Most Severe Cyberattacks of 2021

December 17, 2021

WRITTEN BY THE KIUWAN TEAM
Experienced developers, cyber-security experts, ALM consultants, DevOps gurus and some other dangerous species.

Cyberattacks have become increasingly prevalent since the start of the COVID-19 pandemic. With many employees working remotely, companies have been under continuous attack from hackers looking to exploit low-protected home devices. In 2020 alone, malicious emails have gone up by 600%

The same happens all across the world and costs companies enormous amounts of money. Cybercriminals are using security weaknesses to access and tamper with the most relevant data of companies and governments. According to the IBM and Ponemon Institute, data breaches typically cost companies a whopping $4.24 million per incident in 2021, the highest number in 17 years.

These shocking figures suggest that software engineers and programmers need to step up their game. As technology advances and provides users additional business options, so it gives cybercriminals more room for malicious attacks. To protect their organizations, software engineers and programmers need to take precautionary steps and anticipate attacks on all fronts. 

In 2021, some of the most severe cyberattacks occurred due to inadequate protection and a lack of foresight. Read on to find more about them and learn what programmers and software engineers can do to avoid future incidents.

T z3Lx5xJsFPCPJ HiK9yZ1nhJ1rKkRV90f5kJPuhAWd0vtPof2jEzxIIWNTjQZPSYUHVVrkjB Dac3BmQpOSgX9ghQt3XxXhxsjoxJFk1KiYX Sox4wj0ItHN6BYLq F2u3j0yk7unm86F Dg

Bonobos Experienced a Cloud Backup Breach 

In January 2021, the hacker group ShinyHunters attacked Bonobos, a men’s clothing store. The cybercriminals managed to download a cloud backup containing the personally identifiable information (PII) of over seven million customers, including their phone numbers, credit card numbers, and account information. They even posted the collected data on a hacker forum for free. 

The leaked information was a huge 70 GB SQL file containing the internal tables used by the company’s website. Although the passwords were hashed using SHA-512 or SHA-256, the threat actors managed to crack some of the passwords.

To prevent a situation like this from happening again, Bonobos has decided to take additional precautionary steps, such as:

  • Invalidating account passwords and requiring customers to reset their passwords to secure their accounts
  • Turning off access points

It goes without saying, Bonobos should have had more foresight from the start. Without the proper cloud application security or a separate business cloud system, the company became an easy target of cyberattacks.

Kroger Let Down by the Third-Party Cloud Provider

Kroger’s pharmacy and Human Resources records had a weak spot in their cloud provider system in February this year. The company used Accellion’s 20-years old product for secure file transfer services and was one of the customers affected by the malicious attack. 

According to Accellion’s records, an unauthorized third party gained access through a gap in the file transfer services, and a total of 1,474,285 records were breached. The attack was not entirely unexpected, considering Accellion’s file transfer system was nearing the end of its life.

As a result of this incident, Kroger has discontinued its relationship with Accellion and reported the incident to federal law enforcement. Accellion has also announced the retirement of its old file transfer system and a launch of Kiteworks, a new product with no reported external vulnerabilities in the four years of its existence.

The main takeaway for software engineers working in cybersecurity is the importance of a background check for third-party cloud providers. Outdated software or infrastructure can’t offer enough protection against the newest digital threats. Choosing a trusting service provider is a must. 

Volkswagen and Audi Reached Through the Marketing Database

In March 2021, 3.3 million Volkswagen and Audi user records leaked due to a vulnerability in a marketing database. Volkswagen and Audi worked with an external marketing company to collect data between 2014 and 2019. Unfortunately, this data was left unsecured for 21 months between August 2019 and May 2021, making it vulnerable to attacks. The leaked information varied in sensitivity and included the following:

  • Birth dates
  • Drivers’ license numbers
  • Tax identification numbers
  • Social security numbers
  • Models and make of automobiles that had been inquired about or purchased
  • Loan or account numbers

The story of Volkswagen and Audi teaches about the importance of security testing on all third-party providers and partners that store customers’ PII. No matter the type of service, online defenses need to be high for business and consumer safety. 

Fortunately, many modern methods grant increased digital protection against cyberattacks. A developer-first security approach helps businesses integrate security needs into every part of their software development lifecycle. It is part of a DevSecOps approach to security and marks a revolution in software development.

Socialarks Leaks Data From Facebook, LinkedIn, and Instagram 

In January 2021, the Chinese social media management company Socialarks experienced a massive data breach, jeopardizing the personal information of 214 million users. This included:

  • 81,551,567 Facebook user profiles
  • 66,117,839 LinkedIn user profiles
  • 11,651,162 Instagram user profiles

For things to be even worse, Socialarks had scraped personal data from social media platforms, which is not only unethical but also a violation of the Facebook, LinkedIn, and Instagram terms of service. As for the breach itself, an unauthorized third party accessed Socialarks’ unsecured ElasticSearch database and leaked the information. The database — quite shockingly for 2021 — did not use encryption or password protection, making it possible for anyone with the server IP address to access the database. In modern times, companies need more than just basic cloud application security to support their users and prevent cyberattacks. Socialarks should have known it. 

Takeaway

Reading about these cyberattacks and data losses is by no means pleasant, but it can be a fruitful lesson. As the mentioned companies have learned, there’s no such thing as too much protection in the digital era. With so many cyber criminals exploiting security weaknesses and leaking customers’ PII, businesses need to be more vigilant than ever, and Kiuwan can help. 

Kiuwan is a global company providing an end-to-end application security platform to secure development operations every step of the way. The platform offers effective security testing and source code analysis to spot vulnerabilities and suggest improvements. Software engineers and developers can use it to navigate multiple powerful functionalities. They can perform code scanning with ease through Code Security (SAST) or create an OWASP benchmark test and evaluate software’s reliability, speed, and security. Those interested in the Kiuwan platform can try out a free demo right away and explore its many benefits. Our team of experts will be there to support every user, providing professional assistance during every operation. 

Would you like to know more about implementing secure application development solution in your company? Get in touch with our Kiuwan team! We love to talk about security.