Polyverse Weekly Breach Report — 2017 Recap

breach_report

A snapshot look at the most influential breaches and reported vulnerabilities of the past year

As the new year begins, we decided to take a look back at the most influential data breaches of 2017. Whether it be ransomware, crypto-mining, phishing, WikiLeaked NSA tools or patching problems, 2017 offered a bevy of cybersecurity failures. Some of the most destructive breaches:

Equifax

Equifax released a statement that a breach was discovered on July 29th. Data was accessed by the hackers totaled 143 million people and included names, SSN, birthdates and more. To read more: http://www.zdnet.com/article/credit-rating-firm-equifax-reveals-breach-as-many-as-143-million-affected/

Yahoo

A data breach discovered earlier this year actually began in 2013 and affected every single customer account that existed at the time — three billion in all. To read more: http://money.cnn.com/2017/10/03/technology/business/yahoo-breach-3-billion-accounts/index.html

Uber

Uber concealed the theft of personal information of 57 million customers and drivers. Rather than informing anyone, Uber paid the hackers $100,000 to (allegedly) delete the data and keep the breach quiet. To read more: https://www.grahamcluley.com/uber-hackers-paid-data-breach/

NSA-Kaspersky

Russian hackers obtained classified information about NSA cybersecurity programs through breaching a contractor’s computer. The hackers stole the information by exploiting a vulnerability in Kaspersky Lab software that was on his computer. To read more: http://www.securityinfowatch.com/news/12372907/nsa-cybersecurity-program-information-reportedly-stolen-by-russian-hackers

Whole Foods

Whole Foods announced that people who drank and dined in its taprooms and full-service restaurants may have had their card information stolen. To read more: http://www.nafcu.org/News/2017_News/October/Whole_Foods_investigating_data_breach__NAFCU_continues_call_for_national_standard/

WannaCry

The WannaCry ransomware hit Windows XP users and spread at an astonishing pace because of Microsoft vulnerability MS17–010. The vulnerability was found by the NSA ,but it chose not to inform Microsoft. The NSA then used the exploit to infiltrate computers and spy on them under the codename “ETERNALBLUE”. To read more: https://www.grahamcluley.com/wannacry-ransomware-hits-systems-worldwide/

Vault 7 Data Dump

Cisco warned customers of a critical vulnerability that could enable an attacker to execute arbitrary code and obtain full control on more than 300 different models of its switches and routers. Cisco became aware of the vulnerability after WikiLeaks released its Vault 7 cache of documents. To read more: https://threatpost.com/cisco-warns-of-critical-vulnerability-revealed-in-vault-7-data-dump/124414/

Reported Vulnerabilities

Apache Struts

A critical security vulnerability enabled hackers to easily take control of an affected server. The vulnerability allowed an attacker to remotely run code on servers that run applications using the REST plugin. To read more: http://www.zdnet.com/article/critical-security-bug-threatens-fortune-100-companies/

Microsoft

Microsoft patched a remote code-execution bug that researchers found in a 17-year-old executable. The vulnerability was not stopped by Windows 10’s security. The exploit uses a tool that inserts mathematical formulas into Office documents. To read more: http://www.zdnet.com/article/windows-10-defenses-open-to-17-year-old-office-bug-but-microsofts-just-fixed-it/

Cloudflare

Cloudflare’s content-delivery network leaked customer data for months. The vulnerability has since been addressed, but not before sensitive data was exposed belonging to a number of users including Uber, Fitbit, OK Cupid among others. The issue is informally called Cloudbleed given its similarities to Heartbleed. To read more: https://threatpost.com/cloudflare-bug-leaks-sensitive-data/123891/

Looking Forward

Cybersecurity Threats 2018

Fifty-eight percent of global enterprises admit to having experienced a cyberattack last year. Now let’s look forward to some potential cybersecurity threats for 2018. To read more: https://www.information-management.com/news/the-top-cybersecurity-threats-for-2018

Want to learn more?

Sign up below and receive weekly breach reports directly in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.