With over 6 months of the year gone already, we’ve seen our share of cybersecurity breaches. The foreboding feeling that “the worst is still to come” has many in the security industry holding a collective breath.
Tensions continue to rise in the current geopolitical atmosphere, U.S. government corporate security is still quite messy and ransomware is an ever-growing threat.
The future doesn’t look especially bright in cybersecurity.
A mid-year summary of significant breaches
Below is a collection of current breaches, broken down by market segments and highlighting the type and number of records stolen.
● Customs and Border Protection contractor Perceptics. In May, hackers stole photos of travelers and license plates related to about 100,000 people.
● Ransomware strain LockerGoga is crippling industrial and manufacturing firms. Altran Technologies, an engineering consultancy company based in France, and a Norwegian aluminum manufacturing company Norsk Hydro. Concern is growing that LockerGoga could spread to state-sponsored attacks.
● Real estate and title insurance firm First American. Exposure of 885 million sensitive customer financial records going back to 2003. Compromised were Social Security numbers, driver’s license images, bank account numbers and statements, mortgage and tax documents, and wire transaction receipts.
● American Medical Collection Agency. Medical testing firm LabCorp said that 7.7 million of its customers had data exposed because of AMCA, and Quest Diagnostics said that records from 12 million patients were exposed. AMCA said that the compromised information included first and last names, dates of birth, phone numbers, addresses, dates of medical services, health care providers, and data on balances due.
● Toyota. Hackers accessed Toyota servers containing information of about 3.1 million Toyota and Lexus customers. The company did not disclose what information was compromised, although they said it wasn’t related to credit cards.
● Bodybuilding.com. The company’s IT systems were compromised through a phishing attack in employee emails. The breach may have impacted its entire user base of around 7 million users. Users were encouraged to change their credentials.
● Blur. A file containing sensitive private information like usernames, email addresses and password hints of about 2.4 million Blur users was left exposed on unsecured servers.
● Cloud storage website MEGA. A security researcher found the ‘Collection #1’ folder contained approximately 1 billion email and password records and was later uploaded to several hacking portals and forums.
● Computer maker Asus. In March, computer maker Asus disclosed a supply chain attack sometime in the second half of 2018 that had compromised the company’s Live Update tool to push malware to almost 1 million customers.
● Facebook’s unprotected passwords. The passwords of around 600 million users were stored as plain text since 2012 and on storage systems which were accessible to thousands of its employees and developers.
As more internet-connected devices flood the market, more personal devices connect to business data and hacking becomes more financially motivated, exposures at these touchpoints increase exponentially. Ensure your business is protected at the enterprise level with strict security measures.
Are you concerned about cybersecurity for your data? Contact us today for an expert consultation.