The year of 2017 has been already marked with many historic big and bad data breaches. Lets look at the major cyber security breaches in the 2018 so far:
- In January, correspondents with the Tribune News Service in India paid 500 rupees for login certifications to an administration being offered by mysterious venders over WhatsApp. Utilizing the administration, the correspondents could enter any Aadhaar number, a 12-digit remarkable identifier relegated to each Indian native. Doing as such would recover various kinds of data on the questioned native put away by UIDAI (Unique Identification Authority of India). Those bits of information included name, address, photograph, telephone number and email address. An extra installment of 300 rupees to the dealers yielded access to programming through which anybody could print an ID card for any Aadhaar number. The information break is accepted to have bargained the individual data of each of the 1.1 billion natives enrolled in India.
- A political information firm called Cambridge Analytica gathered the individual data of 50 million Facebook clients by means of an application that scratched insights about individuals’ identities, interpersonal organizations, and commitment on the stage. In spite of Cambridge Analytica’s case that it just had data on 30 million clients, Facebook decided the first gauge was in truth low. In April, the organization advised 87 million individuals from its stage that their information had been shared. Lamentably, with Facebook applications confronting more investigation, it shows up the Cambridge Analytica outrage may simply be a hint of a greater challenge. On June 27, security scientist Inti De Ceukelaire uncovered another application called Nametests.com had openly uncovered data of in excess of 120 million clients.
- Recently, you might have heard in news about COSMOS Bank, a 112-year old cooperative bank in India and the second largest in the country being hacked and crores were siphoned off. The bank lost INR 940 million (94 Crores) due to this breach on 11th & 13th August. As per reports, the fraudulent transactions were carried out on August 11 and August 13 and the malware attack by the hackers originated in Canada, Cosmos Bank chairman Milind Kale told. In the first attack on August 11, using stolen card details, approximately Rs 78 crore was withdrawn in transactions in 28 countries. This included around 12,000 Visa card transactions. On the same day, approximately, Rs 2.5 crore was withdrawn through 2,800 debit card transactions in India at various locations. On August 13, the hackers transferred Rs 13.94 crore into an account in the Hang Seng Bank in Hong Kong by initiating a SWIFT transaction.”In two days, hackers withdrew a total Rs 78 crore from various ATMs in 28 countries, including Canada, Hong Kong and a few ATMs in India, and another Rs 2.5 crore were taken out within India,” he said. It was observed that unusual repeated transactions were taking place through Visa and Rupay cards used at various ATMs for nearly two hours.
- On 25 March, Under Armor discovered that somebody had increased unapproved access to MyFitnessPal, a stage which tracks clients’ eating routine and exercise. CNBC revealed at the time that the offenders in charge of the break got to people’s usernames, email addresses, and hashed passwords. The occurrence did not uncover clients’ installment data, as Under Armor forms this information independently. Nor did it trade off Social Security Numbers or driver’s permit numbers, as the attire maker said it doesn’t gather government identifiers. Upwards of 150 million MyFitnessPal clients are accepted to have had their data traded off in the information rupture.
- On April 2, security specialist Dylan Houlihan contacted investigative data security columnist Brian Krebs and informed him regarding an issue he had answered to Panera Bread back in August 2017. The shortcoming brought about Panerabread.com releasing clients’ records in plaintext — information which could then be scratched and filed utilizing mechanized apparatuses. Houlihan endeavored to report the bug to Panera Bread, yet disclosed to Krebs his reports had been expelled. The security specialist checked the weakness consistently from that point for eight months until at last unveiling it to Krebs, who distributed the subtle elements on his blog. Panera Bread took its site briefly disconnected after production of Krebs’ report. Regardless of the organization at first making light of the seriousness of the break and demonstrating less than 10,000 clients had been influenced, the genuine number is accepted to be as high as 37 million.