Top 15 Movers & Shakers in Information Security - 2015

The year 2015 was the year of data breaches and cyber espionage's. Listed here are the 15 most popular information security stories of the year.

1. TalkTalk data Breach

TalkTalk data breach incident which raised the eyebrows of many TalkTalk customers. This data that was compromised included personal and confidential information of their customers. TalkTalk officials said that they have sparse information about the data that was stolen from their database.

2. Information was stolen from Edinburgh Council Database

Email addresses were stolen from an Edinburgh City Council database. According to the news sources, around 13,000 addresses were stolen from Edinburgh City Council database. Though emails were the only targets of hackers, the threat looms over the victims of the cyber attack in the form of phished-emails.

3. Anthem cyber attack affected 80 million customers

The US healthcare insurance companies became the prime targets of cyber attacks in 2015 (Here's a resource that will navigate you through cyber security attacks). Anthem healthcare insurance company became the victim of a cyber attack on February 2015. The compromised data included names, birth dates, medical IDs / Social Security numbers, email addresses and employment information.

4. Size does not matter

Cyber attacks were not confined to one particular business. Even small business establishments were targeted by the hackers. The perfect example is the Yorkshire based Bettys tea room chain that uses its website to take the orders. The cyber attackers stole the data of 120,000 customers, that included customer names, email addresses and encrypted passwords.

5. Experian/T-Mobile data breach

T-Mobile uses services Experian firm for processing their credit card application. Experian Plc. is world's largest consumer credit monitoring firm. This firm disclosed that it was a victim of a cyber attack that exposed personal and confidential data of 15 million T-Mobile customers who applied for service with T-Mobile US Inc.

6. LastPass data breach incident

LastPass is a password management company. This company admitted that the information on their database has been compromised because of this cyber-attack. The company officials also made a statement that it may have affected their seven million customers. The compromised information included customers email addresses, and authentication hashes.

7. mSpy

mSpy a spyware company also fell prey to cyber crime. This attack has put 400,000 mSpy customers at stake as their confidential data such as customer screen shots, geolocation data, chat logs, and location records was stolen by the hackers.

8. Slack

Slack technologies the makers of collaboration platform tools became a victim of a cyber attack (also consider checking this perfect guide for cyber security certifications). The intruders stole confidential information like usernames, email addresses and hashed passwords and some phone numbers and Skype IDs from their database.

9. Harvard University data breach

Harvard University database got hacked in 2015. The breach was identified in the IT systems of their Faculty of Arts and Sciences and Central Administration. This attack further impacted eight different schools and administrative organizations at the university.

10. UCLA Health System data breach

UCLA Health System database was hacked by unidentified people in May 2015. UCLA Health computers housed patient data from Ronald Reagan UCLA Medical Center and three other hospitals. Hackers gained access to sensitive records of 4.5 million people, that included names, medical information, Social Security numbers, birth dates and physical addresses.

11. CVS online photo center hack

CVS Photo is a popular website where users can upload digital images and pick up prints at the CVS pharmacy. According to news sources, this website could have been the victim of a cyber attack, and the credit card information may have been compromised.

12. Planned Parenthood website hacked

Planned Parenthood website database was hacked by an anti-abortion group in July 2015. The information compromised by the hackers included email, employee, and patient information. This attack indicates that the motives behind the attack can be social or political.

13. Kaspersky data breach

Anti-virus software provider Kaspersky has also been the victim of cyber attack. This incident affected multiple customers such as participants in the international negotiations on Iran's nuclear program and in the 70^th- anniversary event of the liberation of Auschwitz. This breach pinpoints that even the most security-conscious organizations can fall victim to determined hackers.

14. United Arab Emirates (UAE) Bank database hacked

An anonymous user with a pseudo name “Hacker Buba” had breached the database of UAE bank in 2015. The hacker posted thousands of customers' transactions history online, causing a panic situation among bank customers.

15. Hacked: British Airways frequent-flyer accounts

Frequent-flyer accounts of British Airways customers was hacked by unidentified persons in March 2015. The airline official said that only a small proportion of its millions of customers were affected, and no names, addresses, bank details or other personal information had been accessed. The hack is believed to have been carried out with the help of an automated computer program, that searches for the vulnerabilities in the company’s online security systems.

Some Key Findings in 2015:

1. In 2015, there were 1,966,324 registered notifications about attempted malware infections that aimed to steal money via online access to bank accounts

2. Ransomware programs were detected on 753,684 computers of unique users; 179,209 computers were targeted by encryption ransomware

3. Kaspersky Lab’s web antivirus detected 121,262,075 unique malicious objects: scripts, exploits, executable files, etc

4. To carry out their attacks, cybercriminals used 6,563,145 unique hosts

5. 34.2% of user computers were subjected to at least one web attack over the year

Source: https://securelist.com/analysis/kaspersky-security-bulletin/73038/kaspersky-security-bulletin-2015-overall-statistics-for-2015/

Conclusion:

Listed above are the stories which exposed flaws in the data security systems and also consequences overlooking cyber threats. These threats sent shock waves across all the business and government establishments in 2015. We hope that organizations take appropriate cyber security measures to bring down cyber crime incidents.