Cybercriminals operate on stealth mode. They will often catch you unawares and can cause a lot of damage. Unfortunately, anyone in the online space can be a target.
Governments, organizations, and individuals have come under attack. Vulnerability levels are especially high for small and medium businesses. At-risk industries are healthcare, government agencies, the energy industry, and higher education.
The level of sophistication keeps on growing every single day. In essence, no one is safe. This article will look at seven companies affected by cyber-attacks.
Companies that have experienced cyber attacks
No industry is safe from cyber-attacks. It has necessitated the development of policies and contingency plans by companies and industries to guard against such. The energy sector, for instance, has the NERC CIP compliance policy.
Cybersecurity challenges are many, and some companies have found themselves in tight spots. So which are the notable ones?
Target became the victim of cybercriminals in December 2013. Yet, the hackers' May have had access as early as November 27. The company sent out a report showing a massive breach in its in-store payment system.
The criminals made away with over 40 million debit and credit card numbers. On further investigation, the company reported a data breach of over 70 million customers.
The security loophole was through a third-party vendor and may have lost credentials to the hackers. The information included names, phone numbers, and email addresses. The security breach resulted in the stepping down of the CEO about five months later.
Target had to install monitoring for credit accounts and protection against identity theft. That was not all; the company ended up in court because of the breach. They had to pay over 18.5 million dollars in multi-state settlement.
LifeLabs is a Canadian medical laboratory, the largest in the country. Cybercriminals accessed their system in late 2019.
A 2020 report shows that LifeLabs may not have put in place adequate security measures. The company also collected more information than necessary. All these were in violation of the health and privacy laws governing the country.
The company tried to retrieve the data by negotiating with cybercriminals. LifeLabs also contracted cybersecurity experts to improve online safety. Such measures included evaluation and crime detection.
The commissioners felt that the company was taking steps in the right direction. It did not, however, stop a series of lawsuits filed by victims of the breach.
3. World Health Organization
Some World Health Organization (WHO) staff members lost their login credentials to hackers. The attacks occurred around March and April 2020.
Reports state that the target may have been the teams trying to fight the coronavirus. Such included the Center for Disease Control and Prevention (CDC). Others were the Melinda Gates Foundation and the National Institute of health.
The hackers used phishing as their main weapon of attack. Reports show that the criminals released over 25,000 passwords and email addresses.
The organization did not report the extent of the damage if any. But, they did move to a more secure infrastructure to ensure better security.
South African customers and business entities lost data in an Experian cyberattack. The breach happened in August 2020. Reports show that the cyberattack affected over 800,000 companies and 24 million people.
As per the report, an individual falsely presented himself as a customer. He then asked for services, resulting in the release of the data. Experian reported that there were no fraudulent activities accompanying the loss.
According to the company, no financial or customer credit information went out. The infrastructure, customer database, and systems were also safe. The company was able to retrieve and delete what the individual had stolen.
Twitter is a popular Social Media platform. In July 2020, cybercriminals were able to breach it. The hackers used phone phishing to get access. Three individuals were behind the attack. They managed to steal employee credentials and gained access to the Twitter systems.
The hackers targeted high-profile accounts. They belonged to people like Jeff Bezos, Barack Obama, and Ellon Musk. Using the accounts, they engaged in Bitcoin scams, earning over $100,000. The hackers managed to access over 130 Twitter accounts. They used Tweets and direct messaging for their dirty work.
According to reports, the mastermind was a seventeen-year-old. The authorities arrested the hackers about two weeks after their successful breach.
The hospitality industry has also had its share of security breaches. One such attack happened at Marriott International. Exact timelines are hard to pin because the company only sent out a report on March 31. Some people believe that the hackers may have already started working a month before.
The point of entry was through the use of login credentials from two Marriott employees. Reports show that the hackers could have reached over 5.2 million customers. They went after phone numbers, names, addresses, loyalty programs, and travel information.
Unfortunately. This is not the first time the hotel came under attack. A similar incident happened in 2018, hackers got access to the data of more than 500 million guests. The company had to cough up over $18.4 million as a fine imposed on them by the UK data privacy watchdog.
7. California University
The educational sector is also a ripe hunting ground for cybercriminals. California University learned this the hard way after a ransomware attack on June 1, 2020. The medical research organization had to part with $1.14 million as a ransom payment.
The criminals encrypted critical information across many servers. As per the university, the hackers did not compromise any of the data.
We have highlighted some major industry players that have come under cyber-attack. To cybercriminals, every industry is fair game. They will look for areas of vulnerability to find a way in. There is a greater need for more diligence. Companies must also invest in the proper security to keep customers' data safe.
Leave a comment
All comments are moderated. Spammy and bot submitted comments are deleted. Please submit the comments that are helpful to others, and we'll approve your comments. A comment that includes outbound link will only be approved if the content is relevant to the topic, and has some value to our readers.