Few of the biggest data breaches are listed below
Let us not cower in fear. Instead, let us learn from what has happened and begin to understand how we can protect ourselves. There are valuable lessons that we need to pick up.
Yahoo
Photo by Flickr Yahoo, who is now known as Altaba, used to have a dominant presence in the online world until it experienced a series of severe security breaches which affected all of their clients’ accounts. But it took years before everybody realised the full extent of the breach. Yahoo’s data security team discovered a Russian hacker was able to intrude their systems and access sensitive data including email addresses, usernames, passwords and such. At this point, Yahoo’s Chief Information Security Officer informed management that hackers have accessed and stolen information of around 500 million users. This number continued to rise through the following years as the same hackers continued to target Yahoo’s database and sold the data harvested in the dark web. The data breach that happened to Yahoo involved Russian Intelligence Security Officers recruiting criminal hackers-for hire to infiltrate the accounts of targeted individuals indiscriminately. During the time that Yahoo was negotiating the sale of the company to Verizon in 2016, Yahoo had announced that they had become a victim of, which would later become known as, the most significant data breach in history. This breach compromised all 3 billion user accounts of the company. So how did it happen? The hacker sent a spear-phishing email to at least one Yahoo employee who mistakenly opened the email and the link. It gave an opening for the hacker to infiltrate and make a backdoor within the system where the hacker can come through as much as he pleased. The hackers then began to go through sensitive information and harvest them. The hacking was efficient to the point that they were able to identify targeted individuals (requested by Russian Intelligence Officers) through their recovery email addresses. It led to the compromise of all Yahoo user data during that time.
Facebook, a California-based social media company that has swept the world by storm, experienced severe data breach when a collection of databases was found online containing around 419 million users’ information. A Mexico-based media company did a big chunk of the database that was exposed. The company exposed 146 gigabytes of information that included users’ names, and their comments and reactions to posts. According to TechCrunch, another set of databases were found to contain information of 133 million US-based Facebook users, 18 million UK-Based Facebook users and 50 million Vietnam-based Facebook users. The information compromised included users’ unique ID and their phone numbers. The database may not be new, but it put people at risk, especially the millions of users whose sensitive information got compromised.
Marriott International and Starwood Hotels
Marriott International is an American company that provides hospitality services and manages a vast and diverse portfolio of hotel franchises all over the world. Marriot International announced last November 2018 that hackers were able to infiltrate and steal sensitive information of their customers that amounted to around 500 million. So, how did it happen? Marriot International acquired a hotel brand known as Starwood in 2016. The infiltration already happened in Starwood’s systems way back in 2014, but the breach was only detected around September 2018, which is a considerable time from the period of acquisition of the hotel brand. Marriot International moved quickly and was able to contain the incident. Along with the help of security experts, Marriot International was able to initiate an investigation to determine the cause and the extent of the intrusion. They were able to find out that the breach affected only those guests that made a reservation through a Starwood hotel property. The data infiltration was pinned on a Chinese Intelligence Group that was trying to get data from US citizens. The type of information that was stolen included the clients’ name, email addresses, passport details and for some, even their payment card numbers and its expiration dates. Although Marriot International maintains that their payment card number information was encrypted using Advanced Standard Encryption (AES-128) and that it would take two components to decrypt the data, they also declared that they are not ruling out that the elements needed for deciphering the data may have been stolen too. Marriot International set up a dedicated call centre to provide customer service for those clients affected and began to safeguard the affected systems by removing Starwood’s networks and enhancing security features for their operations and their clients. Marriot International provided free access to a tool that would monitor their clients’ sensitive information should that data be shared online in an unsecured environment.
Adult Friend Finder and the Friend Finder Networks
Adult Friend Finder is a well-known American site for online dating, adult entertainment and social networking services. This site has a big following which is seen by how many visits it gets in a month (25 million). It is part of Friend Finder Networks which is an American company that handles other similar sites. Friend Finder Networks was infiltrated around October 2016. The number of affected user’s for Adult Friend Finder is around 3.9 million while affected clients in Friend Finders Network is at 412 million. A hacker from Thailand claims that the infiltration happened because of revenge. The hacker declared that either the website, the network or a person of interest owed a substantial amount to the hacker’s friend and demanded a USD 100,000 ransom to stop the leak of information. The leakage of sensitive information was made available to forums on the dark web. Members of the discussion boards began to gather the data and started making spam campaigns, send phishing emails, and even do extortion schemes. The compromised sensitive information of users of the site made it easy for hackers to determine the user’s real identity. This information may lead to blackmail and extortion made by people with malicious intent to profit from dubious acts. Friend Finder Networks has released a statement saying that they are aware of the potential data security issue. The company has launched an investigation working with law enforcement, with different third party forensics experts and law firms to determine the full extent of the breach. The company also stated that they are taking appropriate steps to protect their customers if they are affected.
eBay
eBay is an American multinational e-commerce corporation that is an online marketplace where sellers and buyers can transact business and trade almost anything. eBay’s user database was breached and was reported in May 2014. The attackers got hold of corporate employees’ accounts and used these to have access into eBay’s system for 229 days. Employees’ log-in credentials were used to enter the system. eBay has said that user’s financial information is securely stored separately and was not compromised. The number of affected users is around 145 million. The corporation sent a notice for users to change their passwords as that was what intruders were able to steal. Experts are guessing that the credentials were taken through a phishing attack. Though eBay is not disclosing the reason for the credential theft. If the breach was through a phishing attack, then an employee may have been tricked into opening an email that contained malware. So, how did they get the email information that they used to send the attack through? A hacker can go to a social network such as LinkedIn and search for those who work at eBay. From that platform, a hacker can get details they can use to send the email to eBay employees. An employee would be receiving an email with a link contained within. Once the connection is established (by clicking the embedded link), malware is embedded in a hidden sector of the computer’s system. Another way that phishing works are through a combination of an email message and an actual call. An employee would be receiving an initial email message with just the necessary information and reminding that the sender would be calling the recipient. Once the phone call is made, the hacker would then convince the employee to click the link contained in the following email message that would install the same malware into the same computer.
Bonus: Equifax
Photo by Flickr Among the largest credit bureaus in the United States, Equifax got attacked and infiltrated around May 2017 through an application vulnerability that compromised the data of around 148 million consumers. The breach was found on last week of July 2017. The company gave a statement saying that a vulnerability in its website application, once it was exploited, provided access to hackers to specific files. The files compromised included social security numbers, birth dates and driver’s license numbers. For around 209,000 account holders, their credit card data was exposed. Equifax launched a website to address clients that may have been affected by the breach. The company also got the services of digital forensics experts to help in the investigation and provide guidance on what to do in data and security breach situations.
Conclusion: Face your Future Head-on with Lessons Learned from the Past
Shift your attention to your network and the people around you. With all the advances in technology, communication, and even in the quality of our digital connection, you may not be aware, but your sphere of influence has become much closer to other people. Much closer now than ever before to people that you do not know personally but hold sensitive positions in whatever industry or even government. Being in the same network, or the corresponding social media platform or email provider levels the playing field for a malicious attack. The best thing to do is to learn from these experiences because a lot of people and companies had to pay the price as they underwent through this. Let us educate ourselves as the attackers are well-versed in the environment that we find ourselves in. Be aware that there is less threat coming from malware at present, only because hackers are maximising the malware that has planted years before. Sometimes, a seemingly harmless link, a simple click is all it took to produce an opening in any system. From here, the hacker can exploit the vulnerabilities that had been opened in a company’s secure server. And for some situations, it only took a small opening from a single computer to compromise the whole network. From there, a hacker can make a backdoor that would allow any person with knowledge of the backdoor entry to the server. This is not fear-mongering or sensationalism. It is real life. As more and more of our data is migrated online into servers, the risk of having our data and valuable information compromised increases too. Know the latest cybersecurity trends and threats to keep a vigilant stance against the forces that lay in wait to bring destruction to what you have built. Begin to open your eyes and set your vision far enough that you begin to realize that compromising your data opens up a can of worms for those who are connected to you, one way or another, including those you love. As I have mentioned earlier, there are valuable lessons that we need to pick up to protect ourselves and others.