Top 10 Data Breaches in the recent times
Did you know that 2021 was reported to be a record-breaking year when it comes to data breaches? Research conducted by ITRC (Identity Theft Resource Center) indicated that the total number of data breaches that occurred last year had exceeded the total number of data breaches in 2021 by September 30, 2021. The percentage of data breaches exceeded approximately 17 percent by the end of September.
The number of data breaches in the year 2020 was estimated to be around 1,108. However, the total number of breaches in 2021 was approximately 1,2921. The data security of the utilities and manufacturing sector was deeply impacted as per reports. In fact, 48 companies in the sector and nearly 48,294,629 individuals will become victims of data breaches in 2021.
Another sector that got really hit hard by data breaches was the healthcare sector. It was reported that over 7 million individuals and 78 companies in the healthcare sector become compromised due to data breaches.
Let us take a quick look at the top 10 data breaches of 2021 to help you understand how businesses suffered because of data breaches.
1. Android Users Data Leak
Security researchers identified that the data of over 100 million Android users were exposed because of cloud services misconfigurations. Check Point researchers were able to find that anyone could access personal and sensitive information that includes phone numbers, payment information, photos, passwords, gender, location, chat messages, and more.
2. Thailand Visitors
Bob Diacheno, who is a Comparitech cybersecurity researcher, was able to discover his personal data on an unsecured database. The data also contained information of more than 106 million Thailand visitors. The unsecured database contained the following information of Thailand visitors.
- Full Name
- Date of arrival
- Passport number
- Visa type
- Residency status
- Arrival card number
An Elasticsearch database was also discovered by Bob Diacheno in 2021. It has been reported that the database had nearly 200 million records that belonged to StripChat, which is an adult cam website. The database contained the record of 65 million users which included their IP addresses, email addresses, the tips to models, and more.
Raychat is a business and social messaging app in Iran and it was also a victim of a massive data breach. Nearly 150 million user accounts ended up being exposed to the web and it was later destroyed by a bot during a cyberattack. The company had stored its user data on a misconfigured database, which left them vulnerable.
5. Brazilian Database
One of the major personal data breaches in the history of Brazil happened in January 2021. Technoblog reported the data sets while it was initially identified by PSafe. The exposed database contained names, facial images, phone numbers, credit score, salary, email, and more. It also contained the data of millions of deceased individuals.
A server that belonged to Socialarks was discovered by Safety Detective researchers. It was identified that the server had scrapped profiles of over 214 social media users. The data was obtained from LinkedIn, Instagram, and Facebook. The database also contained over 318 million records and data of over 408 GB.
Another major data breach that was discovered by the Safety Detective researchers team involved Bykea. During a routine IP address check, the team found an Elastic server vulnerability on certain ports. The server contained API logs for a transportation, logistics, and cash on delivery company called Bykea. The data contained the full names, locations, and other personal information of approximately 400 million users.
It might come as a surprise to several readers when they hear that the data of approximately 700 million users were put on sale online. It was reported that the data appeared to be new, as it contained samples from 2021 and 2020. The data include the following information regarding millions of Linkedin users.
- Full names
- Physical addresses
- Phone numbers
- Geolocation records
- Email addresses
- Professional backgrounds and experiences
Alon Gal, who is a security researcher, was able to discover a leaked database, which belonged to Facebook. The database contained approximately 533 million records. The data had the personal information of FB users from more than 100 countries. The database contained 6 million records of users in India, 11 million records of UK citizens, and 32 million of Americans.
A massive database that contained over 5 billion records was discovered by Diachenko in 2021. A cyber analytics company, Cognyte stored the database as part of their cyber intelligence service that was used to notify customers about third-party data exposures.
What’s more worrying is that there has been a considerable increase when it comes to data transparency breaches at both the private and government organization levels. Experts in the field of cybersecurity claim that if this trend continues, then it will result in a huge impact on the cybersecurity risk management strategies of several businesses. Moreover, it is best for companies to ensure that the breach notifications are not done on the fly in the wake of a security incident in the uncertain and stressed hours or days following an incident. Companies should expect that a security incident will occur, and entities must allocate resources for mitigating the impact of an incident – including funds for pre-planning responses to those incidents.
Suggested Read: 5 Data Security best practices to prevent Data Breach
How 10xDS can help?
10xDS Cybersecurity vertical, NXSecure, offers a comprehensive suite of cybersecurity and IT risk assurance services to detect, prevent, and proactively respond to security threats.
Talk to our cybersecurity experts to help you fortify your security systems, rapidly adapt to changes, mitigate risk and minimize the impact.