The post-pandemic boom has attracted a lot of unwanted attention from hacker groups looking to take advantage of a gullible employee or an unknown vulnerability. Recent research reports also show that attacks on organizations have increased this year, as have the costs of the breach due to business disruption and fines issued by regulators. According to the IBM Cost of a Data Breach Report 2022, 83% of organizations have suffered more than one data breach, while the average cost of a data breach has grown to $4.35 million in 2022 compared to $3.86 million in 2020.
Financial gain remains the primary motivation behind attacks on private organizations.
The war between Ukraine and Russia also triggered a wave of cyber attacks against companies in Europe and the US.
Here are some of the cyber attacks faced by organizations that touch the lives of most Internet users in one form or another.
400 million Twitter accounts at risk
Earlier this week, a hacker named Ryushi threatened Twitter to pay a $200,000 ransom or they will publish the personal information of 400 million Twitter users. The hacker claims that the data was stolen in 2021 through the exploitation of an API vulnerability, which has since been fixed. The stolen data reportedly includes the phone numbers and email information of Twitter users, including Google CEO Sundar Pichai, US Congresswoman Alexandria Ocasio-Cortez, Salman Khan and singer Shawn Mendes. Twitter has yet to confirm the breach and the claims made by the hacker.
LastPass breach more serious than thought
The data breach suffered by leading password manager LastPass in August turned out to be more serious than previously thought. The company had previously said that no customer data was accessed during the incident, and that only some technical information and source code was stolen. However, last week a blog post said that hackers copied the backup of customer vault data from the encrypted storage container which also contains usernames and passwords along with other data. LastPass assured users that the information is fully encrypted using 256-bit AES encryption, and it will be extremely difficult to break it even using brute force attacks.
GTA V footage stolen and leaked
US-based Rockstar Games, which develops and publishes action games in the Grand Theft Auto (GTA) or Red Dead Redemption (RDR) series, confirmed in September that it suffered a network intrusion, which enabled hackers to steal confidential information from the company’s systems. . The stolen data included unseen game development footage of the next game in the GTA series, which is expected to be released in 2024. The breach was discovered after the hacker leaked the stolen footage online. Rockstar is one of the largest game publishers in the world. The last GTA game “GTA V” sold over 170 million copies.
Nvidia takes on hacker groups after data theft
In February, a little-known ransomware group Lapsus$ broke into the networks of Taiwan-based chip giant Nvidia and stole 1 terabyte of data, which includes sensitive information such as the design of its next-generation graphics processing unit (GPU), Nvidia AI rendering system DLSS, and the login credentials of over 71,000 employees. The hacker group threatened to release the stolen information publicly if the firm did not remove the anti-crypto mining feature called Little Hash Rate (LHR) from its GPUs. Nvidia retaliated by counterhacking the hacker group to retrieve the stolen data.
Samsung data breach
After Nvidia, the Lapsus$ hacker group targeted South Korean chip and electronics maker Samsung. The hackers stole and leaked nearly 200 gigabytes of sensitive data that includes source codes for Samsung’s TrustZone environment and algorithms for biometric unlocking applications. Samsung confirmed the breach and acknowledged that some source code was compromised. The hacker group asked Samsung for a ransom not to leak the data.
Uber suffers from double security incidents
In September, taxi-hailing company Uber’s internal systems were compromised, according to a NYT report. The hackers shared images of the firm’s cloud storage, email and code repositories with security researchers and the media company to back up their claims. Uber, for its part, acknowledged on a Twitter mail that it had suffered a cyber security incident and was working with law enforcement agencies to resolve it. Later in December, Uber suffered its own data breach after one of its supply chain partners was compromised. According to Uber, the data was stolen from Teqtivity, which provides property management and tracking services to Uber.