Cybersecurity issues are becoming an increasingly recurring, day-to-day struggle for organisations. 2019 has been a major year for cyber attacks and data breaches, with both running at a record pace, in comparison to the last couple of years. According to Forbes, in 2019 alone, 4.1 billion data records were exposed, with 54% more cyber attacks experienced in 2019 in comparison to the first six months of 2018. Cyber security risks have increased dramatically, driven by greater global connectivity and the use of cloud services. The days of simple firewalls and antivirus software are long gone due to the volume of data being held. Cyber threats can come from any level and can cause extensive financial and non-financial damage. Here are the Top 10 Cybersecurity attacks of 2019.
On the 14th May 2019, WhatsApp experienced a highly sophisticated cyber attack which exploited their communication system in order to send malware to mobile devices of a number of users. The Guardian claimed that this attack affected 1.5 billion users, and that the hack was ‘serious rights violation.’
In October 2019, WhatsApp filed a complaint in the US court that attributes the attack to a spyware company called NSO group, an Israeli Cyber Weapons company. The NSO group’s software, pegasus, had the ability to collect intimate and sensitive data from a target device- data such as: reading messages, seeing contacts and also accessing the camera and microphone.
In May of this year Salt Communications‘ CEO, Joe Boyle spoke about why organisations shouldn’t be using Consumer apps for business, stating, “This attack could not have happened on the Salt Communications system. This latest WhatsApp hack emphasises the threat posed by consumer apps with open contact lists and directories. Claiming that an app is ‘secure’ simply because it uses encryption for the messages is a mistake. Security requires control and management around the encryption and Salt provides this protection better than anyone else on the market today.”
2. Quest Diagnostics
In May 2019, a hacker gained access to the American Medical Collection Agency (AMCA), a New York based billing collection company, who held large amounts of data from one of the largest blood testing laboratories in the United States, Quest Diagnostic. The hacker was able to steal the health information on 11.9 million patients of Quest Diagnostics from the AMCA system. The breach first came to light in May when it was discovered that the card details of 200,000 patients had been listed for sale on the darknet marketplace. Quest Diagnostic made a public announcement in June 2019 that records such as: credit card numbers, bank account information, medical details, personal identity and contact details (including social security numbers) were compromised during the breach, leading patients being highly susceptible to financial fraud.
As a result, AMCA stated that they hired a third party forensics firm, Optum, to conduct an internal investigation of the incident and the agency was then to provide 24 months of credit monitoring to anyone who had their social security number or credit card compromised. Since the attack, Quest Diagnostic has ceased using AMCA for collection services, and in June 2019, AMCA filed for bankruptcy.
3. Capital One
Capital one is one of the largest banks in the US. They experienced a data breach in March 2019 which exposed the personal information of nearly 106 million of bank’s customers and applicants. The breach resulted in a hacker gaining access to personal information related to credit card applications from 2005 to early 2019.
The hacker was revealed as Paige Thompson, who used to work as a software engineer for Amazon Web Services, the cloud hosting company that Capital One was using. According to the US Department of Justice, Thompson broke into the server and gained access to 140,000 social security numbers, 1 million social insurance numbers and 80,000 bank account numbers.
According to Capital One, the issue was immediately fixed when diagnosed and those who’s confidential information was affected were immediately offered ‘free credit monitoring and identity protection.’ Betsy Graseck, a Morgan Stanley Analyst estimated that Capital One could face anywhere between $100 million to $500 million in U.S. fines for the breach. Furthermore, 4 months after the massive data breach, former Chief Information Security Officer, Michael Johnson was demoted from his role within Capital One.
4. European Government
Two months before the European elections, the European government was targeted by Russian hackers, according to a claim from cyber security firm, FireEye. The cybersecurity firm found two state-sponsored hacking groups, APT28 and Sandworm, used spear phishing in an attempt to obtain critical and confidential government information.
It is believed the hackers sent an email link that downloads malware or directs users to authentic but fake sites, luring an individual to change their password, thus allowing hackers to gather credentials. The software was designed to gain access to sensitive documents as part of a Russian interference campaign. It was claimed by FireEye analyst, Benjamin Read, “Russia could be gathering up to leak data that could be damaging for a particular political party or candidate ahead of the European election or to help inform Russia’s political decisions.”
5. First American Financial Corporation
In May 2019, American Financial Corporation, US financial services company, experienced a cyber attack that leaked 885 million digital documents relating to mortgage deals going back to 2003. This breach was the second largest data breach in history behind the 3 billion accounts that were impacted by the Yahoo hack of 2013. The data leak included: bank account numbers, statements, mortgage, tax records, social security numbers, wire transaction receipts and drivers license images. It is believed that there was a flaw in the back end of the First American’s website causing the leakage of data.
The leaked documents were a treasure trove for cyber criminals in terms of both person identity theft and business email compromise attack of clients in America, Canada and Europe. Immediate action was taken as The New York Department of Financial Services opened a probe of the data leak, while the US Securities and Exchange Commission began looking to see if the leak violated any federal security laws.
The food delivery service that operates in 4,000 cities across the US and Canada, DoorDash, announced in September 2019 that 4.9 million records were accessed by an unauthorised party in a breach that occured in May 2019. The data breach exposed the data of DoorDash users, DoorDash merchants and delivery personnel. It was revealed that names, email addresses, order histories, phone numbers, delivery addresses and passwords were accessed, as well as some consumers last 4 digits of their payment cards. Furthermore, 100,000 delivery workers had their drivers license information stolen in the breach.
Mattie Magodovitx, a DoorDash spokesperson, has stated that as a result of the attack, DashDoor began “deploying additional protective security layers around the data and improved security protocols that govern access to DoorDash systems.” The company is also reaching out directly to those individuals affected.
Facebook has had a number of data breaches in 2019. In April 2019, 540 million users data was exposed to the internet. According to UpGuard, Facebook allowed two apps to access it’s users data stored personal information on insecure servers without putting security measures in place.
It was discovered by Amazon Web Service that a Mexican digital publisher, Cultura Colectiva, had uploaded the user’s Facebook ID, comments, likes, reactions and account names. Facebook and Amazon worked together to remove both sets of data.
In September 2019, a further 419 million phone numbers linked to Facebook accounts were found online across geographies, including: 133 million records on US based Facebook, 18 million in the UK and 50 million in Vietnam. The incident put users at risk of spam calls and sim swapping attacks due to the fact that an attacker can reset a user’s password when it has their phone number. Both incidents come closely after the increasing Facebook scrutiny from regulators in the UK and the US since the Cambridge Analytica scandal.
2019 was a year to forget for Japanese car giants Toyota whom it was reported suffered two cyber attacks in the same year. The first attack happened in February 2019 and then again on the 21st March 2019, when the network that stored personal data of nearly 3.1 million customers stored was exposed. According to Forbes, the hackers gained ‘unauthorised access’ to the Toyota database revealing personal information, such as: name, contact information, date of birth and employment status. It has since been maintained that no customer financial information was exposed. With this being the second data breach in 5 weeks, it was understandable why consumers became concerned for their personal safety.
On the same day as the Toyota Japan data breach, Vietnam and Thailand also announced cyber-security incidents in March. Due to the number of attacks in various countries in 2019, Toyota are beginning to ‘forensically analyse each data breach to ensure that customer safety and security remains a top priority’
9. Disney Plus
On the 12th of November 2019, Disney released their new streaming service, Disney Plus, and within hours they had 10 million users and also suffered from a cyber attack. It is believed that the attack was more than liked a credential stuffing, which is the stealing of account credentials (passwords and usernames). In this particular case, it is believed the hacker obtained access to data from a previous hack and used the username and password combos to hack into Disney + accounts.
Moreover, according to an investigation by Zdnet’s, Catalin Cimpanu, hackers were offering accounts for sale on underground cyber forums- the black web. Security researchers found evidence that each username and password combo was being sold for between $3 and $11.
On the 23rd April 2019, Flipboard, a news aggregator and social network aggregation company, suffered a data breach. According to a security notice posted by flipboard, “unauthorised access” to the database took place and with 150 million users, many were at risk. The hacker is confirmed to have “potentially obtained copies of certain databases containing flipboard user information.” It is claimed that those who created a password before March 2012 will be hashed with a strong password-hashing algorithm named Bcrypt, which is considered hard to crack. Those passwords created after March 2012 were salted and hashed with SHA-1, a weaker algorithm.
It was revealed that the hackers had access to Flipboard’s internal system for almost nine months and then for a second time on 23rd April 2019. The company informed users of the data breach in a series of emails in which it explained that hackers gained access to the database. They also contacted law enforcement and launched an investigation with the help of an external security company to carry out a thorough forensic investigation.
Why is Cyber Security so important?
2019 has been a year of major technological advancements, accompanied with this has been an increase in cybercrime. Society is becoming more technologically reliant than ever before, and there is no sign that this trend will slow. Nearly everyone is reliant on computer systems in their day to day life, combine this with the rise of cloud services, poor cloud service security, smartphones and the internet of things, we have a myriad of cyber security threats that didn’t exist a couple of years ago. With these developments in technology, it is impossible to keep up with the new concepts of cyber crime that hackers are developing and it is only expected for cyber crime to get worse. Therefore, it is more important than ever for cyber security measures to be put in place, and there are endless methods of doing so.
- Keep informed and protect all your devices.
- Move beyond antivirus software.
- Carry out a cyber health check often, looking for areas of vulnerability
- Detect potential security incidents and monitor user access
- Minimise the impact and limit data access
- Invest in a closed secure communications platform, such as Salt Communications, to protect sensitive information and client data against cyber criminals
- Salt Communications works with many industries globally providing a secure and safe haven for the communication of confidential and sensitive information about critical events in real time through their award winning secure communications solutions.
- Establish control over third-party partnerships
- Continuous improvements to ensure all software is up to date
To find out more information about Salt Communications please contact firstname.lastname@example.org
About Salt Communications
Salt Communications is a multi-award winning cyber security company providing a fully enterprise-managed software solution giving absolute privacy in mobile communications. It is easy to deploy and uses multi-layered encryption techniques to meet the highest of security standards. Salt Communications offers ‘Peace of Mind’ for Organisations who value their privacy, by giving them complete control and secure communications, to protect their trusted relationships and stay safe. Salt Communications is headquartered in Belfast, N. Ireland, for more information visit our website.