Historical hacks come back to haunt, and fresh breaches bite our behinds
If you thought last year’s breach of over three billion records (and then some) was bad, this year has seen its fair share of headaches.
From hacks, attacks, ransoms, and even extortion attempts, we’re not done with the year yet and already we’ve collectively seen millions of records stolen and a wealth of classified hacking tools leaked (that led to its own set of issues).
There’s a lot to take in. Let’s take a look back at some of the biggest — and most dangerous — hacks and leaks of the year so far.
1. Freedom Hosting gets popped, pulling down one-fifth of the dark web
An anonymous hacker pulled down a huge chunk of the dark web in February after he hacked Freedom Hosting, the hosting company for thousands of dark web domains. Reports said that the hacker did not want to distribute the hacked data, as it contained data on dark web sites that traded child abuse imagery.
2. Millions of Verizon customer records exposed in security lapse
As many as 14 million records of Verizon subscribers who called the phone giant’s customer services in the past six months were found on an unprotected Amazon S3 storage server controlled by an employee of Nice Systems, a Ra’anana, Israel-based company, which was working on behalf of Verizon.
3. Bell Canada ignores hacker’s threat to release 1.9 million customer records
Bell Canada, Canada’s largest teleco, was hacked in May. The company declined to pay the hacker to stop the release of the 1.9 million customer records stolen. A portion of the data was subsequently leaked online.
4. Education platform Edmodo breach exposes 77 million accounts
The education platform was attacked in May by a hacker who put the database for sale on the dark web. According to Vice’s Motherboard, which verified the breach, the data includes usernames, email addresses, and hashed passwords.
5. Mac video encoder HandBrake was infected with malware
Thousands had a 50-50 chance of being infected with a remote access trojan in early May after HandBrake, the video encoder for Macs, was infected with malware. Those infected were at risk from thieves stealing login credentials from OS X Keychain.
6. A fraction of users hit by HipChat breach
HipChat, the workplace chat platform, was breached by hackers in April, following an attack on one of its cloud apps. HipChat wouldn’t say how many users were directly affected, only that there was evidence that messages and content in rooms may have been accessed for less than 0.05 percent of all users.
7. Payday lender Wonga breached, affecting 270,000 accounts
Wonga, the payday loans company, confirmed a breach in April, affecting more than one-quarter of a million lenders. The breach came just a couple of months after a hacker stole stole £2.5 million from 9,000 online customers at Tesco Bank.
8. WannaCry ransomware plagues thousands in massive global cyberattack
Thought to the be the biggest ransomware attack of its kind, the WannaCry ransomware was only successful thanks to the NSA losing control of its key hacking tools. That led the hackers to install backdoors that channeled the ransomware on millions of computers. Within days, Congress introduced a bill that would prevent the government from stockpiling cyberweapons.
9. TigerSwan mercenaries’ resumes uploaded to the internet
US-based private security firm TigerSwan made headlines after resumes of prospective employees were found on a public, unlisted Amazon Web Services storage server. The resumes revealed the personal details of prospective employees who had applied to work for the company as far back as 2008. The exposed documents list a range of personal information, including an applicant’s home address, phone numbers, email addresses, driver’s license and passport numbers, and social security numbers.
10. Cellebrite hacker steals 900GB of sensitive corporate data
Cellebrite, the world’s most notorious iPhone and device cracker, was hacked in January, leading to the theft of hundreds of gigabytes of sensitive corporate files. According to Vice’s Motherboard, which obtained some of the data, the stolen data includes a list of who bought the company’s phone cracking technology, databases, and a vast amount of technical data regarding Cellebrite’s products.
11. Sabre breach hits thousands of companies
Sabre systems, a reservation software company, quietly revealed that it had been attacked earlier this year.The company’s software is used by hundreds of airlines and thousands of hotels to manage passenger and guest reservations, revenue management, and human resources. Several major companies — including Google, Hard Rock Hotels, Loews, and some Trump properties — have revealed that they had data stolen as a result of the Sabre breach.
12. CIA leak exposes thousands of documents on agency’s hacking efforts
WikiLeaks obtained and published a huge trove of documents detailing the intelligence agency’s hacking efforts, including its ability to break into iPhones and Android devices, as well as smart TVs. Many of the documents were classified or marked “top secret.” It was the latest in a string of embarrassing breaches in the intelligence community.
13. Hacker breaks into Virgin America’s corporate network
The hacker “gained access to… login information and passwords” that employees use to access Virgin America’s corporate network, according to a letter sent to staff. The company confirmed that 3,120 employees and contractors had their login information compromised, while 110 additional employees may have had personal information stolen, such as addresses, social security numbers, details of government-issued IDs (such as driving licenses), and health-related information.
14. Lack of two-step a factor in Deloitte breach
Tax and auditing giant Deloitte has confirmed it was hit by a cyberattack, resulting in the theft of confidential documents and emails. It’s said that an attacker gained access to the email server’s administrator account, giving the attacker unfettered access to the company’s Microsoft-hosted email mailboxes.
15. Cloudflare vulnerability exposes encrypted customer sessions for months
A Google researcher in February found an issue with networking giant’s Cloudflare’s edge servers that involced corrupted web pages being returned by some HTTP requests run through Cloudflare. That led to the inadvertent leak of customer data from Uber, 1Password, and online dating site OKCupid.
16. Mother of all hacks hits Equifax
Credit rating agency Equifax was hit by the mother of all hacks. As many as 143 million consumers — mostly Americans, but some UK and Canadian residents — were affected by a data breach involving highly sensitive and personal information. Not to be outdone, the company fumbled its incident response and remediation effort. Its support website looked like a phishing site, Its data breach checking tool didn’t work, and the company was forced to pull a clause from its site that effectively prevented aggrieved customers from suing the company.
17. DaFont hack leads to theft of 699,000 font-hunters
Font-sharing site DaFont was breached by a bored hackerin May. Usernames, email addresses, and hashed passwords of 699,000 user accounts were stolen in the breach. The passwords were so bad that more than 98 percent of the passwords were cracked.
18. Dozens of universities and federal agencies attacked by malware
More than 60 universities and US federal government organizations were compromised with SQL injections. The hacker, known as Rasputin, attacked Oxford, Cambridge, and New York University, as well as the US National Oceanic and Atmospheric Administration.
19. Hackers threaten to wipe millions of iCloud accounts, but the extortion fails
It was the biggest hack that wasn’t, but many were affected nonetheless. Hackers had collected hundreds of different previously breached databases and matched up records it thought were also iCloud accounts, and threatened to wipe millions of accounts if Apple didn’t pay up. We confirmed that while many of the accounts were valid, many were not as well. In the end, the hacker group failed to carry out its threat.
20. Dallas emergency siren system hack sets off a hundred sirens
In April, every outdoor emergency siren in Dallas, Texas was set off at the same time, sending some into a panic. It turns out hackers carried out a “radio replay” attack, which involves recording the radio signal that was broadcast during the latest monthly test of the emergency siren system and playing it back repeatedly.
21. Leaked TSA documents reveal litany of airport’s security lapses
Documents leaked from a passwordless backup drive exposed thousands of documents relating to the TSA’s activities at Stewart, an international airport about 60 miles north of Manhattan. One of the documents revealed how the airport’s security screeners failed to check names against the government’s “no-fly” list.
22. OneLogin hit by massive data breach
Password manager and single sign-on provider OneLogin was hacked in late May by an unknown attacker. The company added that although it encrypts “certain sensitive data at rest,” it could not rule out the possibility that the hacker “also obtained the ability to decrypt data”.
23. Thousands of law enforcement forum accounts stolen in PoliceOne breach
A historical hack from 2015 finally came to light in February, after a hacker targeted PoliceOne, a law enforcement forum used by police and federal agents. As many as 715,000 accounts were stolen, including those from the the FBI and DHS. The site used old and outdated software, including a password hasher that nowadays is easy to crack.
24. US Air Force leak exposes “holy grail” of security clearance files
An unsecured backup drive exposed thousands of US Air Force documents. The discovery was found in March. The files included the completed SF86 applications for renewed national security clearances for two US four-star generals, both of whom recently had top US military and NATO positions.
25. Accenture leave 4 servers open to the public with the “Keys to the Kingdom” on them
More than ever, business leaders cannot afford to hire the wrong cybersecurity personnel. Fortify Experts Cybersecurity Executive Search interviews cybersecurity professionals every day and knows how to properly qualify and vet them through their exclusive CyberSecure evaluation process. By leveraging their networks and not job boards, Fortify Experts finds the cyber professionals you want to employ.
Tim Howard is the founder of Fortify Experts (top ranked Cybersecurity Search firm by Cybersecurity Ventures) which helps companies find exceptional cybersecurity talent through executive search, permanent placement and project consultants. Howard has been leading technology staffing teams for over 15 years and is the founder of three other technology and staffing firms. He has degrees from Texas A&M University in Industrial Distribution and Marketing.