With 2020 almost upon us, it’s time to discuss the top cybersecurity incidents of 2019.
2019 is almost over, and as we enter 2020, we should look back at the top cybersecurity incidents of the year. There have been plenty of data breaches, both big and small, many ransomware attacks, GDPR violations, Facebook controversies, etc., but some incidents were on a much bigger scale than others.
While it is wishful thinking, let’s home 2020 is a better year for cybersecurity. And while you wait for the year to end, in no particular order, here are the 5 biggest cybersecurity incidents of 2019 you should know about.
Personal data of 5 million Bulgarians stolen
In what is described as the biggest data leak in the country’s history, 5 million Bulgarians had their personal information stolen. To put it into perspective, Bulgaria has a population of 7 million, meaning more than 70% of the population had their data leaked.
The data leak became known in July, when local media received emails containing links to the leaked data. It was alleged that the data come from Bulgarian Ministry of Finance, and the country’s authorities later confirmed that the leak originated, at least partially, from the tax agency. The full extent of the breach is unknown, but local media has reported that the files date back to 2007.
The hacker responsible for the incident claims to have compromised more than 110 databases, including highly confidential information. It has not been disclosed how exactly the data leak happened, but some believe that it was carried out from abroad. More specifically – Russia, as the emails with links to the data were sent by someone who claims to be Russian.
Capital One data breach exposed personal information of more than 100 million people
One of the biggest security incidents of this year was the Capital One data breach. A hacker managed to access the bank’s server holding customer information and stole personal data of more than 100 million people. Reportedly, 140 thousand Social Security numbers, 80 thousand bank account numbers, tens of millions of credit card applications dating back to 2005, and one million Canadian social insurance numbers were stolen during the breach. While the stolen information is extensive, Capital One said they do not believe that it was distributed or used for fraud.
The hacker, identified as Paige Thompson, had reportedly gained access the data by using a misconfiguration on a firewall on a web application. She had left a rather obvious trail leading back to her. The software engineer, who had worked for Amazon Web Services in the past, had reportedly boasted about the hack online, even detailing the data theft on Twitter. The FBI eventually tracked her down and she’s now facing several charges.
Affected customers were offered free credit card monitoring, and the bank has estimated that the data breach would cost up to $150 million
US cities become targets of ransomware
Many US local governments suffered a harsh and expensive wake-up call about the state of their cybersecurity this year when they found their systems encrypted with ransomware. According to reports, 140 local governments, police stations and hospitals have been affected by ransomware so far in 2019.
Response to the attacks vary between local governments, some agree to pay, while others refuse to give in. Back in June, Florida city Riviera Beach had suffered a ransomware attack after an employee clicked on a malicious email link. The ransomware attack caused serious disruptions for the local government, to the point where police and fire departments had to write down 911 calls on paper. Officials voted to pay the 65 Bitcoins ($600,000) to restore the systems. Jackson County paid $400,000, and Lake City paid almost $500,000 in ransom in similar attacks.
Not all governments give in, however. In May, 2019, the city of Baltimore, Maryland had suffered a ransomware attack that paralyzed their systems. The attack affected hospitals, airports, goverment services, etc. Advised by the FBI, the goverment had made the decision to not give into the demands, which requested $76,000 to unlock the systems. The ransomware attack will end up costing Baltimore an estimated $18.2 million by the end of the year. While the cost of recovering systems without giving into the demands is much higher, the goverment defended their decision to not pay.
Ecuador citizens’ personal information leaked
A misconfigured database has exposed personal data of the majority of Ecuador’s population, including 6.7 million children. The database containing 20.8 million records of Ecuador citizens, a country with a population of 16.6 million, was discovered by security researchers back in September. The database contained duplicate records, as well as data of deceased citizens, hence why the leaked number of records is higher than the country’s population.
The leaked information includes names, dates of birth, home addresses, national ID numbers, phone numbers, financial and work details, information about family, as well as things like car ownership. The database also contained information of 6.77 million citizens under 18, including names, gender, ID numbers, home addresses, and places of birth. According to ZDNet, who were the first to break the story, the data was possibly gathered from both goverment sources and private databases.
The source of the leak was traced to Novaestrat, a local analytics company. Despite both ZDNet and the researchers who uncovered the leak trying to contact the company, it took contacting Ecuador’s Computer Emergency Response Team to get the database secured. A general manager of the company was later arrested.
DoorDash data breach exposed data of 4.9 million customers and drivers
Back in May, Food delivery company DoorDash suffered a data breach that affected an estimated 4.9 million customers and drivers. According to the security notice posted on the company’s blog, an unauthorized party accessed data of users who joined before April 5, 2018.
Accessed information includes names, email addresses, delivery addresses, order history, phone numbers, hashed and salted passwords. Some customers had the last four digits of their payment cards accessed, a number of Dashers and merchants had the last four digits of their bank account number taken, and 100,000 Dashers had their driver’s license numbers stolen.
DoorDash has blamed the breach on a third-party service provider but did not name it, nor did it provide details on how the breach happened in the first place.