#databreaches

One of the latest data leaks became known on April 04, 2022. Block has acknowledged that the Cash App mobile payment service was hacked due to an insider threat. In December 2021, a former employee of the company hacked the service and stole customer names, bank account numbers, asset values, exchange trading information. The exact number of customers who were affected by this incident was not reported. It is known that the company turned to 8 million of its customers and reported what had happened. Such attacks happen regularly and concern all modern companies. Below are some more examples of recent cases of hacking and information leakage.

In March 2022, Microsoft was hacked by the Lapsus$ hacker group. Confirming the hack screenshot in Azure DevOps was published in their Telegram channel. The hack compromised Bing, Cortana, and other projects. Lapsus$ was motivated by monetary interest, but not political. To achieve their goals, they turned to the company technical staff with a request to compromise their employers.
On January 17, 2022, hackers hacked the wallets of 483 Crypto.com users. Over $30 million was stolen from this hack. Part of the amount was stolen in Bitcoins, part in Ethereum and other cryptocurrencies. Attackers bypassed two-factor authentication and gained access to users’ wallets. The company announced a hack a few days later, as well as a refund of funds to the victims.
In December 2021, a group of hackers hacked the FlexBooker online booking platform. As a result of the hack, the data of 3 million users (driver’s licenses, passwords and other personal information) was stolen. After stolen data was put up for sale on various forums. The data was accessed using the FlexBooker Amazon Web Services configuration.
In November 2021, Panasonic was hacked and exposed data about trainees, job applicants and other information. The company did not report the scale of the damage but notified all the victims.
In October 2021, Twitch source code and other business data began to appear online. A 125 GB torrent was posted on an anonymous 4chan forum, allegedly containing the entire Twitch. The data cache contained data on payouts to creators for 3 years, the full volume of twitch.tv, proprietary code, details of an unreleased Stem competitor, and more. Twitch stated that a server configuration error was the cause, and the effect of the hack was minimal.
The attack on Neiman Marcus was carried out in May 2020. However, the attack and consequences were detected and assessed only in September 2021. The hack affected about 4.6 million customer accounts (payment card data, expiration date, other personal information). Different customer accounts were affected in different ways.
The T-Mobile data breach in August 2021 compromised the information of nearly 48 million people. Hackers stole files with loan applications, confidential information including names and surnames, social security numbers, dates of birth, driver’s licenses and identification numbers.
Misconfiguration of Microsoft Power Apps led to the disclosure of 30 million records in over 47 organizations. This information appeared in August 2021. Organizations affected included Ford Motor Co, American Airlines, New York Metropolitan Transportation Authority and other. The stolen information differed depending on the company it belonged to personal details of employees, Covid-19 test data, vaccination data, including personal information of related individuals, etc. Misconfiguration is not the fault of Microsoft directly, as certain system changes initiated by users may have made the data publicly available. However, the lack of warnings about possible consequences makes Microsoft partly to blame.

One of the first hacks that affected the public occurred in 1986. On the night of April 27, millions of HBO subscribers were enjoying the movie «The Falcon and the Snowman» see on their TV screens a message from Captain Midnight . The message was about the ridiculous cost of a subscription in the amount of $ 12.95. Some of them were concerned about the hack, others took it as a funny joke. This hack caused no real damage, only a little pause in the broadcast.

Now news about various attacks and hacks appear quite often. The annual global damage from them is estimated at trillions of dollars.

The biggest data breaches:

Yahoo (2013)

As a result of this hack, 3 billion records were compromised, including real usernames, email addresses, date of birth, phone number, and security questions. At this time, the company was in the process of being bought by Verizon. Yahoo’s value has fallen by 350 million. According to Yahoo, the attack was state-sponsored.

First American Financial Corporation (2019)

As a result of the data breach, 885 million records were compromised (bank account numbers, bank statements, credit data, tax records, social security numbers, transaction data). This case is unique because an authentication error occurred (authentication is not available to view documents). This was caused by an IDOR (Insecure Direct Object References) bug that allowed unauthorized access to web pages and files. This error went unnoticed for several years.

Marriott International (2018)

500 million records are the result of a cyber attack. Contact information, passport data, travel data, bank card numbers and other users’ personal information were compromised. The attack was carried out by a Chinese intelligence group whose goal was to collect data from US citizens.

Facebook (2019)

The purpose of the cyberattack was the personal data of social network users: phone numbers, usernames, gender, location. The attack affected 540 million records. Several Facebook databases were not secured with passwords or encryption. This led to the fact that everyone could find data on the Internet.

Target (2013)

American company that operates a chain of retail stores suffered a cyberattack in 2013. 60 million records (names, phone numbers, email addresses, payment card numbers, credit card verification codes and other sensitive data) were compromised. Damage amounted to $18.5 million, as well as a $10 million class-action lawsuit settlement and $10,000 payments to customers. The organizer of the attack was not identified. Attackers gained access to Target’s networks using stolen credentials from a third-party provider (a company that maintains HVAC systems). After gaining access to the database, malware was downloaded to collect information.

MySpace (2013)

As a result of the attack, 360 million records with users’ personal information were affected. The attack was carried out by a Russian hacker in 2013, but it became known in 2016. The stolen credentials were leaked to LeakedSources and were also available for purchase on the Dark Web Markets the Real Deal for 6 bitcoins (approximately $3,000 in 2013).

LinkedIn (2012)

The purpose of this hack was users’ logins and passwords. After the data was published on the Russian hacker forum. The company had to pay $1.25 million to users affected by the hack. LinkedIn revealed the full scale of the attack only in 2016.

With every hack and data leak, the question of organization cybersecurity becomes more and more relevant. Any business must first of all take care of information security. Here are examples of high-profile company data leaks in recent months that prove the importance of this issue.

February 2022 – GiveSendGo

A Christian fundraising site was hijacked in response to Ottawa truckers’ protests. The hackers used a DDoS attack and redirected the fundraising site to another page. As a result of this attack, the personal data of people who donated funds were compromised. In total, the personal information of 90,000 donors was published.

This case further highlights the importance of using secure platforms and payment methods to keep customer data safe and not compromised. If the company has already encountered such a nuisance, it is worth taking the right measures to eliminate the leak as well as the causes of its occurrence.

January 2022 – Crypto.com

Blockchain is the latest technology that is used in the financial sector. This model has long been considered one of the most secure transaction processing forms. But technology development gives rise to the development of cybercrime methods. So, on January 17, 2022, an attack was made on an application for exchanging cryptocurrency. The attack targeted the wallets of 483 app users.

The hack resulted in the theft of about $18 million worth of BTC, $15 million worth of ETH, and other cryptocurrencies. Hackers have learned to bypass two-factor authentication and gain access to users’ wallets, which made it possible to organize a hack. To reduce the risks of this attack type, it is important to use a password manager. Businesses should be aware of all the risks associated with the theft of cryptocurrencies. Therefore, all sensitive data must be encrypted.

December 2021 – FlexBooker

FlexBooker is an appointment scheduling tool. Before the New Year holidays, they became a victim of cybercriminals, as a result of which approximately 3 million users suffered. Attackers gained access to confidential data (driver’s license, photos and other personal information) and posted it on various hacker forums. For these purposes, the hackers used the FlexBooker AWS configuration, installed malware on the servers, which allowed them to take full control of the system.

November 4, 2021 – Robinhood

Robinhood is an American financial services company offering commission-free trading in stocks and exchange-traded funds through a mobile app. The attack on the company took place on November 16, 2021. Using social engineering (the method is based on the social psychology usage), internal systems were hacked. According to the company report, criminals gained access to the email addresses of almost 5 million users and other personal information. For non-disclosure of any data, the attackers demanded a ransom.

October 2021 – Twitch

Twitch is a video streaming service that specializes in video games. In October, it became known that an unknown attacker penetrated the source code, as a result of which data sets were compromised, including about payments to the creators of the service. The leak contained 3 years of payout data, information about twitch.tv activities, client source code, proprietary code, etc.

Data Breaches for the last year

The biggest data breaches

High-profile Data Leaks 2021 – 2022