2021 Cybersecurity Breaches Year-End Summary
Cybersecurity breaches in 2021 must include a discussion of how the pandemic continued to affect businesses around the globe.
For bad actors, the subsequent possibilities were tantalizing new territory.
Cybercriminals pivoted to take advantage of the new landscape. Finding new ways to attack, infiltrate and extort was just a matter of changing strategies.
Tactics employed in 2021
Ready to nerd out with charts galore and witty researcher-speak? Dive into the Verizon 2021 Data Breach Investigations Report. Straight from their 2021 data:
- Phishing made up 36% of breaches, up from 25% in 2020.
- Use of stolen credentials was second in 25% of breaches, about the same as 2020 numbers.
- Ransomware appeared in 10% of breaches, more than doubling its frequency from 2020.
Below is our review of the top breaches of the year and the impact of the criminal actions.
Colonial Pipeline
A ransomware attack in May prompted Colonial Pipeline to shut down its 5,500-mile natural gas pipeline for five days. More than 10,000 gas stations across the Southeastern U.S. ran out of fuel due to rushes at the pumps.
- Type: Ransomware
- Magnitude of the attack: 10,000 gas stations out of fuel
- Affected market: Energy
- Potential cost associated with the breach: Paid ransom of $4.4 million
Accellion
At Accellion, a U.S.-based software provider, users of the company’s 20-year-old file-sharing software were targeted. The cyberattacks targeted known flaws in Accellion software after the company alerted customers to a series of recently discovered vulnerabilities.
- Type: Supply chain attack
- Magnitude of the attack: 300 customers impacted
- Affected market: Technology
- Potential cost associated with the breach: 6,758,979 consumers at risk
Brenntag
Brenntag, a global chemical distribution company, was attacked with a ransomware demand. Attackers encrypted data and devices and gained access to Brenntag’s network through stolen user credentials purchased on the dark web.
- Type: Ransomware
- What credentials were stolen: 150 GB from the North American division
- Affected market: Wholesale distribution
- Potential cost associated with the breach: Paid ransom of $4.4 million
CNA Financial
CNA Financial (one of the largest companies in the U.S.) was attacked in March 2021. Hackers encrypted devices and demanded a ransom to receive the decryption key needed to continue operations. The Chicago-based company was locked out of its systems for over two weeks, and eventually decided to pay hackers the ransom.
- Type: Ransomware
- What credentials were stolen: encrypted 15,000 devices
- Magnitude of the attack: compromised data of 75,000 individuals, possibly including their names, health benefits information, and Social Security numbers
- Affected market: Energy
- Potential cost associated with the breach: Paid ransom of $40 million
T-Mobile
T-Mobile, one of the largest U.S. mobile telecommunications companies, had two breaches in the last six months of 2021. In August 2021, T-Mobile’s systems were attacked through an unprotected network access device in July. By August, the attacker had gained direct access to servers containing account and personal information on current, former, and prospective account holders. T-Mobile confirmed an additional compromise in late December 2021 that impacted an undisclosed number of customers.
- Type: Brute force attack
- What credentials were stolen: Usernames, passwords, birthdates, Social Security numbers, driver’s license numbers, IMEIs (device IDs) and PINs
- Magnitude of the attack: 53+ million account holders impacted
- Affected market: Technology
Kaseya
Kaseya, a company that manages IT infrastructure for many major companies worldwide was attacked in July. Hacker group REvil sent out a fake software update through Kaseya’s Virtual System Administrator, infiltrating the clients of Kaseya and their customers.
- Type: Ransomware
- What credentials were stolen: Encrypted one million systems
- Magnitude of the attack: 50 clients and 1,000 businesses
- Affected market: Technology
- Potential cost associated with the breach: Demanded $70 million in bitcoin, but the FBI gained access to their servers and obtained the encryption
JBS
One of the world’s largest beef and poultry suppliers, JBS was hacked and forced to shut down operations around the U.S. Ripple effects closed plants in Canada and facilities in Australia as well.
- Type: Ransomware
- Magnitude of the attack: JBS closed its North American plants for two days and the national meat supply chain took a hit, leading to minor shortages and price hikes across the country.
- Affected market: Food supply chain
- Potential cost associated with the breach: JBS paid $11 million in bitcoin to hackers, one of the largest ransomware payments of all time.
What can you do today?
According to the ITRC 2021 Annual Data Breach Report, the overall number of data compromises (1,862) is up 68% over 2020; the new record number of data compromises is 23% over the previous all-time high (1,506 in 2017).
The economic impact of the pandemic continues to affect supply and demand across numerous industries. The sheer scale of this impact will be felt for years to come.
Yet we have the power to change our future with action right now.
“There is no reason to believe the level of data compromises will suddenly decline in 2022. As organizations of all sizes struggle to defend the data they hold, it is essential that everyone practice good cyber-hygiene to protect themselves and their loved ones from these crimes,” said Eva Velasquez, president and CEO of the Identity Theft Resource Center.
If you need help with cybersecurity strategy, contact us today for an expert assessment of your enterprise systems.
Photo by Stillness InMotion on Unsplash