Last updated on November 21, 2022
Cyber attack incidents occur throughout corporations. Beyond conglomerates; entire cities have been subjected to a cyber attack. Governments, transportation sectors, and utility companies; cyber criminals use a variety of methods to penetrate security systems. The goal may be profit or political gain. It may be selling credentials on the Dark Web. Regardless, here’s a growing list of breaches. Some of which come from books I’ve read. Others from the news.
Cyber Attacks in 2022
DoorDash, a popular food delivery app, detected suspicious activity from the computer network of a third-party vendor. They determined the vendor was compromised by a sophisticated phishing attack. Certain personal information maintained by DoorDash like names, emails, addresses, phone numbers, and partial payment card info were obtained. If exploited, cyber criminals can create profiles to target victims with spam or phishing attempts which could lead to identity theft.
U-Haul International, a moving and storage company, announced that customers’ rental contracts between November 2021 and April 2022 were accessed by hackers. Breached information includes customers’ names and driver’s license information. If exploited, criminals can use this information to commit identity theft.Lifelock
Corporate Cyber Attacks in 2021
- Jan 22, Bonobos clothing, a child company of Walmart was hacked. 7M customers were effected. Personal information was stolen. The last four digits of socials were acquired. Encrypted passwords obtained; to no surprise, there’s zero corporate accountability. Consumer gets burned.
- Jan 27, Apple warned of a potential cyber attack on devices. A breach did not take place. An anonymous researcher merely discovered a security flaw. One that could’ve impacted devices. In turn, iOS 14.4 was released. However, Apple did say, the threat may have already been exploited. In turn, the result would enable third party remote, device access. Could cyber criminals be the first ones to cripple big tech?
- August 15, T-Mobile issued a statement saying nearly 100 million customers were impacted by a cyber security incident. Customer names, social security numbers, phone numbers, drivers licenses, physical addresses, and unique mobile phone identifiers were obtained.
- Sept 30, luxury retailer Neiman Marcus announced 4.6 million customers may’ve had their personal information compromised. The actual breach occurred in May of 2020 meaning criminals had plenty of time to utilize customer data. Data which included names, contact info, payment card numbers and expiration dates, gift card numbers, full login credentials, and security questions and answers. Prime example of how big business doesn’t give a lick about customer security. They waited over a year to disclose the information.
- In October, the streaming service, Twitch, was hacked. Company source code and creator payout details were stolen. An anonymous torrent was released containing 125GB of source code, claiming to contain the company’s entire commit history. Commits are source code updates/rendered work to team collaboration repositories. Source code included mobile, desktop, the entirety of twitch.tv, unreleased content and misc data. In addition to the company’s internal security tools.
- In December the US Cyber Security and Infrastructure Agency announced a breach that’s perhaps the most detrimental hack of the digital age. A vulnerability was found in a Java-based software known as Log4j. This open source software is used by nearly a third of all web servers in the world. Twitter, Amazon, Microsoft, Apple, IBM, Oracle, Cisco, Google; and one of the world’s most popular video games—Minecraft count themselves among the slew of tech and industry giants running the popular software code that’s estimated to impact 13 billion devices. By the end of the weekend, nearly 4,000,000 hacking attempts had been made to exploit the bug. 46% of which were conducted by known malicious groups.
Corporate Attacks in 2020
- Cognizant, one the largest tech consulting firms, was the victim of a Maze ransomware attack. It’s said that unencrypted data was likely stolen. Their 300,000+ technical employees are tasked with fixing issues, installing patches, and monitoring security for Fortune 500 companies.
- In March, headlines pointed to Zoom Media. Thousands of personal videos were left out for the taking. Therapy sessions and training orientations; business meetings, and company financial statements were all exposed. An array of personal conversations and tremendous videos were stolen.
- Also in March, a cyber attack affecting up to 5M customers was announced by Marriott Intl. Leaked data included personal information. 500M additional accounts were compromised in a hack on sister company, Starwood.
- May 2020, a ransomware attack shut down a prestigious law firm. 75GB of data was stolen. Stolen data included contracts, personal info, and correspondence. Bitcoin’s were requested in lieu of publishing everything on the dark web. src
Corporate Cyber Attack Incidents in 2019
- A cyber attack hit WhatsApp. Surveillance software was successfully installed on devices. src
- Discovered in Jan, reported in August. A 2.5 year long operation. The attack impacted thousands of devices every week. Upon visiting a handful of websites, malware was delivered. New and older model phones were affected.
- March-April, 100M Capital One accounts were exposed. In turn, financial information and self disclosed income; credit scores, applications and payment histories were stolen.
Corporate Attacks in 2018
- In July 2018, a startup company Apollo left a database laying around. Billions of data points taken. Personal information was exploited. Employment, location, and personal information were exposed. src
- Professional photography site 500px had nearly 15M records stolen. Swaths of private information was stolen. src
Corporate Cyber Attack Incidents in 2017
- FedEx lost $300M as a result of virus. src
- Wikileaks was said to have published 8,700 documents. Resources about the CIA hacking our technologies.
- In May 2017, the WannaCry attacks were executed against Microsoft Windows machines. Users were suffered a cyber attack that blocked entry to their systems.
“If you have nothing to hide, you have nothing to fear.”Joseph Goebbels, Nazi propagandist politician.
- In 2016, 57M Uber riders’ personal information was stolen. They announced it in 2017. This means, consumers of Uber services may very well have suffered identify theft, fraud, hacked accounts, etc because Uber failed to announce the breach sooner. src
- In late 2016 AdultFriendFinder was hit with a cyber attack impacting 412M accounts. src
- Though GM did not suffer a cyber attack, hackers demonstrated successful intrusions. In 2015, they showcased Jeep vehicle penetrations via the internet. Prompting the recall of 1.4M vehicles. In 2016, they demonstrated to GM once again, attacks could be far worse. src
- In 2014, Sony Pictures was hacked. Troves of confidential documents were stolen. Journalist information was exposed, employee records, and details of their upcoming film.
- Adobe, the company that has a near monopoly on an array of production software suffered a breach in 2013. Upon their revolutionary update to cloud based applications, they began collecting a massive amount of data. Including key strokes. This breach however claimed 153M Adobe accounts. Usernames, emails, passwords and password hints were obtained. Password hints led to more trouble all on their own. If Adobe’s collecting key strokes and gobbling up as much activity users do on their computers, isn’t that a cyber attack in of it’s own?
Entire Cities Subjected to a Cyber Attack
- March 2018, ransomware visited to Atlanta, Georgia. $51,000 in bitcoin was demanded by hackers. Various city run systems went offline. Limiting conventional services throughout the city.
- May of 2019, the city of Baltimore, MD suffered a cyber attack. Government email went down, city departments were impacted, and real estate transactions could not be processed. The Mayor did not however authorize payment of 13 requested Bitcoins ($100k) to release the ransomware. FBI and Secret Service began investigating and security experts were called in to restore services. src
- Greenville, North Carolina was hit with ransomware impacting government services, healthcare, transportation services and more. src
- The city of Atlanta suffered attacks that cost them $17M to restore. Civic services came to a halt during this time.
- April of 2017, hackers turned on 156 emergency alarm sirens at 11:40pm in Dallas, TX. 4,400 911 calls resulted, bombarding police departments. src
Government Related Cyber Attack Incidents
- In 2019 Chinese and Iranian hackers attacked US agencies. It’s believed these took place after Trump withdrew from the nuclear deal. Prompting a massive trade war. The US intelligence chief claims hackers were deployed to steal data, thus influencing public opinion.
- In May 2019 a unique cyber attack incident transpired. A Navy prosecutor authorized tracking software for email correspondence between attorneys. Including one in the Air Force. The military dubbed the incident, as ‘cyber intrusion’. In other words, the Navy hacked the Air Force. Ethically debatable considering the presiding Navy judge prohibited media disclosure. The software eventually found its way to mainstream email networks. As a result, officials sounded a surveillance alarm in fear of journalists and defense attorneys being spied upon. In turn, impacting abilities to receive a fair trial. The incident caused fear among the SEAL at hand as his verdict lies in the hands of lost attorney-client privilege. The malware is yet to be contained. Its whereabouts may have spread throughout the Navy and Coast Guard defense systems—exposing an array of confidential material far beyond the war crimes case. src
- In January 2017, attacks consumed Washington DC police CCTV cameras. src
Transportation Cyber Attack Events
- In early 2018, The Department of Transportation in Colorado suffered a cyber attack. 2,000 computers were held hostage. As IT pros tackled the problem, a new strain reinfected their systems. src
- 10/2017, a DDoS cyber attack impacted trains in Sweden. The incident affected train monitoring, federal email, and road maps.
- 11/2016, cyber criminals successfully hit the San Fransisco Transit System. Cyber criminals demanded 73k to lift the ransomware. The city refused to pay, but did find a way to restore the systems. There was a tremendous loss of revenue as because riders rode for free during the two day span.
- 11/2015, a cyber attack compromised Swedish air traffic control systems. Air traffic controllers were prevented from seeing planes on their screens. In turn flights were canceled, affecting thousands of people. src
Utility Company Attacks
- In March, a water treatment plant was hacked. Chemical levels used to treat water were tampered with. In addition, 2.5M customers data was stolen. src
- In December, three energy distribution centers were hacked. A breach to Ukraine’s power grid left 230k people were left without electricity. src
Attacks on Hospitals
- In May of 2017, a Canadian hospital fell victim to a vicious cyber attack. The breaches affected systems in over 100 countries. src
Cyber Attack Incidents on People
- A Wired magazine Sr. writer shared his personal experience of being hacked. In just one hour, his Google account was taken over. Then deleted. His Twitter account was sabotaged. Then used to tweet horrific messages. Hackers proceeded to delete his Apple device. Done so by launching attacks to his Apple account.
- Scott Augenbaum, author of ‘The Secret to Cybersecurity’ talks about numerous breaches. One incident entails a newly wed couple that’d saved $50k. Upon finding their dream home, they were digitally duped. The lost their dream home, and a $50k deposit.
- Another incident began with a weak password. A hacker gained account access. Very personal information was discovered. The account holder was extorted for $10k. Then $35k. Over the coming weeks the victim paid out 150k. Then contemplated suicide.
- Other notable attacks targeted male FB users. An attractive woman showed an interest in something on the victims page. When the victim clicked a link, they fell victim to ransomware. The victim’s Apple iCloud account login credentials were changed. Locking them out of their iCloud storage. iCloud backups were taken over.
- An incident mentioned in a technology book spoke of a frightening event. A social media content provider protected her account w/ an insecure password. Hackers discovered she had an iCloud account, with the same credentials. The cloud account had a list of accounts and their logins. All of which were hacked. 10 iPads were purchased against her will. All her accounts were held for ransom. When she replied with anger, the her cloud files were deleted. Precious family photos and incomplete personal projects were gone. Her social media following was then tinkered with. The process repeated several times.
The cyber attack industry is predicted to reach $6 trillion/year by 2021. A cybersecurity company equates this number to the greatest transfer of wealth. Cyber crime make a good argument to limit tech usage. Familiarize yourself with non-mainstream tools that protect user rights. Educate yourself; avoid being a victim of a cyber attack.