Skip to main content
 
au

  • Increase Speed to Market
    Deliver quality quicker by optimising your delivery pipeline, removing bottlenecks, getting faster feedback from customers and iterating quickly.

  • Enhance Customer Experience
    Delight your customers in every digital interaction by optimising system quality and performance to provide a smooth, speedy and seamless user experience.

  • Maximise Your Investment
    Realise a positive ROI sooner and maximise your investment by focusing your energy on high-value features, reducing waste, and finding and fixing defects early.
  • The Wellington City Council (WCC) wanted to deliver quality outcomes without breaking the bank. Find out how Planit’s fast and flexible resources helped WCC achieve this goal.

this is a test Who We Are Landing Page


INSIGHTS / Articles

The 11 Worst Hacks and Breaches of 2020

 18 Jan 2021 
The 11 Worst Hacks and Breaches of 2020 The 11 Worst Hacks and Breaches of 2020
The 11 Worst Hacks and Breaches of 2020
INSIGHTS / Articles

The 11 Worst Hacks and Breaches of 2020

 18 Jan 2021 

2020 was an interesting year, and not just because of the US election and the Coronavirus pandemic. It was also an eventful year for cybersecurity, with nearly 3,000 reported incidents globally.

Not all of these breaches were of the same size, scale, or significance, so here is a list of what I feel were the most interesting ones:

11. Marriott Hotels in January

The Marriott was hit with second big attack after already experiencing one months earlier.

This attack involved the theft of personal data belonging to 5.2 million of their guests. This consisted of names, addresses, loyalty member data, room preferences, and much more, though no payment data was stolen.

The attackers accessed the data from a property system at a franchised hotel by using the stolen credentials of two employees. The people behind the attack are still unknown.

10. Virgin Media in March

Virgin Media suffered a data breach that affected nearly one million customers. This was a result of not securing a database, which left personal information accessible for at least ten months.

Stolen data included phone numbers, emails, and addresses, but no financial information or passwords. Some customers had their privacy exposed in records that logged requests to have certain websites unblocked.

Virgin Media became aware of the incident after security firm, TurgenSec, discovered it. Virgin has confirmed that the data had been accessed without authorisation “at least once”.

9. GoDaddy in May

convincing phishing email tricked several GoDaddy employees to expose their credentials.

Hackers then used these credentials to remotely access (via SSH) any remote machine owned by those accounts. This then gave them the ability to hijack servers and access 28,000 hosting accounts.

GoDaddy responded to the incident swiftly. They reset passwords for all affected accounts and provided free tools to help secure their customers servers, if affected.

It is unknown who the hackers were in this attack. GoDaddy has been hit with several cybersecurity incidents over the years, so it has been the target of more than one group.

8. CAM4 in May

A security research team uncovered seven terabytes of logging data in an insecure database at CAM4. Found in the logging data were subscriber names, addresses, password hashes, chat transcripts, payment logs, and more.

Although a research team uncovered the issue, it is unknown if this data has already been compromised by bad actors. If it has, then it could potentially be used for blackmail, stalking, doxing, identity theft, and accessing email accounts.

7. The Australian Defence Force in May

Highly sensitive military records containing personal details of thousands of Australian Defence Force (ADF) members are believed to be compromised. This database was outsourced to and maintained by ManPowerGroup.

The specifics of the attack are still vague, as the ADF has so far refused to fully acknowledge the attack, or that any data was stolen. Veterans, including politicians within the government, have also been kept in the dark about the data breach, which has caused outrage.

Even so, the database was taken offline for ten days while an investigation took place. An unnamed source close to the investigation said the issue was detected before Christmas 2019.

The actors behind the attack are currently unknown. However, due to the nature of the attack, a foreign adversary is suspected.

6. Toll Group in May

Toll was hit with a ransomware attack that affected some of its logistics systems. Other systems across multiple sites and business units were voluntarily disconnected to avoid any further damage, which affected parcel deliveries to customers for weeks.

Toll found out about the attack on Twitter after the hackers posted about it. It’s suspected that the attack was done by Russian-based hackers potentially tied to the government.

Forensic evidence from the attack indicates that the hackers used a password spray attack, which tries one or two passwords across a wide range of accounts. This was then followed by phishing attacks from compromised accounts to make the attack appear more legitimate.

5. Twitter in July

Three Twitter employees had their credentials stolen with phishing emails. Hackers used these to gain access to Twitter’s administrative toolset, which gave them the ability to reset the email address of a user’s account.

Hackers used this privilege to hijack and post a message on popular profiles such as Apple, Elon Musk, and Joe Biden. The message promised to send double the bitcoin back to a user if they sent Bitcoins to a specific address.

The attackers earned approximately US$110,000 from the scam before they were caught three weeks later. Two of the perpetrator were from the US and one from the UK - all were under the age of 25.

4. Social Data in August

Security researches were able to access over 235 million social media records from an insecure database at Social Data. Since Social Data integrates with Facebook, Tiktok, Instagram, and YouTube, it meant that user names, photos, account descriptions, influencer statistics, and more were exposed.

No passwords were revealed in this breach, though if malicious actors managed to access this data earlier, it could help with phishing attacks or identity theft.

3. NSW Department of Transport in November

A security researcher discovered the scans of approximately 54,000 New South Wales drivers licenses on an insecure Cloud bucket managed by an authorised third party. It is unknown whether the records have been retrieved by any malicious actor.

This incident was notable in that it highlighted lack of mandatory notification requirements for data breaches in NSW, something which is still not rectified.

2. FireEye in December

Hackers were able to steal propitiatory tools used by FireEye’s security consultants for authorised white hat hacking activities for clients. They also uncovered information about their federal government clients.

FireEye was breached with top tier offensive capabilities using the Sunburst back door, which was also used in the SolarWinds breach. Reports from the Washington Post believe that the group APT29, otherwise known as Cozy Bear, was behind the attack, which has an affiliation with the Kremlin’s Intelligence Services.

1. SolarWinds in December

Russian hackers were able to access SolarWinds’ software development repository, which they then used to create a backdoor in an update for the company’s ORION product. SolarWinds then unknowingly released this compromised update to their customers.

Once the update was installed on a client’s system, it provided attackers with access to the infrastructure running the software. The attackers could then freely move through the customers internal network.

Potentially 18,000 customers were affected by the malicious update. How SolarWinds themselves was breached is unknown at this stage.

Avoid becoming a statistic

These are but some of the data breaches that took place in 2020. There were also many COVID-19 and “work from home” related security incidents as a result of the global pandemic.

In many of the above cases, good security practices and vigilance could have prevented these attacks from ever happening. Find out how our 5 day penetration testing package can help you uncover vulnerabilities and safeguard against these threats for as little as $9,000 + GST.

Protect Your Data and Reputation

We can help you protect your valuable assets and brand reputation. Following an international best practice methodical approach, we provide you with in-depth reports into weaknesses that attackers could exploit in your specific systems. We can then work with you to close these loopholes.
 
Find out how Planit’s three-pronged approach to security testing can help you protect your systems by addressing development, use, and infrastructure.

 

Find out more

Get updates

Get the latest articles, reports, and job alerts.