JanuaryThere were no major breaches until Jan. 11:
1/11/21Ubiquity Inc. – Through their third party cloud provider, Ubiquity, one of the largest vendors, had their database accessed by unauthorized entities. Some items that may have been accessed were customer names, hashed passwords, addresses, email addresses, and phone numbers.
1/12/21Mimecast- Mimecast, a cloud cybersecurity company had their tools hacked, which exposed ten percent of their customers who use their programs for Microsoft Office 365 emailing.
1/20/21Pixlr- This photo editing app had 1.9 million users’ information compromised. The data that was included was hashed passwords, email addresses, usernames and more sensitive info.
1/22/21Bonobos- Bonobos, a men’s clothing retailer, was hacked and had their customer data posted on a hacker forum. This info included home addresses, account information, phone numbers and even partial credit card information.
1/24/21MeetMindful- The dating platform was hacked and had 2.28 million users; personal information posted to a hacker forum. The information posted included birth dates, IP addresses, location, email addresses, names and more.
1/26/21VIP Games- This free gaming platform had 66,000 users’ information and 23 million records leaked. This was explained to be a cloud misconfiguration. The leaked info included status of user accounts, hashed passwords, IP addresses, emails and usernames.
1/28/21U.S. Cellular- Hackers attacked U.S. cellular through a phishing attack aimed at employees. After this attack, they were able to access almost five million user profiles. Luckily, U.S. admitted to only having 276 of those users as being victims of that attack. These records included cell phone numbers, plan information, PINs, home addresses, full names and more.
2/2/21Compilation of many breaches (COMB)- A database which contained 3.2 million cleartext email and password from last leaks (such as those from Netflix, Bitcoin, Yahoo, LinkedIn and more) was discovered to be available online. In this data base, hackers had access to 200 million Gmail addresses, 450 million Yahoo addresses and account credentials.
2/10/21Nebraska Medicine- This was the first major medical breach of 2021. Nebraska Medicine was attacked by malware, allowing hackers to access and copy medical records of more than 219,00 patients. This included home addresses, dates of birth, full names, lab results, health insurance information, medical record numbers, imagine, diagnosis, and more.
2/18/21The California Department of Motor Vehicles- California’s DMV was hit with a data breach after their contracted company Automatic Funds Transfer Services was attacked by ransomware. Any CDMV information from the past 20 months, including names, license information, addresses, and more.
2/20/21Kroger – A hack of a third-party cloud provider, Accellion, allowed hackers to steal HR data and other sensitive information from supermarket company, Kroger. Some of the records that were disclosed include names, email addresses, home addresses, phone numbers, Social Security numbers, and health insurance information for pharmacy customers.
2/26/21Accellion- A third-party cloud provider, allowed hackers to steal HR data and other sensitive info from Kroger, the supermarket company. These records included email addresses, home addresses, Social Security numbers, health insurance information from pharmacy customers, full names and phone numbers.
3/3/21T-Mobile- With the use of SIM-swapping, an undisclosed number of T-Mobile customers were affected by hackers. This method of hacking allowed them to take control of customer’s smartphones to steal money from their accounts, change their passwords to hijack accounts, and even lock users of their devices.
Cyberattacks happen often and millions of people every year are victims. Keep your organization and its customers safe by contacting MyTek today to discuss your security options at 623-312-2440.