Managed WAF

Starts at $99

Guided onboarding, monitoring of latency, false positives, and DDoS attacks, custom rules, and more

Try Free For 14 Days

Data Breach Roundup: Major Incidences in May, June, and July

Posted DateSeptember 7, 2015
Posted Time 4   min Read

From large to relatively smaller organizations, data breaches again proved that security architecture is lackluster. More than 100 million people were affected in these breaches and still, there was little media attention that would have made businesses at large think of their security. Indusface brings you a brief compilation report of high profile breaches that companies should know about.

May Data Breaches

Data Breach Roundup in May

 

Indian Music Streaming Service

Although the data breach was revealed late in the month of May, most had no clue about what it was and how it affected the users and the organization. This leading online music portal in India was hacked through SQL Injection by a foreign hacker exposing details of more than 10 million users at a time. The hacker claimed that his intentions were not to sell this information, which could have easily fetched him thousands of dollars in the underground market.

Take a look at the underground rates for similar pieces of information in our post: Hackers make $193 per Credential Globally through Database Breaches

And here’s how it could have been prevented: All You Need to Know About SQL Injection

World Trade Organization (WTO)

Records of more than 53, 000 WTO officials were leaked in this shocking breach. It was revealed that names, phone numbers, email addresses, titles, login credentials, and other sensitive details were compromised by hackers targeting organization officials in Brazil, China, France, India, Indonesia, Pakistan, Russia, Santo Domingo, Saudi Arabia, Sri Lanka, and the United States.

Indian Taxi Service Provider

One of the leading online taxi service providers, which caters to more than 1 million passengers monthly, was accused of exposing customer data and credit card information. An internet security expert warned that the website and mobile application lacked authentication and encryption. A large part of the problem was cited in development techniques, which failed to lock mobile and web applications.

Here’s how they could have secured applications: 3 Must-Have Web Application Testing Features

June Data Breaches

Data Breach Roundup in June

 

iiNET

Things got serious for this leading Australian internet service provider when account information for 30,000 customers was being sold anonymously on social networking websites. What’s worse than iiNet had no idea about the data breach. Later, the company’s Chief Information Officer (CIO) stated that 30,827 customers were individually contacted and instructed to change their passwords to minimize repercussions.

OPM.GOV

The United States Office of Personnel Management was much talked about the incidence. In June, OPM internet security experts realized that their system had been compromised that allegedly stored information of around 4 million Americans. However, later in July, the FBI and DHS also joined the ongoing investigation and revealed that more than 32 million individuals might have been affected through the breach.

Japan National Pension System

Wall Street Journal had reported that approximately 1 million people were affected when the Japanese government’s universal pension system. Investigation revealed that an email virus corrupted two computers that transmitted data to hackers for days. In fact, a total of 27 computers were found to be infected by this virus.

July Breaches

Data Breach Roundup in July

 

Ashleymadison.Com

This is possibly the most talked about the data breach in the list exposing personal information on 37 million users. Ashley Madison is an online dating service for married individuals, which promotes extramarital affairs. The hackers are said to infiltrate into the website’s database for moral reasons and wanted the owners to shut down their service and threatened to publish the personal records.

Medical Informatics Engineering (MIE)

This US-based healthcare technology company with more than 50 centers still has no ideas about the breach beyond a figure. They know that 1.5 million records were compromised earlier in May, an attempt that stretched until July. In fact, a similar attempt was also uncovered on the UCLA Health System, where the breach affected 4.5 million users.

Trump Hotel Collection

While most of the other hacking attempts where are stealing information, Trump Hotel incidence was right down to the money. Earlier in July, hotel authorities reported a series of fraudulent credit card and debit card transactions across multiple locations. Los Angeles, New York, Miami, Honolulu, Chicago, and Miami were the most affected locations. The hotel chain is yet to reveal any other substantial information on the severity and amount of money lost due to these transactions.

Make sure that your website or mobile application is free of vulnerabilities. Get a free Website Security Check.

web application security banner

Venkatesh Sundar

Venky is an Application Security technologist who built the new age Web application Scanner and Cloud WAF - AppTrana at Indusface as a Founding CTO. Currently, he spends his time on driving Product Roadmap, Customer Success, Growth, and technology adoption for US businesses.

Share Article:

Join 47000+ Security Leaders

Get weekly tips on blocking ransomware, DDoS and bot attacks and Zero-day threats.

We're committed to your privacy. indusface uses the information you provide to us to contact you about our relevant content, products, and services. You may unsubscribe from these communications at any time. For more information, check out our Privacy Policy.