Ballsiest Hacks of 2021 (so far…)
The rising trend in data breaches continues to angle upwards, and as a result, there have never been more precarious times in history to launch and maintain a successful business.
To prevent the repetition of mistakes that result in data theft, we’ve compiled a list of the most interesting data breaches in 2021.
As you’ll see in this article, even successful companies like Facebook, LinkedIn, and Twitter that have deep pockets to hire top industry talents and invest in adequate cybersecurity technological solutions, are vulnerable to the rising trend of data breaches.
One of the most prominent manufacturers in the personal computing market fell victim to a hacker attack. The hackers managed to infiltrate the company’s servers, steal information, encrypt it and even cause the company to turn off their servers located in the Taiwan headquarters until further notice. The damage caused by this attack damaged the different sites of the company.
The hacking group, Ransom EXX, did not make its demands public, but did say it stole data amounting to 112 GB of information and threatened to disclose it if the company did not pay – and the main victims of such exposure are reported to be AMD and Intel.
Gigabyte reported that the damaged servers have been disconnected from the company’s general network and that it had contacted law enforcement. It also did not confirm that the attacker was indeed Ransom EXX and that the stolen information did indeed include confidential commercial information.
Information scraped from around 500 million LinkedIn user profiles is part of a database posted for sale on a website popular with hackers, the company confirmed Thursday.
The sale of the data was first reported in April 2021 by cybersecurity news and research site CyberNews, which said that an archive including user IDs, names, email addresses, phone numbers, genders, professional titles, and links to other social media profiles was being auctioned off on the forum for a four-figure sum.
The news comes just days after a separate incident in which data scraped from more than 500 million Facebook users in 2019 — including phone numbers, birthdays, emails, and other information — was posted publicly on a website used by hackers. While these kinds of data are less sensitive than, say, credit card details or social security numbers, information like phone numbers can still be exploited by bad actors, including for robocall scams.
3. Colonial Pipeline
The Colonial Pipeline attack is likely the most important U.S. cyberattacks of the year so far – both for its ability to show the devastating potential of cybercrime and for the robust federal response it inspired. It also showed our country is still completely and utterly addicted to oil and will be for the foreseeable future.
In May, hackers affiliated with the ransomware gang DarkSide managed to get inside the network of Colonial Pipeline, one of America’s largest oil and gas companies. By temporarily halting the pipeline’s operations, the attack not only spurred a short-lived energy crisis throughout the Southeast – the likes of which devolved into a panicked melee at gas stations in multiple states – it also fundamentally shifted how the federal government approaches cyberattacks of this nature. Following the attack, the FBI managed to trace and seize a significant portion of the cryptocurrency ransom payment that Colonial made to the hackers – a somewhat unprecedented development. At the same time, the event helped to catalyze an accelerating government initiative to crack down on cybercriminals, including a new ransomware task force put together by the Justice Department and other defensive policies put out by the Biden administration.
4. US Metroplitan Police
While maybe not one of the biggest attacks of the year, the hacking of Washington, D.C.’s Metropolitan Police Department was certainly one of the most dramatic incidents in recent memory — and showed a new willingness by ransomware gangs to target law enforcement agencies with increasingly dangerous tactics. The ransomware gang Babuk attacked MPD in April, making off with 250 gigabytes of sensitive internal data — including disciplinary files on past and current police officers, intelligence on a local protest activity, and, most alarmingly, information on informants embedded in criminal networks scattered throughout the city. The hackers then threatened to leak the data if their demands of a $US4 ($5) million ransom were not met. Cops were so distressed they offered to pay $US100,000 ($128,260) for the files, though the hackers declined — and subsequently dumped everything online.
ACER was attacked by the REvil hacker group, the same group responsible for an attack on London foreign exchange firm Travelex. The $50 million ransom stood out as the largest known to date. REvil hackers exploited a vulnerability in a Microsoft Exchange server to get access to Acer’s files and leaked images of sensitive financial documents and spreadsheets.
This May, the European insurance company AXA was attacked by the Avaddon gang. The attack happened soon after the company announced important changes to its insurance policy. Essentially, AXA stated they would stop reimbursing many of their clients for ransomware payments. This unique (and somewhat ironic) attack on a cyber-insurance firm made headlines and the hacker group gained access to a massive 3 TB of data. (BlackFog)
7. KIA Motors
This February, Kia Motors, a subsidiary of Hyundai, was reportedly hacked with ransomware(opens in a new tab). Although Kia reported a widespread IT and systems outage, they did not confirm the hack. Still, many experts believe the claims by the DoppelPaymer gang demanding a $20 million ransom. The gang has released some stolen data, but updates on the hack have not surfaced in the news for the past few months.
8. Facebook, Instagram & LinkedIn
In January earlier this year, a Chinese social media management company, Socialarks, suffered a data leak through an unsecured database that exposed account details and Personally Identifiable Information (PII) of at least 214 million social media users from Facebook and Instagram, and LinkedIn. The exposed information for each platform varies but includes user’s names, phone numbers, email addresses, profile links, usernames, profile pictures, profile description, follower and engagement logistics, location, Messenger ID, website link, job profile, LinkedIn profile link, connected social media account login names and company name.
9. Microsoft Exchange
In March, Cybercriminals have targeted four security flaws in Microsoft Exchange Server email software. The attackers used the bugs on the Exchange servers to access email accounts of at least 30,000 organizations across the United States, including small businesses, towns, cities and local governments. The cyberattack gives the hackers total remote control over affected systems, allowing for potential data theft and further compromise. Microsoft has released security patches for these bugs and urges customers to apply the updates as soon as possible.
In February of, 2021: An undisclosed number of T-Mobile customers were affected by SIM swap attacks, or SIM hijacking, where scammers take control of and switch phone numbers over to a SIM card they own using social engineering. With access to customer phone numbers, scammers receive messages and calls which allows them to log into the victims’ bank accounts to steal money, change account passwords, and even locking the victims out of their own accounts that use two-factor authentication. The attack also exposed customer information including names, addresses, email addresses, account numbers, social security numbers (SSNs), account personal identification numbers (PIN), account security questions and answers, date of birth, plan information, and the number of lines subscribed to their accounts.
Safeguard your organization from being the next victim
As you can learn from this article, no one is safe from being a victim of a cyber-attack. Even leading enterprises of all industries are susceptible to attacks. Smaller firms are at even greater risk as they commonly lack the resources, cybersecurity technology, monitoring functions, knowledge base and budget to ward off emerging threats.
Every organization needs to have a robust cybersecurity solution that can detect and stop attacks in its tracks. One solution in particular that fits any budget is Cybowall, a non-intrusive, agentless solution that continuously monitors networks across all protocols and extends to all endpoints. It combines multiple cybersecurity tools and capabilities, packaged in one solution to monitor and protect IT networks in real-time, detecting and reacting to threats as they arise, providing a unified defense platform against a continuously evolving threat landscape.
To learn more and to book a demo click here.
Written by: Ziv Simhon, VP of Sales at CYBOWALL