Hey, how was everybody’s Christmas?  Hopefully you all had some great times with family and friends, got some nice gifts, and had a great time chomping down on ham or turkey.  It’s hard to believe that we are now only three days away from the start of 2020. 

With this in mind, we all have our New Year’s Resolutions mapped out, both from a professional and personal standpoint.  I have been working on mine ever since the start of last week, and keep changing it daily, LOL.

Anyways, if you were to Google all of the top Cybersecurity news headlines that are out there, there is a common theme with all of these stories:  What happened in 2019, and what is predicted for 2020.  I promised that I would write a couple of blogs on this, so I thought that this weekend would be a great time to do it, since we are so close to 2020.

So, for today’s blog, it will be about the worst that has happened in 2019.  Truth be told, I had to spend some time to figure this one out.  There are so many things that have happened, it would be impossible to write about all of them in just one or even a few blogs.  Heck, one could probably write an entire whitepaper on it. 

For example, there have been a ton of Security breaches, ranging from Ransomware, to new variants in Phishing, to Business Email Compromise, to new attack vectors using Social Engineering, to misuse of Artificial Intelligence, to Chatbots, and perhaps the worst of all – attacks to our Critical Infrastructure.  So, where does one even get started? 

If you think about it a little bit further, there is one common denominator with all of them – the loss of Personal Identifiable Information (PII), and other sorts of data that are deemed to be confidential either at the corporate or customer levels.  It is important to keep in mind that data loss – which could be both intentional and nonintentional, can wreak all kinds of havoc to individuals and business.

The very unfortunate part of this situation is that we never realize that we have become a victim until it is too late – and at times, depending upon the severity of the Cyberattack, there may not be a whole lot that we can do except to try to repair the damage that has been done the best we can, and try to move forward.  Data is a very loosely used term, and it can mean just about anything.

For example, it could be our credit card numbers, banking info Social Security numbers, Emails, addresses, trade secrets, Intellectual Property (IP), etc.  But whatever it is, 2019 has been for sure a cataclysmic year.  This is according to a market research study that was conducted, entitled the “DataBreach Quick View Report”.  It can be downloaded at this link:

https://pages.riskbasedsecurity.com/2019-midyear-data-breach-quickview-report

Overall, it was discovered that there were well over 5,000 data breaches that occurred just in the first nine months alone of 2019.  In this, there were almost 8 billion data records that were hijacked or stolen by the Cyberattacker, and this represents a 33% Year Over Year (YoY) growth rate, from the same time period back in 2018. 

Keep in mind that this just represents the increase in the number of data breaches that have occurred, in terms of the total number of records that have been stolen, well that is an entirely different story:  there was an increase of 112% from the same time period in 2018.

So, here is the rundown of the worst of the worst in 2019:

*Facebook:

How can we not have a blog about data breaches without Facebook being included?  LOL.  They were the victim of three major Security breaches, at least that were disclosed to the public.  In these instances, Facebook literally stole the Email addresses of 1.5 million users without getting their consent first, and almost 1 billion end user passwords were stored on their servers in a cleartext format, without having any layers of Encryption, whatsoever.

*First American Corporation:

This lending giant exposed well over 885 pieces of PII records that included Social Security Numbers, Driver’s License numbers and pictures, financial information (such as bank account numbers), details on  wire transfers, and other forms of tax documents going back all the way to 2013.  Astonishingly enough, this was all on their website for anybody to view and access.

*Capital One:

This Security breach was caused was caused by a misconfiguration in one of the firewalls that protected the website of Capital One.  Because of this, the Cyberattacker was able to gain access to over 106 million PII records, of which included 140,000 Social Security Numbers, 1 million Canadian based Social Insurance Numbers and 80,000 checking and savings account numbers.  Fortunately, the Cyberattacker was apprehended by the FBI in just enough time before any misuse of these PII records could actually occur.

*Zynga

In this case, over 218 PII records were covertly hijacked, which include Email addresses, Encrypted passwords, Hashing Tokens, phone numbers, and the login information of the customers’ social media accounts. 

Canava:

This is an online web design business that is headquartered in Australia.  Over 139 million PII records were heisted, but no real damage was ever done, because the IT Security staff was very prompt in reacting and mitigating this Cyberattack.  One of their newer lines of defense was to deploy and implement military grade level Encryption to protect their customer databases.

My Thoughts On This

Well, there you have it, the worst Security breaches, in terms of data loss, that has been experienced in 2019.  I am sure that there have been many more, but these are the ones that have been publicly disclosed, and notification was made to law enforcement promptly.  I have often been asked what a business can do mitigate this from happening to them.

The stark reality is that anybody, and any entity can fall victim to this, despite all of the layers of defenses that have been implemented.  No matter what, if you are a business owner and this happens to you, the fault will always be pointed to you. 

That is just the nature of this horrible beast.  But, if you act promptly to mitigate a Security breach, the public (and most importantly your customers) will be more forgiving, as well as the insurance company with whom you have filed the claim with.

Even I myself, have come dangerously close in becoming a victim, but the moment I realized that something could be going wrong, I took immediate steps to mitigate the situation.  This is where having a proactive mindset comes into play.  The mantra here is that anybody can be a victim, but the most important thing to be accomplished is how quickly and promptly you act to correct the situation.

Honestly, I think that 2020 could even be a worst year for data breaches, as a lot of Cyberattackers have now become very sophisticated in launching their threat vectors, and even covering up their tracks so they cannot be immediately tracked down.  But no Cyberattacker is too smart, they always leave some shred of evidence behind, and picking these clues up is in the hands of the Forensics Examiner.