As the countdown to the New Year has begun the world gets ready to say its goodbyes to 2015. We roll back the clocks and look into this year’s most devastating hacking attacks, which resulted in huge financial losses and data theft. Data breaches have put many organizations out of business and many others are facing millions of dollar in fines from lawsuits from their customers. Last year, hackers accessed more than one billion personal records, most of which include personal information such as social security numbers, banking codes, home addresses, emails, etc.
An upsetting thing is year after year the number of such attacks are increasing.According to a surveyby Global State of Information in Cybersecurity, this year, 38% more security incidents were detected than last year. The shortage of certified cyber security professionals is a big reason why these attacks are on the rise. Most of the organizations have no idea what policies should be followed to tackle these threats.
Here we bring you some of the list of 10 most destructive hacking attacks the world have seen in 2015. We rate these attacks according to their severity and how much organization suffered after its aftermath. Check out our Top 10 List:
1. Talk Talk
This is one of the most devastating hacking attack in British history, with more than 157,000 customers records stolen by the hackers. The records include personal details such as bank account numbers, sort codes, credit and debit card numbers. This attack on Talk Talk website happened on 21st of October and it is believed that teenagers are behind this devastating attack. The company suffered £35 Million in losses as the result of malicious users exploiting a SQL Injection vulnerability.
2. Ashley Madison
Another big story of the year is the Ashely Madison Hack. An online dating site with a motto “Life is Short. Have an affair” has seen the identities and passwords of its 11 million users stolen. The CEO of the company had to step down as the result of this much hyped hack attack, which was the most talked about thing this summer. The Ashley Madison parent company faces a law suite of $760M as a result of this data breach. Many customers of Ashley Madison received an email from spammers demanding ransoms, else their information will be leaked online.
3. CIA Director Hacked
The personal email account of John Brennan, the director of CIA was also hacked. The FBI and Secret service treated this as a very sensitive hacking incident because of the nature of the account and to whom it was associated with. The person who claimed the responsibility of this hack on CNN is an American but has yet to be arrested by the FBI.
4. Anthem Health Insurance
The second biggest health insurance company in the United States also fell victim to cyber criminals this year. The hack has affected more than 70 million Anthem customers. The hackers stole names, date of births and social security numbers. The company assured its customers that their financial details such as bank accounts and credit card numbers have not been compromised.
5. Vodafone
Telecom giant Vodafone was also the target of cyber criminals this year. According to a statement released by the company in October a group of hackers managed to gain access to sensitive information of about 1,827 Vodafone customers. The stolen email addresses and passwords have been sold on dark web. It seems that the bank account details of the customers were leaked as well. This news came to light just after the hack of Talk Talk, which has raised many concerns about the security of the British telecom and broadband operators.
6. Carphone Warehouse
The biggest UK phone retailer has also been targeted by cyber criminals this year. In August Cardphone Warehouse were hacked and hackers managed to access the personal records of around 2.4 million customers. The company faced a lot of criticism from its customers for keeping the news secret for 48 hours. The stocks of the company have been crashed when the news of hack hits the media.
7. LoopPay Samsung
Just after a month Samsung bought its payment system company for $250M, LoopPay was hacked. The group behind this hack is Chinese dubbed as 'Codoso Group' or 'Sunshock Group’, and for the 5 months no one in the company had any idea that they were hacked. The company said that no user data has been lost, despite the fact that it took them 5 months to notice that they were hacked.
8. JP Morgan, Chase and Brokerages
One of the biggest financial hacking incident in US history, which started back in 2012 and was up and running until mid of 2015. A total number of 9 large financial institutions were targeted in the United States, during this time. Hackers manage to access information of more than 100 million customer’s and affected 80 million households. The three hackers behind this big hack were arrested and were trialed in US Court in New York. This hacking incident is dubbed by many as the “the largest theft of user data from a U.S. financial institution in history."
9. US Army Official Website
Just hours after US President Obama called for new cyber security laws in a summit held in Germany, the official website of the US Army was taken down by Syrian hackers. Syrian Electronic Army were the group who claimed the responsibility of the attack as per their official twitter account. In this case, this was just a defacement and no data was stolen because the website did not contain sensitive.
10.Hilton Worldwide
Most probably the most famous hotel chain, with over 4,112 hotels in around 91 countries, Hilton has also been a victim of cyber-criminal attacks this year. The credit cards information of many Hilton customers were stolen. Hackers sold the credit card details and stolen information of Hilton customers on the Darkweb, which resulted in many of its customers being victims of credit card frauds.
Most of the above mentioned hack attack could have been easily avoided should the organizations have taken web application security more seriously. In all of the above cases hackers have exploited some of the most common vulnerabilities such as SQLinjection, which could be automatically found with an automated web vulnerability scanner such as Netsparker. Don’t let your business become a statistic. Scan your websites and find vulnerabilities before hackers do.
No comments:
Post a Comment