Security Events and Data Breaches in 2018, 2017, 2016, 2015, 2014-CSDN博客

本文链接：https://blog.csdn.net/netsec51sec/article/details/98957115

World-s-Biggest-Data-Breaches-Window.png?resize=800%2C466&ssl=1

Thanks to Lewis Morgan, social media manager at IT Governance. He has compiled this list by month and year since 2014, might be earlier. What I did is to put his month or year list into my this post and count the numbers for leaked records which some of them were missing from original post.

Here are leaked records numbers since 2014:

2018 – 1.54 billion records leaked as of Sep.
2017 – about 1.51 billion records leaked
2016 – 3.1 billion records leaked
2015 – over 480 million leaked records
2014 – about 248.36 million records leaked

Gemalto-Breachlevelindex.png?resize=800%2C559&ssl=1

Here is another source for data breaches records.

Gemalto’s breachlevelindex.com website collects disclosed breaches from public sources and allows organizations to do their own risk assessment based on a few simple inputs that will calculate their own risk scores, overall breach severity level, and summarize actions IT can take to reduce the risk score.

Jan 3, Spectre and Meltdown vulnerabilities (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754)
Jan 29, Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability
Mach 20, Facebook’s privacy scandal – The Guardian revealed that the personal data of 50 million Facebook profiles was illegally harvested by Cambridge Analytica.
June 27, Exactis – Data warehouse / consumer marketing data – 340 million PII records accessible via unprotected, online-accessible database
Jul 29, Adidas – Shoes, clothing and sports equipment – PII for millions of customers (emails, login IDs, hashed passwords) – Technical details not released, potentially vulnerability on online-accessible server.
Tickemaster UK – Online tickets – PII compromised, 40,000 users had their payment system compromised and money stolen – Breached through vulnerability in 3rd party chat software used on public website
Typeform – Online surveys for large companies – PII for 20,000 users affected – Backup of database downloaded by exploiting vulnerability
Under Armour – Sports clothing – Email, login IDs and hashed passwords for 150 million MyFitnessPal app users compromised, no details released
Delta/Sears/K-Mart – Transportation, retail – PII for hundreds of thousands of customers breached – Vulnerability in chat software provided by 3rd party [24]7.ai provider
Timehop – Developer / Phone Apps – 21 million PII records compromised due to weak privileged account authentication
Macy’s / Bloomingdale – Retail – Stolen user credentials were used to login and access additional PII (names, addresses, credit card information)
debate2018.mx – Mexican presidential election debate content – DDoS crashed the site during a presidential debate. Attacking host originated mostly from Russia and China, 185,000 accounts requesting registration within 15 minutes.
CarePartners – Home medical care – Detailed medical records stolen for 273,000 patients. Details not disclosed, attackers claim they exploited vulnerability of Internet-accessible server and weak passwords. Hundreds of Gb exfiltrated.
LabCorp – Clinical medical diagnostics – Large clinical laboratories, holding medical records for millions of patients. Anomalous network activity detected on July 14. Potentially hacked, extent of breach unknown.
Reddit breached employees accounts (exploited vulnerabilities in SMS authenticators). Cloud-based, 2005-2007 user data files exposed.
Cryptocurrency investment platform Atlas Quantum breached, 261,000 exposed. Details not disclosed but most likely public website was compromised through vulnerabilities
T-Mobile breached, PII for 2 million customers potentially accessed by malicious actors. No technical details provided.
Babysitting app Sitter exposed PII of 93,000 customers through a publicly accessible MongoDB file
Darden Restaurants suffered a POS system data breach – 567,000 payment cards compromised.
Phishing attack on Augusta University Health leads to breach exposing PII on 400,000 persons.
50.5 million Sungy Mobile customers exposed through publicly accessible data
14 million customer records exposed in GovPayNow leak (last four digits of payment cards, names, phone numbers and addresses). Details not disclosed but most likely public website was compromised through unpatched vulnerabilities
US State Department email breach leaks employee PII. Potentially due to weak authentication.
Blue Cross and Blue Shield of Rhode Island and Independence Blue Cross report breached, health information for approx. 1500 patients compromised. Breached occurred due to human error in services provided by third party (supply chain). Independence Blue Cross data breach which affected nearly 17,000 people after an employee uploaded member information to an unprotected public website.
Tech Bureau Corp Japanese cryptocurrency exchange hack led to $60 million being stolen during a 2 hour attack against their server. No details provided, potentially through weakness in custom code.
Colorado Timberline (printing firm) out of business following multiple ransomware attacks.

2017

Infographic: List of data breaches in 2017

Feb 17, CloudBleed – Google vulnerability researcher Tavis Ormandy discovered a bug in the internet infrastructure company Cloudflare‘s platform caused random leakage of potentially sensitive customer data.
March 7, Wikileaks CIA Vault 7 – WikiLeaks published a data trove containing 8,761 documents allegedly stolen from the CIA that contained extensive documentation of alleged spying operations and hacking tools.
April, Shadow Brokers (A hacking group, stole NSA data) / EternalBlue (Released by Shadow Brokers, which alleged NSA tool)
May 12 , WannaCry – Ransomware ：WannaCry searches for and encrypts 176 different file

types and appends .WCRY to the end of the file name. It asks users to pay a US$300 ransom in

bitcoins. The ransom note indicates that the payment amount will be doubled after three days. If payment is not made after seven days it claims the encrypted files will be deleted.
June, Petya / NotPetya / Nyetya / Goldeneya – Ransomware , which is more advanced than WannaCry. Hit Ukraninian infrastructure hard.It spreads rapidly across an organization once a computer is infected using the EternalBlue vulnerability in Microsoft Windows
Sep 7, Apache Struts : Equifax data breach was confirmed to be a vulnerability in Apache Struts. The security flaw (CVE-2017-5638), which was patched last March, allowed attackers to gain unauthorized access to data via remote code execution.
Oct 3, 3 billion Yahoo user accounts were hacked by 2013 security breach, which make yahoo tops the list of largest ever data breaches
Oct 16, Krack : Key Reinstallation Attack (KRACK) is a proof of concept that exploits vulnerabilities in the Wi-Fi Protected Access 2 (WPA2) protocol.
Nov 28, Major macOS High Sierra Bug Allows Full Admin Access Without Password

Here is another good review for 2017 security threats from youtube video 2017 Security Threats | Year in Review | WEBINAR. I have watched it and made some notes in the following points: