Technology is undoubtedly the pinnacle of the modern world. Everything has been made easier through the use of technological advancements that simplify our lives. The technological breakthrough that had the biggest influence on our lives is the Internet. While the first practical prototype for the Internet appeared in the late 1960s, it wasn’t until 1983 that researchers began to put together the network of networks, which came to be the modern Internet. Since then, this technology became more and more present in our lives, simplifying nearly all of our daily tasks.
Yet, as a wise man once said, with great power comes great responsibility as well.
Cyberattacks make the first page of the news at least once a year, as the world becomes more and more connected through technology. One by one, some of the biggest companies in the world suffered a cybersecurity breach or were victims of a cyberattack. In today’s article, we are going to take a look at some of the most notorious cyberattacks that happened since the start of the millennium to see what we can learn about online security from the companies that were at risk.
Target had a target on its back
Target is the go-to shopping place for millions of customers and is the second-largest discount retail chain in the US. The company fell victim to a huge cybersecurity attack back in 2013, when data from 110 million customers was accessed by hackers. 40 million customers had their banking data stolen, and 70 million more had their personal data exposed.
Target was not the one to discover the attack. Instead, the American secret services contacted the brand to tell them of abnormal bank movements that were detected. The group of hackers were based in Eastern Europe and managed to install malware in cash registers, to be able to read information from credit card terminals. This is called RAM scraping and, once the data was collected, the hackers sold it on the black market.
Sony had to go through it twice
If you are a fan of console games, you probably already heard of the attack that Sony’s PlayStation Network had to go through in 2011. The company’s multiplayer gaming service was responsible for protecting the data of over 77 million users, but failed to do so when hackers took advantage of a network vulnerability at Sony. Some say the company knew about this vulnerability and chose to ignore it, putting the personal data and banking information of millions of users at risk. Sony had to pay over $15 million in compensation and a few extra millions in legal fees. Still, this was not the only time the company was targeted.
In 2014, Sony Pictures Entertainment, another subsidiary of Sony, fell victim to a computer worm. The hackers, who went by the name of Guardians of Peace, stole no less than 100 terabytes of data. This included movie scrips and plenty of confidential information, such as employee data and emails. This led to Amy Pascal, who was a producer and business executive at Sony, being removed from her position due to what was discovered in her emails. Once again, experts believe that Sony could have prevented, as a security system audit conducted a few months before the incident revealed significant issues with the infrastructure.
Premera Blue Cross got a huge HIPAA fine
In September last year, Premera Blue Cross, a health insurance company based in Washington, was fined no less than $6.85 million for violating the HIPPA act. This fine came after a 2014 breach that affected over 10 million customers, disclosing personal data such as names, dates of birth, addresses, social security numbers, and bank account information. This is the second-largest HIPAA fine issued by now.
Experts believe the pandemic managed to shift hackers’ focus towards healthcare and government agencies, as more and more of these institutions have been the victims of malicious attacks. One example is the recent Oxford University attack, which happened in February 2021. Hackers attacked the Structural Biology division of the Oxford University Lab, which was responsible for researching the virus and screening candidates for vaccinations.
Yahoo seems to be the hacker’s favorite
Another company that was targeted by hackers on several occasions is Yahoo!, the popular email provider. In 2013, the company had more than 3 billion active accounts, and every single one of them got compromised, which came to be the biggest data breach in history. This is the worst scenario possible, as hackers managed to gather email addresses, names, dates of birth, as well as security questions and answers, and sell it to cybercriminals.
Still, the most damaging part was not the attack itself but the company’s response to it. Yahoo! did not report the breach until 3 years later, in 2016, and it initially reported that only 1 billion accounts were affected. The breach was not even discovered until 2014 when Yahoo! was conducting an investigation on another attack. The media slammed the company for its actions on multiple occasions.
Equifax didn’t get away easy
Equifax is known as one of the biggest credit bureaus in the United States. In 2017, the company revealed that it had suffered a cyberattack over the course of several months. The attack managed to expose the personal data of over 147 million customers, including names, birth dates, social security numbers, and drivers’ license numbers, as well as credit card data from 209,000 customers.
The vulnerability that hackers exploited was well-known, which prompted many to believe Equifax did not do its due diligence to protect its customers from potential data breaches. The fact that many executives decided to sell stocks just days before the attack was made public led to more discussion and did not help the company’s reputation at all.
As technology becomes more widely available, cyberattacks will continue to happen. While these attacks can’t be prevented, what matters most is that individuals and businesses alike do their due diligence to protect themselves against hackers and threats.
0 Comments