By Florian Riederer

I hope you all have had refreshing holidays and a good start to the new year. While considering our security priorities for this coming year, it’s useful to take a look back at 2021 to review some of the highest-profile and impactful breaches that our industry experienced. With that in mind, I’ve prepared a short retrospective on five significant security breaches that occurred over the past year.

Kronos

           Kronos is one of the largest HR-related firms whose software provides for essential employment timekeeping and payroll for many small and large organizations around the world. On December 13th, they announced a ransomware incident on the Kronos Private Cloud affecting some of their solutions. While the incident was confined to a limited number of customers, Kronos said that it could take several weeks until the issue, and the resulting outage, would be resolved. Additionally, customer employees may have also had personal data exposed and exfiltrated as part of the attack.  

Twitch

           I wrote a deep dive into the Twitch breach a few months back as it happened. In a significant data breach, about 125GB were publicly posted including confidential business information, including Twitch’s payout to streamers, information about products currently in development, and source code on the website. Based on publicly available information, the attack does not appear to have been carried out by a known, or organized threat group as there was not a clear attempt by the attackers to profit off of the data breach.  

T-Mobile

           The August breach of T-Mobile customer data highlights some ongoing doubts about the organization’s security posture, having been the severest breach after several smaller, but significant incidents over the past four years. 

T-Mobile also ended up having to defend at least three lawsuits because of this breach, where personal identifiable information – including social security numbers of 48 million T-Mobile customers was leaked. That’s over a third of T-Mobile’s customer base. A Turkish-American hacktivist John Binns, claimed responsibility for the breach, as retaliation for past mistreatment by US law enforcement.  

Colonial Pipeline

           By far the security incident that caught the most public media attention this year, the ransomware attack on the Colonial Pipeline highlighted how vulnerable some of our physical infrastructures can be to cyberspace-based attacks, underlining the need for IoT security in organization’s networks, more broadly. The attackers, believed to be associated with a Russia-based threat group, DarkSide, got access through a compromised password of a VPN account for an inactive user, highlighting the importance of maintaining up-to-date access and privilege management in place. On receiving a ransom notice request, Colonial Pipeline shut down the pipeline as a precautionary measure. While later examinations indicated that the attack did not compromise Colonial Pipeline’s operational software, they did end up paying a $4.4 million ransom to prevent 100GB of stolen data from being leaked by the hackers.

SocialArks

            A smaller breach in terms of media attention, the SocialArks data breach was one of the larger ones in terms of data loss, and people affected. The breach compromised over 400GB of data and affected up to 214 million users of sites such as Facebook, LinkedIn, and Instagram. The data was compromised when a misconfiguration of the database exposed it to the internet, accessible without a username or password. In a lot of ways, this is more of a data-privacy story; SocialArks obtained this data by scraping social media profiles, which is expressly against the terms of use of platforms like Facebook and LinkedIn. Through clearly inadequate security provisions, the data ended up being publicly exposed. If, and to what degree threat actors have accessed and made use of the data is still unknown.

In 2022, our commitment to connect your organization with the solutions, knowledge, and resources that matter is unwavering. Reach out today to set up a 2022 security planning meeting. 



Our Latest Articles

Atlantic Data Security Named to MSSP Alert’s Top 250 MSSPs List for 2022

cybersecurity Press Release

Atlantic Data Security included on the 2022 Inc. 5000 List

Award Press Release

Atlantic Data Security Recognized as No. 87 on the 2022 CRN® Fast Growth 150 List

Award Press Release

Rip and Replace

Blog

Atlantic Data Security Announces Hiring of Cristelle Michael as Vice President of Marketing

Press Release

CRN Recognizes Atlantic Data Security on 2022 Solution Provider 500 List

Award Press Release
Request a Meeting with Us
Skip to content