Video: The biggest data breaches and hacks of 2021

0


In 2021, thousands of new cybersecurity incidents were recorded. While cryptocurrency thefts and data breaches are now commonplace, this year saw several high-profile incidents involving ransomware, supply chain attacks and the exploitation of critical vulnerabilities.

The Identity Theft Research Center (ITRC) reports a 17% increase in the number of data breaches recorded in 2021, compared to 2020. However, a deep-rooted lack of transparency around the disclosure of security incidents continues to persist – and therefore, this could be a low estimate.

According to IBM, the average cost of a data breach now exceeds $ 4 million, while Mimecast estimates that ransom levels directed at US companies are well over $ 6 million. The world record for the largest payment, made by an insurance company this year, now stands at $ 40 million.

Experts warn that this problem could persist for years with the recent emergence and rapid exploitation of the Log4j vulnerability. This also applies to data breaches and thefts, the number of which is not expected to decrease in the near future.

Here are some of the most notable security incidents, cyber attacks and data breaches that took place in the year 2021.

January

  • Livecoin: After an alleged hack in December, the Livecoin cryptocurrency exchange closed its doors and exited the market in January. The Russian marketplace claimed that malicious actors were able to break in and tamper with cryptocurrency exchange rate values, causing irreparable financial damage.
  • Microsoft Exchange Server: one of the most damaging cybersecurity incidents this year was the widespread compromise of Microsoft Exchange servers caused by a set of zero-day vulnerabilities, known collectively as ProxyLogon. The Redmond giant learned of the flaws in January and released emergency fixes in March. However, the malicious group Hafnium and others carried out attacks against unpatched systems over the following months. Tens of thousands of organizations have reportedly been compromised.
  • MeetMindful: the data of more than two million users of the dating app has reportedly been stolen and disclosed by a group of hackers. The information disclosed ranges from full names to Facebook ID tokens.

February

  • SITA: SITA, a provider of global aviation IT services, said a security incident involving SITA Passenger Service System servers led to the exposure of personal data belonging to airline passengers. Airlines affected by the data breach have been asked to contact their customers.
  • ATFS: a ransomware attack on the ATFS payment processor forced several US cities to send out data leak notifications. The cybercrime group that claimed responsibility for the attack, Cuba, claimed to have stolen a wide range of financial information from its leaked site.

March

  • Mimecast: Following the Solarwinds attack disclosed in December 2020, Mimecast was targeted with a malware update that compromised the company’s systems. Mimecast said its production environment was compromised, leading to the exposure and theft of source code repositories. In addition, the certificates issued by Mimecast and some connection data of client servers were also stolen by the attackers.
  • Tether: Tether has been the subject of an extortion demand from cyber attackers who threatened to release documents online that “would harm the Bitcoin ecosystem.” The request, for around $ 24 million or 500 bitcoin (BTC), did not work as the organization refused to pay.
  • CNA Financial: CNA Financial employees were unable to access company resources and were stranded following a ransomware attack that also involved the theft of company data. The company reportedly paid a ransom of $ 40 million.

April

  • Facebook : A data breach containing information belonging to more than 550 million Facebook users has been posted online. Facebook IDs, names, dates of birth, gender, location and relationship status were included in the data. The Facebook group – now known as Meta – said the data was collected through so-called “scraping” techniques in 2019.

May

  • Colonial Pipeline: If there is one example of how a cyber attack can impact the physical world, it is Colonial Pipeline. The pipeline operator has been hit by ransomware, claimed by the DarkSide group, which has caused fuel deliveries to be interrupted across the United States. The company paid a ransom, but the damage was already done.
  • Omiai: The Japanese dating app said a security incident may have led to the exposure of data belonging to 1.7 million users.

June

  • Volkswagen, Audi: automakers have revealed a data breach affecting more than 3.3 million customers and some potential buyers, the majority of whom are based in the United States. An associated vendor has been singled out as the cause of the breach, believed to be responsible for exposing this data in an insecure manner at “some point in time” between August 2019 and May 2021.
  • JBS USA: the international food giant has suffered a ransomware attack, attributed to the REvil group. This had such a disastrous impact on operations that the company chose to pay a ransom of $ 11 million in exchange for a decryption key, to restore access to its systems.

July

  • UC San Diego Health: San Diego Health Services said employee email accounts had been compromised by malicious actors, leading to a larger incident in which patient, student, and employee data, potentially including records medical, reimbursement claim information, prescriptions, treatments, social security numbers, etc. that would have been exposed.
  • Guntrader.uk: Britain’s gun sales website said data pertaining to around 100,000 gun owners, including their names and addresses, had been posted online. With the possession and supply of firearms strictly controlled in the UK, the leak has raised serious concerns for privacy and the safety of people.
  • Kaseya: A vulnerability in a platform developed by IT service provider Kaseya was exploited to affect approximately 800 to 1,500 customers, including MSPs, and to deploy ransomware to the company’s customers.

August

  • T-Mobile: T-Mobile suffered another data breach in August. According to reports, names, addresses, social security numbers, driver’s licenses, IMEI and IMSI numbers, as well as customer credentials have been compromised. It is possible that around 50 million existing and potential customers have been affected. A 21-year-old took responsibility for the hack and claimed to have stolen around 106 GB of data from the telecommunications giant.
  • Poly Network: Poly Network organization has revealed a hack of its Ethereum smart contract, which was used to steal more than $ 600 million in various cryptocurrencies.
  • Liquid: over $ 97 million in cryptocurrency has been stolen from the Japanese cryptocurrency exchange.

September

  • Cream Finance: decentralized finance organization (DeFi) Cream Finance reported a loss of $ 34 million after a vulnerability was exploited in the project’s market system.
  • AP-HP: Paris’ public hospital system, AP-HP, has been targeted by an attack. The author managed to steal PII from people who took Covid-19 tests in 2020. A suspect has since been arrested. He admitted the facts.
  • Debt-IN Consultants: the South African debt collection firm said a cyber attack resulted in a “significant” incident impacting the information of its customers and employees. Personal data, including names, contact details, salary and job slips, as well as debts owed, are believed to have been affected.

October

  • Coinbase: Coinbase sent a letter to around 6,000 users after detecting a “malicious campaign to gain unauthorized access to Coinbase customer accounts and move their funds out of the Coinbase platform.” Cryptocurrencies have been removed without authorization from some user accounts.
  • Neiman Marcus: in October, Neiman Marcus made public a data breach that occurred in May 2020. The intrusion was not detected until September 2021 and included the exposure and potential theft of more than 3.1 million bank cards belonging to to clients, although most are believed to be invalid or have expired.
  • Argentina: a hacker claimed to have compromised the Argentine government’s National Register of Persons, thereby stealing the data of 45 million residents. The government denied this information.

November

  • Panasonic: the Japanese tech giant has revealed that a cyberattack took place – a data breach that occurred from June 22 to November 3, with a discovery on November 11 – and admitted information was viewed on a file server.
  • Squid Game: Cryptocurrency Operators Riding The Popularity Of The Netflix Series Squid Game (although they are not officially associated with it) caused the value of the SQUID token to collapse in what appears to be an exit scam. The value fell from $ 2,850 to $ 0.003028 overnight, costing investors millions of dollars. An anti-dumping mechanism ensured that investors could not sell their tokens. They could only watch in horror the destruction of the coin’s value.
  • Robinhood: Robinhood has revealed a data breach affecting around five million users of the trading app. Email addresses, names, phone numbers, and other information were accessed through a customer support system.

December

  • Bitmart: in December, Bitmart said a security breach allowed attackers to steal around $ 150 million in cryptocurrency and that total losses, including damage, reached $ 200 million.
  • Log4j: a zero-day vulnerability in the Java Log4j library, a remote code execution (RCE) vulnerability, is now actively exploited. This bug, known as Log4Shell, is now exploited by botnets, and other groups of malicious actors.
  • Kronos: Kronos, an HR platform, was the victim of a ransomware attack. Some Kronos Private Cloud users are now facing an outage that could last for weeks.

Source: ZDNet.com





Source link -97