The most significant data breaches in 2018. Part One (January-June)

    The year 2018 is coming to an end, which means that it is time to take stock and list the most significant data breaches.

    Only really large cases of information leaks around the world were included in this review. However, even despite the high cut-off threshold, there are so many leakages that the review had to be divided into two parts - by half a year.

    Let's see what and how it flowed this year from January to June. At once I will make a reservation that the month of the incident is indicated not by the time of its occurrence, but by the time of disclosure (public announcement).

    So let's go ...


    • Progressive Conservative Party of Canada
      The Constituent Information Management System (CIMS) was hacked by the Progressive Conservative Party of Canada (an office in Ontario).
      The stolen database contained the names, phone numbers, and other personal information of more than 1 million voters, Ontario, as well as party supporters, sponsors, and volunteers.

    • Rosobrnadzor
      Information leakage on diplomas and related personal data from the website of the Federal Service for Supervision in Education and Science.
      A total of about 14 million records with data about former students. Base size 5 GB.
      Leaked: series and diploma number, year of enrollment, year of graduation, SNILS, TIN, passport series and number, date of birth, nationality, educational organization that issued the document.

    • Norwegian Regional Health Authority The
      attackers broke into the Regional Health Authority of Southern and Eastern Norway (Helse Sør-Øst RHF) and got access to personal data and medical records of about 2.9 million Norwegians (more than half of all residents).
      The stolen medical information contained information about government employees, secret service, military, politicians, and other public figures.


    • Swisscom The
      Swiss mobile operator Swisscom acknowledged that the personal data of about 800 thousand of its customers were compromised.
      Names, addresses, phone numbers and dates of birth of clients have suffered.


    • Under Armor
      A popular application for fitness and power accounting MyFitnessPal, owned by Under Armor, has caused serious data leakage. According to the company, about 150 million users have been affected.
      The attackers became aware of usernames, email addresses and hashed passwords.

    • Orbitz
      Expedia Inc. (owns Orbitz) reported that it discovered a data leakage affecting thousands of clients on one of its old sites.
      It is estimated that the leak affected about 880 thousand bank cards.
      The attacker gained access to data on purchases made in the period from January 2016 to December 2017. Stolen information includes birth dates, addresses, full names and payment card details.

    • MBM Company Inc
      A publicly accessible Amazon S3 (AWS) repository was found in open access, containing a backup of the MS SQL database with personal information of 1.3 million people living in the United States and Canada.
      The database was owned by MBM Company Inc - a jewelry company based in Chicago and operating under the brand name Limoges Jewelry.
      The database contained names, addresses, zip codes, telephone numbers, email addresses, IP addresses and text passwords. In addition, there were internal mailing lists of MBM Company Inc, encrypted credit card data, payment data, promotional codes and orders for goods items.


    • Delta Air Lines, Best Buy and Sears Holding Corp.
      A targeted malware attack on the company's online chat application [24] (a California-based San Jose company that develops applications for online customer service).
      The full details of bank cards - card numbers, CVV-codes, expiration dates, names and addresses of owners have flowed away.
      Only the approximate amount of leaked data is known. For Sears Holding Corp. it is a little less than 100 thousand bank cards, for Delta Air Lines it is hundreds of thousands of cards (more precisely, the airline does not inform). The number of compromised cards for Best Buy is unknown. All cards flowed away from September 26 to October 12, 2017.
      The company [24] took more than 5 months from the moment of detecting an attack on its service in order to notify customers (Delta, Best Buy and Sears) about the incident.

    • Panera Bread The
      file with personal data of more than 37 million customers simply lay in clear text on the site of a network of popular bakery cafes.
      The leaked data contained customer names, email addresses, dates of birth, mailing addresses and the last four digits of credit card numbers.

    • Saks, Lord & Taylor
      Of the Saks Fifth Avenue retail chains (including the Saks Fifth Avenue OFF 5TH network) and Lord & Taylor, more than 5 million bank cards were stolen.
      Hackers used special software in cash registers and PoS terminals to steal card data.

    • Careem The
      personal data of about 14 million people in the Middle East, North Africa, Pakistan and Turkey were stolen by hackers during a cyber attack on Careem servers (Uber's largest rival in the Middle East).
      The company found a violation in the computer system, which stores the credentials of customers and drivers from 13 countries.
      Names, email addresses, phone numbers, and travel data were stolen.


    • South Africa
      A database containing personal data of approximately 1 million South Africans was discovered in open access on a publicly accessible web server owned by a company that processes electronic payments for road fines.
      The database contained names, identification numbers, email addresses and passwords in text form.


    • Exactis The
      marketing company Exactis from Florida, USA, kept in open access a database of Elasticsearch about 2 terabytes in size, containing more than 340 million records.
      The database contained about 230 million personal data of individuals (adults) and about 110 million contacts of various organizations.
      It is worth noting that only 249.5 million adults live in the United States - that is, we can say that the database contains information about every adult American.

    • Sacramento Bee
      Unknown hackers kidnapped two databases belonging to the California newspaper The Sacramento Bee.
      The first base contained 19.4 million records with personal data from voters in the state of California.
      In the second base there were 53 thousand records with information about the subscribers of the newspaper.

    • Ticketfly Event ticket
      service Ticketfly reported on a hacker attack on its database.
      The client base of the service was stolen by the hacker IsHaKdZ, who demanded $ 7502 for bitcoin for its non-proliferation.
      The database contained names, postal addresses, phone numbers and email addresses of Ticketfly clients and even some service employees, with a total of more than 27 million entries.

    • MyHeritage
      92 million accounts leaked (logins, password hashes) of the Israeli genealogical service MyHeritage. The service stores the DNA information of users and builds their family trees.

    • Dixons Carphone
      Dixons Carphone, which has retail stores in the UK and Cyprus, said that as a result of unauthorized access to the company's IT infrastructure, 1.2 million personal data of customers was leaked, including names, addresses and email addresses.
      In addition, numbers of 105 thousand bank cards without a built-in chip were leaked.

    To be continued…

    Regular news about individual cases of data leakage, promptly published on the channel Information Leaks .

    Also popular now: