Data breaches have seen a steady increase in 2020 as opposed to 2019. Many notable data breaches took place, and they continue to increase in number. Health care sectors, especially, have seen a spike as hackers have been using the stress and chaos of the COVID-19 pandemic to infiltrate their systems. More accurately, there were 600 data breaches in the healthcare sector, showing a 55% spike as opposed to 2019. Read our blog on how data breaches continue to target the healthcare sector to know more.
Furthermore, there were 2,935 publicly reported breaches in the first three quarters of 2020, with the three months of the third quarter adding 8.3 billion records to what was already commonly referred to as the worst year on record.
Here we have compiled a list of 5 of the largest and most notable data breaches in 2020.
1. Easyjet Data Breach
In May 2020, a highly sophisticated cyberattack breached Easyjets’ security barriers. This compromised the data of 9 million customers. The data that was accessed in the breach included travel details, email addresses and complete credit card details of 2,208 customers. These breaches can severely disrupt clients’ privacy and security as well as ruin the reputation of a company. Additionally, because customer credit card information was leaked, this cyber-attack exposes Easyjet’s breach of the General Data Protection Regulation, which could result in a fine of up to 4% of its global annual turnover.
2.Zoom Data Breach
In April 2020, when Zoom Video Communications were nearing their pandemic peak of signups, hackers breached 500,000 accounts. The hackers were said to have either sold or freely published their personal data on the dark web. They initially scouted through the dark web databases to find previously compromised login credentials dating back to as far as 2013. Because passwords are usually recycled, this gave them instant access to several active Zoom accounts. Then, a series of further attacks were launched to compromise the remaining accounts. Recipients of compromised Zoom accounts were able to log into live streaming meetings leaving them unaware of the reality of their situation.
3.Magellan Health Ransomware Attack
Magellan Health, a Fortune 500 company, in April 2020 was a victim of a sophisticated ransomware attack. Over 365,000 patient records were breached. First, the hackers breached employee login information through malware that was installed internally. Then, they posed as a Magellan client in a phishing attack. Soon the hackers gained access to a single corporate server and implemented their ransomware. The data breach, unfortunately, included patient social security numbers, W-2 information and employee ID numbers. Implementing software solutions such as SecurityShield protects your sensitive data before it becomes a target, by continuously scanning servers or endpoints to search for flaws in software design. It discovers vulnerabilities, assesses their impact, classifies them, identifies risks they pose, and then generates a prioritized risk response remediation plan to fix them.
More precisely, SecurityShield helps to:
- Spot missing patches, errors and weaknesses in system configuration settings and general deviations from policy
- Map risks to non-compliance of regulatory controls like Health Insurance Portability and Accountability Act (HIPAA) or Payment Card Industry (PCI)
- Scan for more than 35,000 vulnerabilities and conduct nearly 100,000 checks across your networks
- Auto-discover and scan any IT assets
- Automate real-time continuous monitoring of IT assets
- Automate mapping of vulnerabilities to control frameworks
- Leverage big data analytics and machine learning for better organizational security
- Significantly lower cost of ownership in months
Additionally, BreachShield provides comprehensive dark web monitoring and risk response guidance. Therefore, implementing these software solutions are important to maintaining an organization’s security.
Antheus Tecnologia is a Brazilian biometrics company specializing in the development of Fingerprint Identification Systems (AFIS). In March 2020, the company suffered a breach to its server which could potentially expose 76,000 unique fingerprint records. The data that was accessed consisted of 2.3 million data points which could be reverse-engineered to recreate each original fingerprint. Additionally, 81.5 million records were accessed, consisting of email addresses, employee telephone numbers and administrator login information.
5.CAM4 Data Breach
In March 2020, CAM4, an adult video streaming website had its server breached. Over 10 billion records were breached. The records included sensitive information such as full names, email addresses, sexual orientation, chat transcripts, email correspondence transcripts, password hashes, IP addresses and payment logs. Most of the exposed email addresses were linked to cloud storage services. If the hackers were to launch successful phishing attacks on these users, they could gain deeper access to personal photos and business information. Additionally, compromised users could fall victim to blackmail and defamation attempts due to the nature of the website and the sensitive information that was breached.
Another notable breach in 2020 was the SolarWinds supply chain breach in March 2020. Read our blogs to know more about us, or follow us on Twitter and LinkedIn for some insightful updates and information.