Data and security breaches are still on the rise, and local authorities along with cybersecurity professionals have acknowledged these unending threat of exploits. In fact, multiple cybersecurity awareness programs have been implemented to prevent various threats.
This year, despite all the efforts from authorities and IT experts, there are still reports of massive security and data breaches. Just recently, the US Department of Defense released a revised version of cybersecurity standards to safeguard the norms that government contractors need to comply with for fending off hacks and other cyberattacks.
Whether for business or personal use, it is only imperative to maximize security for all your devices. Let’s take a look at some of the biggest security breaches and hacking incidents as of 2019 and what can you learn from them.
1.Hacking and Malware Attacks on WhatsApp: Last May 2019, multiple reports have been filed about hacking incidents via What’s App. According to the investigation, the hackers were able to install “Spyware”—a surveillance malware—on the phones of WhatsApp users. The data breach happens during phone calls through the app.
Although it’s still unclear how many users were victimized by this attack, authorities have sent out warnings to both businesses and individuals using the aforementioned app. In an article posted by Financial Times, the spyware was actually designed by Israel’s NSO group. WhatsApp also released a statement that the breach bore the hallmarks of a private organization working government agencies. However, the Israeli firm denied the accusation.
LESSON LEARNED: Always take extra precautions when using any communication lines, especially for mobile gadgets. Secure your mobile apps with encryption. Update your software and run a system scan to detect any malicious codes or programs.
2.Phishing Wipro Breach: Last April, Brian Krebs covered the incident about the controversial system breach of IT outsourcing companies and consulting Wipro Ltd—one of the most established corporation in India. According to Krebs, 2 reliable sources spoke to him about Wipro’s system were being used by hackers and cybercriminals for phishing targeting at least a dozen Wipro customer systems.
Cybersecurity experts mentioned that Wipro’s customers traced malicious and suspicious activities from one of the company’s partner system that were being used for communication with Wipro’s main network.
LESSON LEARNED: For businesses whether a startup or a large enterprise, don’t be too confident about your current system. Always assume that there could be some loopholes from your IT network. There’s always a room for improvement. Evaluate your IT security regularly. Run a few tests. Reach out to cybersecurity professionals. Take note that your IT system is one of your biggest assets. It only makes sense to make sure you have the best security system for your business.
3.Dunkin’ Donuts Credential Attack: It wasn’t only this year when Dunkin’ Donuts reported a credential stuffing attack. The first report was filed November of last year. Now, the company is being more proactive to notify users of more account breaches. According to experts, the hacking strategies were quite similar from the first hit where hackers leveraged user credentials leaked at other sites to access the perk rewards accounts.
The stored information in Dunkin’ Donuts perks account provides customers a way to earn points and get free products and discounts. It also contained the customer’s account information including emails with usernames, and the 16-digit Dunkin’ Donut Perks account number and QR code.
Some reports also say that hackers were not really after the user’s personal information stored in DD perks account. Hackers are actually getting the account so they can sell them in Dark Web forums.
LESSON LEARNED: Always make sure to secure your password at all times. As much as possible, do not reuse the same email and password combination for multiple online accounts. Update your account passwords regularly. Activate multifactor authentication whenever possible to add more layer of protection to your account credentials. Evaluate your network traffic and system. If you think your system is slowing down drastically, run security check immediately to remove any malware infection.
4.Toyota’s Second Data Breach: Last March, Toyota confirmed the data breach incident from their official website. The company mentioned that the said attack may affected more than 3.1 million people. According to Toyota, they are still investigating whether the hackers gained access and read the data.
Nevertheless, the compromised server did not contain credit card details.
A few months after, Toyota hit another cyberattack attempt but in the Australian market. The news came from similarly brief press statement with just about 4 or 5 sentences. Toyota said they do not believe hackers have breached to customer’s private information or employee data. Investigators also confirmed that Toyota IT team coordinated with international cybersecurity experts for more consultation.
LESSON LEARNED: Don’t be too reliant of your service provider’s security network. No matter how established they are, it is advisable for everyone to be more vigilant regarding any communication from people.
5.Walmart Email Breach: FBI is working on the case that employees from one of Walmart’s technology suppliers are allegedly monitoring the retailer’s email communication. The scheme was later discovered when one of the technicians took a photo of an email about Internal Walmart disciplinary matter then sent it to Walmart’s employee.
LESSON LEARNED: This incident has exposed various vulnerabilities for companies that rely on contractors for technical work. This imposes several risks as you’re giving access to company’s sensitive internal documents.
These are just some of the biggest data and security breaches that happened as of 2019. Again, always take necessary precautions. Be proactive and always check your accounts and other devices.
Author’s Bio: John Ocampos is an Opera Singer by profession and a member of the Philippine Tenors. Ever since, Digital Marketing has always been his forte. He is the Founder of SEO-Guru, and the Managing Director of Tech Hacker. John is also the Strategic SEO and Influencer Marketing Manager of Softvire Australia – the leading software eCommerce company in Australia and Softvire New Zealand.