Wiki

Data Breaches 2021

January

  1. Livecoin: Following an alleged hack in December, cryptocurrency exchange Livecoin slammed its doors shut and exited the market in January. The Russian trading post claimed that threat actors were able to break in and tamper with cryptocurrency exchange rate values, leading to irreparable financial damage.
  2. Microsoft Exchange Server: One of the most damaging cybersecurity incidents this year was the widespread compromise of Microsoft Exchange servers caused by a set of zero-day vulnerabilities known collectively as ProxyLogon. The Redmond giant became aware of the flaws in January and released emergency patches in March; however, the Hafnium state-sponsored threat group was joined by others for months after in attacks against unpatched systems. Tens of thousands of organizations are believed to have been compromised.
  3. MeetMindful: The data of over two million users of the dating app was reportedly stolen and leaked by a hacking group. The information leaked included everything from full names to Facebook account tokens.

February

  1. SITA: An IT supplier for aviation services around the world, SITA, said a security incident involving SITA Passenger Service System servers led to the exposure of personal, identifiable information belonging to airline passengers. Airlines involved in the data breach were then required to reach out to their customers.
  2. ATFS: A ransomware attack against payment processor ATFS forced multiple US cities to send out data breach notifications. The cybercriminal group which claimed responsibility, Cuba, claimed to have stolen a wide range of financial information on their leak site.

March

  1. Mimecast: Due to the Solarwinds supply chain attack disclosed in December 2020, Mimecast found itself as a recipient of a malicious software update that compromised the firm's systems. Mimecast said that its production grid environment had been compromised, leading to the exposure and theft of source code repositories. In addition, Mimecast-issued certificates and some customer server connection datasets were also caught in the breach.
  2. Tether: Tether faced an extortion demand from cyberattackers who threatened to leak documents online that would "harm the Bitcoin ecosystem." The demand, of approximately $24 million or 500 Bitcoin (BTC), was met with deaf ears as the blockchain organization refused to pay.
  3. CNA Financial: CNA Financial employees were left unable to access corporate resources and were locked out following a ransomware attack which also involved the theft of company data. The company reportedly paid a $40 million ransom.

April

  1. Facebook: A data dump of information belonging to over 550 million Facebook users was published online. Facebook IDs, names, dates of birth, genders, locations, and relationship statuses were included in the logs, of which Facebook -- now known as Meta -- said was collected via scraping in 2019.

May

  1. Colonial Pipeline: If there was ever an example of how a cyberattack can impact the physical world, the cyberattack experienced by Colonial Pipeline is it. The fuel pipeline operator was struck by ransomware, courtesy of DarkSide, leading to fuel delivery disruption and panic buying across the United States. The company paid a ransom, but the damage was already done.
  2. Omiai: The Japanese dating app said unauthorized entry may have led to the exposure of data belonging to 1.7 million users.
  3. Komisi Pemilihan Umum (KPU): Pada 22 Mei 2020 lalu, peretas mengklaim telah membobol 2,3 juta data warga Indonesia dari Komisi Pemilihan Umum (KPU). Informasi itu datang dari akun @underthebreach, yang sebelumnya mengabarkan kebocoran data e-commerce Tokopedia. Akun itu juga menyebutkan bahwa peretas membocorkan informasi 2.300.000 warga Indonesia. Data termasuk nama, alamat, nomor ID dan tanggal lahir. Data tersebut diperkirakan merupakan data tahun 2013.
  4. BPJS Kesehatan: Pada Mei 2021 BPJS mengalami pembobolan data, diduga sebanyak 279 juta data penduduk Indonesia yang berasal dari BPJS kesehatan bocor dan dijual di forum hacker.Dewan Pengawas (Dewas) BPJS Kesehatan mencermati risiko keamanan nasional pada isu kebocoran data yang diduga milik BPJS Kesehatan.

June

  1. Volkswagen, Audi: The automakers disclosed a data breach impacting over 3.3 million customers and some prospective buyers, the majority of which were based in the United States. A finger was pointed at an associated vendor as the cause of the breach, believed to be responsible for exposing this data in an unsecured manner at "some point" between August 2019 and May 2021.
  2. JBS USA: The international meatpacking giant suffered a ransomware attack, attributed to the REvil ransomware group, which had such a disastrous impact on operations that the company chose to pay an $11 million ransom in return for a decryption key to restore access to its systems.

July

  1. UC San Diego Health: UC San Diego Health said employee email accounts were compromised by threat actors, leading to a wider incident in which patient, student, and employee data potentially including medical records, claims information, prescriptions, treatments, Social Security numbers, and more were exposed.
  2. Guntrader.uk: The UK trading website for shotguns, rifles, and shooting equipment said that records belonging to roughly 100,000 gun owners, including their names and addresses, had been published online. As gun ownership and supply are strictly controlled in the UK, this leak has caused serious privacy and personal safety concerns.
  3. Kaseya: A vulnerability in a platform developed by IT services provider Kaseya was exploited in order to hit an estimated 800 - 1500 customers, including MSPs.
  4. eHAC: Dugaan kebocoran data dari aplikasi Indonesia Health Alert Card atau eHAC yang digagas kemenkes pertama kali diungkapkan oleh tim peneliti dari vpnMentor, sejak 15 Juli lalu.
  5. BRI Life: Sempat ramai beredar di media sosial ihwal dugaan penjualan data dua juta nasabah BRI Life dengan harga $7.000 atau sekitar Rp 101,6 juta. Unggahan tersebut dibeberkan akun Twitter @HRock. Terdapat 463.000 dokumen yang diperjualbelikan. Dokumen yang tertera dalam tangkapan layar berupa foto KTP elektronik, nomor rekening, nomor wajib pajak, akte kelahiran, dan rekam medis nasabah BRI Life.

August

  1. T-Mobile: T-Mobile experienced a yet-another data breach in August. According to reports, the names, addresses, Social Security numbers, driver's licenses, IMEI and IMSI numbers, and ID information of customers were compromised. It is possible that approximately 50 million existing and prospective customers were impacted. A 21-year-old took responsibility for the hack and claimed to have stolen roughly 106GB of data from the telecoms giant.
  2. Poly Network: Blockchain organization Poly Network disclosed an Ethereum smart contract hack used to steal in excess of $600 million in various cryptocurrencies.
  3. Liquid: Over $97 million in cryptocurrency was stolen from the Japanese cryptocurrency exchange.

September

  1. Cream Finance: Decentralized finance (DeFi) organization Cream Finance reported a loss of $34 million after a vulnerability was exploited in the project's market system.
  2. AP-HP: Paris' public hospital system, AP-HP, was targeted by cyberattackers who managed to swipe the PII of individuals who took COVID-19 tests in 2020.
  3. Debt-IN Consultants: The South African debt recovery firm said a cyberattack had resulted in a "significant" incident impacting client and employee information. PII, including names, contact details, salary and employment records, and debts owed, are suspected of being involved.

October

  1. Coinbase: Coinbase sent out a letter to roughly 6,000 users after detecting a "third-party campaign to gain unauthorized access to the accounts of Coinbase customers and move customer funds off the Coinbase platform." Cryptocurrency was taken without permission from some user accounts.
  2. Neiman Marcus: In October, Neiman Marcus made a data breach that occurred in May 2020 public. The intrusion was only detected in September 2021 and included the exposure and potential theft of over 3.1 million payment cards belonging to customers, although most are believed to be invalid or expired.
  3. Argentina: A hacker claimed to have compromised the Argentinian government's National Registry of Persons, thereby stealing the data of 45 million residents. The government has denied the report.
  4. KPAI: Pakar keamanan siber dari Vaksincom, Alfons Tanujaya mengaku sudah mengetes kasus dugaan kebocoran data Komisi Perlindungan Anak Indonesia (KPAI) yang tersebar di RaidForums. Ia menyimpulkan bahwa data yang dibocorkan adalah data valid. Sebelumnya dilaporkan database milik KPAI diduga bocor di internet. Data ini muncul di RaidForums dengan judul Leaked Database KPAI (kpai.go.id) yang diunggah 13 Oktober 2021.

November

  1. Panasonic: The Japanese tech giant revealed a cyberattack had taken place -- a data breach occurring from June 22 to November 3, with discovery on November 11 -- and admitted that information had been accessed on a file server.
  2. Squid Game: The operators of a cryptocurrency jumping on the popularity of the Netflix show Squid Game (although not officially associated) crashed the value of the SQUID token in what appears to be an exit scam. The value plummeted from a peak of $2,850 to $0.003028 overnight, losing investors millions of dollars. An anti-dumping mechanism ensured that investors could not sell their tokens -- and could only watch in horror as the value of the coin was destroyed.
  3. Robinhood: Robinhood disclosed a data breach impacting roughly five million users of the trading app. Email addresses, names, phone numbers, and more were accessed via a customer support system.

December

  1. Bitmart: In December, Bitmart said a security breach permitted cyberattackers to steal roughly $150 million in cryptocurrency and has caused total losses, including damages, to reach $200 million.
  2. Log4j: A zero-day vulnerability in the Log4j Java library, a remote code execution (RCE) flaw, is now being actively exploited in the wild. The bug is known as Log4Shell and is now being weaponized by botnets, including Mirai.
  3. Kronos: Kronos, an HR platform, became a victim of a ransomware attack. Some users of Kronos Private Cloud are now facing an outage that may last weeks -- and just ahead of Christmas, too.

Source

Retrieved from "https://kangtain.com/wiki/index.php?title=Data_Breaches_2021&oldid=6950"