Top 10 Major Security Breaches.

So Lets get started:

1. Microsoft (Jan 2020) :

• Vulnerability: Exposure of “Internal Customer Support Database” online on which company stores Anonymized User Analytics.
• Impact: Over 250 Million Customer records were exposed that contained Email Addresses, IP Addresses, other Analytics Details (Though MS claimed no personal data was leaked).
• Reporter: Bob Diachenko (security researcher with Security Discovery).
• Root Cause: Breach happened due to “ Misconfigured Azure Security Rules”

2. Facebook (April 2020 )

• Vulnerability: Related to 2019 Vulnerability( Misuse of Facebook’s internal Legitimate Function)
• Impact: Data of 267 Million users was exposed on Dark Web that contained Email Addresses, Names, FB IDs, DOB, Phone Numbers just for $600. These leaked details could launch phishing Mails/SMSs.
• Reporter: Team “Threat Actor”
• Root Cause: No complete Patching/Disclosure of earlier Breaches.

3. Zoom (April 2020)

• Vulnerability: Credential stuffing by “Password Reuse”
• Impact: Around 500K zoom accounts were compromised which were sold on Dark Web either for free or just for 0.02$.
• Root Cause: Attackers made use of previously compromised login credentials dating back from 2013.

4. Nintendo (April 2020)

• Vulnerability: Hijacking of NNID (Nintendo Network ID) of Legacy Accounts
• Impact: Around 300K accounts were hacked which used NNID login system resulting to the exposure Name, DOB, Address, Credit Card Details.
• Root Cause: The NNID login System used On-Screen Keyboard for Password Generation which was not useful to create “Strong & Complex Password”. Thus weak Password resulted the Data Breach for older platforms such as Wii U and 3DS.

5. Twitter (July 2020)

• Vulnerability: Social Engineering
• Impact: 130 High profile Twitter accounts were compromised including Barack Obama, Bill Gates, Elon Musk, Joe Biden, requesting BTC on a given BTC Address.
• Root Cause: Hackers tricked one of the Twitter Employee to provide access to Admin Panel responsible to manage MFA.

6. Log4j (December 2021)

• Vulnerability: Open Source Logging library Vulnerability allowing RCE (CVE-2021–44228 ).
• Impact: Millions of Devices running on internet and using Log4j tool for logging are under risk.Hackers could steal Password, Sensitive data and infect Network with Malicious Software
• Root Cause: When using JNDI (Java Naming and Directory Interface) to connect for instance to an LDAP URL and log it, it is possible to return a malicious payload with a code injection. One mitigate this vulnerability by removing the Jndi-Lookup class from the classpath.

7. Colonial Pipeline Ransomware (April 2021)

• Hacker: Darkside (Russian Group)
• Vulnerability: VPN Account overtake due to weak Password & MFA absence.
• Impact: Majority of Americans Gas users impacted, $4.4 Million were paid as ransomware amount.
• Root Cause: An unused VPN account was still present in network with least security features( weak Password and Disabled MFA) which Hackers obtained after extensive resource search in Pipeline Network.

8. LinkedIn (June 2021)

• Hacker: TomLiner
• Vulnerability: LinkedIn API to scrape Data.
• Impact: 700 Million LinkedIn users were exposed online, with Details like Name, Phone Numbers, Email Address, LinkedIn username & profile, Resumes, Salary Details, etc. Data was sold for $5000.
• Root Cause: LinkedIn API that scraps the data whenever a user visits the web app. However LinkedIn has not accepted this as a Data Breach

9. Accenture Ransomware (August 2021)

• Hacker: LockBit ransomware group
• Vulnerability: Weekly Secured Accenture Backed Airports/Airlines (Bangkok & Ethiopia )
• Impact: 6 TB data stolen from Accenture, $50 Million demand as Ransom. Over 220 GB data was made public of Bangkok Airlines when Ransom was not given. Breach included Names, Phone Numbers and other Personal Details
• Root Cause: Ransomware attack from loose Networks

10. Facebook (April 2021)

• Hacker: Alon Gal
• Vulnerability: Data exposed due to Poor Scraping Method.
• Impact: Data of 553 Million users was made public on hacking forum , with Details like Name, Phone Numbers, Email Address.
• Root Cause: Gal Mentioned “ A database of that size containing the private information such as phone numbers of a lot of Facebook’s users would certainly lead to bad actors taking advantage of the data to perform social-engineering attacks [or] hacking attempts”.