2018 was a record-breaking year, and not in a good way. Millions of people had their personal information compromised, and tech giants like Google, Orbitz, T-Mobile, and Quora experienced significant breaches. As the new year gets in gear, let us take a look back at what happened in 2018 in cybersecurity.
Most Notable Cyber Breaches of 2018
Business Insider Magazine lists the 21 top breaches of 2018 across the world and the amount of people affected. The breaches occurred for a variety of reasons. Some were true hacks of malicious sources improperly breaking into and accessing private data. But some were purposely executed, such as in the case of Facebook. While the Business Insider covers breaches across the globe, we wanted to focus on ones specific to businesses in the United States.
Google Software Glitch Exposes 52.5 Million Google+ Profiles
The good news is that Google had already announced the closure of the failed social media platform prior to the announcement of the glitch. The bad news is the weakness was first exploited in March of 2015 all the way through March of 2018 and then again for about a week in November of 2018. The glitch gave access to Google+ profile information such as name, employer, relationship status, e-mail address and birthdate.
Facebook Partnership with Cambridge Analytica Affects 87 Million Facebook Users
In 2015, the personality prediction application developed by a University of Cambridge professor passed information on to other sources, including Cambridge Analytica. The application “This Is Your Digital Life” passed on information regarding users interests and preferences, which was later used to create targeted ads during the 2016 Presidential Election.
Not only was Facebook affected by the Cambridge Analytica breach, but 29 Million additional users had their profiles scraped of sensitive data such as location, contact details, search data, relationship status and what devices they logged in from. This breach occurred due to a vulnerability in Facebook’s code, enabling hackers to gain access to the users “access token.”
100 Million Quora Users Exposed in “Brute Force” Attack in 2018
A malicious 3rd party forced their way into one of Quora’s system, gaining access to users names, profiles, and encrypted passwords. The breach was first discovered in November of 2018, and it is unknown how long the malicious party had access to the system.
Encrypted Passwords and Personal Data of More Than 2 Million T-Mobile Users Exposed
An international group of hackers exploited an API in T-Mobile’s network to improperly access the encrypted passwords and personal data of T-Mobile users, including billing information and account numbers. The hack occurred in August of 2018.
Security Does Not Always Lie in Numbers
As you can see, the size and budget of a corporation does not always equal no risk of cyber attack. Even the largest tech firms in the nation can, and do experience breaches. But there are things you can do to mitigate and reduce the risks of these attacks.
Remote Monitoring and Management – Remote monitoring and management can turn your cybersecurity assessments from reactive to proactive. With monitoring and alerting capabilities, you can be aware of an issue before it reaches your network and put procedures in place to stop it in its tracks.
Multiple layers of security – The combined efforts of both physical and digital security measures can significantly reduce the risk to your business from a malicious attack. Biometric scans, mantraps & guards, digital locks to prevent physical access to the data center combined with encryption techniques, IP Reputation filtering, dedicated SSL gateways and more to prevent digital access.
Cloud Service Providers are Experts on Security Protocols – Cloud providers have made it their business to keep up with the latest threats and techniques to combat malicious sources. As such, they often have the best training and talent on how to keep your data secure. And while no one can 100% guarantee that even with these protocols there will not be a breach, you can be assured that the risk is significantly less than it would be.
dinCloud’s Secure DaaS Platform and Service Helps Combat Cyber Risk
dinCloud was born in the cloud, and we understand the benefits and the risks of using cloud solutions for your business. We have made it our business to provide the highest level of performance, ease of automation, transparent pricing, and secure desktop virtualization solution for our customers. We are so committed to security that it has been built into our logo. If you are considering cloud desktops for your business, consider dinCloud as your service provider. We believe that every customer is important and is more than just a number and we work hard to help you have a successful transition either to the cloud or between cloud providers. Mitigate your risk today.