Shocking Lessons from these data breaches

When talking about cybersecurity, people usually think about fancy hacking techniques, security flaw hunting, smart CVE exploiting, firewall bypassing, system infiltrating and many many cinematic scenarios, mostly inspired by many movies.

In reality, majority of hacking happened in a way that were not awesome like that. Set Phishing tactics aside, where at least, hackers abuses psychology weaknesses to trick victims to download malware or reveal their OTP codes, there is another reason that can suprise you when you see it.

Here we list some data breaches with its reasons that can be confirmed via news, mostly occurred in 2023 with similar patterns. You can read through this table and see how system can be hacked in a surprising way. Before reading through, here is some keywords and its meaning in this context:

  • Ransomware: a malware that encrypts all files in compromised computer and asks for ransom to decrypt. This malware does not automatically jump into a computer, it usually is downloaded and run by victims themself after getting tricked by a phishing emails or a fake website.
  • Misconfiguration: is when a developer unintentionally exposes doors for anyone can access the system.
  • Social Engineering: something like: guessing passwords based on personality and level of security awareness, impersonate IT supports, relatives, friends or family members to collect private information, etc
  • Unknown: Victims did not disclose information at the time publishing this post, but it happened in the same period of time, so I doubt these also go with similar reasons.
CompanyDomainBreached DataMoneyReason
iRentcar rental– millions of partial credit card numbers
– at least 100,000 customer identification documents
N/Athe database has no password
Yes MadamSalon platform– customers’ location data
– user device details,
– IMEI numbers of ~900,000 users
N/Athe database has no password
PeopleGrovesocial platform for higher education institutions and alumni networks– gigabytes of personal information: email addresses, phone numbers, addresses, details of university achievements and scores, and resumes containing detailed work histories and employment detailsN/Athe database has no password
Proskauer Roseinternational law– private and privileged financial and legal documents, contracts, non-disclosure agreements, financial deals and files relating to high-profile acquisitions.N/Amisconfiguration
AvidXchangeautomate invoice processing and payment management processes– employee payroll information
– corporate bank account numbers.
N/Aeasily guessable passwords
ToyotaManufacture– data of 2 millions customersN/Amisconfiguration
FerrariSupercar Manufacturer– 7GB of documents, data sheets and repair manuals.N/ARansomware
LogicMonitornetwork security– data of a small number customersN/Ause of default password
MicrosoftAI– accidentally exposed tens of terabytes of sensitive data, including private keys and passwordsN/Apublishing a storage bucket of open source training data on GitHub.
Tesla– 75,000 company employees personal informationN/Atwo former employees leaked
MicrosoftEmail– a key that allowed to stealthily break into dozens of email inboxes, including those belonging to several federal government agencies.N/AUnknown
Crema FinanceCrypto$9 million in cryptocurrencyethical hacker turning rogue
Taiwan Semiconductor ManufacturingChipMaker$70 million ransom demandLeaked setup information
RedditSocial Network– 80+ gigabytes of compressed dataN/A“highly-targeted” phishing attack
T-MobileTelecom– personal data belonging to 37+ million customers.N/Asocial engineering +
SIM swap
MailChimpEmail– 400+ accounts mostly of cryptocurrency and finance-related accountsN/Asocial engineering
OktaIdentity– 134 organizations dataN/Astolen credentials
TruepillPharmacy Fulfillment– 2.3+ million patients personal dataN/Apoor security design
NextGen Healthcareelectronic health record software– 1.05 million patients personal dataN/ARansomware
Maternal & Family Health ServicesHealthcare– 461,070 personal data of patients, employees and vendorsN/ARansomware
23AndMeGenetic testing– 6.9 million user data recordsN/AUnknown
McLaren Health CareHealthcare– 2.2 million patients sensitive personal and health informationN/ARansomware
HCA HealthcareHealthcare– 11 million patients’ dataN/AUnknown
SabreTravel booking– 1.3 terabytes of data on ticket sales, passenger turnover, employees’ personal data, corporate financial information.N/ARansomware
MGM ResortsHotel & Casino– unspecified amount of customers’ personal information
– ATM shut down
– Website offline
~ $100 millionRansomware
Caesars EntertainmentHotel & CasinoN/A$30 million demandedRansomware
Motel OneHotel– 50 credit cards dataN/ARansomware
RadissonHotelN/AN/ARansomware
Euler FinanceFinanceN/A~ $197 million in crypto theft
– 1.3M USD gone
“in a flurry of transactions”
MixinCryptoN/A~ $200 million stolenUnknown
Mom’s MealsFood– 1.2+ million individuals dataN/ARansomware
NationBenefitssupplementary benefits– 7,100+ residents personal dataN/ARansomware
Yum Brandsfast-food chains~ 300 UK restaurants dataN/AUnknown
Forever 21Clothing500.000+ individuals dataN/ARansomware
ByjuedtechN/AN/Amisconfiguration
JumpCloudAccess managementa “small and specific” set of customers.N/AUnknown
Dishsatellite television – 300,000 personal informationN/AUnknown
SchoolDudeorder management system– 3M SchoolDude user accountsN/AUnknown
ShadowGame– 530,000 customers dataN/Asocial engineering
BoeingAerospaceN/AN/ARansomware
National Aerospace LaboratoriesAerospace– eight purportedly stolen documents ( confidential letters, an employee’s passport internal documents)N/ARansomware
Zhefenglee-commerce– millions of Chinese citizen identity numbers
from 3.3 million orders
N/AUnknown
A network of knockoff apparel storesStore– 330,000 credit card numbers, cardholder names, and full billing addressesN/AUnknown
ODIN IntelligenceApplications for policesLeaked files reveal tactical plans for police raids, surveillance and facial recognitionN/AUnknown
LastPassPassword managercustomers’ encrypted password vaultsN/AUnknown
British LibraryLibrary– website offline
~490,000 user data
N/ARansomware
2023 security incidents sample

Leave a Reply