Cybercriminals outdid themselves in 2021, wreaking havoc on various businesses and organizations regardless of industry, size, and consumer demography. Let's take a look at some of the biggest and most alarming data breaches of the year.
Astoria Company
Astoria Company generates leads for people who may be looking for great deals on car loans, payday loans, or even medical insurance. Users fill out a form with their personal information, which is then collected and sent to Astoria’s partners, such as loan or insurance agencies. In turn, these agencies would pay the company a fee per lead referral.
In January, Night Lion Security found out that databases of the Astoria Company were being sold on the dark web. These databases included the Social Security numbers, bank account information, credit history, medical data, driver’s licenses, home and vehicle information, and other sensitive information of more than 30 million Astoria customers.
ParkMobile
In March, ParkMobile became aware of a breach that exposed the basic user information of 21 million users, which included license plate numbers, email addresses, mailing addresses, phone numbers, and vehicle nicknames. Encrypted passwords were compromised, but the decryption keys required to read these were not. Additionally, customers' credit card and parking transaction histories were not affected by the breach.
Upon investigation, the leak was traced to a third-party software that ParkMobile uses.
On April 3, Business Insider reported that the Facebook data of more than 533 million users was found for sale online. But according to Facebook, the information compromised wasn’t hacked; it was scraped from profiles using their contact importer, which was a violation of the social media platform’s terms of service.
But even publicly available knowledge can be dangerous in the wrong hands. The data leaked contained information such as names, email addresses, phone numbers, and Facebook IDs that malicious actors could use to guess answers to password questions, intercept one-time passwords, launch phishing attacks, and more.
Despite the danger to consumers that the massive data leak posed, Facebook said that it would not notify users whose data was included in the colossal data breach.
Twitch
Twitch, a streaming platform owned by Amazon, suffered a huge data breach in October. About five billion records were leaked, including Twitch’s proprietary software development kits (SDKs), the company’s red teaming tools, and creator payouts going back to 2019, among others. Fortunately, Twitch passwords were not exposed.
According to a Twitch report, the data breach was caused by an error in a server’s configuration, allowing the vulnerability to be exploited by a third party. This goes to show that one simple mistake can result in a catastrophic event. To ensure that all components of your systems are properly configured, best partner with a business technology expert specializing in managed IT services, like HERO Managed Services.
Pandora Papers
Made public on October 3, 2021, the Pandora Papers comprises about 12 million documents containing millions of images, emails, and spreadsheets exposing the illegally obtained hidden wealth of some of the world’s rich and powerful.
In 2019, an anonymous entity began submitting massive amounts of information to the International Consortium of Investigative Journalists or ICIJ, a global network of over 200 investigative journalists across 100 countries. The files contained evidence of clandestine agreements, secret assets, offshore banking dealings, and other hidden riches of the super-rich, which included politicians, billionaires, athletes, and well-known personalities.
The leak shed light on the vulnerability of various institutions’ security, including those of government agencies and the world’s biggest banks.
Even the biggest corporations with enterprise-grade cybersecurity can fall prey to a data breach. It’s time to safeguard your IT assets with a comprehensive cybersecurity strategy. Bolster your security by partnering with HERO Managed Services — drop us a line today.
Leave a comment!