Recent Cyber Attacks

One of the most damaging recent cyberattacks was a Microsoft Exchange server compromise that resulted in several zero-day vulnerabilities. The vulnerabilities, known as ProxyLogon and initially launched by the Hafnium hacking group, were first spotted by Microsoft in January and patched in March. However, more groups joined Hafnium in attacking unpatched systems, resulting in thousands of organizations being compromised. 

Dating app MeetMindful suffered a cybersecurity attack in January 2021, resulting in data of more than 2 million users being stolen and leaked. The hacking group behind the event managed to steal information like users’ full names and Facebook account tokens.

In March 2021, cyber criminals threatened to leak documents from the Tether cryptocurrency. The attackers claimed the data would “harm the Bitcoin ecosystem” and demanded a settlement fee of around 500 Bitcoin ($24 million), but Tether refused to pay.

A ransomware attack on insurance firm CNA Financial left employees locked out of their systems and blocked from accessing corporate resources. The attack in March 2021 also involved company data being stolen, which led CNA Financial to reportedly pay the $40 million settlement fee.

Data of more than 530 million Facebook users, including their names, Facebook IDs, dates of birth, and relationship status, was published online in April 2021. Facebook, now Meta, said the information was obtained through scraping in 2019.

The growing threat that advanced cybersecurity attacks pose to the world was highlighted by the Colonial Pipeline attack in May 2021. The fuel pipeline operator suffered a ransomware attack launched by the DarkSide hacking group, which led to fuel disruption and mass panic buying across the U.S.

An unauthorized entry cyberattack in May 2021 resulted in the exposure of 1.7 million users of the Japanese dating app Omiai.

In June 2021, Audi and Volkswagen revealed a data breach had affected more than 3.3 million customers and prospective buyers, who were primarily U.S.-based. The breach was blamed on an associated vendor, which was purportedly responsible for exposing the data between August 2019 and May 2021.

The United Kingdom’s trading website for guns and shooting equipment revealed that records of 100,000 gun owners had been stolen and published online in July 2021. Gun ownership is strictly controlled in the U.K., so the data breach of customers’ names and addresses caused significant privacy and safety concerns. 

In August 2021, telecoms firm T-Mobile suffered a cybersecurity breach that led to the data of around 50 million existing customers and prospects being stolen. The data, which included customer addresses, drivers' licenses, and social security numbers, was stolen by a 21-year-old, who claimed to have obtained around 106GB of information.

An attack on Poly Network in August 2021 proved that cybersecurity breaches on cryptocurrency firms are on the rise. The blockchain firm revealed an Ethereum smart contract hack resulted in cyber criminals stealing cryptocurrency worth more than $600 million.

Cybersecurity attacks on medical organizations and healthcare firms are also increasing. As a result of the hack on AP-HP, a Paris public hospital system, in September 2021, cyber criminals stole personal data belonging to around 1.4 million people who were tested for COVID-19 in 2020. 

Cream Finance, a decentralized finance firm, suffered a vulnerability in its project’s market system. The hack, which was revealed in September 2021, caused losses worth $34 million.

A South African debt recovery company suffered a significant attack that led to client and employee data being illegally accessed from its servers in September 2021. The incident is suspected to have affected the personally identifiable information (PII), including owed debts, of over 1.4 million people.

Department store Neiman Marcus suffered a data breach that resulted in the exposure and theft of up to 3.1 million customers’ payment card details. The attack was detected in September 2021 but began in May 2020, and most of the data stolen was believed to have been from expired or invalid cards.

A hacker, who claimed to have leaked the entire database of Argentina’s National Registry of Persons, has allegedly stolen the data of more than 45 million Argentinian residents. However, the government denied the hack.

The value of a cryptocurrency linked to but not officially associated with the Netflix program Squid Game plummeted after a suspected exit scam in November 2021. The cryptocurrency’s value dropped from $2,850 to $0.003028 overnight, which resulted in investors losing millions of dollars.

Also in November 2021, a data breach of the trading app Robinhood affected the data of around 5 million users. Data like usernames, email addresses, and phone numbers were compromised through a customer support system.

Yet another cybersecurity attack against digital currencies, BitMart suffered a breach that enabled cyber criminals to steal approximately $150 million worth of cryptocurrency in December 2021. The attack resulted in total losses of around $200 million, including damages. 

In December 2021, a zero-day vulnerability was discovered in the Log4j Java library. The remote code execution flaw is now active, and the resulting bug, Log4Shell, is being activated by botnets like Mirai.  

HR platform Kronos suffered a ransomware attack that took the Kronos Private Cloud offline. The outage occurred shortly before Christmas and took the vital service down for several weeks.

In August 2020, credit reporting agency Experian suffered a breach that affected 24 million consumers in South Africa and more than 793,000 businesses. The incident occurred when an individual who claimed to be a client requested services that prompted the data’s release. The stolen data was eventually secured and deleted, while Experian revealed it had not been used fraudulently and that its customer database, infrastructure, and systems had not been compromised.

The data of more than 10.6 million customers of MGM Resorts hotels was leaked to a hacking forum in February 2020. The data included addresses, dates of birth, email addresses, names, and phone numbers belonging to celebrities, business executives, government employees, and tourists. 

However, the hack did not breach users’ credit card details. The incident began in mid-2019 when MGM discovered unauthorized access to its server. Another data breach followed in February 2020, which saw user data published on an open, accessible forum.

The University of California, based in San Francisco, suffered a ransomware attack that led to hackers demanding a settlement payment of $3 million on June 1, 2020. The university’s system was targeted by malware that could encrypt various servers and steal and encrypt critical data. The university negotiated and paid a settlement fee of $1.14 million but later revealed no data had been compromised. 

Technology and consulting firm Cognizant was affected by the Maze ransomware attack on April 18, 2020. The attackers stole data and threatened to publish it online unless Cognizant paid a settlement fee. Cognizant later revealed it paid a ransom fee of between $50 million and $70 million to restore its services.

Tillamook County’s IT systems were infected by encryption malware on January 22, 2020. The attack shut down its computer and phone systems and took down the website that hosts its various departments. Tillamook County’s computer systems were down for at least two weeks, and attackers demanded $300,000 as settlement, which would double after two weeks, to restore the data. The county tried to avoid paying the settlement fee but could not restore the data and eventually settled.

As the COVID-19 pandemic broke, an attack targeting the World Health Organization (WHO) resulted in the breach of 25,000 email addresses and passwords. The data was leaked online on April 19, 2020, along with information belonging to other groups fighting the pandemic, including the Gates Foundation, the National Institutes of Health (NIH), and the U.S. Centers for Disease Control and Prevention (CDC).

Videoconferencing service Zoom saw a massive increase in activity throughout 2020 with people working from home and speaking to friends and family through the application. However, in April 2020, a cyberattack known as Zoombombing enabled cyber criminals to join private meetings, access conversations, and share offensive images, videos, and screens. Zoom updated its application to enhance security levels.

A Mitsubishi Electric systems data breach resulted in around 200 MB of files being stolen. The breach, which was first detected in June 2019 but was reported in January 2020, contained employee and applicant information, data about retired employees from affiliate companies, and sales and technical material. The attack was caused by a vulnerability in the organization’s antivirus solution, which Chinese hackers exploited.

One of the most significant cyber attacks that occurred in 2020 was through a hacker known as ShinyHunters. The hacker stole around 386 million user records from 18 different companies between the start of the year and July. The attacker posted links to these companies’ databases, made them freely available to download, and sold data online.

The volume of cybersecurity incidents is expected to increase through 2022—not to mention the damage victims will incur as a consequence. Trends that organizations need to be aware of include: 

1. Increased hardware usage: Software programs enable businesses to achieve great results and form new strategies. However, they are also highly attractive to cyber criminals. As a result, moves toward hardware are expected to gather speed, although businesses should not reduce their investments in upgraded software. 
2. Remote work attacks: Cyberattacks targeting remote workers are expected to increase further through 2022. Hackers are constantly evolving their tactics in line with employees’ ways of working and will continue to take advantage of potential downtime and network vulnerabilities.
3. Growing government interest: Attacks on critical infrastructure have attracted the attention of global government agencies. 2022 will likely see increased investment and new regulations that aim to prevent massive cyberattacks against high-priority targets. 
4. Ransomware targeting SMBs: Cyber criminals rarely discriminate based on the size of businesses. As governments increase investment to defend critical infrastructure, ransomware groups will shift their focus to target small and medium-sized businesses (SMBs) who have less funding, staffing, and security expertise.
5. The rise of AI defenses: The increasing sophistication of various cybersecurity incidents in 2021 means organizations need to improve their defenses. Artificial intelligence (AI)-powered solutions will enable smarter, faster, more proactive security that plugs the existing gaps in the cybersecurity industry.