The Biggest Data Breaches of 2020
Check out the biggest data breaches of 2020. Get details on who are hackers targeting and why. Learn how to know if your data was published on the dark web.
Join the DZone community and get the full member experience.Join For Free
The COVID-19 pandemic has introduced significant economic disruption. However, online interactions and activities have not slowed down. Moreover, many people failed to maintain their online privacy and security. Data breaches, network infiltrations, and bulk data theft all occurred that year. Identity theft and ransomware outbreaks were also common.
Recent Well-Known Data Breaches
Scores of cybercriminals infiltrated various databases and extracted confidential information. This left millions of people at risk of identity theft. Details such as social security numbers, birthdates, addresses, tax ID numbers, and driver’s license information were exposed.
1. ExecuPharm Data Stolen
On March 13, 2020, pharmaceutical company ExecuPharm became the victim of a ransomware attack. The CLOP ransomware group exfiltrated their data and then posted it on the Internet. ExecuPharm did not pay the ransom. Data was compromised and posted on the internet by the group.
The following data was leaked: social Security numbers, financial information, drivers’ license information, passport information, emails, and database back-ups. Presently, there is no known decryption tool for the CLOP ransomware.
2. Nintendo: Latest Victim of Credential Stuffing
The recent data breach that hit Nintendo affected 300,000 accounts. This resulted in account takeovers and financial losses for a host of users. In a statement issued on the 24th of April 2020, the credential stuffing was identified as the main method to conduct the data breach. The culprits responsible remain unnamed.
Credential stuffing attacks usually lead to account takeover, and victims that use the same password for each online account may suffer significant financial losses. Aside from the leak of Personal Identifiable Information (PII); stored credit card data was also compromised.
3. Google Also Hacked
On December 17, 2020, Google experienced a massive global outage. It denied users access to any Google service, including Gmail, YouTube, and Google Docs. With more than 1.5 billion users globally, it’s hard to tell how many accounts were hacked during the 45 minutes that service was unavailable.
Google claims the authentication system outage was due to an internal storage quota issue. Cybersecurity experts warned of a potentially massive data breach. The company has not confirmed these claims regarding a possible data breach, nor is there evidence of it yet.
4. CAM4 Exposes 10.88 Billion Records
A database full of extremely sensitive information was left without password protection on the web. The vulnerability in adult live-streaming website security was discovered by Safety Detectives. The database exceeded 7 terabytes with production logs dating from March 16, 2020, and increasing daily, containing 10.88 billion records.
Full names, email addresses, sexual orientation, and chat transcripts were exposed. Safety Detectives reported the discovery of 11 million records, including emails, which allowed their team to identify affected users by country.
Who Are Hackers Targeting and Why?
1. The Medical Industry
Yearly, more than 25 percent of all data breaches affect hospitals and healthcare facilities. The healthcare industry is a target due to all the private health information it stores.
For instance, a health care facility has medical records containing everything from a patient's social security number to their medical history. Also, patient data can easily be sold off.
Those who conduct a dark web search for dubious reasons often seek out health records. Hackers use the records as blackmail or sell to the highest bidder.
2. The Financial Industry
The financial industry attracts hackers because of the type of private information that they contain. Databases full of information such as credit card numbers and social security numbers are commonplace in the industry. Hackers really want this type of information.
3. Small Businesses
Unlike large businesses, small businesses cannot afford to install strong cybersecurity infrastructure. This leaves them vulnerable to hacks such as ransomware attacks. Hackers understand that small businesses would rather pay the ransom than hire IT support to thwart the attack.
How to Check If Your Information Was on the Dark Web
The dark web is an intentionally hidden part of the internet. It is not indexed by search engines and requires a specific browser to access it. You can do a dark web search to find out if your information is publicly displayed.
A dark web search is a service offered by companies. They can search the dark web for you, combing through its large databases of stolen data. This includes usernames, passwords, social security numbers, and credit card numbers. There is so much data for sale it really is unnerving. You will then be notified of the results.
Scam and Data Breach Protection
Thankfully, there are a few effective ways to protect against data breaches. Let’s consider them below.
- Create complex passwords and always use multi-factor authentication when available.
- Shop with a credit card and set up account alerts.
- Guard against identity theft by safeguarding your data.
- Invest in quality anti-malware and anti-virus software.
Those are but to name a few. Also, we can expect that technology will continue to keep up with security breaches. You just need to stay alert and up to date with the latest news in this area.
The best safeguard against data breaches is to prevent them. You can do this by ensuring that data is adequately protected. Also, minimize the risk of data breaches by following best practices and managing your online activity. Regularly conduct a dark web search to stay abreast of what fraudsters are up to. These measures are not an absolute guarantee but will help immensely.
Opinions expressed by DZone contributors are their own.