The first quarter of 2019 witnessed some of the most disastrous cybersecurity attacks and data breaches and without a doubt, the Mega #Collection 1 breach, in which almost a billion records were publicly exposed for sale, was the king of them all.
Organizations and cybersecurity experts are trying their best to ward off the hackers, but despite those efforts, the accelerating trend of cyber attacks doesn’t seem to have slowed down even a bit. The frequency of attacks and the volume of information stolen keeps on rising day by day.
Here, we have compiled a list of some of the most prominent cybersecurity attacks and data breaches which surprised the information security industry in the second quarter of 2019.
Top Cybersecurity Attacks and Data Breaches of Q2 2019
Citrix Data Breach
Date of Occurrence: May 2nd, 2019
Citrix released a statement and revealed a probable data breach as hackers had broken into their systems between October 2018 and March 2019. The company issued a letter to the customers who had been potentially breached. The software firm speculated that the hackers may have stolen the social security numbers, personal data of users, financial information and other substantial info on current as well as former company employees. The company is working with the FBI in order to investigate the attack effectively.
AMC Networks Security Incident
Date of Occurrence: May 3rd, 2019
The famous TV network AMC’s premium video streaming platforms Shudder and Sundance Now were potentially breached and the personal information of around 1.5 million of their subscribers was potentially stolen as the company had accidentally left its databases open for public access. The exposed databases include personal information of subscribers, subscription plan details and last four digits of credit cards. The company had gathered video analytics data of around 450,000 users that included IP addresses, ZIP codes and other location details of users with the help of another firm called Youbora and even that data was exposed.
Wyzant Hacking Incident
Date of Occurrence: May 7th, 2019
Wyzant, a renowned online tutoring platform, was allegedly breached by a hacker when he successfully got into the company’s databases. This data breach may have exposed sensitive data like usernames, email addresses, profile pictures and ZIP codes of around 2 million Wyzant users and 80,000 online instructors,
Freedom Mobile Data Breach
Date of Occurrence: May 9th, 2019
Canada based telecommunications giant Freedom Mobile suffered a principal data breach as one of its databases containing sensitive information of around 1.5 million of its users was found exposed and unprotected on an Elasticsearch server. This breach may have compromised names of their customers, email addresses, dates of birth, home addresses, telephone numbers, bank account details and credit card information.
Uniqlo Data Breach
Date of Occurrence: May 13th, 2019
A subsidiary of one of the biggest retail firms of Asia called Fast retailing Co., Uniqlo announced a data breach as hackers broke into their servers and obtained information of around 460,000 of their customers. The stolen information includes names, addresses and partial credit card information of the users. As a precautionary measure, the company urged its customers to change their user credentials.
Pacers Sports Entertainment (PSE) Security Breach
Date of Occurrence: May 13th, 2019
Pacers Sports Entertainment (PSE), which manages the legal affairs of the basketball team Indiana Pacers, announced a major security breach caused by a phishing email campaign. Although the number of affected individuals is still unknown, the data breach may have exposed names, dates of birth, addresses, medical insurance information, Social Security Numbers, passport numbers, usernames, passwords, digital signatures and sensitive banking information. The company has still not revealed whether the leaked information belongs to its users or employees.
WhatsApp Data Leak
Date of Occurrence: May 14th, 2019
World's leading online messaging app and a subsidiary of Facebook, WhatsApp faced a potentially massive data leak. The leak left 1.5 billion WhatsApp users vulnerable as the app experienced a major security flaw and fell victim to spyware designed by an Israeli government surveillance agency called NSO. As a result of the attack, the users of the app may have been spied on through their WhatsApp messages, connected third party apps and their phone's camera and microphone.
Instagram Data Breach
Date of Occurrence: May 20th, 2019
Sensitive information of more than 49 million Instagram influencers, brands and famous celebrities was exposed when an India based social media marketing agency carelessly left the Instagram data unprotected on a database of Amazon Web Services. As reported by TechCrunch, profile pictures, location info, bio, contact numbers and email addresses of several high-profile social media accounts were possibly breached.
Inmediata Health Group Data Leak
Date of Occurrence: May 23rd, 2019
Inmediata Health Group’s website experienced a significant data leak and useful information of their patients was exposed. The leak happened when a website setting allowed search engines to list the internal pages of their website which contained names, dates of birth, addresses, medical insurance numbers and Social Security numbers of around 1.5 million of their patients. The company later notified the affected users and assured that it would bolster its security further.
First American Financial Corp. Insurance Records Leak
Date of Occurrence: May 24th, 2019
Almost 885 million documents related to mortgage deals and other insurance records were leaked by the Fortune 500 title insurance giant First American Financial Corp. The records, some of which dated back to 2003, were available without authentication to anyone with a web browser and the URL of the files. Many of the exposed files include Social Security numbers, bank account information, wire transaction receipts, driving license numbers and mortgage and tax records of the company’s customers. The authorities are still not clear for how long the databases were sitting exposed on the website like that, but there are some documents available on the site which date back to March 2017.
Canva Data Breach
Date of Occurrence: May 24th, 2019
Australian online design unicorn Canva suffered a massive data breach as hackers stole the data of 139 million Canva users. The hacker allegedly stole user records of the company up to 17th May and as soon as the breach was detected, Canva authorities closed their unprotected database servers. The exposed information included customer’s usernames, real names, email addresses and locations. As a safeguard measure, the company later requested its users to change their usernames and passwords.
Flipboard Hacking Incident
Date of Occurrence: May 29th, 2019
The largely popular news aggregator with almost 150 million monthly users, Flipboard was hacked twice between June 2nd, 2018 and April 22nd, 2019. The company posted a security notice and accepted that some third party had apparently obtained copies of Flipboard’s databases containing sensitive user information.
Malware Attack on Checkers and Rally’s
Date of Occurrence: May 29th, 2019
Checkers and Rally’s, the famous restaurant chain, experienced a severe malware attack which affected hundreds of its restaurants. The hackers had designed the malware to collect payment card information like cardholder name, card number and expiration date of the customers. The company assured its customers that it was promptly trying to minimize the damage caused and enhance the security of its systems and databases.
Quest Diagnostics Data Breach
Date of Occurrence: June 3rd, 2019
On June 3rd, 2019, one of the largest clinical testing networks in the US, Quest Diagnostics, disclosed a data breach, which may have impacted personal information of around 11.9 million patients. Quest Diagnostics data breach occurred after the payments page of one of the Quest's billing collection vendors AMCA was taken into control by hackers between August 2018 and March 2019. Important information of the patients of Quest Diagnostics Labs related to financial account data like credit card information, bank accounts, Social Security numbers along with other sensitive medical information was exposed.
LabCorp Data Leak
Date of Occurrence: June 4th, 2019
A day after Quest Diagnostics announced its data breach news, another medical testing company, LabCorp, declared that the data of its patients was also compromised. LabCorp, in a filing with the US Securities and Exchange Commission, said that around 7.7 million consumers were affected by a breach at third-party collections firm AMCA. Although the customer reports kept on LabCorp databases were relatively less sensitive, still, names, addresses, birth dates, and balance information of customers was revealed.
Opko Health Data Breach
Date of Occurrence: June 6th, 2019
On June 6th, 2019, Opko Health announced a data breach that affected around 4,22,600 of its customers. Sensitive data related to credit card and bank account information, email addresses, residential addresses, phone numbers, and account balance information was exposed by the hack. Opko Health Inc was notified about the data breach incidence by its former billing collections vendor regarding unauthorized access to information of its customers, thereby making it the 3rd healthcare company to be affected by a similar incident.
Emuparadise Security Incident
Date of Occurrence: June 10th, 2019
Emuparadise, a gaming website, reported an information security incident which may have resulted in a breach of usernames, passwords and IP addresses of more than 1.1 million of its users. Emuparadise is a retro gaming forum which used to offer a selection of ROMs for old games on platforms including Atari, Nintendo and Sony PlayStation. In order to stay out of copyright trouble, the operators of the website decided to stop hosting ROMs, but the platform still remains a popular outlet for retro gaming fans.
U.S. Customs and Border Protection Data Leak
Date of Occurrence: June 10th, 2019
US Customs and Border Protection revealed that images of travelers’ faces and license plates were compromised in a cyberattack. Around 100,000 people were affected while entering and exiting a border entry point. The photographs that were taken belonged to people in vehicles entering and exiting the US over a month and a half through a single land border entry port. The stolen information did not include any other identification, and no passport or any other travel document pictures were compromised. News of the breach raised alarms in Congress, where lawmakers have questioned the surveillance measures taken by the government in order to protect the constitutional rights of people and save millions of them from identity theft.
Evite Security Breach
Date of Occurrence: June 11th, 2019
A social planning and e-invitations service company and one of the biggest sites on the internet, Evite, officially admitted about a security breach on June 11, 2019. A hacker named Gnosticplayers claimed to be selling 10 million Evite user records including full names, email addresses, IP addresses and cleartext passwords. According to Evite, the malicious intruder stole an inactive data storage file that was holding information on some Evite user accounts. The online portal revealed that potentially affected information could also include usernames, email addresses, passwords, phone numbers, and mailing addresses of the customers.
Total Registration Data Breach
Date of Occurrence: June 11, 2019
Total Registration was informed of a misconfigured file system by a security researcher who wanted to make sure that the information involved was not improperly accessed or misused. Upon investigation, it was discovered that one of its developers had misconfigured a setting within its Amazon S3 file storage service. Except for the reporter/researcher who notified Total Registration of the misconfiguration inside the server, no third-party access has yet been reported. In order to correct the problem, the company immediately reconfigured its settings for its file storage systems. The portal is now implementing additional security measures designed to prevent the reoccurrence of such incidents.
Evernote Security Incident
Date of Occurrence: June 12th, 2019
A leading browser-centric and cloud security company, Guardio, recently discovered a major flaw in Evernote's Web Clipper Chrome Extension's code that rendered it vulnerable, thereby allowing threat actors to access personal information from users' online services. Since the browser's domain-isolation mechanisms were broken, the code could be executed by the attackers to perform actions on behalf of the users and steal financial data, private social media conversations, personal emails and more. About 4,600,000 users of Evernote were affected because of this security breach incident.
EatStreet Data Breach
Date of Occurrence: June 18th, 2019
Online and mobile food ordering service EatStreet, disclosed a serious security breach where a hacker stole the company's database, along with customer and partner details. A hacker named Gnosticplayer who had earlier entered into the security systems of online services like Canva, UnderArmor, Evite, etc., may be responsible for this attack also. Accessed information included names, phone numbers, email addresses, bank account details and routing numbers of restaurants and delivery services. Other information that might have been stolen included credit card details, verification codes, billing addresses, email addresses, phone numbers and more. The hacker claimed that he had gained access to over 6 million user records from the company's servers.
Oregon DHS Security Breach
Date of Occurrence: June 18th, 2019
Oregon Department of Human Services recently reported a data breach that may have exposed the personal information of about 1.6 million residents served by the department. The department revealed that nearly 2 million employee emails were left exposed and vulnerable to unauthorized access. The emails could have contained sensitive information related to clients including their full names and Social Security numbers. An outside investigator has been hired to discover how many records were impacted and how the information was used.
Desjardins Data Leak
Date of Occurrence: June 20th, 2019
The largest federation of credit unions in North America, Desjardins Group, faced a cyberattack by one of its own ill-intentioned employees, that resulted in leaking of information including names, birth dates, social insurance numbers, addresses, telephone numbers, email addresses, along with information on banking habits of around 2.7 million individuals and 173,000 businesses that form around 41% of the company's overall client base. The records were disclosed without authorization and to unnamed people.
Dominion National Data Breach
Date of Occurrence: June 26th, 2019
Dominion National, an insurer and administrator of dental and vision benefits, recently received a notice regarding a data security breach and internal investigation revealed that servers containing enrollment data, demographic details, information of consumers, plan producers, and healthcare providers could have been accessed by an authorized party. The response to the attack was made immediately and affected servers were cleaned and a comprehensive review of data stored on potentially accessible servers was initiated. The comprehensive review revealed that names, addresses, dates of birth, email addresses, Social Security numbers, and ID numbers of customers could have been compromised. However, Dominion National clarified that no evidence of misuse of any acquired information was found.
Maryland Department of Labor Data Breach
Date of Occurrence: July 8th, 2019
The Maryland Department of Labor announced that its databases containing Personally Identifiable Information (PII) were accessed without authorization by some unknown actors. The breached files were stored on the Literacy Works Information System and some other unsecured databases. Some of these files dated back to 2009 and possibly contained information like Social Security numbers, names, dates of birth, residential details and record numbers. According to the authorities, around 78,000 people may have been affected during the data breach incident.
Phishing Attack on Los Angeles County Department of Health Services
Date of Occurrence: July 10th, 2019
A targeted phishing attack on the Los Angeles County Department of Health Services and the negligence of an employee led to a significant data breach as names, addresses and social security numbers of around 14,000 patients were stolen by hackers.
If we observe these cybersecurity attacks closely, we may clearly understand the fact that organizations are now far more susceptible to cyberattacks than ever. The hackers continue to target security systems more efficiently and correspondingly, the companies, however big or small, need to react strongly. Responsible for data breaches in a majority of cases, the company employees now sincerely need to understand their role in terms of data security and how their activities can impact overall business performance. As the year advances, it will be intriguing to witness how such reactions will shape the overall picture and how matters progress in the cybersecurity realm.