The Top Data Breaches in 2020 So Far, and What You Can Do to Protect Yourself

Onerep brings you current stories and latest news from the world of data. Learn about online privacy trends, high profile data breaches and other cybersecurity incidents involving both major companies and individuals.
Top Data Breaches 2020

Data breaches are a daily threat for today’s digital platforms, compromising both large enterprises and small businesses alike. In total, nearly half of all US companies have experienced some form of a data breach, and a new hacking attack occurs every 39 seconds

Of course, some data breaches are more consequential than others. This year, some of the most prominent data breaches include: 

#1 Marriott

In April, the Marriott hotel chain disclosed a data breach that compromised the personal information for 5.2 million guests. The breach includes guests’ names, birthdates, phone numbers, and loyalty card information. It’s the company’s second significant breach since 2018. 

#2 MGM Resorts 

In February, hackers posted 10.76 million hotel guests’ personal information online, including names, phone numbers, addresses, email addresses, and dates of birth. The breach resulted from a misconfigured database that gave hackers easy access to millions of customer records. 

#3 Zoom

As the world began a rapid transition to remote work and online learning, the popular video conferencing platform endured a data breach that compromised the login credentials for more than 500,000 users. This data was widely distributed on the Dark Web, giving hackers an easy opportunity to target consumers with additional cybercrimes.  

#4 Easy Jet

The budget airline experienced a data breach that compromised the email addresses and itineraries for nine million customers. Also, 2,208 customers had their financial information exposed. This information can quickly be repurposed by bad actors to target consumers with fraud attempts and other cybercrimes. 

#5 Health Share of Oregon

The state’s largest Medicaid coordinated care organization was breached in January, exposing the names, addresses, phone numbers, dates of birth, Social Security numbers, and Medicaid ID numbers for 654,362 patients. This information has a ready market on the Dark Web, giving hackers easy access to peoples’ personal information. 

#6 US Marshals Service

A data breach at the US Marshals Service exposed the personal data for nearly 400,000 prisons, including their names, addresses, dates of birth, and Social Security numbers. The incident reflects the expansive nature of today’s cyber threats, stretching from enterprises to government entities. 

#7 Nintendo 

This spring, more than 300,000 Nintendo gamers had their login credentials compromised in a data breach. Bad actors subsequently used that stolen information to access user accounts, demonstrating how quickly company data breaches can impact consumers. 

In total, these data breaches spanned multiple industries and were executed using a variety of attack methodologies, which reflects the comprehensive reality of today’s threat landscape.

Have I Been Compromised?

While companies are responsible for notifying users of a data breach, there is often a significant lag between a data loss event and detection. According to IBM’s 2020 Cost of a Data Breach Report, it takes the average company 280 days to identify and contain a breach, giving bad actors ample time to misuse stolen information. 

Therefore, a cadre of digital platforms have emerged to provide Dark Web monitoring to identify stolen information and to notify users when their information is available for sale. For example, Experian’s free Dark Web scan helps users identify compromised data for sale to the highest bidder. Similarly, haveibeenpwned, an increasingly popular search repository for data breach records, allows people to identify data breach instances related to their email credentials.

Best Practices for Personal Protection

Fortunately, consumers aren’t entirely powerless when it comes to protecting their personal information. By following these best practices, anyone can improve their defensive posture in today’s digital environment.

#1 Remove your sensitive information exposed by people-search sites. These platforms offer bad actors an easy access point to attain and misuse personal information. OneRep can help restore online privacy by automatically deleting personal records from more than 100 information brokers.   

#2 Use strong, unique passwords across all accounts. As consumers, we have chronically bad password management habits. More than half of all people reuse the same password for multiple accounts, which can lead to cascading consequences after a data breach. By implementing strong, unique passwords for all accounts, users can mitigate the damage of a data breach by limiting the scope to a single access point. 

#3 Implement two-factor authentication. While this feature doesn’t entirely eradicate risk, it puts an extra layer of protection between your personal data and cybercriminals. By requiring additional information before accessing an account, two-factor authentication often prevents bad actors from accessing your account while also providing advanced notification that it was compromised.

#4 Protect yourself from invasive data collection practices. Many data breaches involve personal, often sensitive information collected by services and  apps. That’s why it’s extremely important to control your cell phone’s app permissions as they are capable of collecting an awful lot of your data — from your phone’s microphone, cameras, location services, calendar, contacts, motion sensors, speech recognition, and social media accounts. 

#5 Remain vigilant. Today’s threat landscape is expansive and ever-expanding. As more of our lives are expressed online, we have to be continually mindful of the risks by playing an active role in defending our information. 


Our personal information is one of our most valuable commodities. Private information needs to be safeguarded, and the consequences of inaction can be extensive. As more people fall victim to scams, identify theft, and cybercrimes, it’s more important than ever to take proactive steps to protect our personal data.

Fortunately, the first step is just a click away. Sign up for OneRep’s free trial as the first step on your journey to restoring personal privacy. 

Mikalai Shershan

Chief Technical Officer at OneRep