Entersoft Security Blog

Top Hacks of 2016

Posted by Japish on Jan 10, 2017 11:36:20 AM

Top+Hacks+2016.jpg

As it turns out, 2016 was even worse than the popular public opinion, with cyber-attacks on major companies practically every day. It was a yearlong Christmas for cyber criminals. Some were politically motivated, most did it for money and a few special snowflakes just did it for the giggles. From Silicon Valley giants to top governmental organisations, everyone was affected as over a billions records were compromised. Here are a few (of the many, many) hacks from last year’s cyber-shitstorm:

1. Banner Health

Data Sensitivity: Credit Card Information, Email password/Health Records

No. of Records Stolen/Lost: 3.7 Million

On July 13, 2016, Banner Health learned that the cyber attackers may have gained unauthorized access to patient information, health plan member and beneficiary information, as well as information about physician and healthcare providers.  The attackers targeted payment card data, including cardholder name, card number, expiration date and internal verification code, as the data was being routed through affected payment processing systems. Payment cards used at food and beverage outlets at certain Banner Health locations during the two-week period between June 23, 2016 and July 7, 2016 may have been affected. The patient and health plan information may have included names, birthdates, addresses, physicians’ names, dates of service, claims information, and possibly health insurance information and social security numbers. An estimated 3.7 million records were stolen, not all patients were affected though.

Source

2.  Brazzers

Data Sensitivity: Email password/Health Records

No. of Records Stolen/Lost: 800,000

Nearly 800,000 accounts for popular porn site Brazzers have been exposed in a data breach. Although the data originated from the company's separate forum, Brazzers users who never signed up to the forum may also find their details included in the dump.
“The incident occurred because of a vulnerability in the said third party software, the 'vBulletin' software, and not Brazzers itself. That being said, users’ accounts were shared between Brazzers and the 'Brazzersforum' which was created for user convenience. That resulted in a small portion of our user accounts being exposed and we took corrective measures in the days following this incident to protect our users,” said Matt Stevens, Public Relations Manager for Brazzers.

Source

3. ClixSense

Data Sensitivity: Full Bank Account Details, SSN/Personal details

No. of Records Stolen/Lost: 6.6. million user accounts

ClixSense, a site which pays users to view ads and take surveys, was the victim of a massive data breach compromising around 6.6 million user accounts. According to the message posted to PasteBin along with a sample of the stolen data, social security numbers, dates of birth, and some internal emails from ClixSense may also have been compromised.

Source

4. Interpark

Data Sensitivity: SSN/Personal details

No. of Records Stolen/Lost: 10 million user accounts

South Korean police said that the North’s main intelligence agency had stolen the personal data of more than 10 million customers of an online shopping mall in the South, in what they said was an attempt to obtain foreign currency.  Interpark, was subjected in May to an online attack on a server that contained customers’ names, email addresses, telephone numbers and other personal data.

Source

5. Linux Ubuntu Forums

Data Sensitivity: E-mail address/ Online information

No. of Records Stolen/Lost: 2 million

“There had been an exposure of data and shut down the Forums as a precautionary measure. Deeper investigation revealed that there was a known SQL injection vulnerability in the Forumrunner add-on in the Forums which had not yet been patched", said Jane Silber C.E.O., Canonical Ltd.

Source

6. Mail.ru

Data Sensitivity: SSN/Personal details

No. of Records Stolen/Lost: 25 million

Over 25 million accounts associated with the Russian internet giant, Mail.ru were stolen by hackers. Two hackers carried out attacks on three separate game-related forums in July and August. One forum alone accounted for almost half of the breached data -- a little under 13 million records; the other two forums make up over 12 million records. The hackers were able to obtain usernames, email addresses, scrambled passwords, and birthdays. Some of the forums allowed the hackers to also obtain IP addresses (which could be used to determine location) and phone numbers.

Source

7. Mossack Fonseca

Data Sensitivity: Full Bank Account Details

No. of Records Stolen/Lost: 11.5 million

An anonymous source contacted the Süddeutsche Zeitung (SZ) and submitted encrypted internal documents from Mossack Fonseca, a Panamanian law firm that sells anonymous offshore companies around the world. The data provided rare insights into a world that can only exist in the shadows. It proved how a global industry led by major banks, legal firms, and asset management companies secretly manages the estates of the world’s rich and famous: from politicians, Fifa officials, fraudsters and drug smugglers, to celebrities and professional athletes.

Source

8. MySpace

Data Sensitivity: E-mail address/ Online information

No. of Records Stolen/Lost: 360 million

Over 360 million MySpace user ids were put up for sale, reportedly by the same hacker who was responsible for the LinkedIn hack. Of the 360 million, 111,341,258 accounts had a username attached to it and 68,493,651 had a secondary password (some did not have a primary password).

Source

9. Philippines’ Commission on Elections

Data Sensitivity: Full Bank Account Details, SSN/Personal details

No. of Records Stolen/Lost: 55 million

A hacker group posted COMELEC’s entire database online. Within the day, they added three more mirror links where the database could be downloaded. With 55 million registered voters in the Philippines, this leak may turn out as one of the biggest government-related data breaches in history, surpassing the Office of Personnel Management (OPM) hack last 2015 that leaked PII, including fingerprints and social security numbers (SSN) of 20 million US citizens.

Source

10. Privatisation Agency of the Republic of Serbia

Data Sensitivity: SSN/Personal details

No. of Records Stolen/Lost: Over 5 Million

A text file containing personal data of 5 190 396 Serbian citizens, and more than 4 000 financial documents (over 19 gigabytes of content in total) were publicly available on the official website of the Privatisation Agency of the Republic of Serbia, as SHARE Foundation established. Analysis of the documents confirmed that the personal data of 5 190 396 citizens are actually the data from the records of persons entitled to free public company stock, which are run by the Privatisation Agency. This put any Serbian citizen who applied for free stocks in 2008 at risk.

Source

11. Multiple Government Sites of Republic of Serbia

Data Sensitivity: SSN/Personal details

No. of Records Stolen/Lost: 43 GB worth

On April 6, a hacking outfit going by the name of Cyber Justice Team leaked 10 GB of compressed data from multiple Syrian government and private websites. The data when uncompressed was realized to be 43 GB in size, which contained 38,768 folders with 274,477 files from 55 different website domains, belonging to both national agencies and private companies. The data contained database dumps, and even server passwords.

Source

 

12. Telegram

Data Sensitivity: E-mail address/ Online information

No. of Records Stolen/Lost: 15 Million

Iranian hackers compromised more than a dozen accounts on the Telegram instant messaging service and identified the phone numbers of 15 million Iranian users, the largest known breach of the encrypted communications system, cyber researchers told Reuters. The attacks are said to have jeopardised the communications of activists, journalists and other people in sensitive positions in Iran, where Telegram is used by some 20 million people.

Source

13. Verizon

Data Sensitivity: E-mail address/ Online information

No. of Records Stolen/Lost: 1.5 Million

“A prominent member of a closely guarded underground cybercrime forum posted a new thread advertising the sale of a database containing the contact information on some 1.5 million customers of Verizon Enterprise." The entire database was priced at $100,000, or $10,000 for each set of 100,000 customer records. "Buyers also were offered the option to purchase information about security vulnerabilities in Verizon’s Web site," security journalist Brian Krebs reported.

Source

 

14. VK

Data Sensitivity: E-mail address/ Online information

No. of Records Stolen/Lost: 100 Million

Accounts of over 100 million users were compromised as VK, essentially Russia’s Facebook was hacked. The data was confirmed and put up for sale on the internet for 1 bitcoin by the hacker who goes by “Peace”.

Source

 

15. Weebly

Data Sensitivity: E-mail address/ Online information

No. of Records Stolen/Lost: 43 Million

The web design platform Weebly was hacked in February. Reportedly, usernames and passwords for more than 43 million accounts were taken in the breach, although the passwords are secured with the strong hashing algorithm bcrypt. Weebly said that it doesn’t store credit card information, making fraudulent charges unlikely.

Source

16. Friend Finder Network

Data Sensitivity: E-mail address/ Online information

No. of Records Stolen/Lost: 412 Million

A massive data breach targeting adult dating and entertainment company Friend Finder Network exposed more than 412 million accounts. This also included over 15 million “deleted” accounts that weren’t yet purged from the system. Additionally, 62 million accounts from Cams.com and 7 million from Penthouse.com were stolen. The company was hacked the year before too, which exposed almost 4 million accounts.

Source

17. SWIFT Banking System

Data Sensitivity: Banking Information

Money Stolen/Lost: 81 Million USD

SWIFT, the system banks use to send payment instructions worth trillions of dollars each day, was hacked at least three times over the summer. This resulted in the theft of $81 million in February from Bangladesh's central bank using SWIFT messages. Further attacks by the hackers were successfully repelled, in those cases no money was lost. The Belgium-based cooperative, which is owned by banks, said it was introducing a set of mandatory security measures in response to the attacks which customers were expected to take to safeguard their systems against cyber heists.

Source

18. FACC AG

Money Stolen/Lost: EUR 50 Million

On January 19, 2016 FACC AG announced that it became a victim of fraudulent activities. The damage was an outflow of approx. EUR 50 millions of liquid funds. FACC's IT infrastructure, data security, IP rights as well as the operational business of the group were not affected by the criminal activities. According to the company, “ An economic threat concerning liquidity does not exist.”

Source

 

19. National Payment Corporation of India

Data Sensitivity: Credit Card Information

No. of Records Stolen/Lost: 3.2 Million

32 lakh debit cards across 19 banks could have been compromised on account of a purported fraud, the National Payment Corporation of India said in a statement. State Bank of India blocked the debit cards of 6 lakh customers on October 14. The bank was alerted to a possible fraud by the National Payment Corporation of India, MasterCard and Visa. “The complaints of fraudulent withdrawal are limited to cards of 19 banks and 641 customers. The total amount involved is Rs 1.3 crore as reported by various affected banks to NPCI,” the payments corporation said.

Source

20. Dailymotion

Data Sensitivity: E-mail address/ Online information

No. of Records Stolen/Lost: 85.2 Million

A hacker extracted 85.2 million unique email addresses and usernames from the     company's systems, but about one-in-five accounts -- roughly 18.3 million-- had associated passwords, which were scrambled with the bcrypt hashing function, making the passwords difficult to crack. The company agreed to a breach in a blog post saying, "The security of your account is very important to us and we take all necessary steps to identify any shortcomings and addressed. Therefore, as a precaution, we urge all our partners and users to now reset their passwords."

Source

Honorable Mention

Yahoo

Data Sensitivity: E-mail address/ Online information

No. of Records Stolen/Lost: 1-1.5 Billion

In September, Yahoo disclosed that it had suffered an enormous 500 million-account breach in late 2014. This was later followed by the company disclosing that it was the victim to yet another hacking attack, this one in 2013 i.e. before the 500 million-account 2014 breach. The stolen accounts in this particular attack amounted to a staggering 1 billion-accounts. Assuming overlap between the two breaches, the number of accounts compromised could be between 1 billion and 1.5 billion. The company still does not have the identity of the perpetrator. Although there is a silver lining, Yahoo said the breach does not include unencrypted passwords, credit card numbers, or bank account information. The company stated that the financial data is stored in a separate system that it doesn’t believe was compromised.

Source

With the exponential rise in businesses based of the internet, there was bound to be an increase in cyberattacks and in all likelihood they will keep increasing even in 2017. This doesn’t mean that we hit the panic button though as the rise in crimes has led to a rise in security measures and internet security companies. The year’s unfortunate events have served as a wakeup call for businesses, prompting them to strengthen their security so that they don’t suffer the same fate as the poor victims mentioned above. You should probably do that too.

Topics: Application Security, cyber security, Hacks and news, IOT Security