Thousands of new cybersecurity incidents have been recorded in 2021-although cryptocurrency theft and data loss are now commonplace, this year was cited by several high-profile incidents involving ransomware, supply chain attacks, and the exploitation of critical vulnerabilities Attention.
The Identity Theft Research Center (ITRC) reports that 17% Compared with 2020, the number of data breaches recorded in 2021 has decreased. However, the deep-rooted lack of transparency surrounding the disclosure of security incidents still exists-so this may be a low-ball estimate.
According to IBM, average cost The loss from the data breach has now exceeded US$4 million, and Mimecast estimates that the average ransomware demand levied on US companies is good Over US$6 million. This world record The maximum amount of compensation paid by insurance companies this year is US$40 million.
continue reading: According to cybercriminals, this is the perfect ransomware victim | During the COVID-19 pandemic, the cost of corporate data breaches hit a record high |
Experts warn that security issues may persist for many years With the recent emergence and rapid exploitation of Log4j vulnerabilities. This also applies to data breaches, breaches and thefts, and the number of such incidents is unlikely to decrease in the near future.
The following are the most high-profile security incidents, cyber attacks, and data breaches in 2021.
January:
- Live currency: After a suspected hack in December, the cryptocurrency exchange Livecoin came under fire Its door closed It withdrew from the market in January. The Russian Trade Post claims that threat actors can break in and tamper with the exchange rate value of cryptocurrencies, resulting in irreparable economic losses.
- Microsoft Exchange Server: The most harmful one Cybersecurity incident This year was a widespread intrusion of Microsoft Exchange servers caused by a group of zero-day vulnerabilities collectively known as ProxyLogon. The Redmond giant was aware of these deficiencies in January and issued emergency patches in March; however, the Hafnium state-backed threat group also joined other people’s efforts months after attacking unpatched systems. Ranks. It is believed that tens of thousands of organizations have been compromised.
- Meet mindfulness: The above data 2 million users According to reports, part of the dating app was stolen and leaked by hacker groups. The leaked information included everything from full names to Facebook account tokens.
February:
- Sita: According to SITA, a global aviation service IT provider Safety incident Acts involving SITA’s passenger service system servers resulted in the exposure of personally identifiable information belonging to airline passengers. Then, airlines involved in the data breach need to contact their customers.
- Air traffic service system: One Ransomware attack The payment processor ATFS forced multiple cities in the United States to send notifications of data breaches. Cuba, the cybercriminal organization that claims to be responsible for this, claimed to have stolen extensive financial information on its leaked website.
Marching:
- Analog broadcasting: because Solar wind In the supply chain attack disclosed in December 2020, Mimecast discovered that it was the recipient of a malware update that compromised the company’s systems. Mimecast says Its production grid environment was destroyed, resulting in the exposure and theft of the source code repository. In addition, the certificate issued by Mimecast and some client-server connection data sets are also captured.
- Tether: Tether faces ransom requests from cyber attackers who threaten to leak files online, which will “damage the Bitcoin ecosystem”.Blockchain organizations turn a deaf ear to the demand for approximately $24 million or 500 Bitcoin (BTC) refuse to pay.
- Central Finance: Employees of CNA Financial could not access company resources and were locked out after the following situations occurred Ransomware attack It also involves the theft of company data. According to reports, the company paid a ransom of US$40 million.
April:
- Facebook: Data dump of information belonging to over 550 million Facebook users Published online. Facebook ID, name, date of birth, gender, location, and relationship status are all included in the logs. Facebook (now called Meta) stated that these logs were collected through crawling in 2019.
possible:
- Colonial pipeline: If there is an example of how a cyber attack affects the physical world, the cyber attack experienced by Colonial Pipeline is it.The fuel pipeline operator was attacked by ransomware, courtesy Dark side, Resulting in fuel supply disruptions and panic purchases across the United States. The company paid the ransom, but the damage has been done.
- Near tail: Japanese dating app says Unauthorized entry This may result in the exposure of data belonging to 1.7 million users.
June:
- Volkswagen, Audi: automobile manufacturer Data breach disclosed Affected more than 3.3 million customers and some potential buyers, most of which are located in the United States. Someone accused the relevant supplier of the violation, and it is believed that the supplier was responsible for disclosing the data in an unsafe manner “at a certain point in time” between August 2019 and May 2021.
- JBS America: International meat packaging giant suffered heavy losses Ransomware attack, Attributed to the REvil ransomware organization, which had a catastrophic impact on operations, so that the company chose to pay a ransom of $11 million in exchange for a decryption key to restore access to its system.
July:
- University of California San Diego Health:University of California San Diego Health Talk Employee email account Being destroyed by threat actors leads to a wider range of incidents, in which data on patients, students, and employees may include medical records, claim information, prescriptions, treatments, social security numbers, etc.
- Guntrader.uk: The UK’s shotgun, rifle and shooting equipment trading website stated that the records of approximately 100,000 gun owners, including their names and addresses, have been Publish onlineSince the United Kingdom strictly controls the possession and supply of guns, the leak caused serious privacy and personal safety issues.
- Casea: Vulnerabilities in the platform developed by IT service provider Kaseya Be exploited In order to reach an estimated 800-1500 customers, including MSP.
August:
- T mobile: T-Mobile has experienced another Data breach In August. According to reports, The customer’s name, address, social security number, driver’s license, IMEI and IMSI numbers, and ID information were leaked. Approximately 50 million current and potential customers may be affected. A 21-year-old man was responsible for the hacker attack and claimed to have stolen approximately 106GB of data from the telecommunications giant.
- Poly Network: Blockchain organization Poly Networks has published an Ethereum Smart contract hacker Used to steal more than 600 million U.S. dollars in various cryptocurrencies.
- liquid: Exceed US$97 million The cryptocurrency was stolen from a Japanese cryptocurrency exchange.
September:
- Butter Finance: Decentralized Finance (DeFi) organization Cream Finance reports losses $34 million After the vulnerability in the project market system was exploited.
- AP-HP: The public hospital system AP-HP in Paris, Was targeted Launched by a cyber attacker who managed to steal the PII of individuals who were tested for COVID-19 in 2020.
- Debt-IN consultant: South African debt recovery company said that cyber attacks caused “major” incident impact Customers and employees information. PII, including name, contact information, salary and employment records, and debts owed, are all suspected of being involved.
October:
- Coin library: Coinbase sent a letter to roughly 6,000 users After detecting “third party activities to unauthorized access to Coinbase customer accounts and transfer of customer funds from the Coinbase platform”. The cryptocurrency is acquired without the permission of some user accounts.
- Neiman Marcus: In October, Neiman Marcus disclosed the data breach that occurred in May 2020.Invasion only September 2021 Includes exposure and potential theft of more than 3.1 million payment cards belonging to customers, although most are considered invalid or expired.
- Argentina: A hacker claimed to have undermined the Argentine government National Personnel Registry, Thereby stealing the data of 45 million residents. The government denied the report.
November:
- Matsushita: The Japanese tech giant revealed a cyber attack happened at -The data breach occurred from June 22 to November 3 and was discovered on November 11-and admitted that the information had been accessed on the file server.
- Squid game: The value of a cryptocurrency operator that was surprised by the popularity of the Netflix show “Game of Squid” (although not officially associated) SQUID token In what seems to be an exit scam. The value plummeted from a peak of US$2,850 to US$0.003028 overnight, causing investors to lose millions of dollars. The anti-dumping mechanism ensures that investors cannot sell their tokens-and can only watch the value of the tokens destroyed in horror.
- Robin Hood: Robin Hood Disclosure Data breach Approximately 5 million users affecting trading applications. Access email addresses, names, phone numbers, etc. through the customer support system.
December:
- Bitmart: In December, Bitmart said Security breach Cyber attackers are allowed to steal about 150 million U.S. dollars in cryptocurrency and cause a total loss of 200 million U.S. dollars including damage.
- Log 4j: One Zero-day vulnerability In the Log4j Java library, remote code execution (RCE) flaws are now being widely exploited.The error is called Log4Shell And is now being weaponized by botnets, including Mirai.
- Kronos: Kronos, a human resources platform, Be a victim Ransomware attack. Some users of the Kronos private cloud are now facing outages that can last for several weeks-and just before Christmas.
Previous and related reports
Are there any hints? Secure contact via WhatsApp | Signal at +447713 025 499 or via Keybase: charlie0
