The top 10 hacks of 2015

Cyber attacks ahead
Another year, even more big security lapses

While there are lots of advantages to living in the digital age, there are some things that make it an even more frightening time, such as the higher chances of having our personal information stolen. Unfortunately, there's only so much we can do to prevent ourselves. It can be a massive disruption if our information is compromised, especially if it's stolen from a company we've entrusted to keep our private data secure.

Data breaches happen with an alarming frequency, and as hackers become more sophisticated, more of our sensitive information, like Social Security numbers, addresses and even medical information can end up in the wrong hands.

As 2015 draws to a close, let's take a look at the 10 top hacks of the year, from the salacious to the scary, and even one that wasn't so bad but illustrates just how vulnerable our connected lives can be. Have corporations gotten any better at looking out for the best interest of consumers, or are we still living on the edge?

1. Ashley Madison

The Ashley Madison hack was the most publicized hack of the year, due largely to the nature of the site: it's essentially a service for those looking to cheat on their significant other with someone they find on site. There's some irony to the fact that it was hacked, which of course wasn't lost on the perpetrators.

Ashley Madison

Not only was the information of 32 million accounts stolen, but it was also published online by the hackers, meaning that anyone could conceivably go to the database and see if someone they knew used the service. Information such as credit cards and transaction details were also included in the data dump. Email addresses were also part of it as well, with reports suggesting that as many as 15,000 of those email addresses were either .mil or .gov addresses.

It's important to note that while 32 million accounts were hacked, it's not known exactly how many people were affected: a seemingly large number of female user accounts were made up, a ploy to entice men to use the site. Other female accounts were largely inactive.

2. Anthem

In February, Anthem disclosed it had suffered a breach that resulted in the personal information of 78.8 million people being stolen, making this hack easily the largest on our list.

Not only were Anthem's own customers put at risk, but as many as 18.8 million people who members of other Blue Cross or Blue Shield health plans and had used their insurance in a state where Anthem operates may have been put at risk. That figure is included in the 78.8 million.

The hack resulted in information like Social Security numbers, names, birth dates, email addresses, and home addresses being stolen. About the only thing that wasn't compromised was credit card information.

3. Fiat Chrysler

This is a little different from the other hacks on the list, in that it only officially involves the hacking of one user, and that user was in a controlled environment and knew they were going to get hacked.


In June, a story was published by WIRED that involved journalist Andy Greenberg driving a Jeep that was remotely hacked via the car's internet connection. The two hackers involved were Charlie Miller and Chris Valasek, who didn't have any malicious intent, but instead aimed to warn users that their cars were vulnerable in the same way as their computers. Like a hacker can take control of a computer, Miller and Valasek were able to completely take over the Jeep, including sending commands to the car's steering, brakes and transmission.

While the hack only involved one car, it caused the recall of 1.4 million cars by Fiat Chrysler, which promptly installed a software update the vehicles and told users that hacking the car was a criminal offense. The company reportedly knew of the vulnerability of its Uconnect entertainment system for 18 months prior to Miller and Valasek's demonstration.

4. Internal Revenue Service

In August, the IRS reported that it too had suffered a hack, and while the agency first reported 114,000 people were affected by the breach, it later increased that figure to 334,000.

While the IRS did say that 334,000 accounts were compromised, it wasn't unable to say whether information from those accounts was stolen.

The hackers themselves reportedly made use of the IRS' own system, Get Transcript, which allows users to view their tax transactions and return information for any given year. While users have to answer a number of identifying questions to see this information, the hackers found those answers from other sources and were able to access the IRS accounts.

5. US Office Of Personnel Management

The hack of the US Office of Personnel Management, which manages employees of the US federal government and government agencies, was first reported in June. While the office itself first announced that 4 million people were affected, the FBI later put the number at around 18 million.


The breach first started in March of 2014, and it took the OPM more than a year to discover it, and then another two months to report it. This obviously raised questions about the level of security that agencies like the OPM are using and whether better ways of securing user information need to be put in place.

As far as what data was stolen, the OPM reported Social Security numbers, names, addresses and dates of birth of federal employees were taken, however it was later reported that the hack likely involved security clearance-related background information as well, meaning that non-employees who underwent background checks could have been affected, too.

Christian is a writer who's covered technology for many years, for sites including Tom's Guide, Android Central, iMore, CNN, Business Insider and BGR, as well as TechRadar.