Over the past couple of years, cyber-attacks have been increasing both in frequency and sophistication. 2019 also witnessed a surge in cyber-attacks and many companies were suffering a huge financial and reputational loss. According to CISCO, DNS hijacking and targeted malware were the serious cyber threats of 2019, along with various others. Cyber pests were using various tools to capture data and evade detection, from Remote Access Trojans (RATs) to hide threats in encrypted traffic.
In addition, as per the 2019 Cybersecurity Report, published by the National Defense Industrial Association (NDIA), 44% of organizations with more than 500 employees have experienced a cyber-attack. In this article, we would explore some data breaches that were grabbing the attention of cybersecurity companies in 2019 and even beyond.
Facebook User Data Leak
Date: This attack occurred on April 3rd, 2019.
Loss: more or less 540 million records of Facebook users were compromised and were published on Amazon’s cloud computing service.
There were two separate instances. First involved Mexico City-based digital platform - named Cultura Colectiva, which openly stored 540 million (approx. 146 GB) records of Facebook users, including identification numbers, account names, comments, and reactions. The records were accessible and can be downloaded by anyone who could find them online.
The second instance contained a backup from a Facebook-integrated application – namely, “At the Pool,” which was exposed to the public internet via an Amazon S3 Bucket. The backup contained data of 22,000 users that further consists of user IDs, friends list, likes, music, movies, books, groups, check-ins, passwords (in plaintext) and more. These passwords were likely for the “At the Pool” app rather than the Facebook account of the user.
Security Loopholes: The breach resulted due to insecure backups that were publicly available on AWS without any access control mechanism.
Capital One Breach
Date: On July 17th, 2019, Capital One was informed through an E-mail that some of its data were being illegally stored on GitHub.
Loss: The hacker compromised approximately 140,000 Social Security numbers and approximately 80,000 bank account numbers of U.S. customers, and 1 million Social Insurance Numbers (SINs) of Canadian credit card customers. In total, the incident affected approximately 100 million people in the United States and six million in Canada.
Security Loopholes: The hacker exploited the vulnerability named Server Side Request Forgery (SSRF) in which a server can be tricked into running commands that it should never have been permitted to run.
Quest Diagnostic Breach
Date: The breach dated back to August 1, 2018, until March 30, 2019, but AMCA discovered it on May 14, 2019, and reported to Quest.
Quest Diagnostics is a medical testing giant and one of the largest providers of clinical laboratory testing services in the U.S. It was reported that a third-party data breach struck an American Medical Collection Agency (AMCA) located in New York. In fact, the AMCA is a billing collection vendor that delivers services to Quest Diagnostics.
Loss: The breach affected 11.9 million customers. The information exposed includes credit card numbers, bank account information, medical details, personal identity and contact details including social security numbers.
Security Loopholes: The attackers gained illicit access to the AMCA website and executed a Man-in-the-Middle (MITM) attack that focused on webpages dealing with payments of all stakeholders.
Date: The breach occurred on 4 May 2019.
DoorDash, a food delivery service, reported a data breach whereby a cyber-attack affected its customers, drivers (also known as “Dashers.”), and merchants. In fact, DoorDash connects customers with local restaurants and relies on contracted drivers who use their own vehicles for delivery.
Loss: Approximately 4.9 million consumers, Dashers, and merchants who were using their platform on or before April 5, 2018, were badly affected. The compromised data included names, E-mail addresses, order history, phone numbers, hashed passwords, last 4 digits of payment cards of some consumers, and last 4 digits of bank account numbers of some dashers and merchants. In addition, approximately 100,000 license numbers of Dashers were also compromised by threat actors.
Security Loopholes: Bad guys successfully gain unauthorized access to their online software applications.
Date: The attack occurred on May 24, 2019.
Australian online design tool, Canva, reported in a press release that account details of their customers were accessed by hackers.
Date: The attack occurred on May 24, 2019.
Loss: 139 million users were affected by the attack. Breached data includes email addresses, city and country information, and usernames. Approximately 61 million users and passwords were also present in the database.
Undoubtedly, major cyber-attacks occurred in 2019 that resulted in data breaches and serious consequences for the affected companies. The reason behind these data breaches was the lack of cybersecurity defense mechanisms that were necessary to protect corporations against cyber-attacks.
The worrisome signs still prevail in 2020. However, wise enterprises would take proactive measures to protect their IT infrastructure.
Logsign is a cybersecurity company that offers next-generation Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) solutions that would help companies secure their IT infrastructure and proactively hunt for cyber-attacks.