Recent Data Breaches and Cyber Attacks in 2021
Many of us are still trying to process all of the cybercrime that took place last year, not realizing how much damage hackers have caused already in 2021. The digital advancement of new technology within the last few years has given hackers new tools at their disposal, proving that any organization is susceptible to an attack; a reality proved most recently with the breach at SolarWinds. Recapping the multitude of data breaches that have occurred so far this year is a long list, so let us review a few of the most recent breaches.
January
Parler
The conservative sibling of Facebook, Parler lost 70TB of information that included 99.9% of posts, messages, and videos that had a date, time, and location data. Many of the users who used government-issued IDs to verify their identity were also exposed.
Pixlr
A popular and free online photo-editing tool, Pixlr had 83 million user records leaked by a hacker. The leak included sensitive data like email addresses, usernames, and passwords.
February
Nebraska Medicine
There were 219,000 patients at Nebraska Medicine that had personal and medical information exposed after a malware attack allowed a hacker to access and copy this data. Names, home addresses, dates of birth, health insurance information, Social Security numbers, and driver’s license numbers have been leaked.
Kroger
Human resources data and pharmacy records were stolen from Kroger. A third-party breach at Accellion allowed hackers to get in and gain access to information like home addresses, phone numbers, Social Security numbers, health insurance, and medical history.
March
Microsoft
Security flaws in the Exchange Server email software allowed hackers to access email accounts of almost 30,000 organizations all over the U.S. that ranged from small businesses to local governments. The hackers have total remote control over affected systems, so Microsoft is urging customers to apply the security patches as soon as possible.
Hobby Lobby
A cloud-bucket misconfiguration (improper set up of data storage in the cloud) led to the exposure of 30,000 records of customer information. The last four digits on credit cards were stolen, along with personal information like names, email, and home address.
April
Ubiquiti
Unfortunately, there has been much speculation as to when this breach occurred. Ubiquiti manufactures and sells networking equipment for commercial and residential use, so this breach is large and serious. Hackers obtained full read-write access to Ubiquiti databases at Amazon Web Services, with credentials stolen from an employee’s LastPass account. Hackers can remotely log in to countless Ubiquiti cloud-based devices all over the world.
A vulnerability in a patch made back in 2019 let a hacker scrape the data and publish the information on a low-level hacking forum, releasing information of 533 million users from 106 countries.
What’s happened so far is a testament to how diligent everyone needs to be in protecting personal and sensitive data. It’s never too late to begin your own set of best practices in keeping your information secure. Head over to our 2021 List of Best Password Managers to help you get started.
If you want to speak to someone on our team on ways to safeguard your data or your company’s business data, please contact us today, and we will have a member of our team reach out to you.