Cybersecurity Breaches Of 2021 Worth Taking A Look

A look at a few major cybersecurity breaches of 2021

Like every year, 2021 also saw some major cybersecurity breaches and data leaks that exposed the personal information of millions of people online. In addition, the pandemic made many companies go online, and this gave an opportunity to hackers to get more creative and use sophisticated tools to carry out their work.

Let’s take a look at a few major cybersecurity breaches of 2021:

Facebook user data breach

In April 2021, media outlet Business Insider reported that a user in a hacking forum published the personal data of millions of Facebook users. Alon Gal, co-founder and CTO of cybercrime intelligence company Hudson Rock, discovered this first which exposed personal data of more than 533 million Facebook users from different countries with 6 million users from India. It included phone numbers, Facebook IDs, full names, locations, birthdates, and email addresses. The media report also talked about how a Facebook spokesperson said that the data had been scraped due to a vulnerability that the social media giant had patched in 2019.

THE BELAMY

Sign up for your weekly dose of what's up in emerging technology.

This was not the first time Facebook had suffered data breaches. Even in 2019, millions of users’ phone numbers were scraped from Facebook’s servers in violation of its terms of service.

 LinkedIn 

The data connected to 700 million LinkedIn users was posted on a dark web platform for sale in June 2021. By exploiting the API, the hackers “scraped” the data. The type of data stolen was email addresses, full names, phone numbers, LinkedIn usernames, personal and professional experience, and other social media accounts they held.

LinkedIn, in a statement, said that it was not a data breach and no private LinkedIn member data was exposed. The initial investigation revealed that data was scraped from LinkedIn and other websites. It included the same data reported earlier this year in the April 2021 scraping update.

Microsoft exchange

This breach happened when four zero-day exploits were discovered in on-premises Microsoft Exchange Servers. It gave attackers full access to user emails and passwords on affected servers and administrator privileges on the server. They installed a backdoor that lets the attacker get entry to impacted servers even if the server is later updated to no longer be vulnerable to the original exploits. Over 250,000 servers have fallen victim to the data breach as of 9th March 2021.

Accenture

In August 2021, IT giant Accenture confirmed that LockBit ransomware operators stole data from its systems during an attack that impacted the company’s systems. The LockBit ransomware team claimed to have stolen six terabytes of data from Accenture’s network. They demanded a $50 million ransom.

Acer

In October 2021, Acer confirmed that its servers were breached by a group of hackers called Desorden. They managed to steal over 60 gigabytes worth of data that contained sensitive information about millions of Acer’s customers like names, phone numbers of clients, and corporate financial data. The hack was reported by the hackers themselves and was later confirmed to be true by Acer.

Pixlr

In January 2021, a database of 1.9 million user records belonging to online photo-editor Pixlr was dumped on a dark web hacker forum by a notorious hacker by the name ShinyHunters. Data like usernames, email addresses, country, and passwords were exposed.

T-Mobile 

T-Mobile in August said that a US data breach had hit more than 40 million T-Mobile customers; the company has admitted and blamed it on a highly sophisticated cyberattack. It also said though personal information was stolen, no financial details were leaked. The world got to know about the breach after reports came out that criminals were attempting to sell a large database containing T-Mobile customer data online.

More Great AIM Stories

Sreejani Bhattacharyya
I am a technology journalist at AIM. What gets me excited is deep-diving into new-age technologies and analysing how they impact us for the greater good. Reach me at sreejani.bhattacharyya@analyticsindiamag.com

Our Upcoming Events

Conference, in-person (Bangalore)
Machine Learning Developers Summit (MLDS) 2023
19-20th Jan, 2023

Conference, in-person (Bangalore)
Rising 2023 | Women in Tech Conference
16-17th Mar, 2023

Conference, in-person (Bangalore)
Data Engineering Summit (DES) 2023
27-28th Apr, 2023

Conference, in-person (Bangalore)
MachineCon 2023
23rd Jun, 2023

Conference, in-person (Bangalore)
Cypher 2023
20-22nd Sep, 2023

3 Ways to Join our Community

Whatsapp group

Discover special offers, top stories, upcoming events, and more.

Discord Server

Stay Connected with a larger ecosystem of data science and ML Professionals

Subscribe to our newsletter

Get the latest updates from AIM