Cyberattacks have become a major role in today’s world, now this year is nowhere special to the cybercrimes and more breaches have happened due to COVID-19 in the year 2020. Data online is at risk on daily basis exposing email ID, Passwords, Credit details, DOB, Health Information, SSN & almost all personal and official information, etc., So here we will see some of the major hacks that happened this year. 

According to the research, experts say that only for the first quarter of 2020 has seen a data breach of 8 billion records exposed and one of the worst attacks in history. And more than 3.2 million records exposed from medicals or Health-care Organizations itself. 

Now let’s talk about some of the top breaches in 2020 and see what we can learn from the story.

1. SANS institute Phishing Attack 

SANS institute cybersecurity training institute itself found to be exposed with a data breach of approximately 28000 records as successful phishing attacks of an employee on 6th August 2020. 

On disclosing the breach, the SANS said that it was part of email configuration and rules identified as “Suspicious Forwarding rule”, as a result of this incident 513 mails were forwarded to suspicious external email addresses. And most of them were harmless but some files contained files with Personally identifiable information (PII). 

2. Zoom Passwords available for sale in the Dark web 

Nearly 5,00,000 zoom accounts have been hacked and sold in the dark web for $0.0020 per account and in some cases, it is given for free. Zoom video conferencing app has seen abundant growth in a few months due to Coronavirus, as people forced to Work from Home, leaving video and voice calls is the only communication. So, this became popular the cybercriminals too.

Hackers used credentials stuffing attacks for gathering the information from the zoom database which had an older data breach. Also, it was reported that more than half a million accounts were in the sale which had contained Personal information belonged to Financial Institution, Banks & various organizations. 

3. Magellan Health Ransomware Attack

Arizona-based Magellan Health in April was reported as email hacking incidents that affected 3,64,892 patient health information due to a Ransomware Attack on the Phoenix-based managed care company. 

Fortune 500 company was reportedly a victim of Phishing attacks in which hackers exfiltrated the data by deploying ransomware payloads in the email using social engineering technique which is impersonating a client. 

Confirmed investigation says that hackers first installed malware to steal the credentials of the employee of the affected server. In which the patients’ data as health information, Insurance details, and treatment details were compromised. The attack contained to single corporate server which exposed data of current employee SSN (Social Security Number), W-2 information to tax & Employee Identification number as confirmed by HSS reports. Also, the Magellan incident is the third-largest reported healthcare data breach in 2020. 

4. Oracle’s BlueKai Exposed Billions of Records online.

BlueKai owned by US tech giant Oracle possesses large web tracking data outside the Federal government. BlueKai uses website cookies, and tracking technologies to follows the user activities and sells the data to other firms and marketing companies. Knowing these data marketers can use this tracking information of the user as possible to name Some as – your income, political & Personal interest, education, shopping, etc., to target the website visitors with ads that should match your interests, and if clicked the advertisers make money. 

But as the TechCrunch report says, that for an unknown period the servers were exposed without a password with all the web tracking data. Billions of records were breached that included web browsing activity. Oracle has taken care of this breach and not yet revealed the other information like who has affected and how the attack has happened? 

5. True caller Data Breach over 45 Million on Indians

A data breach of personal information 47.5 million Indians – including their Phone numbers, Name, Gender, Service provider name, email & Facebook IDs were claimed to be available for sale in the dark Web from the True caller app for $1000(Rs.75000). However, the True caller company denied the breach of its database. But as per Cyble research found that data since 2019 notice is been updated in a well-organized manner with states, cities as per the screenshot shared by the company, mostly it was noticed that North East users’ details were exposed.

Also, the Cyble said the group who has exposed true caller data has also published another database which has 600 million records from China. Though It was reported in Economic times in 2019 May about the breach of 300 million users. True caller denied entirely about the exposure of the users from their app, lately, Cyble Third-party intelligence discovered the leaked personal details in the Dark web for sale.

6. Thailand’s Largest Cellphone tower breached 8.3 Billion records

AIS (Advanced Info Service) Thailand-based mobile network operator was found to be breached with Billions of data with real-time internet records of Thai users. Security researcher Justine Paine in a blog said that a database containing DNS Queries and NetFlow data was found without a password. He also mentioned that anyone could “Quickly paint a picture” of what a person does on the internet. A tried to report the data breach to the ISP vendor but didn’t hear anything from them back for a week and reported to the Thailand National computer emergency response team known as ThaiCERT. 

Before AIS action the Network database was exposed around 8.3 Billion data which contains stored documents of 4.7TB database. However, such database breach lost the trust of Thailand Users which involved the DNS Queries. So, it’s always better the protect their network and invest more in cybersecurity solutions. 

7. 200 Million records of the database on the US- residents were exposed.

Google cloud server found to be exposed online database consisting of around 200 million US-Residents records including the wide range sensitive data and geographic data of the residents on their property and owner transactions, net worth & Income, etc., Bob Diachenko, a security researcher discovered the exposed database and took steps to find the owner after failing which it was reported to Google team. And more than a month later the exposed database server was taken to offline. 

The dangers of such data leak are boon to cybercriminals to run phishing campaigns. The data exposed can be used in a very convincing way to cyber attackers to spam their emails. Finally, comparitech’s security researcher team and tried to report to the server owner and take necessary action on the same. 

8. LiveJournal accounts being shared on hacker forums.

A database containing 26 million accounts from Livejournal has been exposed in multiple hacker forums for free as reported by Bleeping computer which includes plain text passwords. On May 8th, 2020 it was found that a total of 33 million unique accounts have been circulating in various forums. 

As per the report, the database dump contains username, password, email address, Profile URLs, etc., Also, the stored passwords were converted to plain texts which were initially stored in MD5 hash format.

Research says that the cybersecurity incident behind this attack is not clear still now but there is speculation on this data leak since 2014 at LiveJournal. A popular platform used to check if the data is been exposed for sale reported that the users from LiveJournal have reported their data been hacked as put for sale in the forums. An employee from ‘Have I have been pwned’ Troy hunt confirms this breach resulted since last year. 

9. Life Lab data breach in Canada

The largest security breach in Canada ever has hacked in October 2019, which breached data contains sensitive medical & Personal information of 15 million Canadians. Till December 2019, the company was not aware of the breach has happened and came into light by then reported the same in the media about the cyberattack. And the attack was estimated to be around $1.14 Billion, which the company has paid to the hacker group to retrieve the data but anyway, 40% of the country’s population’s data has been exposed and will be used for feature hacks. 

As per CPO magazine research concludes that the data breach happened due to underrated cybersecurity teams and technology were the main reason, also the database server which was breached was not password protected and not encrypted with proper encryption technologies. 

10. Microsoft exposed 250 million data. 

2020, was a bad year for Microsoft as there was a massive breach of 250 Million customer service data and support records were exposed. The records contain data back from 2005 till December 2019, the security team from Microsoft claimed to have removed the personal information except for the IP address & Email address in plain texts. But researchers believe that the breach could be beyond that.  

On Jan 22, Microsoft posted in a statement revealing that they discovered the misconfigured security rules in the database on December 29. Used for internal company database for analytical purposes and not accessible from outside networks. And they rectified the breach and the issue was fixed by December 31 itself. However, the Company performed internal investigations that were found that there was no sign of malicious activities that were used for this breach as per CPO Magazine reports. 

By Michael

Writer of Infohaunt is an Cyber Security Professional have experience in SOC operations, Threat Management, Incident Response, Threat Hunting, Digital Forensics.