dates of birth and self-reported income were taken in most cases. In addition, 140,000 Social Security numbers, 80,000 linked bank account numbers and 1 million Canadian Social Insurance numbers were all stolen. One estimate of the damage to the financial giant put the cost of the data breach at more than $300 million.


As one of the most ubiquitous and data-packed websites on the internet, Facebook is under constant scrutiny. In April and September of 2019, two privacy breaches were discovered that exposed the personal information of around 2 million Facebook users, including phone numbers and passwords. Neither of these events were related to a cyberattack, however, and they were both discovered by security researchers looking for vulnerabilities in the Facebook web architecture. In December, Facebook again made the headlines when security expert Bob Diachenko discovered an exposed database containing names, phone numbers and Facebook IDs of more than 267 million Facebook users. In this case, the data was already posted to a hacker forum for download before the internet service provider could take action and remove access.


Magecart makes our list as one of the most widely-distributed malware attacks in 2019. A recent count of active Magecart infections claims the malware is affecting over 18,000 website hosts, remarkable considering it’s an infection that’s been around in one form or another for nearly a decade. Magecart is a supply-chain attacker than hijacks the digital cart-system on websites when users make orders, stealing financial information as the order is processed. Major breaches caused by Magecart in 2019 included British Airways, Ticketmaster UK, and even the Sesame Street store.

Looking to 2020

As demonstrated throughout 2019, “cyberattack” and “data breach” are broad terms covering a huge range of activities, from poorly maintained databases found exposed online to well-oiled criminal enterprises selling their capabilities as a service. The data indicates that these events are not going to go away any time soon and cybersecurity needs to continue to be a top priority for businesses and organizations everywhere.

As 2020 starts and tensions between the U.S. and Iran have ratcheted up to a fever pitch, security researchers are highlighting the likelihood of cyberwarfare increasingly being used as an instrument of foreign policy. From disrupting elections to attacks on power grids and ransomware attacks targeting government agencies, cybersecurity is firmly establishing itself as the central concern for organizations everywhere.

SonicWall protects organizations from cyberattacks

The growing complexity of attack tactics and increasing areas of vulnerability mean that security professionals can no longer view insider threats and traditional phishing attacks as the primary attack vector for data compromise. Every organization needs to have a layered, defense-in-depth approach, something SonicWall can help with through our automated real-time breach detection and prevention platform.

Some general best practices include:

  • Ensure your cybersecurity strategy is scaled across wired, wireless, cloud and mobile networks, where applicable
  • Leverage next-generation firewalls to mitigate advanced cyber threats
  • Layer cybersecurity controls with cloud sandboxing, such as SonicWall Capture ATP
  • Secure your data in the cloud protect SaaS environments using SonicWall Cloud App Security
  • Deploy email security controls to help identify and block phishing attempts
  • Map network data to understand what’s most valuable

There’s no question that our list of the worst cyberattacks and data breaches of 2019 tell a dismal story of a rapidly expanding cyber threat landscape. However, by assessing your business’s cybersecurity strategy, ensuring you have a layered approach in place, and improving overall security behavior, it’s possible to protect your business from most data breaches.

SonicWall Staff