Download MacKeeper Research Policy

Do you want to be our security writer? Send your guest post to

Top 10 Most Significant Data Breaches In 2016

Top 10 Most Significant Data Breaches In 2016

Back to blog

As we approach the end of 2016 let’s look back at some of the most significant security stories discovered by MacKeeper Security Research Center from the past 12 months.

2016 has been one of the most active years in cyber security history with massive email hacks, data leaks and cyber election meddling. MacKeeper takes a look back at the previous year and shares their top 10 discoveries.

It has been a productive first year and we have helped secure the private data of literally hundreds of millions of people from around the world. Nearly all of the databases discovered by the MacKeeper Security Research Center contained some type of sensitive information that affected the privacy and data security of those individuals.

The year in review gives us a chance to highlight significant discoveries like in 2015 when MacKeeper Researcher Chris Vickery discovered the voter database of the entire United States! The misconfigured database contained personal information of 154 million Americans including addresses, estimated income, ethnicity, phone numbers, political affiliation, and voting history. As we bring 2016 to a close, we hope that in 2017 companies and individuals take cyber security seriously.

Marijuana Chat Messages leakage Marijuana-enthusiast site and forum database that stored and contained over 10 million chat messages coming from over 44,000 users. Many of these could be self-incriminating if law enforcement were to investigate the database or users.

 Dating Site Database for “Cheating Spouses”: The exposed database contained more than 1.5 million users’ data, including usernames and passwords in plain text among the others (height, weight, DOB, gender, gay body type, race, IP, country etc).

PC support service exposed data - perhaps, one of the most ‘underrated” leaks in 2016. The database contained and estimated 180 thousand log records and Personally Identifiable Information for 5500 customers unsecured, unencrypted and leaked online. Most of the records (not all, thankfully, but many) included IP / billing addresses / names / credit card information, with CVV, credit card number, expiration month/year etc. - in PLAIN text - for US and international customers.

Critical Infrastructure Data Breach - The publicly exposed database appeared to be PG&E’s asset management system. Among other things, it contained details for over 47,000 PG&E computers, virtual machines, servers, and other devices. All of it completely unprotected. No username or password required for viewing.

Ameriprise Data Breach - Ameriprise Financial has a fresh data breach mystery on their hands. Around December 5th, we discovered Social Security numbers, bank authorization details, confidential internal company documentation, decryption keys, and certificates all alongside approximately 350 client directories (representing millions of invested dollars). databreach - MacKeeper Security Researcher Chris Vickery discovered the unsecured database in late 2015 and contacted to secure the user data. The bad part of this story is that the data was downloaded by cyber criminals sometime between this gap of when the database was unsecured, when it was discovered by Vickery, and when beautifulpeople were notified to secure the database. Now those criminals are selling the data of 1.2 million users online.

Amazon Kindle scam - investigation carried out by Zack Whittaker from ZDnet uncovered one of the biggest scam schemes of the year. For years, thousands were tricked into buying low-quality ebooks. That database, found by the MacKeeper Security Research Center, was the brains behind the scam, but it was left open for anyone to peek in -- if they knew where to look. MacKeeper security researchers did just that, sparking the investigation, which led to Shershnyov's scam unravelling.

Mexican voter data leak - Confidential government data moved out of Mexico and stored on a server located in The United States (against Mexican Federal Law).  The data contained 93.4 million downloaded voter registration records.

Trump Website Leak - If you want to be Commander in Chief of the mightiest nation on planet Earth, you can’t have a leaky website. You just can’t. Until just days ago, Donald Trump’s official website ( suffered from a serious misconfiguration that, among other things, was exposing campaign intern résumés to the public internet

World-Check Database Breach: MacKeeper Security Research Center discovered a copy of the World-Check database with over 2.2 million names of "heightened-risk individuals allegedly involved in financial crime and terrorism”.

For more information or media requests please contact

You may also like