Data breaches of 2021: Biggest Cybersecurity distortions
The number of cybersecurity breaches exceeded previous records during pandemic times. As more people spent time online, some got the first-hand experience of a breach. According to stats, the third quarterly data compromise exceeded the total number of violations in half-year. Twenty-six actual instances were recorded for cloud database vulnerability.
281.5 million people were affected within the first nine months of 2021. The year before that, there were 310.11 million victims of identity theft. According to the Identity Theft Resource Center (ITRC), attack vectors shifted from individual data exposure to cloud databases.
Additional 13 million people’s data was compromised in other cybersecurity distortions.
More than 100 million Android users’ data was compromised in May due to misconfiguration on third-party cloud services. Users’ data includes messages, emails, locations, passwords, photos, contacts etc.
Those were taken by malicious actors and can be used for fraud or identity thefts. Check Point Research (CPR) examined 23 android applications and found the vulnerability.
In August, vpnMentors research discovered OneMoreLeads private data storage system was vulnerable and open to intruders. OneMoreLeads is a B2B marketing company that stores at least 63 million Americans data.
It was found that anyone with a web browser could access those data. It includes the email, usernames and workplace information of those people. There are also .gov and new York police email addresses within the database. These data have the ability to trace higher government officials and law enforcers’ identities. vpnMentors said this kind of breach could cause a loss of trust in the government.
The LinkedIn vulnerability exposed more than 700 million users’ data. It’s about 93 per cent of the members, and the data was on an online sale. According to inspection, the data appears relatively recent.
Though it did not have login credentials or financial information attached, such recent personal data can be used to track down users. Full names, physical and email addresses, phone numbers, location, LinkedIn URLs, genders, and other sensitive information were present. The scary part is, those data are still current on the dark web.
T-Mobile suffered a breach on 18 March where millions of customer data were compromised. Data includes social security numbers (SSN), government identification, drivers licensed, T-Mobile PINS and other addresses that can quickly pinpoint a user.
The breach exposed about 47.8 million users’ data. According to T-Mobile, malicious actors took advantage of their technical system and used specialised tools to execute the server entrance.
T-Mobile and McAfee are providing affected users with two years of personalised identity protection services along with McAfee’s ID Theft Protection Services for free.
Comparitech reported Cognyte’s 5 billion users leaked database, which was collected from previous data incidents. Initial records found includes users registered names, email addresses, passwords, data source, etc. ElasticSearch also reported on the information cluster as the database was exposed for four days. It contained 5,085,132,102 records of users.
Facebook 553 million accounts leak was one of the biggest news related to cybersecurity. It included Facebook information of 106 counties users. Among which 32 million belonged to US users and 6 million in the UK.
Park Mobile was exposed in a security breach that affected 21 million users. The company first noticed the difference when a vulnerability in third-party software had some issues. It exposed licenses plate numbers, phone numbers, email addresses, nicknames, etc.
We also have ClearVoiceResearch exposed 15.7 million user data, Jefit with 9.05 million, RobinHood with 7 million users data exposed.
US Cellular, GoDaddy, Rapid7, Dream Host, Colonial Pipeline were also some of the notable breaches of 2021. Few of them were covered here at Tech News Hub. At the start of 2022, make sure to do security checkups on your credentials.