Biggest Cyber Breaches of 2021..and it's not over yet.
As the amount of protection around data increases, so does the ingenuity of attackers. Even the largest and most secure companies and data bases are not safe. Over the years, the number of breaches have been steadily increasing. That is why it is critical that internet users take measures to protect themselves.
So far in 2021, there have been countless numbers of data breaches that expose personal information of millions of users. Among the biggest data breaches of this year, Facebook, T-Mobile, and Volkswagen are just a few of the most recognized companies hit by attackers, exposing millions of users’ data.
As some may remember earlier this year, gas prices skyrocketed as a result of a scare. The scare was caused by a ransomware attack on Colonial Pipeline. The company is in charge of nearly 45% of the East Coast’s supply of petroleum. They paid roughly $2.3 million to the attackers via Bitcoin.
Due to an unsecure database, a Chinese company, Socialarks, leaked users’ identifiable information for roughly 214 million of Facebook service users. The information included: names, country of residence, phone numbers, and other sensitive information.
For 7 million shoppers of the company Bonobos, a notorious hacker, under the alias of ShinyHunters, stole account information of their shoppers. The breach leaked: credit card information, addresses, and phone numbers.
A third-party cloud provider, Accellion, suffered a data breach that revealed Kroger’s Human Resources data and pharmacy records. The breached records leaked include sensitive information such as names, phone numbers, home addresses, dates of birth, Social Security numbers, prescriptions, and health insurance information.
Earlier this year, scammers successfully SIM swapped some of T-Mobile users’ phones. They took control of customers’ phones and switched their SIMs to a compromised one. By doing this, it allowed the thieves to intercept phone calls and text messages. They also gained access to customers’ names, addresses, Social Security numbers, PINs and security questions with their answers.
An unnamed marketing company is responsible for leaking 3.3 million Volkswagen and Audi U.S. and Canadian customers. The data was left unsecured and was accessed by unauthorized users in March. The importance of the information varied from the type of vehicles inquired about or purchased, to a smaller number of breached Social Security numbers, tax IDs, loan numbers and driver’s license numbers. About 3.3 million customers were affected.
The California Department of Motor Vehicles (DMV) suffered a data breach after Automatic Funds Transfer Services, the DMV’s billing contractor, was hit by a ransomware attack. The breach exposed drivers’ personal information from over a year ago such as registration records, including names, addresses, license plate numbers and vehicle identification numbers (VINs).
A popular third-party contactless parking software, ParkMobile, is responsible for exposing 21 million customer records. The stolen data includes email addresses, phone numbers, license plate numbers, hashed passwords and mailing addresses. ParkMobile is used by a variety of parking lots including schools and shopping centers making it a very widely used service.
Earlier this year, Experian application programming interface (API) suffered a data breach allowing for the private credit scores of tens of millions of Americans to be leaked. The tool, used by many lending sites, allowed anyone to access the private credit scores of millions of Americans by supplying their name, date of birth, and mailing address.
A phishing attack, targeting the California State Controller’s Office (SCO) Unclaimed Property Division, led to an employee clicking on a malicious link, allowing them to log in into a fake website. This granted a hacker access to the employee’s account. The criminal had access for 24 hours, allowing him to send more phishing emails to the hacked SCO employee’s contacts. He was able to view private documents during this time interval. The number of employees affected and the types of personal information impacted has yet to be disclosed by the department.