Here’s your monthly roundup of the latest hacks and data breaches around the world. In this monthly series, we’ll share information and updates on the most recent hacks that have made headlines, including causes, resolutions, and what you can do to protect your data.
Over the last several weeks, we saw what has now become the usual list of successful cyber attacks and data breaches across all industries, with healthcare and retail dominating the list.
The genealogy and DNA testing company revealed that they experienced a data break involving the theft of usernames and passwords of 90 million of their customers. While MyHeritage did use hashing to protect the passwords, they only found out about the breach from an unnamed security researcher. This poses a threat to users of the site, since the source and full extent of the breach have yet to be determined. Read More.
The company who runs Copenhagen’s public city bikes system recently experienced an attack that deleted their entire database, effectively locking users out of access to the public bike system. It appears that the hacker didn’t steal any user information, rather they just went after the business itself. Typically we see ransomware attacks hit healthcare organizations and other industries, and make the victims pay a ransom to unlock the database, so it’s interesting to see hackers go after a low-value industry in the same manner. Read More.
Last year, Coca-Cola found out that a former employee initiated a security breach when they took with them a flash drive containing personal information for over 8,000 employees. The breach was only made public now, due to an ongoing investigation by law enforcement. While they do not believe the information was stolen for identity theft, Coca-Cola is offering the affected employees free Identity Monitoring for the next year. This is a warning to companies that threats do not always come from external sources. Read More.
The Canadian bank experienced a breach recently when personal and account information for well over 40,000 users of CIBC and BMO were stolen by hackers. What makes this spear phishing attack unique, is that it turns out it was the hackers themselves that broke the story to the organization and to the media, demanding a $1 million ransom. The full extent of the breach is still being determined, however Simplii has promised customers that any money lost because of fraudulent activities will be returned to them. Read More.
At the end of May, Ticketfly experienced a cyber attack that affected 27 million accounts. Information that was stolen included names, addresses, email addresses and phone numbers. Not only were customers affected, but with the Ticketfly website going down, venues who use Ticketfly had to find alternative methods of selling tickets, with some even postponing or cancelling events Through their investigation, Ticketfly was able to confirm that no credit card or debit card information was accessed by the hackers. Read More.
And while this breach happened all the way back in 2016, it’s making news again.
Commonwealth Bank of Australia
Australia’s largest bank lost the financial history of 12 million of their customers, amounting to one of the largest privacy breaches in Australia to date. 10 years of bank statements were lost after a subcontractor lost several drives containing the data. The whole reason this story is making news again, is that the bank chose not to tell the affected customers, believing the likelihood the of the data being recovered by anyone was minimal. This just goes to further emphasize the importance of securing data not just digitally, but physically as well, since human error can still be a main cause of breaches. Read More.
[Want to make sure your company’s data is secure? Download our whitepaper: Protecting the Data to learn how complete network visibility can be your greatest defense against hackers.]