Cloud Cybersecurity

7 Most Infamous Cloud Security Breaches

July 13th, 2022

The biggest cloud security breaches we've seen to date result from various cyberattack vectors, but the consequences are the same. A company's reputation is sullied, its customers may leave in droves, and the final cost may sink the company itself. For all of us in IT, there are lessons to be learned from each breach. That's especially true when you consider that cloud security breaches have surpassed on-prem breaches for the first time, according to the Verizon Data Breach Investigations Report (DBIR).

So, let's look at the seven most infamous cloud security breaches to date.

1.    Facebook

Facebook was breached sometime before August 2019 but decided not to notify over 530 million of its users that their personal data was stolen—and shortly after that, posted to a public database—until April of 2021. The data included phone numbers, full names, locations, some email addresses, and other details from user profiles. While Facebook later posted an account about the attack on its blog, the damage to the company's reputation was tainted. Facebook says it found and fixed the issue immediately, but the ripple effect even hit founder Mark Zuckerberg. He had to answer to federal regulators to settle a privacy case with the Federal Trade Commission that included a $5 billion penalty paid by the company. Things only worsened in October of 2021 when whistleblower Frances Haugen went public claiming that Facebook chooses profits over safety.

2.    Alibaba

In November of 2019, an attack hit Alibaba's Chinese shopping website Taobao that impacted more than 1.1 billion pieces of user data. The attack happened over eight months as a Chinese software developer trawled the site, secretly scraping user information until Alibaba noticed what was happening. The stolen data included user IDs, mobile phone numbers, and customer comments. While the hacker didn't get ahold of encrypted information like passwords, the breach was severe enough that the company notified the police. Because it happened in China, the full consequences of this attack will likely never be made public. But it's an example that makes a strong case for better monitoring of systems and networks.

3.    LinkedIn

Like Alibaba, in 2021, LinkedIn also fell victim to a data scraping breach. Affecting 700 million LinkedIn profiles, the information was primarily public. But the data from the hack was posted on a dark web forum in June of 2021. LinkedIn explained that no sensitive, private data was exposed. The company also made the argument that the incident only violated the company's terms of service. But a scraped data sample in the dark web post included email addresses, phone numbers, geolocation records, genders, and other social media details. That's plenty of data for a clever hacker to use for social engineering attacks. And, while LinkedIn refuses blame for the breach, it has undoubtedly opened many eyes to the data risks of using social media.

4.    Sina Weibo

Sina Weibo is one of China's largest social media platforms. In June 2020, the personal details of more than 538 million users—including real names, site usernames, gender, and location—as well as phone numbers for 172 million users, were posted on the dark web and other places. While it isn't clear how the incident originated, the hacker put Weibo's data up for sale for a mere $250, most likely because it didn't include passwords. Even though Weibo is heavily monitored and censored these days, it is still used, at times, to share unfiltered news from around the country. As a result, anonymous Weibo users may face the most significant risks due to the breach.

5.    Accenture

Accenture was hit by hackers connected to the LockBit ransomware group in August 2021. The group stole and leaked proprietary corporate data and, even worse, breached the company's customers' systems. The hackers claimed to have stolen six terabytes of data and demanded a $50 million ransom. But Accenture told one publication that all affected systems were fully restored from backups, with no impact on Accenture's operations or its clients' systems.

6.    Marriott International

More than half a million Marriott division Starwood's guests had sensitive personal information exposed after a September 2018 attack. Following a forensics investigation, the company found that the Starwood network had been compromised sometime in 2014, before Starwood's acquisition by Marriott. Marriott continued to use the IT infrastructure it had inherited from Starwood, and the consequence of using the outdated technologies most likely resulted in the breach. While the attack didn't put the company out of business, it did do damage to its reputation.

7.    Cognyte

In June of 2021, cyber analytics firm Cognyte failed to secure its database, exposing 5 billion records detailing previous data incidents. The records were posted online without a password or any other authentication required to access them. The database was exposed for four days, and it isn't clear precisely how many passwords were included, but all contained names, email addresses, and the data source. That's the kind of data hackers can leverage for years to come.

Conclusion

While you can't stop every attack, you do need to make every effort to do so. That means creating a disaster recovery plan, building infrastructure that's as secure as possible, and investing in prevention and detection technologies. Buying cybersecurity insurance is another step you can take to help ensure recovery.

And putting in place the technologies that you need to recover your data if it is stolen or locked up by ransomware should also be at the top of your list. If you want to avoid becoming another data breach statistic, talk to an expert Arcserve technology partner to learn more about what you can do to protect your data. To learn more about Arcserve data protection products, contact us.

 Unless you're referring to internal customers? The tech partner link is a list of MSPs/VARs, so I assume your audience is businesses.