Alerts & Reports : Data Security Alert Vol 13.79 – The Top Hacks of the Year
As we approach the end of the year, let’s have a look back at the top hacking incidents of 2014. This year, we might have witnessed the most damaging attack of the decade. It will not be easy beating the Sony attack.
On November 24th all of Sony Pictures employees’ computer screens started showing a picture of a skeleton and a message threatening to release sensitive data to the world. As a response to the hacking, Sony shut down all its systems, including email servers, to prevent more data leakage. All this effort however was not enough, the attackers who identify themselves as the Guardians of Peace (#GOP) claim to have stolen over 100 TB of data. They have so far released some 40 GB of data – a tiny fraction. The attackers demanded (and succeeded) of Sony Pictures not to release a controversial movie named ‘The Interview’ – a comedy about the assassination of the North Korean leader Kim Jong-Un. As a response Sony cancelled the release of the movie. FBI investigation blames North Korean government for the attack, while North Korea denies any involvement.
The Home Depot, a major chain of home improvement stores in the U.S. had suffered a very large data breach. Over 56 million customers’ credit and debit card information was exposed. According to report, the cybercriminals behind the attacks infiltrated the company’s systems at least 5 months prior to discovery. Many blamed Home Depot for not having proper security measures in place.
Called the most advanced cyberespionage campaign to date, the Regin APT is a highly complex,state funded threat. The Regin malware carried the ability to intercept and manage GSM communication systems. The main countries of focus are Afghanistan, Iran, Syria, and others. It is believed the campaign was designed by the British intelligence agency GCHQ and the NSA.
A collection of nude celebrity photos and videos was stolen from Apple’s iCloud online storage in September, published on 4Chan, and later released in a number of parts for download via torrents. The database included many well-known celebrities, such as Jennifer Lawrence and Kate Upton’s very revealing photos. Apple claimed that their cloud storage has not been breached, many were left unconvinced.
After iCloud, next in line to get breached was the picture messaging app Snapchat. Photos on Snapchat auto-destroy, but there are services that are able to save these for you – one of which (snapsaved.com) was hacked. The entire 13GB database was made available for download on Pirate Bay.
One of the largest breaches this year (although not the most devastating) was the J.P. Morgan Chase data breach, where over 76 million households and 7 million businesses. According to Chase, no financial information, SSNs, login information, etc., was stolen. Only emails and phone numbers and addresses were compromised.
Although there were others, including many attacks involving crypto-currencies, these comprised the top 6 hacking incidents in our opinion. If you believe others should have made the list, please leave a comment below.
Happy Holidays to all of our readers. Enjoy safe holidays and secure new year!