Several approaches are behind some of the biggest cloud security breaches we’ve seen to date, but the consequences are the same. A company’s reputation is sullied, its customers may leave in droves, and the final cost may sink the company itself. For all of us in IT, there are lessons to be learned from each of these breaches. That’s especially true when you consider that cloud security breaches have surpassed on-prem breaches for the first time, according to the Verizon Data Breach Investigations Report (DBIR).
So, let’s take a look at the top seven most infamous cloud security breaches to date.
While years have passed since it happened in 2013—although Yahoo didn’t announce it till 2016—it’s still the most devastating breach in terms of sheer numbers. The company initially announced that one billion customers were affected, but the final number came in at more than three billion accounts. The hack started with a spear-phishing email sent in early 2014 to a Yahoo employee. One click, and boom. In March of 2017, the FBI indicted four people for the attack. Two were Russian spies.
In November of 2019, an attack hit Alibaba Chinese shopping website Taobao that impacted more than 1.1 billion pieces of user data. The attack happened over eight months as a Chinese software developer trawled the site, secretly scraping user information until Alibaba noticed what was happening. The stolen data included user IDs, mobile phone numbers, and customer comments. While the hacker didn’t get ahold of encrypted information like passwords, the breach was severe enough that the company notified the police. Because it happened in China, the full consequences of this attack will likely never be made public. But it’s an example that makes a strong case for better monitoring of systems and networks.
Like Alibaba, in 2021, LinkedIn also fell victim to a data scraping breach. Affecting 700 million LinkedIn profiles, the information was primarily public. But the data from the hack was posted on a dark web forum in June of 2021. LinkedIn explained that no sensitive, private data was exposed. The company also made the argument that the incident only violated the company’s terms of service. But a scraped data sample in the dark web post included email addresses, phone numbers, geolocation records, genders, and other social media details. That’s plenty of data for a clever hacker to use for social engineering attacks. And, while LinkedIn refuses blame for the breach, it has undoubtedly opened many eyes to the data risks that come with using social media.
4. Sina Weibo
Sina Weibo is one of China’s largest social media platforms, with more than 600 million users. In June 2020, the company announced that were stolen, including real names, site usernames, gender, and location—as well as phone numbers for 172 million users. While it isn’t clear how the incident originated, the hacker put Weibo’s data up for sale for a mere $250, most likely because it didn’t include passwords. Even though Weibo is heavily monitored and censored these days, it is still used, at times, to share unfiltered news from around the country. As a result, anonymous Weibo users may face the most significant risks due to the breach.
—including phone numbers, account names, and Facebook IDs—from a breach that occurred sometime before August 2019, as reported in April 2021. While Facebook says it found and fixed the issue immediately, the ripple effect even hit founder Mark Zuckerberg. He will have to personally answer to federal regulators in order to settle a privacy case with the Federal Trade Commission that includes a $5 billion penalty paid by the company.
6. Marriott International
More than half a million Marriott division Starwood’s guests had sensitive personal information exposed after a September 2018 attack. Following a forensics investigation, the company found that the Starwood network had been compromised sometime in 2014, before Starwood’s acquisition by Marriott. Marriott continued to use the IT infrastructure it had inherited from Starwood, and the consequence of using the outdated technologies most likely resulted in the breach. While the attack didn’t put the company out of business, the damage to its reputation may not be easy to overcome.
7. Adult Friend Finder
This adult-oriented social networking service had in October 2016. More than 412 million user accounts from multiple sites were exposed, making it the biggest hack of that year. The data included names, email addresses, and passwords—with potentially huge damages that could cause problems for the victims. The hack is thought to have been accomplished using a local file exclusion exploit, giving the hackers access to all network sites.
While it is impossible to stop every attack, IT pros know they need to do everything they can to do so. That means creating a disaster recovery plan, building infrastructure that’s as secure as possible, and investing in prevention and detection technologies. Buying cybersecurity insurance is another step you can take to help ensure recovery. And putting the technologies in place that you need to recover your data if it is stolen or locked up by ransomware should also be at the top of your list. For help with data protection, talk to a StorageCraft engineer.