Potentially the largest data breach in history, the SolarWinds Orion hack stole information for months before someone discovered the leak in December 2020. SolarWinds says that up to 18,000 of its customers may have been vulnerable to the hack. Those victims include:
- The Department of Homeland Security
- The Department of Energy
- The National Nuclear Security Administration
- The State Department
You will probably notice that the list includes the names of companies and government agencies that should understand the wide-reaching threats of cybersecurity flaws. The Department of Homeland Security even uses sophisticated technology to infiltrate criminal networks around the world.
SolarWinds unintentionally exposed its clients when it released a software update that included hacked code that created a backdoor the hackers could use to install malware and steal information.
Members of the U.S. government have blamed the cyberattack on Russia and China, although no one has publicly presented concrete evidence identifying the government or criminal enterprise responsible.
One thing is certain. All organizations need to pay closer attention to the applications they use from third-party vendors. Even trusted companies like SolarWinds could fall victim to smart hacker groups working together to undermine companies and governments.
Recommended reading: Five Tips to Increase Security for Your Remote Workforce
CAM4 has been operating since 2007 as a live streaming website that most profile holders use to post videos of themselves performing sexual acts. With such sensitive information, one would expect CAM4 to take cybersecurity precautions seriously. Instead, the company left personal information out in the open, including names, emails, IP addresses, financial data, and addresses.
The data leak affected at least 6.6 million users in the United States. It also affected millions of people in France, Italy, and Brazil.
Avoid common cybersecurity mistakes and prevent data breaches by starting your free trial with TeamPassword.
The Whisper data breach revealed highly private information about the social media app's users. Whisper called itself the "safest place on the Internet" because it lets users post text and images anonymously. Not surprisingly, the promise attracted a lot of people who created profiles for sharing secrets, including complaints about their employers.
Unfortunately, Whisper left the user information—including ages and locations—in a place where hackers could access it. Researchers studying the issue found that they could access almost 900 million user records. To make matters even worse, they discovered that they could download the data in bulk.
Some good came from the Whisper data breach, though. About 1.3 million accounts belonged to 15-year-olds who have since been removed from the platform.
Recommended reading: Can You Put a Price on Your Security?
Marriott has been targeted by several data breaches over the last decade. Although this particular breach took place in 2017, the United States Department of Justice did not formally file charges against hackers until February 2020.
The hackers didn't have to work very hard to access Marriott's data. The company had left encrypted information and the encryption keys on the same server. This works about as well as locking your front door while leaving the key sitting on the porch in plain sight.
The mistake cost Marriott quite a bit. The company spent $28 million in expenses connected to the breach. Luckily, Marriott had cyberinsurance that covered most of the initial costs.
UK's Information Commissioner's Office also fined Marriott the equivalent of $120 million for breaching GDPR regulations.
Avoid Data Breaches With Help From TeamPassword
TeamPassword offers several features that will help you create and manage strong passwords that make data breaches unlikely. Some features that can help you prevent data breaches include:
- Multi-factor authentication that adds a layer of security on top of passwords.
- Notifications that tell administrators when someone logs in or tries to change a password.
- Strong password generator that makes it much harder for criminals to decipher.
Experience the benefits of TeamPassword by signing up for a 14-day free trial. Once you see how much easier this area of cybersecurity becomes, you will never want to take risks with your passwords again.