“We’re living in the beginning of an era of mass targeted attacks, things are bad and they’re going to get worse.” Nate Fick, CEO of security firm Endgame.
Wanted to make a list of the biggest and most damaging cyber attacks that were compiled in recent years. This is a “hall of shame” list of corporations, that handle sensitive data for all individuals, and most if not all of these breaches, were preventable.
1) The worst: Equifax Hack, that affected multiple millions, if not billions of people worldwide, since many believe that the true numbers haven’t yet been calculated. I don’t even know why this corporation even exists still. An organization dealing with people’s very sensitive info worldwide, and they haven’t got the first clue how to keep their data secure. Try calling their call centers and see if you manage to get anywhere. They still ask questions they’re not supposed to, like SIN numbers, major credit card, and everything under the sun. But when they pick up the phone, they supposedly have to “lie” about their names. I’m not making this up, I recorded it. Shame on Equifax that it took them two months to reveal the hack, the fact that information security pros warned them of what was to come, and they chose to sit dormant about it, the fact that they still utilize employees that don’t understand proper English and leave their records to be handled by TATA, who is a famously corrupt organization. It is evident by now, that data brokers should not exist.
2) The WannaCry ransomware (actually a successor of the HeartBleed virus) , that used leaked NSA hacking tools. Affected more than 150 countries and is still being reported throughout the world. In may of 2017, 300000 computers were affected from various diverse industries. There was actual human loss with this one: Hospitals that had their computers locked down, were forced to close temporarily. In an interview with CNN, a patient’s testimony was that his emergency cancer surgery was delayed as a result.
3) Uber’s app became compromised in 2016 and as a result, attackers stole credentials from 57 million customers. What’s more insulting, is that the company paid them $100,000 to cover it up. Uber is now under scrutiny by lawmakers. Senators introduced a bill that would make executives face jail time for covering up data breaches of any kind. Attorneys in LA and Chicago and the Washington state attorney general, are suing Uber over the breach. Congratulations to the new Uber CEO, Dara Khosrowshahi, for letting the public finally know of this breach this past November of 2017.
4) Verizon announced in October of 2017, that the reported 1 billion Yahoo accounts breached in 2013, were the wrong estimate. In reality, the findings were that ALL 3 billion Yahoo accounts were hacked. CEO said they didn’t even notice the breach until 2016.
5) In February of 2015, a triad of social engineers, hacked into the employee account of Antonio Marino, a Rogers installation technician. From there, they accessed and locked down several business and corporate customer accounts. Rogers denied to comply with their demand of 70 bitcoin in order to release the information back to them, and didn’t even alert the customers affected.
The Hall of Shame is actually never ending. We seem to be trusting our information to people who aren’t worth our trust. All of this, is only the beginning. 2017 may have seemed like the poster year for data breaches, but we’ve only hit the tip of the iceberg. Things will keep getting worse as time progresses, no evidence to the contrary.
Cyb3rS0ft 