After setting the record for the most data breaches in 2021, hackers continue to wreak havoc. Data breaches were up by 14% in the first half of 2022, according to the Identity Theft Resource Center (ITRC).
Ransomware and phishing attacks are the most popular types of attacks for cybercriminals because it’s easy money compared to the sale of information. Plus, these attacks require less effort and can be automated. Let’s look at a few noticeable data breaches that occurred this year.
Crypto exchange hacks have existed since the origin of the very first crypto exchanges, and some are so prominent that they leave a dent in the crypto exchange hack history. Approximately $18 million worth of bitcoin and $15 million worth of Ethereum, along with other cryptocurrencies, were taken as part of this hack. The ability of the hackers to get beyond two-factor authentication and access customers’ wallets was largely responsible for how it was made possible.
2. MailChimp Data Breach (2022)
After a successful social engineering attack, cybercriminals were able to access a tool utilized by the internal customer support and account administration teams. The cybercriminals eventually discovered an email list of Trezor clients while searching the client email lists stored in Mailchimp’s internal tools.
Then, the hackers delivered a convincing phishing email to this entire customer list, stating that a serious security breach had occurred, requiring an urgent download of a patched version of the Trezor app.
3. Flagstar Data Breach (2022)
Flagstar Bank, one of the largest financial providers in the US, notified over 1.5 million customers of a data breach in which Social Security numbers were stolen. Hackers breached its network in December 2021 and accessed sensitive customer details. It took the bank over 6 months to detect the data breach.
4. Pegasus Airlines Data Breach (2022)
A misconfigured public cloud storage resource led to the compromise of 23 million files belonging to Turkish airline company Pegasus airlines. The misconfiguration meant that anyone with access to the database could obtain nearly 400 files with plain text passwords and secret keys.
5. Nvidia Data Breach (2022)
The world’s largest semiconductor chip company was compromised by a ransomware attack in February 2022. Cybercriminals had started leaking employee credentials and proprietary information online. They had access to 1TB in exfiltrated company data that they would leak online.
It also demanded $1 million and a percentage of an unspecified fee. Nvidia’s internal systems were compromised, and it had to take some parts of its business offline for two days.
How are Mobile Devices Attacked?
The most common threats to mobile security include malware. But there are emerging threats that organizations need to consider to ensure device protection. Below are the most common mobile security threats that organizations encounter.
Malware can be installed on mobile devices through pirated versions of legitimate apps. Non-compliant apps that violate company policies based on data it accesses or collects, pose a threat. Vulnerabilities within mobile applications can also be exploited to steal corporate data.
iOS and Android, like PCs, contain vulnerabilities in their operating systems that can be exploited remotely or locally. Devices that run older OS versions are vulnerable to attacks. Physical threats to mobile devices occur in case of theft or loss of devices, posing a growing risk to organizations.
Attackers can set up a device to route all traffic through a malicious proxy or insecure connection by using malware or social engineering to manipulate users. Active man-in-the-middle (MITM) attacks use public Wi-Fi connections to gain access by taking advantage of flaws in the browser or application that is attempting to transfer data or compromise the entire device.
How Can Companies Neutralize Data Breaches with MDM?
With the number of cyberattacks growing each year and the repercussions of a data breach can damage the company’s financial position and reputation. Human error is also one of the major factors contributing to data breaches. By using MDM, companies can manage human negligence by setting policies and restrictions for users to follow.