The number of people affected by a data breach in the year 2021 was huge. Data vulnerabilities due to a machine or human error are typically more subordinate risk because there is no sign the data was accessed, duplicated, or terminated from the disclosed database.
Data breaches are not a momentary panic — they may alter the path of a company’s life. Companies, administrations, and people alike can encounter massive difficulties from having sensitive data disclosed. A data breach reveals secret, discreet, or covered data to an unauthorized individual. The files in a data breach are considered and/or transmitted without authorization. Although a data breach can be the outcome of an ignorant blunder, real harm is likely if the individual with unauthorized access robs and trades Personally Identifiable Information (PII) or corporate information for monetary remuneration or to induce harm.
Malicious offenders care to pursue a fundamental practice: targeting a company for a breach takes methodology. They analyze their targets to know where the exposures are, such as bypassing or forgotten updates and worker vulnerability to phishing drives.
This post is all about the TOP security breaches of 2021.
Telecommunications big players like T-mobile encountered a data breach that leaked the personal data of almost 54 million people, in August 2021. There were two sets of disclosed data. The first one included clients’ social security numbers, date of birth, addresses, and driver’s licenses while the second one included clients’ IMEI and IMSI numbers. The hacker liable for the attack obtained access to T-Mobile’s interior systems via an unsecured router.
One of the largest Internet of Things (IoT) technology traders, Ubiquiti, Inc., cautioned its clients of a data breach induced by unauthorized entry to their database via a third-party cloud service provider. The email contact urged clients to change passwords and allow multi-factor authentication. The data disclosed may contain an unrevealed number of client names, email addresses, passwords, addresses, and contact numbers.
In April 2021, a key fuel provider Colonial Pipeline encountered a ransomware attack that broke its gas supply chain. A hacking group named DarkSide struck the company’s billing procedure and internal company network and robbed almost 100 gigabytes of data. The company’s heritage VPN design was overlooking multi-factor authentication which made it effortlessly accessible via a single password without the requirement for the second phase of text or email confirmation to hold the hackers out once they deduced the password. The ransomware attack locked the line for numerous days which led to a point in gasoline costs, fuel deficiencies, and panic purchasing.
In July 2021, IT management and security software firm Kaseya encountered a ransomware attack by the Russian hacking group REvil. The hacking group demanded $70 million for the ransomware attack. The firm’s remote monitoring and administration (RMM) tool was attacked due to SQL exposure directed to more than 1000 companies. The hacking group Revil exploited a zero-day exploit to avoid authentication protocols and executed random command execution in Kaseya’s Virtual System Administrator. Then, a malicious code was infiltrated into their customers’ systems via a bogus software update. Up to a million machines were encrypted and kept for ransom.
The parking app ParkMobile encountered a data breach in March. The attack was due to exposure to a third-party tool that gave in crucial client data such as phone numbers, email addresses, license numbers, vehicle aliases, and residential addresses of 21 million clients being circulated and traded on the dark web.
In May 2021, JBS, one of the biggest meat processors, was struck by a ransomware attack. Numerous beef and poultry processing factories over four continents were hit. After discovering they’d forfeit their whole database if they didn’t pay the ransom amount of $11 million, JBS paid via a bitcoin payment to the cybercriminals. JBS found the attack when the IT team discovered abnormalities in some of their interior servers. After reaching the FBI and security experts, they began to shut down machines to delay the attack’s effect. This plan was unsuccessful as it got two weeks to recover total command of their systems via backups.
Volkswagen declared a data breach by an illegal third party in June 2021. Affecting more than 3.3 million clients, a file that went unsecured by their trade agent was the reason behind the breach. The file included client data utilized for sales and marketing goals transiting from 2014 to 2019. The hacker was recognized by the nickname “000” and chose to trade the information of the database for about $5,000. The data that was leaked included names, residential addresses, phone numbers, social security numbers, driver’s licenses, and much more.
Infinity Insurance Company disclosed in March that there had been straightforward, unauthorized entry to files on servers in the Infinity web for two days. Infinity conducted a thorough examination of the files committed to the servers that were used and uncovered that some Social Security numbers or driver‘s license numbers were included in the files. This breach also impacted present or ex Infinity workers, where the disclosed data contained employees‘ names, Social Security numbers, and/or in restricted circumstances medical data concerning medical breaks or employee compensation lawsuits.
Four zero-day exposures were pinpointed in on-premises Microsoft Exchange Servers. These vulnerabilities were responsible for the data breaches. It gave attackers full access to emails and passwords and official certificates on impacted servers. They created a loophole that permitted an attacker to use weak servers even if the server is later elevated. The data leak had impacted more than 250,000 servers.
A major vulnerability in the famous Java logging package Log4j was disclosed. This bug permitted an attacker to take the entire possession of a server. Hackers exploited Apache’s Log4j exposure to strike more than 40% of business networks worldwide, making it one of the most intense exposures on the internet. Nearly one-third of all web servers globally have been involved since the exposure was initially disclosed on December 10, making Log4j a possibly destructive problem.