Describe 5 most recent cyberse
Describe 5 most recent cybersecurity incidents that happened toorganisations by providing the following details:
- What happened?
- How did it happen?
- What was the consequences?
- What could have been done to prevent the incident?
No longer than 3 pages.
Answer:
5 most recentcybersecurity incidents that happened toorganisations
1.Hacker leaksdata of 18 companies
Impact: Records of 386 million users stolenfrom 18 companies.
Till July, numerous cybersecurity incidents happened. About 386million user records from 18 different companies were stolen. Thehacker who believed to have stolen the data posted links to thedatabases of companies, where anyone could download for free. Thehacker, named ShinyHunters is believed to have made a lot of moneyby selling the data online.
After hackers steal the data, they usually sell it privatelyfirst, with prices ranging from $500 to $100,000. Once the data isno longer useful, hackers generally publish them on hacker forumsto increase their reputation in the community.
Take Action Now: Use a strong password foryour system and update it frequently.
2.ExperianBreach
Impact: Records of 24 million people and793,749 businesses’ data stolen.
Experian, a consumer credit reporting agency, suffered a majorbreach, impacting nearly 24 million South African consumers andabout 793,749 business entities in August 2020.
The agency further revealed that an individual fraudulentlyclaiming to be one of its clients requested services from thecompany, prompting the release of the information. Soon, after thebreach, the company reported the incident to the local authorities.Eventually, the misappropriated data was secured and deleted.
Experian said that the data was not used for fraudulent purposesbefore being deleted. Also, it further said the cybersecurityincident did not compromise its own infrastructure, systems, andcustomer database.
Take Action Now: Strengthen your company’ssecurity policy.
3.MGMHotel
Impact: Details of over 10.6 million usersrevealed.
In February 2020, the personal details of more than 10.6 millionguests who stayed at MGM Resorts hotels was leaked on a hackingforum.
The information leaked included names, phone numbers, addresses,birth dates, and email addresses of users ranging from tourists,CEOs, celebrities, and government employees. However, the detailsof the credit cards were not breached.
This cybersecurity incident started in the mid of 2019. Then,the MGM employees discovered unauthorized access to a server. Fromthat day, the stolen information was being shared in severalhacking forums.
After the cybersecurity incident got revealed, immediately MGMnotified the impacted individuals. In February, once again therewas a data breach and as a result, information of MGM hotel userswas published openly, on an accessible forum.
Take Action Now: Protect your data withcontinuous assessment of your system.
4.CognizantTechnology Solutions Corp
Impact: Disruption of client services,revenue and impact on margins. The company paid $50-70 M forransom.
On April 18, 2020, Cognizant Technology Solutions (CTS), was hitby Maze ransomware cyber-attack, which resulted in servicedisruption of company’s clients.
The tech giant confirmed about the breach on its website. Ittook steps to contain the cybersecurity incident and notified itsclients about the breach and measures to take to further securetheir systems.
During a ransomware attack, attackers generally infect thecompany’s systems with virus, steal the data, and demand paymentfrom the company to restore the data. But, in case of CognizantMaze ransomware, attackers threatened the company to pay the ransomor they would publish the breached information online.
Later, in May, Cognizant revealed that it paid a ransom of$50-70 million to cyber attackers to restore its services.
Take Action Now: Always keep your systemsupdated. Employ an effective way to defend againstransomware attacks.
5.CaliforniaUniversity
Impact: A ransom of $1.14M paid.
On June 1, University of California, San Francisco, was attackedby cyber criminals. This was again a ransomware attack and hackersdemanded $3 million. The leading medical-research companynegotiated the ransom amount and paid $1.14 million as theinformation encrypted in the attack was critical to the school.
Cyber criminals penetrated the university’s system through amalware that eventually encrypted multiple servers. The universityofficials later said that no data was compromised, and theirdevelopment progress was not completely hampered.
Take Action Now: Backup your data-locally, or in the cloud.