Posted on April 27, 2020 at 10:36 AM
Last year became one of the most challenging years for the cybersecurity industry, as records upon records were broken. According to RiskBased Security, there were more than 1 billion breaches in the first quarter of last year alone. Security researchers disclosed about 1,803 breaches within that period. Last year, hackers were able to access more than 7.9 billion consumer records.
From these attacks, several millions of dollars were stolen, while some systems were infiltrated for future attacks. According to researchers, some of the attackers last year are now making use of the backdoors they placed on the vulnerable systems this year.
In some of the attacks, the users of the targeted systems did not do enough security-wise to protect themselves. However, some other attacks were sophisticated, which makes it somehow beyond the victims’ control.
The hacking spree has continued this year, with some of the biggest hacks already matching what was experienced last year. So, we are looking at the major hacks suffered by individuals, business organizations, and government institutions last year. We will also offer some tips on how to protect your system from being the recipient of hacking attempts in the future.
1) Capital One
The breach of Capital One, were massive data was compromised, was one of the most popular hacking news last year. In late July, Capital One informed the public that its servers have been compromised and the account details of more than 6 million Canadians and 100 million Americans were compromised.
The company said the affected data was collected from 2005 to early 2009, which means some of the information access were from customers who registered recently.
The compromised data contained consumers’ personal information, including names, dates of birth, phone numbers, email addresses, zip codes, and physical addresses.
Social security numbers and bank numbers of about 140 million U.S. customers were compromised, including those with linked bank accounts.
Most other major hacks do not contain sensitive information, but for this one the hackers also breached customers’ social security numbers, making it our top list for the 10 biggest hacks in 2019.
2) 11.9 million accounts hacked at Quest Diagnostics
This is one of the top 10 biggest hacks in 2019. In June last year, personal and financial information of about 12 million customers of Quest Diagnostics was compromised. The breach also exposed the medical records of these customers for a period of 8 months. The exposed data also included social security numbers and credit card numbers of the customers.
The hack also affected LabCorp, who said at the time that about 7.7 million accounts of its customers have also been hacked. Weeks after the attack, the company filed for bankruptcy, pointing out that it lost several of its customers following the breach.
3) 49.9 million Houzz customer’s data Compromised
Home design website Houzz informed customers earlier last year that it was attacked and about 48.9 million customers’ encrypted passwords and usernames were compromised. The hackers also stole publicly visible information.
Although the response of the company to questions about the compromise was not clear, it reported that 48,881,308 customers’ accounts were infiltrated and stolen. However, the company said financial information of the customers were not affected
4) Details of 16.1 million users of Dubsmash users hacked
In February last year, details of about 16.5 users of the Dubsmash app were hacked, with the hackers stealing hashed passwords, email addresses, as well as the account holders’ names. But the hashed passwords were encrypted, which means the can be only accessible when they are decrypted.
Although the breach happened in Dec. 2018, the hackers made the data available on the dark web in Feb. 2018. The data dump was among 600 million user account details exposed by hackers from 16 different compromised websites during that period.
5) 218 million records hacked at Zynga
In October last year, 218 million user records were hacked from the servers of mobile game producer Zynga. The company announced that cybercriminals have stolen account log-in details of customers who played two popular games, “Words with Friends”, and “Draw Something.”
Apart from hacking the log-in details, the hacker also accessed Zynga account IDs, users’ phone numbers, some Facebook IDs, email addresses, as well as usernames.
6) Data brokers compromised 1.2 billion rich profiles
This is one of the most notable hacking incidents in 2019. An open Elasticsearch server appeared in December last year, which compromised the rich profiles of over 1.2 billion people. The exposed database comprises scraped data from social media sources such as LinkedIn and Facebook.
The database has personal details of the users, including Github and Twitter URLs, phone numbers, email addresses, and other information.
It also provides the educational and employment histories of the individuals, and none of the information was protected with no login required to access it. The leaked data was from the servers of OxyData.io and People Data Labs (PDL).
In April, security researchers found out that a huge database containing information about Facebook users were publicly shared on Amazon’s cloud computing servers.
It was revealed that two third-party app developers for Facebook stored users’ data on Amazon servers, which made it easy to download by the public.
A cybersecurity company, UpGuard, reported the incident and informed Facebook at the time.
This is one of the many leaks from Facebook, with some members of the public blaming the social media giant for its partnership with app developers to the detriment of users’ rights.
As a result of the numerous leaks, the Federal Trade Commission (FTA) slapped a $5 billion fine on the company for mishandling communications with users and losing control over massive troves of personal data.
8) 7.1 million AMCA supply-Chain Breach
The American Medical Collection Agency (AMCA), was hacked and records of over 20 million patients were stolen last year. The breach exposed personal identification information like names, payment data, dates of birth, and addresses.
Also, three clinical laboratories that offered blood tests with a massive reliance on AMCA were affected. There were 40 thousand victims from OKPO health, 7.7 million victims from LabCorp, and 12 million victims from Quest Diagnostics, the most affected in the hack.
9) Profiles of the Ecuadorian population exposed
This has been one of the most notorious hacking incidents, with almost all citizens affected. In September 2019, the deep profiles and databases of the Ecuadorians were exposed. The huge data allowed the attacker to combine and cross-reference the data into a richly detailed and highly personal collection of a person’s life.
It contained records for more than 15 million individuals retrieved from the Ecuadorian national bank and the country’s government registries. About 16.5 million people are living in Ecuador. So, the data and personal information collected from the government registry is huge.
10) 773 million email addresses discovered on the dark web
2019 began with a huge one as a large chunk of data containing details of 773 million users of Yahoo and other social media sites. The database was called “Collection #1” and contain about 8GB of data, with records gathered from hacks from 2010.
The breached records include data from Yahoo users and other popular sites. In terms of data compromise efforts, this was one of the biggest hacks ever, judging by the amount of data involved. The following were collection 2, 3, and 4. Together, the records were collected from 38 different companies and made up more than 840 million account records from these companies.
We would like to mention another hack that was very popular in 2019. That hack exposed 150 million Flipboard accounts.
Last year, the content generation app Flipboard became a victim of a cyberattack, as the company confirmed there was unauthorized access to its servers, with details of about million users breached.
The compromised databases contain names, cryptographically-protected passwords, email addresses, as well as usernames. At that time, Flipboard serves over 150 million users. The company said not all accounts were affected.
Since the stolen details had passwords that were “cryptographically-protected, it gave hackers an additional challenge to use the details. However, passwords changed or generated before March 2012 do not have a strong protection algorithm. Also, the digital tokens used in connecting Flipboard with social media accounts may have been stored in the breached database.
How to protect your data
Most hacking attempts were successful because of the vulnerability of the targeted system or network. If you give a hacker no loophole, they will find it very difficult to penetrate the security system.
They rely on vulnerabilities and flaws from their targets before they make a move. With that said, it’s important to know what to do and how you protect your system and data against the incessant hacking attempts that have been on the increase.
Cybersecurity firms have been singing it while business organizations have been showing their employees how best to combat any cyberattack. The following are ways you can keep your system and personal information protected from hackers.
Utilize a strong password
The importance of using a strong and difficult password cannot be emphasized enough. When you make use of words, numbers, and symbols that are not linked or connected to anything about you, it makes it very difficult for the hackers to decrypt it and steal your personal information.
Use two-factor authentication
As a business owner trying to protect your financial details, it’s necessary to have a backup or second password. With two-factor authentication, if the hackers bypass the first authentication ptotoco9l, they could heat a roadblock with a second authentication. Also, try to change your passwords regularly and don’t repeat them on different sites
Regular software updates
Your internet security software and operating system need to be updated regularly. As we stated before, cybercriminals usually take advantage of flaws in the system to gain access. You can keep them out by making sure your software is regularly updated.
Manage social media settings
No company is completely safe or secured from hacking, as the recent hack of Facebook, Zoom, and other top tech companies have proven. So, remember to manage your social media profile well. Cybercriminals can get to you with only a few data points. Do not share so much information the hackers would use against you.
Fortify your home network
Yes, having a strong encryption password is a good way to go when protecting against hackers. But having a secured virtual private network is even great. The VPN will encrypt and secure all traffic moving out from your system to other destinations through a secured means.
If the hackers succeed in intercepting the communication line, they wouldn’t get any meaningful data because they will all be encrypted. It offers a shield and protection against your data, keeping your sensitive information safe.
Be well-informed on major security breaches
If you have an account on a site that has been breached, the hacker may have your information and could use it for future attacks if you don’t do anything about it. Find out the nature of the attack and what type of information was leaked. You can change your passwords immediately to make it difficult for the hacker to crack your details.
Be cautious of identity theft
Identity theft happens when someone wrongfully gains your data through deception or fraud. There are so many identity theft scams currently going on. The main goal of the hacker is to use the user’s account details to steal money. So, you have to be careful about how you share email addresses.
2019 has come and gone with its share of hacking incidents. Hackers and cybercriminals were very busy infiltrating systems and stealing data where possible. We have witnessed some of the biggest hacks in history last year.
And it seems the cybercriminals want to continue from where they left into this year. Already, some companies, business organizations, and government establishments have been attacked.
But there are ways to curtail these hackers and prevent them from causing much havoc in the online community. When users observe the proper security protocols, it will help great deal wade off attacks on vulnerable computers.