2020 has had quite a half year — from a global pandemic to resulting economic woes, geopolitical strife and social justice calls, and now the build to a U.S. election in November.
For those in the tech world, one thing that’s stayed (sadly) consistent is hacking and cyber attacks. In fact, they’ve been savvy enough to pivot to take advantage of the current economic environment due to the pandemic.
With insights from 3,950 confirmed breaches, Verizon’s 2020 Data Breach Investigations Report details that 70% of breaches were caused by outsiders.
86% of these were financially motivated. And 43% of breaches were attacks on web applications, more than double the results from last year.
It’s time to take security seriously.
Below, we’ll take a look at the significant breaches so far this year, broken down by what market segments were affected. We included information about the number and type of records stolen.
Marriott has another large breach
In March, Marriott was (sadly) back in the cyber breach news when “an unexpected amount of guest data may have been accessed.” Turns out, that amount was data from 5.2 million guests.
- Number of records: 5.2 million
- What type of record data: Contact details, loyalty account information, additional personal details (e.g., company, gender, birthday day and month), partnerships and affiliations (e.g., linked airline loyalty programs and numbers) and stay and language preferences.
Antheus Tecnologia Biometric Data Breach
This Brazilian biometric solutions company left fingerprint data stored on an unsecured server.
- Number of records: 76,000 fingerprints, 2.3 million data points
- What type of record data: Unsecured fingerprint data, as well as employee email addresses and telephone numbers.
LifeLabs Breach Exposes Almost Half of Canada
Bad actors accessed the data of over 40% of Canadians when they hacked this medical testing company. This unprecedented data breach was the worst in the country’s history.
- Number of records: medical data of 15 million citizens
- What type of record data: Lab test results and national health card numbers, including names, birthdates, addresses, login IDs, and passwords.
ExecuPharm Data Stolen and Published
In March, a ransomware attack was reported to the Vermont attorney general from executives at ExecuPharm. Hackers published sensitive data on the dark web after the company refused to pay the ransom.
- Number of records: Unknown
- What type of record data: Social Security numbers, financial information, driver licenses, passport numbers and other sensitive data may have been accessed.
Nintendo: a Victim of Credential Stuffing
April brought sad news to online gamers — Nintendo announced in April that 160,000 login credentials had been stolen.
- Number of records: 160,000 accounts
- What type of record data: Logins, which were then used to make purchases and view sensitive data like email address, birth date, and country
CAM4 Exposes 10.88 Billion Records
An adult webcam platform inadvertently left a database full of extremely sensitive information available on the web without password protection.
- Number of records exposed: 7 TB of data, 10.88 billion data points
- What type of record data: full names, email addresses, sexual orientation, and chats.
EasyJet Customers Hacked
In May, customers of discount airline EasyJet had their data stolen. EasyJet has admitted that a “highly sophisticated cyber-attack” accessed the data, but claimed it looked like they were only after internal information.
- Number of records: 9 million
- What type of record data: Email addresses, travel details, 2,208 customers had also had their credit and debit card details “accessed”
2020 isn’t over yet
Twitter was just hacked and it’s likely that even more breaches are coming in the next 6 months. Companies need to be more diligent than ever to protect the permanent data of customers and their businesses.
As many workers have switched to work-from-home setups due to COVID-19, more personal devices connect to business data and hacking becomes even more financially motivated.
Exposures at these touchpoints increase exponentially. Ensure your business is protected at the enterprise level and at the edge with strict security measures.
Are you concerned about cybersecurity for your data? Contact us today for an expert consultation.