2017 is over, but memories of some of the biggest hacking and data breach related incidents will haunt victims for a long time. Today, we will be highlighting biggest hacking incidents of 2017 including malware attacks leading to ransomware infection or a simple email that turned out to be a phishing email and stole millions of dollars from unsuspecting users and businesses.
These incidents also involve those which took place in the last few years but announced in 2017. So brace yourself.
In July 2017, the consumer credit reporting agency Equifax suffered a massive data breach in which personal data of 143 million Americans were stolen. This means over 40% of the entire population of the United States had their personal information stolen.
The stolen data includes names, birthdays, addresses, driver license numbers, credit card data and including social security numbers (SSNs). The company only announced the incidents to the victims and media on September 8th.
Yahoo is often in the news for wrong reseasons and on October 4th, 2017 the company announced it suffered a cyber attack in which hacker stole 3 billion user accounts in August 2013. This means each and every Yahoo user had their Yahoo email and password stolen.
2017 was a bad year for Home Box Office (HBO) thanks to an alleged Iranian hacker who stole a massive trove of company’s data including unreleased episodes of Game of Thrones, Curb your Enthusiasm and Insecure etc.
The hacker also stole personal data from HBO’s Viviane Eisenberg, the Network’s Executive Vice President Legal Affairs and ended up leaking it online. The data included emails and plain-text passwords for her social media, bank, work and university accounts.
WannaCry ransomware attack was one of the most powerful cyber attacks the online world had ever witnessed. WannaCry infection began from the United Kingdom’s National Health Service (NHS) on May 12th, 2017 and took control of 200,000 outdated Windows-based devices in 150 countries.
In order to unlock their computers, attackers demanded $300-600 ransom in Bitcoin from the victims. Although the United States blame North Korea for spreading the ransomware, there is no substantial evidence. However, whoever was behind WannaCry attack used NSA hacking tools leaked by Shadow Brokers hacking group which will be discussed later in the article.
Petya or NotPetya
In June, disk wiper malware Petya infected Ukrainian businesses, the British advertising agency WPP, FedEx, the Danish shipping firm Maersk, gas giant Rosneft and the Russian oil. The malware also used hacking tools belonging to the NSA that were leaked by Shadow Brokers.
The major victim of Petya malware was FedEx who in September revealed that it attributed a $300 million loss to the attack while TNT had to suspend its operations.
54-hour of DDoS attack
In March, a series of denial-of-service (DDoS) attacks hit a US college that lasted for 54 hours straight. In their attack, attackers used a new variant Mirai malware botnet. During the attack, the average traffic flow measured was 30,000 RPS (Requests Per Second), and the highest peak was at 37,000 RPS. The DDoS mitigation firm Imperva Incapsula said that it was the most they have seen out of any Mirai variant so far. They reported that the attack generated more than 2.8 billion requests.
In September, the cybersecurity giant Avast revealed that its subsidiary CCleaner was hacked by unknown hackers who infected its servers with a backdoor impacting 2.27 million users. The researchers confirmed that the malicious version of CCleaner was being hosted directly on CCleaner’s download server as recently as September 11, 2017.
On December 7, 2017, Cryptocurrency mining market NiceHash was hacked in which cybercriminals stole more than $70 million from the company’s wallet. In the incident, hackers emptied its entire Bitcoin wallet. As a result, the company’s CEO had to resign from his post.
ShadowBreakers hacking NSA
Although Shadow Breakers appeared in the summer of 2016, after hacking the National Security Agency (NSA) and leaking its hacking tools and exploits. Those exploits were later on used by hackers and cybercriminals to spread WannaCry, Bad Rabbit, and Petya malware.
However, the group made a comeback and leaked yet another trove of Windows exploits. According to New York Times NSA had been “deeply infiltrated” over the years, especially after The Shadow Brokers conducted a massive data breach against its cyber infrastructure.
California voter records
On May 31st, 2017, researchers identified an incident in which a hacker stole 19 million California voter records after holding MongoDB database for 0.2 bitcoin ransom. The stolen data included names, city, phone number, home address, voting status, emails and other personal data.
The incident highlights how foreign hackers can steal US voters data with little effort.
In August, the social media giant for Latin America Taringa suffered a data breach in which 28 million accounts were stolen and leaked online. The data included usernames, email addresses, and their passwords hashed with MD5 algorithm. The company acknowledged the hack but claimed no phone numbers and Bitcoin wallets addresses were stolen.
Combo list of 1.4 billion clear text credentials
The mother of all leaks was discovered by researchers earlier in December 2017, in which a file containing emails and clear text passwords of over 1.6 billion users. The credentials were collected from different leaks and data breaches and combined in one file.
Researchers believe it is the “largest aggregate database found in the dark web to date” beating the Onliner Spambot dump with 711 Million accounts following Exploit.in data dump in which 593 million accounts were exposed. However, the fact that the data was available in plain text format poses a huge security threat to users.
US Citizens data
A marketing firm DeepRoot that was employed by the Republican National Committee accidentally exposed data belonging to 200 million US citizens. That was around 62% of the entire population of the US. The exposed data includes information like home addresses, political views, phone numbers and even birthdays.
The data remained public for anyone to download until a security researcher reported the incident to DeepRoot. The company, on the other hand, acknowledged the leak but claimed it was never hacked. “We take full responsibility for this situation. Based on the information we have gathered thus far, we do not believe that our systems have been hacked,” said the company.
What to expect in 2018
There were several other incidents involving hack attacks leading to data breaches however in July 2017, a mid-year report by Risk Based Security (RBS) identified that there were 2,227 incidents of data breaches as of June 2017, allowing hackers to steal 6 billion records. This means that in the first six months of 2017, hackers stole more data than the total number of medical and financial records stolen in the whole of 2016.
Therefore, 2018 can be worse than 2017, since cybercriminals are becoming sophisticated in their attacks while unsuspecting users are outdated with the latest tricks and scams used by malicious elements.
Be vigilant, Happy New Year and happy browsing.