Monday, October 29, 2018

Security Events and Data Breaches in 2018, 2017, 2016, 2015, 2014

World's Biggest Data Breaches
Thanks to Lewis Morgan, social media manager at IT Governance. He has compiled this list by month and year since 2014, might be earlier. What I did is to put his month or year list into my this post and count the numbers for leaked records which some of them were missing from original post.

Here are leaked records numbers since 2014:




Here is another source for data breaches records.

Gemalto's breachlevelindex.com website collects disclosed breaches from public sources and allows organizations to do their own risk assessment based on a few simple inputs that will calculate their own risk scores, overall breach severity level, and summarize actions IT can take to reduce the risk score.



2018
List of data breaches and cyber attacks in September 2018 – 925,633,824 records leaked
List of data breaches and cyber attacks August 2018 – 215,000,000 records leaked
List of data breaches and cyber attacks in July 2018 – 139,731,894 million records leaked
List of data breaches and cyber attacks in June 2018 – 145,942,680 records leaked
List of data breaches and cyber attacks in May 2018 – 17,273,571 records leaked
List of data breaches and cyber attacks in April 2018 – 72,611,721 records leaked
List of data breaches and cyber attacks in March 2018 - 20,836,531 records leaked
List of data breaches and cyber attacks in February 2018 - 2,234,633 records leaked
List of data breaches and cyber attacks in January 2018 - 7,073,069 records leaked



  1. Jan 3,  Spectre and Meltdown vulnerabilities (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754)
  2. Jan 29,  Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability
  3. Mach 20, Facebook's privacy scandal - The Guardian revealed that the personal data of 50 million Facebook profiles was illegally harvested by Cambridge Analytica.
  4. June 27, Exactis – Data warehouse / consumer marketing data – 340 million PII records accessible via unprotected, online-accessible database
  5. Jul 29, Adidas – Shoes, clothing and sports equipment – PII for millions of customers (emails, login IDs, hashed passwords) – Technical details not released, potentially vulnerability on online-accessible server.
  6. Tickemaster UK – Online tickets – PII compromised, 40,000 users had their payment system compromised and money stolen – Breached through vulnerability in 3rd party chat software used on public website
  7. Typeform – Online surveys for large companies – PII for 20,000 users affected – Backup of database downloaded by exploiting vulnerability
  8. Under Armour – Sports clothing – Email, login IDs and hashed passwords for 150 million MyFitnessPal app users compromised, no details released
  9. Delta/Sears/K-Mart – Transportation, retail – PII for hundreds of thousands of customers breached – Vulnerability in chat software provided by 3rd party [24]7.ai provider
  10. Timehop – Developer / Phone Apps – 21 million PII records compromised due to weak privileged account authentication
  11. Macy’s / Bloomingdale – Retail – Stolen user credentials were used to login and access additional PII (names, addresses, credit card information)
  12. debate2018.mx – Mexican presidential election debate content – DDoS crashed the site during a presidential debate. Attacking host originated mostly from Russia and China, 185,000 accounts requesting registration within 15 minutes.
  13. CarePartners – Home medical care – Detailed medical records stolen for 273,000 patients. Details not disclosed, attackers claim they exploited vulnerability of Internet-accessible server and weak passwords. Hundreds of Gb exfiltrated.
  14. LabCorp - Clinical medical diagnostics – Large clinical laboratories, holding medical records for millions of patients. Anomalous network activity detected on July 14. Potentially hacked, extent of breach unknown.
  15. Reddit breached employees accounts (exploited vulnerabilities in SMS authenticators). Cloud-based, 2005-2007 user data files exposed.
  16. Cryptocurrency investment platform Atlas Quantum breached, 261,000 exposed. Details not disclosed but most likely public website was compromised through vulnerabilities
  17. T-Mobile breached, PII for 2 million customers potentially accessed by malicious actors. No technical details provided.
  18. Babysitting app Sitter exposed PII of 93,000 customers through a publicly accessible MongoDB file
  19. Darden Restaurants suffered a POS system data breach - 567,000 payment cards compromised.
  20. Phishing attack on Augusta University Health leads to breach exposing PII on 400,000 persons.
  21. 50.5 million Sungy Mobile customers exposed through publicly accessible data
  22. 14 million customer records exposed in GovPayNow leak (last four digits of payment cards, names, phone numbers and addresses). Details not disclosed but most likely public website was compromised through unpatched vulnerabilities
  23. US State Department email breach leaks employee PII. Potentially due to weak authentication.
  24. Blue Cross and Blue Shield of Rhode Island and Independence Blue Cross report breached, health information for approx. 1500 patients compromised. Breached occurred due to human error in services provided by third party (supply chain). Independence Blue Cross data breach which affected nearly 17,000 people after an employee uploaded member information to an unprotected public website.
  25. Tech Bureau Corp Japanese cryptocurrency exchange hack led to $60 million being stolen during a 2 hour attack against their server. No details provided, potentially through weakness in custom code.
  26. Colorado Timberline (printing firm) out of business following multiple ransomware attacks.

2017
Infographic: List of data breaches in 2017

List of data breaches and cyber attacks in December 2017 – 33.8 million records leaked
List of data breaches and cyber attacks in November 2017 – 59 million records leaked
List of data breaches and cyber attacks in October 2017 – 55 million records leaked
List of data breaches and cyber attacks in September – 174 million records leaked
List of data breaches and cyber attacks in August 2017 - 715.6 million records leaked
List of data breaches and cyber attacks in July 2017 – 143 million records leaked
List of data breaches and cyber attacks in June 2017 – 199 million records leaked
List of data breaches and cyber attacks in May 2017 – 61 million records leaked
List of data breaches and cyber attacks in April 2017 - 10 million records leaked
List of data breaches and cyber attacks in March 2017 – 74,000,000 records compromised
List of data breaches and cyber attacks in February 2017 - about 35 million records leaked (My estimation)
List of data breaches and cyber attacks in January 2017 - 7,073,069 records leaked

  • Feb 17, CloudBleed - Google vulnerability researcher Tavis Ormandy discovered a bug in the internet infrastructure company Cloudflare's platform caused random leakage of potentially sensitive customer data.
  • March 7, Wikileaks CIA Vault 7 - WikiLeaks published a data trove containing 8,761 documents allegedly stolen from the CIA that contained extensive documentation of alleged spying operations and hacking tools.
  • April, Shadow Brokers (A hacking group, stole NSA data) / EternalBlue (Released by Shadow Brokers, which alleged NSA tool)
  • May 12 , WannaCry - Ransomware :WannaCry searches for and encrypts 176 different file
    types and appends .WCRY to the end of the file name. It asks users to pay a US$300 ransom in
    bitcoins. The ransom note indicates that the payment amount will be doubled after three days. If payment is not made after seven days it claims the encrypted files will be deleted. 
  • June, Petya / NotPetya / Nyetya / Goldeneya - Ransomware , which is more advanced than WannaCry. Hit Ukraninian infrastructure hard.It spreads rapidly across an organization once a computer is infected using the EternalBlue vulnerability in Microsoft Windows
  • Sep 7, Apache Struts : Equifax data breach was confirmed to be a vulnerability in Apache Struts. The security flaw (CVE-2017-5638), which was patched last March, allowed attackers to gain unauthorized access to data via remote code execution.
  • Oct 3, 3 billion Yahoo user accounts were hacked by 2013 security breach, which make yahoo tops the list of largest ever data breaches
  • Oct 16, Krack : Key Reinstallation Attack (KRACK) is a proof of concept that exploits vulnerabilities in the Wi-Fi Protected Access 2 (WPA2) protocol.
  • Nov 28, Major macOS High Sierra Bug Allows Full Admin Access Without Password

Here is another good review for 2017 security threats from youtube video  2017 Security Threats | Year in Review | WEBINAR. I have watched it and made some notes in the following points:
  • Q1. The Botnet Menace , Zeus and Conflicker, Mirai (IoT) and Pushdo (SpamBots)
  • Q2. WannaCry, Locky, H-Worm (Houdini Worm)
  • Q3. SMB, Petya (Ransomware)
  • Q4. AAEH New Hope, Apache Struts Remote Code Execution, Necurs Botnets, H-Worm

2016
List of data breaches and cyber attacks in 2016 – 3.1 billion records leaked (includes Dec 2016)
List of data breaches and cyber attacks in November 2016 – 456,403,757 records exposed
List of data breaches and cyber attacks in October 2016 – 142,160,000 records leaked
List of data breaches and cyber attacks in September 2016
List of data breaches and cyber attacks in August 2016
List of data breaches and cyber attacks in July
List of data breaches and cyber attacks in June 2016 (289,150,000+ records leaked)
List of data breaches and cyber attacks in May 2016
List of data breaches and cyber attacks in April 2016 – 166,687,282 records stolen
List of data breaches and cyber attacks in March 2016
List of data breaches and cyber attacks in February 2016
List of data breaches and cyber attacks in January – 57,740,000 records stolen



2015
List of data breaches and cyber attacks in 2015 – over 480 million leaked records



2014
List of cyber attacks and data breaches in 2014 - about 248.36 million records leaked (My Estimation)



References:





No comments:

Post a Comment