July 9, 2021

Monthly Breach Report: July 2021 Edition

PKWARE
Monthly Breach Report: July 2021 Edition

There is an ever-increasing breadth in the types of targets of data breaches in 2021. Extracting and exposing individuals’ sensitive personal data that is key to large brand and government trust remains the most prevalent vulnerability. In June, targeted industries, tech companies, and known organizations across the world stand out in these stories as still needing to secure and protect their sensitive data.

Breaches Spanning Top Brand Products Companies

Disruption of business for key products and services companies has been on the rise, and June found an increase in reporting of sensitive, personal information being compromised and, in some cases, publicly posted online.

Volkswagen

Over 3.3 million US and Canadian customers and shoppers had personal data stolen from Volkswagen Group and Audi. The data was extracted from an unsecured Azure cloud server. Personal information including names, email and home addresses, VINs, driver’s license numbers, and some credit scoring private data was put up for sale on a hacker forum.

Peloton

Peloton Bike+ touchscreen users became victims of hackers spying on them through microphones and cameras. The hackers used an inelegant approach, typically in public spaces such as hotels or gyms, plugging in USB devices to access data through malware and fake versions of Spotify and Netflix. Thus, the attacks could be delivered with no trace of access. Peloton rapidly addressed the vulnerability.

McDonalds

US, South Korea, and Taiwan McDonalds operations experienced a malicious breach exposing customer personal data including customer and employee email addresses which are vulnerable to phishing attacks. The investigation is pointing to human error.

Sources

Breaches Spanning Top Tech Companies

While technology companies tend to hold their brands in high regard, cyber criminals find it satisfying to smear those reputations in demanding the highest dollar value possible by breaching, scraping, and otherwise extracting operational and personal data for ransom or auction.

LinkedIn . . . Again

In May, LinkedIn experienced a breach of over 500 million users’ personal data. Now another 700 million users’ private and personal data has been discovered in a new June cache. Users rely on companies like LinkedIn to protect private information and yet nearly 93 percent of the organization’s customers have had their personal data put up for sale by the cyber criminals.

These were not classic network breaches, but aggregations of leaked data that, when compiled, create identifiable identities and ones that can be assumed. Scraped LinkedIn data noted:

  • Full names
  • Phone numbers
  • Physical addresses
  • Email addresses
  • Geolocation records
  • LinkedIn usernames and profile URLs
  • Personal and professional experiences and backgrounds
  • Genders
  • Other social media accounts and usernames

This sensitive data must be protected at the outset, inbound to the company, to become positively useless to hackers. Protecting personal data is always a company’s best practice to secure customers’ trust and ongoing use.

Sources

Electronic Arts

The attack on tech giant Electronic Arts was not carried out with the common intent of holding the stolen data for ransom. Instead, the cyber criminals set up an offering of up to 780 gigabytes of data—including source code—to bidders to jack up the financial gain. What is at issue is not only the threat to proprietary code property of the company, but the uncertainty of individuals’ personal data being secure or potential access to users through games installed on their devices.

Source

20/20 Hearing Care Network

A healthcare benefits administrator, 20/20 Hearing Care Network, discovered and reported 3.3 million people’s personal and sensitive health data was accessed from AWS cloud storage buckets. The data was subsequently deleted from the S3 buckets. Deleting stolen data is rare in ransomware attacks and this is being further investigated. It is unknown how the personal data and health information will be used by the thieves. It seems several safety precautions were missed or not implemented.

Source

RockYou 2021

Back in 2009, RockYou experienced such an unfortunate breach of personal data—exposing 32 million email addresses and passwords—that it became a reference tool, a “dictionary,” for hackers across the world. Now in 2021, another password leak at RockYou has been uncovered with the alleged damage exponentially worse: 8.4 billion passwords have been reported exposed. That’s nearly 2 passwords per living person on Earth.

The leak occurred when a forum member shared their 100GB txt file with the passwords. Every user of the internet and online apps are being warned to check whether their passwords are included in the leak.

Sources

Breaches Spanning Companies in a Variety of Industries

Several prominent industries have become targets for international criminals. Almost every month in 2021 we have reported breaches of companies in key industries and offer PKWARE Protect to help your company avoid similar breaches by not having valuable, sensitive data exposed.

JBS Foods

Venturing away from tech and into other industries, on the heels of major pipeline companies of the Energy sector, JBS Foods was cyber attacked.

Meat production of the largest company in the industry was immediately impacted and JBS rapidly paid a reported $11 million as ransom to unlock their maliciously encrypted files. The food industry seems to be rife for intelligence threats, with their high-visibility names and P&L’s put at risk. With this so quickly following recent pipeline company ransomware attacks and payments, the US Department of Justice is hastening its Ransomware and Digital Extortion Task Force.

Sources

New York City Law Department

Up to a thousand employees’ personal data may be compromised in the throes of a cyber intrusion into the NYC Law Department. It was discovered by one of the city lawyers having technical trouble filing a request in a case. There were associated connectivity issues and productivity as well as case progress was thwarted. The FBI was called in to assist in the investigation, as there is good likelihood the attackers could be criminals associated with foreign governments. This attack was discovered mere days following the reporting of the May MTA database attack. Major city law enforcement, utilities, and transportation systems are likely to be considered easy and wealthy cyber targets.

Cox Media

There were rolling attacks throughout properties of Cox Media throughout the early part of June. Cox Media owns 54 radio stations, 33 television stations, and a myriad of video streams and digital platforms. Operations were significantly disrupted. Employees were told to log off their computers and devices, and to not use email or Twitter. This may indicate that TV news may be a new lucrative target industry for ransomware hackers.

Source

 

Any industry consisting of companies where day-to-day operations can be impacted by ransomware attacks may be on glide scope for criminal attempts to steal individuals’ personal data and stop production which in turn stops revenue.

Protect your business and your data with the help of PK Protect. Request your personalized demo now.

 

 

 

Share on social media
  • Data Breach Report: August 2024 Edition

    PKWARE September 6, 2024
  • Where Are the Keys? Managing Encryption in the Cloud

    PKWARE August 7, 2024
  • Data Breach Report: July 2024 Edition

    PKWARE July 19, 2024
  • Data Detection and Response (DDR): Revolutionizing Data Security

    EJ Pappas July 9, 2024
  • Data Breach Report: August 2024 Edition
    PKWARE September 6, 2024
  • Where Are the Keys? Managing Encryption in the Cloud
    PKWARE August 7, 2024
  • Data Breach Report: July 2024 Edition
    PKWARE July 19, 2024