Updated: 3/8/24
3/8/24 - It seems like literally every week I read that there's a data breach somewhere in the U.S. and the world-over. Unfortunately, most of us utilize these corporations or companies on a daily basis, that are getting "hacked" or have been threatened with "Ransomware", due to a Data Breach. Its very important that we stay up-to-date by reading technology news, because it affects us all and can actually create very severe consequences, if we don't stay vigilant against these Cybersecurity attacks on the services we use the most; from Email, Banking, Entertainment, Financial, Investments, Social Media, Schools, Work, etc., then we will become victims, which can cost us financially and create a variety of problems for you online.
Please read my Introduction Page to this Tech Blog on how to stay safe & secure online.(Reference: Introduction) and also "How to Protect yourself" at the bottom of this page.
Data breaches have been on the rise for a number of years, and sadly, this trend isn't slowing down. The last year or so has been littered with thefts of sensitive information. Data breaches have affected companies and organizations of all shapes, sizes, and sectors, and have cost billions in damages to U.S. Businesses alone.
Jan 2024 - 26 Billion Records Leak: Dropbox, LinkedIn, Twitter Named
What is a Data Breach?
A data breach is any security incident in which unauthorized parties gain access to sensitive or confidential information, including personal data (Social Security numbers, bank account numbers, healthcare data) or corporate data (customer data records, intellectual property, financial information).
A data breach occurs when a threat actor breaks into (or breaches) a company, organization, or entity’s system and purposefully lifts sensitive, private, and/or personally identifiable data from that system. When this happened, companies are sometimes forced to pay ransoms, or their information is stolen ad posted online. According to one estimate, 5.9 billion accounts were targeted in data breaches last year.
The terms ‘data breach’ and ‘breach’ are often used interchangeably with ‘cyberattack.’ But not all cyberattacks are data breaches—and not all data breaches are cyberattacks.
Data breaches are caused by:
Innocent mistakes— an employee emailing confidential information to the wrong person
Malicious insiders—angry or disgruntled laid-off employees, or a greedy employee susceptible to an outsider’s bribe.
Hackers—malicious outsiders committing intentional cybercrimes to steal data
Financial gain is the primary motivation for most malicious attacks. Hackers may steal credit card numbers, bank accounts, or other financial information to drain funds from people and companies directly.
Companies which have disclosed Data Breaches & Cybersecurity attacks over the past year.
23andMe
American Airlines
Apple
Bank of America Boeing
CashApp
ChatGPT
Cisco
Credit Suisse
DoorDash
Dropbox
LastPass
Marriot
Morgan Stanley
PayPal
Pizza Hut/KFC
Red Cross
Samsung
SONY
TikTok
T-Mobile
Toyota
Trello
Twilio
Uber
UPS
Verizon
Examples of Data Breaches: US Government Data Breach: Personal information pertaining to 237,000 US government employees has reportedly been exposed in a Department of Transport data breach.
US House of Representatives Data Breach: A breach of a Washington DC-based healthcare provider that handles sensitive data belonging to a number of federal legislators and their families may have affected up to 170,000 people. T-Mobile data breach that occurred last year, for instance, cost the company $350 million in 2022 – and that's just in customer payouts. T-Mobile fell victim to two more breaches during 2023, putting more customer data at risk. This puts more onus than ever on businesses to secure their networks, ensure staff have strong passwords, and train employees to spot the telltale signs of phishing campaigns. Bank of America Data Breach: Tens of thousands of Bank of America customers have had their data exposed in a breach relating to a ransomware attack targeted at Infosys Mccamish Systems, one of the bank's service providers. The attack occurred at the beginning of November 2023.
Biotech company 23andMe has suffered a data breach – customer accounts were broken into with a credential-stuffing attack. Genetic data belonging to people who have used the service has been stolen, which may include first names and last names, email addresses, birth dates, and information 23andMe stores relating to users' genetic ancestry and history. Reports suggest that the hackers were targeting/looking for data pertaining to individuals of Ashkenazi Jewish and Chinese descent.
American Airlines Data Breach: Hackers have reportedly stolen personal information relating to ‘thousands' of pilots that applied for roles at American Airlines and Southwest Airlines. Rather than being taken directly from either airline, the information was extracted from a database maintained by a recruiting company. Around 8,000 pilots are thought to have been affected
HOW TO PROTECT YOURSELF AGAINST DATA BREACHES:
81% of breaches are caused by weak or reused passwords, it’s crucial that each account have a unique password.
Changing your Passwords to a much tougher one (Reference: Passwords)
Use 2FA or MFA Authentication (Reference: MFA-2FA)
(Use an Authenticator or Hardware Security Key)
Use Services that offer End-to-End Encryption (e2ee).
ALWAYS Stay Vigilant by staying up-to-date with current technology news, when it comes to staying SAFE & Secure Online. Or you can just read my Tech Blog frequently ;-)
-TonyTek