Core Blog

Data under attack: the year's biggest breaches so far

Written by Lucy Wright | Jul 23, 2020 9:00:00 AM

Data breaches are happening all the time.

In May 2020, 40 million records were breached when a Thai mobile phone network, AIS, had their database exposed. And while this breach was addressed and resolved quickly by the company, even the smallest breach can have a lasting and damaging effect both on the organisation that has been hacked, and the victims of it. In May this year, the identities of 250 abuse survivors in Northern Ireland were revealed by the Historical Institutional Abuse Enquiry, in what was called a "massive" error; a monthly newsletter was sent to a mailing list without the survivors names being concealed.

It's obvious then, that the nature of the data that has been breached makes some attacks more significant and impactful than others. But for every organisation, a data breach is an embarrassing and damaging event that can permanently tarnish a company's reputation.

With Covid-19 dominating the news headlines for most of the year, many data breaches have happened relatively unnoticed; but they have happened. Here are some of the biggest data breaches of 2020 that you might not have heard about…

MGM Resorts

When? February 2020

How? Hackers

What? In February, the personal details of 10.6 million hotel guests at MGM Resorts were accessed and posted on a hacking forum. Names, home addresses, phone numbers, emails and even the dates of birth of some hotel guests were shared. In July of this year, more than 140 million personal records of MGM Resorts hotel guests were found for sale on the Dark Web suggesting that the initial breach was actually larger than first reported.

Source: https://www.bbc.co.uk/news/technology-51568885

Antheus Tecnologia

When? March 2020

How? Access through an unsecured server

What? In March this year, it was revealed that a Brazilian biometric solutions company which held sensitive information including more than 70,000 fingerprints, had suffered a breach through an unsecured server. The server did not hold fingerprint scans, but did it hold binary code which hackers could use to recreate them. It was reported that the company had failed to password protect or encrypt their database, which also included administrator login information, employee phone numbers and company emails. 

Source: https://www.cnet.com/news/thousands-of-fingerprint-files-exposed-in-unsecured-database-research-finds/

Marriott

When? March 2020

How? Hackers accessing Marriott staff accounts

What? Marriott, one of the world’s leading hotel chains, fell victim to a breach in March 2020 which impacted more than 5 million hotel guests. Hackers accessed a range of customer information via two accounts belonging to Marriott staff. Personally identifiable information such as names, gender, phone numbers and loyalty scheme details were accessed.

Source: https://techcrunch.com/2020/03/31/marriott-hotels-breached-again/

Nintendo

When? April 2020

How? It's not entirely clear how the breach happened. but Nintendo have said that hackers got access to customer accounts by obtaining account passwords “by some means other than our company’s service".

What? Some hackers seem to be gamers, too! In April, gaming company Nintendo announced that the details of around 160,000 users had been compromised through an account hijacking scheme. The affected customers claimed their accounts were being used to by the virtual currency for Fortnite and other games.

Source: https://www.bbc.co.uk/news/technology-52369435

US Small Business Administration (SBA)

When? April 2020

How? The website portal through which people could apply for loans was compromised, leading the SBA to disable and relaunch the portal.

What? Hackers have even seized the Covid-19 pandemic as an opportunity to get their hands on data. In April, the US Small Business Administration (SBA) announced that around 8,000 people who had applied for emergency business loans due to the pandemic had had their data breached. The online loan application portal included personal information such as social security numbers, home addresses, email addresses, dates of birth and citizen status; information that lends itself perfectly to identity theft.

Source: https://www.forbes.com/sites/quickerbettertech/2020/04/26/the-sba-suffers-a-data-breach-congress-gets-zoom-bombedand-other-small-business-tech-news/#5a1b576136e5

easyJet

When? May 2020

How? At the time, easyJet said it was the victim of a "highly-sophisticated cyber attack" but didn't provide further details.

What? When financial details are compromised, breaches take a more sinister turn. In May of this year, easyJet revealed that the details of 9 million customers had been infiltrated, including more than 2,000 credit card records. The breach was so severe that easyJet had an £18 billion class-action lawsuit filed against them.

Source: https://www.bbc.co.uk/news/technology-52722626

How can you protect your data?

Endpoints are end user devices like laptops, mobiles and desktop computers which serve as an access or entry point to your enterprise network. Malicious threats can enter your network through unsecured endpoints.

The shift to a cloud-first model which incorporates mobile working and 'bring your own device' (BYOD) culture is adding to endpoint vulnerability and creating more opportunities for networks to be targeted, compounded by the fact that many of us are now working remotely and using unsecured WiFi to get online. What this means, is network protection is no longer enough. Today, organisations need to control, manage and monitor all their endpoints to defend against a data breach.

If networks or endpoints are compromised (which at some point, they will be) either through external attack, internal accidents (USB sticks etc) or deliberate acts from disgruntled employees – there are things you can have in place to make sure you retain control of the data and information.

Identity management is key to ensuring only the right people can access data.  2FA/Multi factoring authentication is critical to prevent impersonation and password breaches – in short, they are who they say they are.

Tools like content rights management ensure that data is always under your control and access granted in ‘real time’.  Access to data is only given where an (authenticated) person has permissions to specific data – at the time.

Privileged access management ensures even admin type roles only have access to preform specific duties and for only as long as is essential to perform them.

Core's integrated approach to security protects both your networks and data. You can protect your entire Microsoft Office 365 environment, protect against the latest online threats and secure mobile devices against leaks, as well as making sure you have the right access management in place so that only authorised people can access your systems.

If you're ready to take a fresh look at your security strategy, the best place to start is with a Security Discovery Session with our Client Solutions Director. Right now, we're offering this 2-hour call for free, so you can get started on your security journey and put the tools in place to protect your network while businesses continue to work remotely. Click the link below to book your free session, see our security services here or contact us to chat about our security offerings.