The year 2021 can be referred to as a record-breaking year for data loss due to a lot of cyber-attacks and data breaches, 2021 is presenting a new diversity of extraordinary challenges for companies and individuals as well. Due to the implementation of advancing technologies such as artificial intelligence and machine learning and the greater tactical cooperation among techie hacker groups and state actors, there is a shoot up in the number of data breaches and cyber-attacks taking place.
Let’s have a look through top cybersecurity attacks in 2021
1. Stolen data of 533 million Facebook users leaked
In April, it emerged that personal information of over 533 million Facebook users from 106 countries had been leaked online. CTO of cyber intelligence firm Hudson Rock, Mr. Alon Gal, first reported that a Telegram bot was being used to cell phone numbers for free. The personal information included Facebook members’ full name, birth date, bio, location, past location, relationship status, and Facebook IT. Facebook claims that it did not know whose information was leaked and therefore could not inform the users about the leakage.
FTC conducted an investigation prevailing to the incident and concluded that Facebook had used illusive divulgence and settings to undermine users’ privacy preferences in violation of a 2012 FTC order.
2. Microsoft Exchange, A Lack of Mending
In March, Volexity, the security firm, unearthed a Microsoft Exchange flaw that authorized hackers to situate web shells to extract data and credentials. The four CVEs that were involved are CVE-2021-26855, CVE-2021-27065, CVE-2021-26858, and CVE-2021-26857. Among these, the first one allows access, and the last three allowed code implementation. 120,000 systems had been corrupted and less than 10,000 remained unpatched.
On April 14, NIST produced four other particular CVEs, all of which included remote execution. Though the FBI’s attempts are necessary, organizations cannot depend on the agency for their security.
3. Scripps Health Malware Attack Could Cost Lives
In May, Scripps Health IT systems were closed down owing to a malware attack. Scripps Health is a nonprofit health care system located in San Diego, Calif. It encompassed 5 hospitals and 19 outpatient clinics. On May 1, Scripps Health declared its IT systems had been harmed by a malware attack that affected its hospitals and other clinics. The company provisionally suspended user approaches to IT systems, including the patient portal.
Surgical procedures and patient appointments were all canceled provisionally and business has recommenced, though not as usual yet.
4. McDonald’s Cyber Attack Targets Data
On June 4, Mcdonald’s became the victim of a cyber-attack that involved the extraction of data. In Taiwan and South Korea, customers’ phone numbers email addresses, and physical addresses were exposed. Moreover in Taiwan, some employees’ names and contact information were exposed. However, Mcdonald’s claimed that the volume of information exposed was little and that it had appointed outside consultants to deal with it. It took the company around a week to stop unauthorized access to the data.
5. JBS Faced a Ransomware Attack
In May, JBS USA found that it was the victim of a cyber-attack that infected some of the servers supporting its Australian, U.S., and Canadian IT systems. The company seized all infected systems and then approached law enforcement and third-party consultants to work with internal IT to resolve the situation.
In June, Andre Nogueria, JBS CEO, affirmed that the company was able to revive quickly with the help of government consultants and entities. He also said the hackers failed to break the core system which minimizes the possible impact.
Follow and connect with us on Facebook, LinkedIn & Twitter
