Hindering Disaster: Lessons from the Top CyberSecurity Breaches in 2018/19


Hindering Disaster: Lessons from the Top CyberSecurity Breaches in 2018/19

Over the past few years, cybersecurity attacks such as data breaches have become more common and more dangerous. Data breaches can cause financial and reputation loss; IBM estimates that in 2018, the average cost of a data breach was estimated at $3.86 million.

Alarmingly, the 2019 Global Risks Report by the World Economic Forum lists cyber attacks and data breaches as the fourth and fifth most serious global risks today.

It is always useful to learn from past security incidents and breaches. Look at known data breaches and see how they occurred to learn how attackers operate and prevent your organization from becoming the next victim of a cyber attack or data breach.

A key part of defending an organization against breaches is establishing a Security Operations Center (SOC) to house professional security teams who can monitor, analyze, and respond to security threats across the organizational environment. 

It is also essential to protect the endpoints connected to an enterprise network, which can provide an entry point for attackers. While traditional endpoint protection measures like firewalls and antivirus are no longer enough to prevent the increasingly sophisticated threats we see today, organizations can combine these with systems like Endpoint Detection and Response (EDR) security solutions, which provide added visibility into the source and nature of an attack.

To help you get started, we have compiled a list of the top 5 data breaches that took place in 2018 and the top data breaches of 2019 (so far).

The Top 5 Data Breaches in 2019


Smaller organizations often cannot afford to deploy comprehensive security solutions, and thus “are forced to accept a high level of risk,” as Eyal Gruner of Cynet puts it. However, while you might expect small- and medium-sized companies to cut corners when it comes to security, it is far from unheard of to find inadequate defenses among even the biggest companies, often with catastrophic results.

For example, Epic Fortnite, Facebook and Whatsapp were some of the organizations affected in 2019’s most devastating breaches.

1. Epic Fortnite


When it happened—January 16, 2019

How many users were affected—unknown number, Fortnite has 200 million users worldwide with 80 million active users each month.

Compromised data—fortnite contained a vulnerability that could have provided users with access to other users’ accounts. If ill-intentioned persons had found the vulnerability, they could have used it to view personal account information and purchase in-game currency.

How it happened—a flaw in the online game discovered by security firm Check Point.

2. Facebook exposed datasets


When it happened—April 2, 2019

How many users were affected—540 million users

Compromised data—Facebook ID, account names and user activity records were leaked by “Cultura Colectiva”. “At the Pool” disclosed passwords and information related to photos, groups, events, and check-ins.

How it happened—a flaw within two third-party applications: “Cultura Colectiva” and “At the Pool”

3. Facebook password scandal


When it happened—March 21, 2019

How many users were affected—about 600 million users

Compromised data—user passwords

How it happened—Facebook admitted that since 2012 it hasn’t taken the necessary security measures to encrypt user password. The passwords were stored in simple text format, so all the Facebook employees had access to and could read these passwords.


4. Collection One


When it happened—January 17, 2019

How many users were affected—about 773 million

Compromised data—773 million email addresses and 22 million passwords

How it happened—a database stored on cloud storage site MEGA which contained information from data breaches dating back to 2008 was shared in a popular forum for cyber attackers.

5. Whatsapp


When it happened—May 14, 2019

How many users were affected—unknown, potentially around 1.5 billion users worldwide?

Compromised data—users were exposed to spyware that enabled attackers to spy on the camera and microphone of the devices of Whatsapp users.

How it happened—NSO Group, an Israeli surveillance agency, infiltrated Facebook’s Whatsapp application and inserted spyware.

Review of 2018 Top 5 Data Breaches

1. Quora


When it happened—October 26, 2017, discovered and disclosed to the public on June 4, 2018

How many users were affected—100 million

Compromised data—names, encrypted passwords, email addresses, and additional data from networks connected to Quora, such as Facebook.

How it happened—attackers breached Quora’s system and accessed compromised user data.



2. Under Armour - MyFitnessPal


When it happened—February 2018, discovered on March 25

How many users were affected—150 million

Compromised data—user names, email addresses, encrypted passwords.

How it happened—attackers breached Under Armour’s app and accessed data that remained unprotected.

3. Exactis

When it happened—unknown, discovered and disclosed to the public on June 27

How many users were affected—340 million

Compromised data—names, home, and email addresses, phone numbers, and other personal information such as habits and hobbies.

How it happened—unknown, security researcher Vinny Troia informed Exactis about the leak and they secured it without informing the public. National law firm Morgan & Morgan filed a class action lawsuit against Exactis following the incident.

4. Marriott


When it happened—started in 2014 but discovered only on September 10, 2018.

How many users were affected—500 million

Compromised data—names, home, and email addresses, phone numbers, passport numbers, dates of birth, and other personal information.

How it happened—a security tool alerted Marriot when there was an attempt to access the Starwood guest reservation database. Marriot conducted an investigation into the incident and discovered that an unauthorized party had gained access to the Starwood guest reservation network and copied encrypted information.


5. Aadhaar - India’s ID database


When it happened—unknown, disclosed to the public on March 23

How many users were affected—1.1 billion

Compromised data—name, ID, and private information like bank details.

How it happened—the Indian government ignored warnings from security researchers that claimed the Indian government portal of storing resident and biometric information “Aadhaar” was not secure.

Conclusion


Cybersecurity threats like data breaches pose a financial and security threat to organizations and users alike. Even the strongest tech companies in the world, with substantial security budgets, like Facebook and Google, are not immune.

...

item