Data breaches have seen a steady increase in 2020 as opposed to 2019. Many notable data breaches took place, and they continue to increase in number. Healthcare sectors, especially, have seen a spike as hackers have been using the stress and chaos of the COVID-19 pandemic to infiltrate their systems.
More accurately, there were 600 data breaches in the healthcare sector, showing a 55% spike as opposed to 2019.
Read our blog on how data breaches continue to target the healthcare sector to know more.
Furthermore, there were 2,935 publicly reported breaches in the first three quarters of 2020, with the three months of the third quarter adding 8.3 billion records to what was already commonly referred to as the worst year on record.
Here we have compiled a list of 5 of the largest and most notable data breaches in 2020.
In May 2020, a highly sophisticated cyberattack breached Easyjets’ security barriers. This compromised the data of 9 million customers. The data that was accessed in the breach included travel details, email addresses, and complete credit card details of 2,208 customers. These breaches can severely disrupt clients’ privacy and security as well as ruin the reputation of a company. Additionally, because customer credit card information was leaked, this cyber-attack exposes Easyjet’s breach of the General Data Protection Regulation, which could result in a fine of up to 4% of its global annual turnover.
In April 2020, when Zoom Video Communications were nearing its pandemic peak of signups, hackers breached 500,000 accounts. The hackers were said to have either sold or freely published their personal data on the dark web. They initially scouted through the dark web databases to find previously compromised login credentials dating back to as far as 2013. Because passwords are usually recycled, this gave them instant access to several active Zoom accounts. Then, a series of further attacks were launched to compromise the remaining accounts. Recipients of compromised Zoom accounts were able to log into live-streaming meetings leaving them unaware of the reality of their situation.
Magellan Health, a Fortune 500 company, in April 2020 was a victim of a sophisticated ransomware attack. Over 365,000 patient records were breached. First, the hackers breached employee login information through malware that was installed internally. Then, they posed as a Magellan client in a phishing attack. Soon the hackers gained access to a single corporate server and implemented their ransomware.
The data breach, unfortunately, included patient social security numbers, W-2 information, and employee ID numbers. Implementing software solutions such as SecurityShield protects your sensitive data before it becomes a target, by continuously scanning servers or endpoints to search for flaws in software design. It discovers vulnerabilities, assesses their impact, classifies them, identifies risks they pose, and then generates a prioritized risk response remediation plan to fix them.
More precisely, SecurityShield helps to:
Additionally, SecurityShield-DWS provides comprehensive dark web monitoring and risk response guidance. Therefore, implementing these software solutions is important to maintaining an organization’s security.
Antheus Tecnologia is a Brazilian biometrics company specializing in the development of Fingerprint Identification Systems (AFIS). In March 2020, the company suffered a breach of its server which could potentially expose 76,000 unique fingerprint records. The data that was accessed consisted of 2.3 million data points which could be reverse-engineered to recreate each original fingerprint. Additionally, 81.5 million records were accessed, consisting of email addresses, employee telephone numbers, and administrator login information.
In March 2020, CAM4, an adult video streaming website had its server breached. Over 10 billion records were breached. The records included sensitive information such as full names, email addresses, sexual orientation, chat transcripts, email correspondence transcripts, password hashes, IP addresses, and payment logs. Most of the exposed email addresses were linked to cloud storage services. If the hackers were to launch successful phishing attacks on these users, they could gain deeper access to personal photos and business information. Additionally, compromised users could fall victim to blackmail and defamation attempts due to the nature of the website and the sensitive information that was breached.
Another notable breach in 2020 was the SolarWinds supply chain breach in March 2020. Read our cybersecurity blogs to know more about us, or follow us on Twitter and LinkedIn for some insightful updates and information.