We Are Not Safe!

Are you up to date on current events in cyberspace? if so, you’ve probably heard about various security breaches involving major corporations or organizations.
If not, sit back and relax while I tell you about some security breaches affecting most companies in cyberspace, how they occurred, how they could have been avoided, and the potential loss to their victims.
Many major data breaches have occurred over the years, affecting major companies such as Facebook, Twitter, WhatsApp, and Amazon, to name a few.
This has resulted in reputation and revenue losses for these organizations; unfortunately, security breaches are no longer limited to data. Criminal organizations are increasingly looking to steal or expose credentials.
Below are my top five breaches and cyberattacks in 2022 in a random order, these findings are what I researched on and found interesting, read on if you are interested in finding out how these attacks occured and how to avoid same issues if arises.

• Neopets breach

These attack took place July 19th, 2022 but the attackers have been on the system since January 3rd 2021, the hackers breached the neopets database which didn’t have an in-depth layered defense, there stole personal data of over 69 million users and 460mb of the source code. How neopets were alerted was when the attackers decided to sell the data for four bitcoins.

The stolen data included personal information about users such as usernames, email addresses, IP addresses, names, gender, date of birth, PIN for Neopets, hashed passwords, and information about the users’ pets and gameplay.

Neopets responded by implementing a number of security measures, including increased network monitoring to detect earlier threats and strengthening schemes for additional security, password resets, and the development of access control as an additional defense
layer.

• Microsoft data breached

On March 20th, 2022, Microsoft confirmed that it had been compromised by the Lapsus$ hacking group.
The group distributed a stream file containing Bing, Bing Maps, and Cortana source code. The hackers obtained some information from Microsoft, but just by March 22nd, Microsoft revealed that the attack attempt had been halted and that only one account had
been compromised.

Microsoft also stated that no customer data had been stolen and that “Microsoft does not rely on code secrecy as a security measure, and viewing source code does not lead to risk elevation.” 

In this regard, Microsoft gained attention for its effective cybersecurity response. This group had earlier targeted Nvidia, Samsung, and many other companies, so Microsoft’s security team was prepared. The lapsus$ organization generally focuses on jeopardizing user information and accounts and, unlike some other hacking groups, operates with a “pure extortion and destruction approach.”

• Cash app data breach

Cash app owners announced in April 2022 that about 8 million customers of the digital payment app Cash App may have been directly affected by a data leak after a former employee accessed user personal information in December 2021. The only people most affected were Cash App Investing users, which number around 8.2 million. The hacker obviously had a major beef with the company.

Although the ex-employee had direct exposure to the company’s data while working there, the report notes that the data was accessed after the employee had left the company. Customers’ names, trading account, stock exchange information, and portfolio values were all stolen by the ex-employee. Even so, the data stolen did not include customers’ user id, passcodes, social safety numbers, or bank account information.

The downloaded data did not include, Personally Identifiable information, usernames, bank account information, or passwords, but it did include brokerage account information. Based on an interview with block, a financial advisory company that owns cash app, they are notifying all current and previous clients of such a feature “to tell them about this event and share information with them to answer questions.”

• Twitter data breach

Because of a now-corrected system vulnerability, an attacker stole email addresses and telephone numbers in July 2022 and linked them to user accounts. Twitter stated how no passwords were stolen, but added that all Twitter users use multiple verification for their accounts.

This flaw in Twitter’s systems allowed the hacker to link email addresses and telephone numbers to user accounts. The attacker exploited this flaw and compiled a list of 5.4 million people on Twitter with publicly available account details, including whether the account was validated.

The Twitter security flaw was introduced after the company’s code was updated in June 2021. In January 2022, a threat hunter reported this vulnerability, and Twitter honored the researcher for the discovery as part of its bug bounty program.

• Medibank data breach

The incident began on the 13th, just before medibank discovered some abnormal behavior in its systems. After dealing with the attack, the company stated that “there was no proof of any data being accessed during the breach.” The malicious party then contacted Medibank again on October 17, with the goal of “negotiating with the medical company concerning their claimed removal of customer data.”

On October 20, it was confirmed that the hacker’s claims were true. As a result, Medibank publicly refused to comply with the hacker’s requests and declined to pay the ransom due to concerns that it would “encourage the culprit to directly extort customers.” Medibank revealed the full scope of the hack, On November 7th. Here 9.7 million previous and present customers’ data was stolen after the bad actor obtained unauthorized access to it.

The data includes names, date of birth, Medicare numbers, email accounts, phone numbers, residences, and confidential medical information, among other things.

The hackers also published “good-list” and “naughty-list” files containing consumer information on November 9, 2022. Details about those who have sought medical attention for mental health conditions like eating disorders, drug or alcohol abuse, or for HIV are apparently included on the so-called “naughty-list.” 

All customers affected were encouraged by Medibank to “remain watchful” against cyberattacks like this that might be launched against them as a result of the disclosure.