After the year that 2016 brought in leaks, hacks and general havoc for businesses and governmental agencies, it seemed like 2017 might slow down. So far, that’s not been the case. From healthcare disasters to voter and campaign disruptions, 2017 is shaping up to look just as bad. Here’s a roundup of the top data breaches and personal information dumps around the dark web.
- The online gaming world was hit hard in the beginning of the year, when over 1.5 million user records for E-Sports Entertainment Association (ESEA) were hacked and dumped.
- The bleeding continued into February for online gamers. 2.5 million Xbox 360 ISO users and 1.3 million PSP ISO (two popular gaming forums) users were affected and may have had their e-mail addresses, IP addresses, usernames, and passwords stolen in the breach.
- Cloudflare, an internet infrastructure company announced that a bug caused random leaks of sensitive customer information. With over 6 million customer websites using their software, like FitBit and OKCupid, a significant number of people and parts of the web could be affected by the potential damaging information released.
- Wikileaks put itself atop the headlines in March for its “Vault 7” dump of over 8,700 documents they alleged were from the CIA, containing specific documentation of spying operations and hacking tools.
- The Shadow Brokers hacking group is back at it again this year. While they’ve managed to keep their identity a secret, with the tools they’ve been dumping, it seems like they might have become an even bigger target. They released another alleged group of NSA tools, the most significant being a Windows exploit known as EternalBlue. So far, hackers have used EternalBlue in two other high-profile ransomware cases.
- A ransomware strain called WannaCry released in May hit many companies and utilities in over 74 countries around the world. Most heard about it in the United Kingdom because it disrupted the National Health Services hospitals, causing delays in medical procedures and shutting down computer systems in many facilities. The widespread havoc of WannaCry also reached Spain, where it hit the large telecom company Telefonica, the natural gas company Gas Natural, and the electrical company Iberdrola.
- Just days before the French presidential election in May, hackers dumped 9GB of leaked emails from the party of front-runner Emmanuel Macron. The candidate’s party seemed ready for a cyberattack, after the U.S. campaign email leaks, with a prepared statement and caution that not everything was legitimate.
- Ransomware continued its disaster behavior into June, with a suspected Russian scheme targeting the infrastructure of Ukraine. This strain, called either Petya/NotPetya/Nyetya/Goldeneye was particularly nasty, as it disguised itself as ransomware, but seemed like a cover for more malicious attacks. Power companies, airports, the central bank and public transport were all hobbled by a sophisticated attack that wiped machines and would delete a victim computer’s deep-seated master boot record, which tells it how to load its operating system.
- In 2016, the Republican National Committee hired Deep Root Analytics to obtain voter information for the campaign. As it turns out, personal data for roughly 198 million American citizens was stored on an Amazon cloud server without password protection for almost two weeks.
- It’s suspected that over 14 million Verizon customers suffered a data breach of information in July. Anyone who contacted customer service through Verizon in the last 6 months is believed to be affected. An unprotected server held by Israel-based Nice Systems offered the data to anyone who guessed the simple web address.
Without a doubt, the year so far has shown that it’s incredibly important to keep data protected online. Failing to do so causes endless headaches, as companies and countries around the world are finding out. For more information about how to keep your files secure, contact Cyber Solutions Technologies today.