From large to relatively smaller organizations, data breaches again proved that security architecture is lackluster. More than 100 million people were affected in these breaches and still, there was little media attention that would have made businesses at large think of their security. Indusface brings you a brief compilation report of high profile breaches that companies should know about.
Although the data breach was revealed late in the month of May, most had no clue about what it was and how it affected the users and the organization. This leading online music portal in India was hacked through SQL Injection by a foreign hacker exposing details of more than 10 million users at a time. The hacker claimed that his intentions were not to sell this information, which could have easily fetched him thousands of dollars in the underground market.
Take a look at the underground rates for similar pieces of information in our post: Hackers make $193 per Credential Globally through Database Breaches
And here’s how it could have been prevented: All You Need to Know About SQL Injection
Records of more than 53, 000 WTO officials were leaked in this shocking breach. It was revealed that names, phone numbers, email addresses, titles, login credentials, and other sensitive details were compromised by hackers targeting organization officials in Brazil, China, France, India, Indonesia, Pakistan, Russia, Santo Domingo, Saudi Arabia, Sri Lanka, and the United States.
One of the leading online taxi service providers, which caters to more than 1 million passengers monthly, was accused of exposing customer data and credit card information. An internet security expert warned that the website and mobile application lacked authentication and encryption. A large part of the problem was cited in development techniques, which failed to lock mobile and web applications.
Here’s how they could have secured applications: 3 Must-Have Web Application Testing Features
Things got serious for this leading Australian internet service provider when account information for 30,000 customers was being sold anonymously on social networking websites. What’s worse than iiNet had no idea about the data breach. Later, the company’s Chief Information Officer (CIO) stated that 30,827 customers were individually contacted and instructed to change their passwords to minimize repercussions.
The United States Office of Personnel Management was much talked about the incidence. In June, OPM internet security experts realized that their system had been compromised that allegedly stored information of around 4 million Americans. However, later in July, the FBI and DHS also joined the ongoing investigation and revealed that more than 32 million individuals might have been affected through the breach.
Wall Street Journal had reported that approximately 1 million people were affected when the Japanese government’s universal pension system. Investigation revealed that an email virus corrupted two computers that transmitted data to hackers for days. In fact, a total of 27 computers were found to be infected by this virus.
This is possibly the most talked about the data breach in the list exposing personal information on 37 million users. Ashley Madison is an online dating service for married individuals, which promotes extramarital affairs. The hackers are said to infiltrate into the website’s database for moral reasons and wanted the owners to shut down their service and threatened to publish the personal records.
This US-based healthcare technology company with more than 50 centers still has no ideas about the breach beyond a figure. They know that 1.5 million records were compromised earlier in May, an attempt that stretched until July. In fact, a similar attempt was also uncovered on the UCLA Health System, where the breach affected 4.5 million users.
While most of the other hacking attempts where are stealing information, Trump Hotel incidence was right down to the money. Earlier in July, hotel authorities reported a series of fraudulent credit card and debit card transactions across multiple locations. Los Angeles, New York, Miami, Honolulu, Chicago, and Miami were the most affected locations. The hotel chain is yet to reveal any other substantial information on the severity and amount of money lost due to these transactions.
Make sure that your website or mobile application is free of vulnerabilities. Get a free Website Security Check.
This post was last modified on August 2, 2023 09:28
Explore crucial tactics like Asset Inventory, Patch Management, Access Control & Authentication, and additional best… Read More
Delve into the data privacy questions including consent protocols, data minimization strategies, user rights management,… Read More
Secure Node.js APIs using best practices: Employ proper HTTP methods, robust authentication, and API-specific security… Read More