The Lesser Known Data Breaches
Data Breach is a grave issue of concern, no company is safe from being attacked. US is one of the preferred targets but it doesn’t undermine the fact that other countries are also prone to be attacked. After US, UK ranks second and so on.
In this article we list most serious and significant data breaches that have hit the globe. They are considered severe not because that they happened on a large scale but because of the kind of attack, the vulnerability exploited and kind of data compromised.
FedEx, as we all know is a popular delivery and cargo service, that purchased a company named Bongo International LLC in 2014. It is a package forwarding organization that is said to be the perpetrator for data breach. The leak was discovered by a security researcher from Kromtech.
According to the researcher, compromised data consisted of scanned documents, passports, driving license, ID’s of users around the globe including that of citizens of America. The data was stolen from the records saved from 2009-2012, before the company was bought. Which means that anyone who used Bongo International during this period has been at the risk.
No one knows for how long this data was online and readily available for hackers as it was stored in a public basket. Also, it looks FedEx wasn’t aware about it when the company was bought in 2014.
It is the most popular keyboard app used by both iPhone and Android users. The app exposed around 577 GB of data comprising of 31 million customers. An open MongoDB-hosted database was responsible for this leak, as it was misconfigured. This database was owned by Ai.Type.
This app when installed by the user asks full access to personal device including all keyboard data past and present, isn’t it shocking? Why would a typing app need that kind of access?
But users gave all the access without even giving it a thought due to which now records of more than 373 million is at risk. It included contact books including, names, phone numbers and contacts linked with Google accounts.
On November 29th, 2017 British shipbroker Clarksons posted a notice warning the shareholders about a data breach. He said that in coming few weeks they may too face the same issue as he denied paying ransom after a data breach.
This happened as bad guys could gain unauthorized access using a single and isolated user account. The account is now disabled but it clearly shows that how human errors can cause blunders.
Uber’s customer data such as their names, email address and mobile phone number were exposed by the hackers. This breach took place in 2016 but was kept hidden as hackers were paid the ransom to delete data. Even Uber’s former chief executive was aware about the leak but he did not do anything.
Uber’s CEO said there are no evidences of the leak or fraud as no issues are reported on misuse of data. But they are monitoring every account and the affected ones are flagged for providing additional fraud protection.
To stay protected from such attacks it is advised to be vigilant and should have knowledge to identify phishing mails from genuine. Also scam phone calls shouldn’t be entrained as this is now the most common to get all your details.
Even Payday loan company wasn’t spared, it too fell victim to a large data breach that could hit 245,000 customers data including bank account number and sort codes. After the breach was reported on customer help page Wonga said, “urgently working to establish further details and contacting those who we know have been impacted”.
Apart from the details mentioned it is also believed that customers full name, addresses including home and office, phone numbers, last four digit of debit card were also missing.
If any such thing happens with any user in future they should change the password and warn their banks to notify them of any unusual activity. Apart from this, the user must be vigilant and should keep a check on all the online activities and email alert he received for financial transaction.
Must Read : Hide and Seek: New Botnet Threat
Other than these attacks there have been attacks on: Zomato, Bupa, Pizza Hut, CEX, Equifax and many more.
These attacks clearly state that no organization is safe. Hackers always look for a vulnerability to get their hands-on user data irrespective of the organization size they will attack. The first step to stay safe from these attacks is by being vigilant and attentive. Never make silly mistakes and if any irregular activity is noted don’t ignore it, pay attention and take appropriate action.
Apart from the data breaches mentioned there have been lot more, but we will never come to know about them. Companies hide them before users could even know, so stay safe and be attentive.