It's that time of year again when ghouls, creeps, ghosts, and goblins take to the streets and scare the living daylights out of regular, everyday folk. None of these monsters compare to something much scarier, much more heinous–hackers!
Cybercriminals don't wait until October to wreak havoc on the living, they do it every day, and their cyberattacks become bolder with each passing year. It's difficult to fathom how many cyberattacks actually happen. And while the total numbers aren't yet in for 2022, 30,000 websites are hacked (successfully) each day, and a new cyberattack takes place every 39 seconds. Scary stuff!
But not all attacks are the same, some are minor, and some are downright terrifying. So for your reading pleasure–or displeasure–here are a few major data breaches that will give you chills and have you double-checking for a boogeyman in a Guy Fawkes mask under your bed tonight:
Chicago-style Italian Beef Sandwich
Let's start with a spooky campfire story.
So there I was the other day, it was late at night, and I was watching FX's new-ish show "The Bear." The series is about a chef who takes over his brother's Chicago restaurant specializing in classic Italian beef sandwiches. The show is fantastic, and I highly recommend it, even if it does bring back all the anxiety from my days in bars and restaurants.
Anyway, so there I am, sitting and watching all alone. I take a break and walk to the kitchen for a glass of water. I decide to scroll Youtube Shorts (yes, I'm too old for TikTok) as the cup fills. And behold, the first video is a Youtuber explaining a recipe–for a CHICAGO-STYLE ITALIAN BEEF SANDWICH! I feel sick, shiver, and the hair raises on the back of my neck. I gasp and drop my glass. It shatters on the floor.
So much for digital privacy. Something or someone or some cooperation was watching me. And even though the blinds were shut, they know. They always know.
Death to the NY Post
Now something a little more bloodthirsty…
"We must assassinate AOC for America" was the title of a recently edited article on the New York Post's website. Did they mean to post that? Of course not. Another read, "Devine: We must murder Joe and Hunter Biden." Regardless of your political views, this is some wild stuff.
So what happened? Apparently, a disgruntled former employee was able to gain access to the Post's content management system (CMS), which uses the WordPress VIP platform. It's unclear if the employee still had access or forged credentials, but they were able to take control long enough to post some pretty messed up headlines. But wait, there's more.
The culprit also hijacked the NY Post's social media account by exploiting SocialFlow, a website plugin used to push stories and web articles to social media platforms. One tweet went as far as to claim, "Gov. Abbott: I will order Border Patrol to start slaughtering illegals." Several of these crazy tweets also had links redirecting readers to the outlandishly edited articles.
The Post responded quickly, immediately taking down the incendiary content. But the damage had been done. As if anybody needed another reason to not trust the New York Post, but in truth, this could happen to any news agency, just as it also did to the business publication Fast Company.
Make sure to create strong passwords and change them often, everyone. For the sake of our democracy, please!
The Wonderful World of Private Health Insurance
Is there anything scarier, more sinister than health insurance?
As if we need another reason to be skeptical of private health insurance companies… They seem to be losing personal medical data left and right. This October, Medibank, Australia's largest health insurer that insures around 3.7 million people, was hacked and lost a ton of information.
The hacker accessed all Medibank, ahm, and international student customers' personal data, as well as significant amounts of data regarding health claims. The attack caused Medibank's stock price to slide 14%, the most drastic one-day dip since the company was listed.
And they are not the only ones. In March, the Massachusetts-based Shields Health Care Group suffered a data breach that affected roughly 2 million Americans. The stolen data included names, Social Security numbers, birth dates, addresses, billing information, and medical information like diagnoses and medical record indicators.
Need more examples? Baptist Health System and Resolute Health Hospital in Texas announced almost the same thing happened to them in June. A couple hospitals and Arizona suffered a data breach too.
The list goes on and on. We always assume health records are confidential, nope!
Tales From the Crypto
How do zombies pay their rent? With cryptocurrency! You’re welcome for that.
Cryptocurrency is having a bad year. Prices are falling, people are jumping ship, and Crypto.com experienced a significant breach at the beginning of 2022. The hack occurred on January 17th and targeted the cryptocurrency wallets of roughly 500 users.
Despite the blockchain being a reasonably secure transaction method, the hackers managed to defeat the site's two-factor authentication (2FA) and got away with around 15 million dollars worth of Ethereum and $18 million in Bitcoin.
Crypto.com stayed quiet initially but eventually came clean and compensated the impacted individuals after initially characterizing the attack as an "incident" and denying any theft.
A Cross Can't Protect You
A frightening two-for-one special:
More than 515,000 "highly vulnerable people," including those torn from their families by conflict and disaster, had their personal information compromised due to a seemingly political cyberattack on a contractor used by the International Committee of the Red Cross (ICRC), the organization.
At least 60 "national societies," or global networks of volunteers and employees that the Red Cross relies on as initial responders to calamities, are where the hacked data originated from. The attack forced the Red Cross to shut down IT systems that enable a program that reunites families split up by conflict, migration, or disaster.
The Church of Jesus Christ of Latter-day Saints was also the target of an alleged state-sponsored cyberattack in March that successfully obtained some church members, employees, and contractors' personal information. However, the church reported that law enforcement officials believed there was little risk to individuals.
In both attacks, it's primarily unclear who exactly committed the breach.
Also known as the digital boogeyman.
Russia has been mounting aggressive and careless cyberattacks against Ukraine for years. These efforts have resulted in blackouts, attempted election rigging, data theft, and the release of malicious malware that has spread throughout the nation and the entire world. Since the invasion, these attacks have become even more brazen.
The UK, EU, US, and allies have announced that Russia is responsible for a series of cyberattacks over the course of this year. One was a February incident that caused outages for several thousand Ukrainian civilians and impacted central Europe wind farms and internet users. Russia was also behind (according to US intelligence) an operation targeting the commercial communications company Viasat in Ukraine.
Other horrifying cyberattacks thought to be perpetrated by Russian government-backed hackers over the years hackers include:
- An attack on the Colonial Pipeline in the US caused it to shut down until a ransom was paid to the tune of $4.4 million.
- A destructive software called NonPetya spread worldwide and is considered one of the most costly cyberattacks in history at $10 billion in damages.
- An electrical grid attack called BlackEnergy caused a short-term blackout for 80,000 customers of a utility company in western Ukraine.
Let's just say if you're alone in a dark alley, you certainly don't want to see a hacker speaking Russian.
Don't Let Data Breaches Scare You
What is a little, innocent internet user like you supposed to do to protect yourself from all the bad things out there online? First, maintain good cyber awareness! The more you know, the less it will frighten you.
Second, have you looked under your online bed lately? Your files could already be haunted by viruses, or someone may have gotten their claws on your password? Shine a light on hidden malware with the free Internxt file virus checker and password checker.
Finally, we all know the internet is a bleak place full of things that squeal and go bump in the night. But only by implementing safe online strategies and choosing to encrypt your sensitive information with Internxt cloud storage will you feel safe and warm under your digital covers.