- LinkedIn Data Breach (2012): Unearthing a Massive Password LeakIn 2012, LinkedIn grappled with a substantial breach that saw the exposure of approximately 6.5 million unsalted SHA-1 hashed passwords. This sensitive data was eventually posted on a Russian hacker forum. However, the true extent of the breach didn’t come to light until 2016 when the same hacker responsible for the MySpace data breach offered the email addresses and passwords of roughly 165 million LinkedIn users for just 5 bitcoins, equivalent to around $2,000 at the time. LinkedIn acted swiftly by acknowledging the breach and initiating password resets to minimize further damage.
- Yahoo’s Unprecedented Data Breaches (2013 & 2014): A Tale of EspionageIn 2013 and 2014, Yahoo was rocked by two monumental data breaches, eventually revealing the largest breach in internet history. Although the breaches were not disclosed until 2016, their impact was profound. Orchestrated by four individuals and executed by Russian agents employing a hack-for-hire strategy, the fallout from these breaches extended into the realm of cyber espionage. These breaches raised concerns about the vulnerability of senior officials in the U.S. military to cyberattacks and the potential compromise of sensitive information.
- GitHub Hit by Record-Breaking DDoS Attacks (2018 & 2015): Unprecedented Cyber OnslaughtGitHub, a prominent administration and web hosting platform, faced the largest recorded Distributed Denial of Service (DDoS) attack in history. The attack reached an astonishing rate of 1.3TBps, with 126.9 million packets sent per second. Rather than using a traditional botnet, the attackers leveraged memory caching methods to speed up the website, amplifying their requests by spoofing GitHub’s IP address. While the attack lasted only 10 minutes, it led to 5 minutes of unavailability. Fortunately, GitHub’s DDoS protection measures mitigated the attack within the specified timeframe, but it took nearly a week for the platform to fully recover. Additionally, GitHub encountered a DDoS attack in 2015 when an attack on China’s Baidu search platform created a botnet, contributing to an attack on GitHub.
- Facebook Data Exposure (April 2019): A Massive Impact on Over 533 Million UsersIn April 2019, two datasets from Facebook apps were exposed, affecting more than 533 million users. These files contained sensitive information, including phone numbers, account names, and Facebook IDs. However, it wasn’t until April 2021 that the data became available for free, signaling a change in criminal intent. The gravity of the situation became apparent when security researcher Troy Hunt integrated functionality into the HaveIBeenPwned (HIBP) platform, allowing users to check if their data was part of the breach. This unexpected development prompted a reconsideration of making phone numbers searchable due to the significant impact of the Facebook data breach.
- SolarWinds Supply Chain Attack (2020): A Devastating CompromiseIn 2020, SolarWinds, a widely used network-monitoring software, fell prey to a crippling supply chain attack. Russian hackers successfully infiltrated SolarWinds’ production environment, injecting malicious code into their Orion network monitoring product. They then distributed a tainted software update that was unknowingly installed by over 18,000 customers. This update introduced Trojan horses into client systems, creating a backdoor known as SUNBURST. The attack eroded trust across the software supply chain, causing widespread damage to numerous individuals and companies. The attackers utilized various tactics, including password guessing, spear-phishing, and exploiting a zero-day vulnerability in the Orion software.
- Microsoft Exchange Server Vulnerability (2021): State-Sponsored Attack UnleashedIn early 2021, a highly sophisticated hacking campaign targeted Microsoft Exchange, a widely used email and collaboration system. Attributed to a state-sponsored group believed to be based in China, the attack exploited vulnerabilities, including CVE-2021-26855, allowing for arbitrary execution. This attack significantly impacted tens of thousands of organizations globally. Despite emergency patches released by Microsoft, slow adoption left many systems vulnerable to exploitation, creating a major concern for information security.
- Colonial Pipeline Ransomware Attack (2021): A Fuel Crisis Triggered by Cyber ExtortionColonial Pipeline, a critical fuel pipeline operator in the U.S., fell victim to a ransomware attack with far-reaching consequences. The attack disrupted the pipeline’s operations, leading to fuel shortages and consumer panic across the East Coast. To regain control of the system and resume operations, Colonial Pipeline made the controversial decision to pay a $4.4 million ransom to the attackers. This incident underscored the growing threat of ransomware attacks and their capacity to disrupt critical systems and services.
