Home Editor's Picks Five of the Worst Cybersecurity Breaches of 2018

Five of the Worst Cybersecurity Breaches of 2018

Five of the Worst Cybersecurity Breaches of 2018
0
Get started on your cybersecurity degree at American Military University.

By Marissa Bergen 
Contributor, InCyberDefense

Despite our increasing awareness of how to protect against malicious software and actors, we still find our online security severely compromised by hackers just waiting to attack our vulnerability. Despite an overall reduction in cybercrime, there are been notable hacking incidents during 2018.

Pakistant Bank Cards Theft: We recently learned of a cybercrime of epic proportions when personal information on more than 19,000 credit card was stolen from 22 Pakistani banks.

Russian Grid Hacking: In 2017, suspicions began to grow that Russian hackers might be infiltrating U.S. power companies. This year, Russia’s involvement in these actions was publicly acknowledged as the U.S. government openly linked the NotPetya malware to Russia in February and then blamed the Russians for grid hacking in March. These accusations are proving to be a valuable step in providing the government and private sectors with information on how to best respond to cyberattacks.

U.S. Universities: In March, nine Iranian hackers were indicted for a series of attacks on more than 300 universities in the United States and abroad. The attackers used spear-phishing emails to trick professors and other university staff members into clicking on malicious email links and entering credentials that would allow the hackers to steal an estimated $3 billion worth of intellectual property. After some investigation, it was determined that the hackers had ties to Iran’s Islamic Revolutionary Guard Corps and that the crime may have been in response to the strained relations between the United States and Iran.

Rampant Data Exposures: When data is improperly stored and defended so it is exposed on the Internet, anyone who comes across it can access the data. This often happens when iCloud users misconfigure a database or other storage mechanism so that no authentication is required to access the data. This year, a data exposure case occurred when the marketing and data aggregation firm Exactis left about 340 million records exposed on a publicly accessible server. These records contained two terabytes of very personal information regarding hundreds of millions of U.S. adults. The problem was discovered and corrected, but Exactis is now facing a class action lawsuit as a result of the company’s alleged carelessness.

Under Armour: In late February, the Under Armour MyFitnessPal app was breached, compromising the usernames, email addresses, and passwords of about 150 million subscribers. The company discovered the hack and apparently had done a good enough job with its data protection so that the hackers were unable to access valuable information like credit card numbers, birth dates, and users’ locations. While a larger crisis was averted, the Under Armour case is a painful reminder of how unreliable corporate networks can be when it comes to cybersecurity.

Cybercrime awareness is a theme that is constantly promoted and there have been noticeable improvements during the year. However, cybercrimes like those cited are proof that they continue to be an ongoing problem and that no one is truly safe. Nevertheless, we must do our best to make sure our sensitive information is being safely stored online.

About the Author

Marissa Bergen is a freelance writer from Brooklyn, New York. Passionate about everything from fashion to technology, her writing experience has increased her awareness of digital marketing, cybersecurity and the ever-expanding World Wide Web. She now lives in Los Angeles with her husband and two children. Google her to find out more about her writing and her other life as a bass player in her family band, The CheeseBergens.

 

 

Comments

comments