Security Breach: As you all know, this year was full of struggle for the big companies, especially in the US. This year the companies faced many cybersecurity breaches. The security group reported Breach Level Index about 10.5 million records misplaced or robbed each day at the beginning of 2017, which remained unsolved throughout the year. The Consulting company Risk-Based Security proclaimed 7 billion reports revealed with the finish of third quarter. Not only the tech industries or financial services faced the breach, it also reached to the healthcare agencies or restaurants.
The Equifax breach was among the biggest breaches of the year which we will discuss later. However, the Equifax breach types conveyed an opinion that the gatekeepers are also weak enough to get hacked. We cannot point a significant breach in particular, as they all have been miserable. The breach cause is difficult to identify so they are biggest data breaches of all time. However, these are ten severe breaches of 2017 which remained well-known. Let’s have a look at the 10 high profile cyber security breach in 2017 you should know.
- 1 10 High Profile Security Breach in 2017 You Should Know
- 1.1 1. Equifax (September 7, 2017)
- 1.2 2. Chipotle (April 25, 2017)
- 1.3 3. Dun & Bradstreet (March 15, 2017)
- 1.4 4. Verizon (July 13, 2017)
- 1.5 5. Deep Root Analytics (June 20, 2017)
- 1.6 6. FAFSA: IRS Data Retrieval Tool (April 6, 2017)
- 1.7 7. Kmart (May 31, 2017)
- 1.8 8. SVR Tracking (September 21, 2017)
- 1.9 9. UNC Health Care (March 20, 2017)
- 1.10 10. Eddie (May 2017)
10 High Profile Security Breach in 2017 You Should Know
1. Equifax (September 7, 2017)
Equifax is in the top three largest credit agencies in the U.S. It is said to be one of the biggest hacks of 2017. They faced a breach which affected up to 143 million users. A large number of data robbed which include Social Security numbers and driver’s license numbers. It is the serious breach till now. Hackers used techniques to operate company’s system since mid-May in July by utilizing a vulnerable feature in website software. Some external breached data was names, addresses, dates of birth, credit card numbers, and additional personal data.
2. Chipotle (April 25, 2017)
Chipotle published a “Notice of Data Security Incident” on the official website to inform users of the illegal action identified on the network which maintains in-restaurant payment methods. It affirms payment card transactions which happened on March 24, 2017, which considered till April 18, 2017. The research is yet continuous, and when the report came, Chipotle did not state any further report. They told that the company thinks, they have closed the unofficial action, and cannot explain details meanwhile.
3. Dun & Bradstreet (March 15, 2017)
Dun & Bradstreet is a well-known business services company. They got marketing database with about 33 million corporate contacts shared beyond the web in March 2017. The hacked companies allege their systems were not breached, though they sold the 52GB database to a number of firms throughout the nation. It is not confirmed which companies underwent the breach that revealed the data information. Unlimited workers from organizations such as the U.S. Department of Defense, the U.S. Postal Service, AT&T, Wal-Mart, and CVS Health had data hacked. The data included names, work email addresses, phone numbers, and business data.
4. Verizon (July 13, 2017)
More than 14 million Verizon subscribers have attacked by a data breach. If you have communicated Verizon customer service in past six months, then you must be one victim. Those data kept on a system which was managed by Israel based Nice Systems. The data breach detected by Chris Vickery, partnered with a security firm, UpGuard. He notified Verizon of the data breach in June, and the breach solved after a week. The data acquired was log files which improved when users of Verizon communicated them using a phone.
5. Deep Root Analytics (June 20, 2017)
In 2016, the Republican National Committee picked Deep Root Analytics, a data analytics company, to collect political information concerning U.S. voters. A cyber risk investigator, Chris Vickery, found that the personal information Deep Root Analytics got private data for approximately 198 million American citizens–was put on an Amazon cloud server without password stability for nearly two weeks. The leaked information includes names, dates of birth, home addresses, phone numbers, and voter registration details. Deep Root has accepted the full charge, renewed the path settings, and place protocols in section to reduce extra work.
6. FAFSA: IRS Data Retrieval Tool (April 6, 2017)
According to IRS, about 100,000 taxpayers would have robed secret information in a system including the IRS Data Retrieval Tool, utilized for making the Free Application for Federal Student Aid (FAFSA). In March, federal executives noticed a possible data breach and brought the tool forward. The IRS claimed that they locked the Data Retrieval Tool as identification criminals who hacked the secret information out of the tax system did probably utilizing the tool to rob extra data. The firm assumes that about 8,000 false records were filed, processed, and returns issued, of $30 million. 52,000 returns were obstructed by IRS filters and 14,000 criminal compensation cases halted.
7. Kmart (May 31, 2017)
The origin firm of Kmart, Sears Holdings, reported that Kmart’s store payment systems were affected by malicious malware. The breach was not affected Kmart.com and Sears, buyers. The malware code is eliminated. However, the firm has not said the details of the time payment system in malware. They have also not declared the hacked stores. It didn’t infect personal identification, though it affected some credit card numbers.
8. SVR Tracking (September 21, 2017)
SVR Tracking is a San-Diego assistance which offers auto dealership and purchasers to find and retrieve vehicles. It reportedly leaked thousands of client records online. Kromtech Security Center discovered 540,642 records in an un-defended Amazon S3 bucket and reported SVR Tracking of the discovery. Although, SVR recovered the bucket in three hours. The leaked information included email addresses, passwords, license plate numbers, VINs, and also the sense to observe all location a vehicle was in the least 120 days.
9. UNC Health Care (March 20, 2017)
Approximately, 1,300 prenatal cases received letters regarding that they have possibly affected by a data breach. The prenatal cases got attention at the University of North Carolina Health Care System. UNC Health Care unveiled that the women finished pregnancy home risk screening forms at prenatal meetings within 2014 and 2017 at the Women’s Clinic at N.C. Women’s Hospital and UNC Maternal-Fetal Medicine at Rex could wrongly produce their private data sent to regional division health authorities. The hacked information were full names, addresses, races, ethnicities, Social Security numbers, and some health information.
10. Eddie (May 2017)
Kromtech Security Research Center found a large report of 560 million login credentials that are supposed to evolve via about 10 modern online services like LinkedIn and Dropbox, acquired in past data breaches. The database was operated on the ‘Have I Been Pwned’ website that allows peoples know whether their accounts and private information was hacked or not. It is called Eddie because the creator of the database is hidden. Kromtech member Bob Diachenko claimed that the database operated an unstable version of MongoDB’s open-source database software. Moreover, he also said that it is effective and unsafe now also.
So, these were the 10 high profile cyber security breach in 2017 you should know. If we are talking about the worst list recent data breaches 2017, then we must not forget the Uber incident. Uber’s data hacked in 2016. However, they didn’t reveal the report till November 2017. Hackers obtained the names and driver’s license numbers of about 600,000 drivers and private data of 57 million Uber customers.