With each passing day the importance of data is rising by two folds and with it raises the risk of securing it since there is always someone lurking in the shadows looking to make money in nefarious ways. The most expensive and fastest rising consequence of cybercrime is Information Theft. In exchange for monetary gains, personal and sensitive data of millions of people is compromised. However, not every data breach is the result of a hacker. More often than not loopholes, vulnerabilities and insecure servers give threat actors free access without much of an effort.
In this article let’s look at the most notable breaches that took place in 2019
State Bank of India
One of India’s leading banks, State bank of India left one of its servers located in Mumbai unprotected, exposing the data of its 422 million customers. It was later revealed that the back end text messaging system was left unprotected allowing anyone to track its text messages, to and fro in real-time. On average, in a single day SBI sends out nearly three million text messages and their database archive had messages that went back to December 2018.
However, the bank later denied any reports of a breach and went on to fortify its server.
Indian Database finds its way on the Dark web
Sometime in October, more than 1.3 million credit and debit card details from Indian banks were discovered for sale on the dark web. The information was being sold for $100 per piece, which means the entire data cache was valued at over $130Million. Even though data dumps from India are rare yet this set was one of the single largest and valuable data uploads on the dark web.
The information was acquired through skimming devices installed at ATMs and PoS systems.
Attack on Indian Health care
A hacker by the name of “fallensky519” was responsible for stealing the data of 6.8 Million user’s data from a healthcare website in February. It is believed that the data is being stolen by the Chinese hackers for two reasons, either to acquire healthcare research to fend off cancer or to sell it to the highest bidder from the pharma sector. Further investigation revealed that threat actors have stolen patient information, doctor information and personally identifiable information – like names, addresses, and phone numbers.
Facebook stores passwords
Even if in plain sight, Facebook user’s passwords were saved and exposed to the entire world, through the employees of the social media platform. It was revealed that passwords that dated way back to 2012, were not encrypted and were beings saved on the Facebook servers in plain text format. The passwords were not only easy to locate by access logs but also approximately 2000 developers generated nearly 9 million internal queries for the data that contained the passwords.
Just Dial Breach
In April, the digital version of yellow pages was found to be vulnerable and was alerted to a potential data leak. The leak not only affected the ones using Just Dial currently but also anyone who had called the company between the years 2015 to 2019. Four Application Program Interfaces (APIS) were left unprotected, exposing names, contact details, and personally identifiable details. One of the APIS’ also allowed the hackers to request for registered phone numbers, which could give rise to phishing or spamming.
However, according to the organization, the vulnerability only existed in the older versions and it was shortly fixed.
The Dating app Breach
An online dating app Grindr which is geared towards finding love for the LGBTQ community came under heavy scanner for revealing the location of its users. An issue that the company had claimed to fix, however, it raised its ugly head for the second time in a row. Along with Grindr, the same problem was found in three other dating apps, namely, Romero, Reco and 3fun. Due to this over 10 million users were at the risk of being robbed or stalked or something worse.
Data leak through malicious apps for the social media heavyweights
The heavyweight of social media, Twitter and Facebook found themselves on similar crossroads when they were found to be undermining data privacy yet again. According to CERT, using one audience and Mobiburn software development kits, user data was being stolen by malicious third-party apps.
ISRO and Kundalakulum Power Plant Hacked
All it took was one click on the wrong kind of a link to bring down the apex space organization of the country and the biggest nuclear power plant. Initially, the breach in the nuclear plant was denied but then later they not only accepted but added that the breach was limited to the administrative division which varies from its operational division. ISRO was hacked right before the launch of Chandrayaan 2 but the malware played no part in the fate of the mission.
It was later brought to light that a North Korean group of hackers known as Lazarus had perpetrated the attack on both the places using software from the DTrack Malware family.
One Plus
After the launch of the flagship phone maker’s newest installment, the One Plus security discovered that some user data had been accessed by an unauthorized party. The hackers were able to get the user’s name, contact, and details of any orders that were placed through the one plus. Although One Plus did not share on how many were affected but an investigation from CERT revealed that nearly 3000 Indian users were affected.
Airtel’s Security Flaw
A security vulnerability in one of Airtel’s API’s saw the data of 325 million user’s data vulnerable in India. The flawed API found that anyone could fetch sensitive user information of any of Airtel’s subscribers within 15 minutes. Along with the user’s names and contact information, the leak also revealed the IMEI number of the user’s phone.
The year that transpired in the cybersecurity ecosystem, the Indian government has planned on implementing various initiatives to curb from history repeating itself in the time to come.
To read more, please check eScan Blog