Data breaches have always been a stumbling rock for every business in terms of cyber incidents. And they are well known to wreak havoc upon the companies at their worst.
Data breaches can involve leakage of financial information, such as credit card or bank details, Personal Health Information (PHI), intellectual property, or any other sensitive information which affects millions of user data. Hence, it remains a major security concern for small-to-large-scale businesses.
According to recent studies by IBM global, it cost $4.24 million per incident on average for companies.
With the progress in technology, new vulnerabilities are being introduced by which the existing servers which store confidential data are being susceptible to cyber incidents.
Implementation of proper time-bound security patches should be given due importance, else it could cause serious damage to the business similar to a breach on Facebook in 2019.
Let us have a glance at the 5 biggest breaches of 2021.
Microsoft Exchange
The Microsoft Exchange data breach, which happened in March 2021, adversely affected over 250,000 servers of different organizations.
The breach was because of a pre-authenticated (no password required) remote code execution (RCE) vulnerability.
The source of this attack can be traced back to the vulnerabilities found during a hacking contest earlier this year. According to reports, the pre-authenticated RCE vulnerability was formed with the combination of three ProxyShell vulnerabilities in the Microsoft Exchange (on-premise version, not Office 365).
And by exploiting this vulnerability, the attackers installed backdoors, which granted the attackers full access to affected servers.
This was devastating since government and private organizations across the world rely on Microsoft Exchange for their day-to-day communications via mail accounts.
The personal data of over 533 million Facebook users from various countries was published for free in a low-level hacking forum, in the breach on April 2021. The leaked data included personal information, including full names, location, email address, phone numbers, birthdates, and other biographical details of the Facebook users, including the Facebook CEO Mark Zuckerberg.
According to Business Insider, they confirmed the breach was because of the contact importer vulnerability. The company reported that it was patched in 2019 when it got exploited. Facebook also stated that the attackers scraped data from its services rather than hacking its system by injecting malicious code, which might have undermined the company’s security defenses.
The exposed information could have been used by the attackers for a variety of fraud schemes, including email fraud, phishing attacks, bogus phone calls, SIM swapping, and even targeted advertising. In the worst-case scenario, the attackers might make money transactions by impersonating the users without their knowledge or agreement.
Personal data of over 700 million, or 92% of the LinkedIn users, were found posted for sale on a dark web platform on May 2021. According to reports, the attackers scraped the user data, such as email addresses, full names, phone numbers, physical addresses, geolocation records, personal and professional experience/background, other social media details, gender, LinkedIn username, and profile URL.
According to reports, the attacker performed the attack by the technique of scraping with different APIs.
LinkedIn denies this and stated “We have investigated an alleged set of LinkedIn data that has been posted for sale and have determined that it is actually an aggregation of data from several websites and companies. It includes publicly viewable member profile data that appears to have been scraped from LinkedIn. This was not a LinkedIn data breach, and no private member account data from LinkedIn was included in what we’ve been able to review.”
Accenture
On August 2021, IT giant Accenture confirmed the LockBit ransomware infection which affected the company’s systems. The LockBit ransomware team claimed to have stolen six terabytes of data and had demanded $50 million as ransom.
The attackers published over 2000 files threatening to publish the rest of them when Accenture didn’t pay the requested amount in due time.
According to reports by SearchSecurity back in August, the organization quoted, “We immediately contained the matter and isolated the affected servers. We fully restored our affected systems from backup,” and “There was no impact on Accenture’s operations or on our clients’ systems.”
Acer
Acer confirmed the data breach which affected millions of users by the hacker group Desorden, which took place on October 2021. The hacker group stated that the leaked data occupied 60 GB of files and databases from the organizations and it comprised customer, corporate, accounts, and financial data.
According to reports by Hindustan Times, a spokesperson of Acer quoted, “We have recently detected an isolated attack on our local after-sales service system in India. Upon detection, we immediately started our security protocols and conducted a full scan of our systems. We are notifying all potentially affected customers in India,”
Conclusion
Data breaches are incrementing in tandem with the growth of technology and business.
On analyzing the data of the number of breaches in the past few years in Wikipedia, we can find that insecure configuration or a combination of smaller vulnerabilities lead to loopholes that attackers exploit to perform malicious operations with intentions to bring the company to complete jeopardy.
And in the history of breaches, Yahoo has been at the receiving end for the biggest data breach with a whopping 3 billion user accounts being compromised, which occurred in 2013.
Being a victim of a data breach is always a concern for users, and services like “Have I Been Pwned” can help you determine if someone has exposed any of your account data.
