No surprise here, 2015 was a big year for network security disasters.The Identity Theft Resource Center (ITRC) reports that the nearly 178 million records breached in 2015 is a record since it began reporting in 2005. The number of records exposed in 2015 by sector is as follows:
In February, Anthem Blue Cross experienced the largest healthcare breach ever, involving 80 million records. The breach affected one-third of Americans. Records stolen included names, birthdates, social security numbers, addresses, and employment information. What is worse, much of the data was not encrypted. The breach was a result of a watering hole attack, where websites accessed by targeted users are compromised. The attackers then infect the targets and gain access to their local area network. The attack went undetected for nine months. Then a systems administrator noticed an internal database was being accessed by an account without the user’s knowledge.
Although the FBI says that the attacker is unknown, reports hint that this breach was perpetrated by Deep Panda, a know hacker group associated with the Chinese government. Premera Blue Cross was attacked the same day as Anthem, leading experts to believe that the same actors were involved. The Anthem breach was followed by the discovery of 10 million records stolen at Excellus and CareFirst BlueCross BlueShield. The attack began in December 2013 but was undiscovered until September 2015. Again, the attackers are unknown.
In July, news hit of a breach of 4.5 million records at UCLA Health Systems. There was “unusual activity” on a server during October 2014, persuading UCLA Health to involve the FBI. The breach was not discovered until May 5, 2015. UCLA Health had experienced other breaches since 2005, leading to lawsuits claiming data was not properly secured.
The United States has repeatedly blamed China for cyberattacks on American government and business. In September, US president Barack Obama discussed the issue with his Chinese counterpart Xi Jinping. It appears that China does not limit its attacks to the United States. In December, news came of a breach at Australia’s Bureau of Meteorology supercomputer. Since this was linked to other computers in more sensitive government agencies, the attackers were obviously targeting the weak link in the network. The Australian government blamed China for the attack, but China denied any involvement.
The US Office of Personnel Management experienced two huge breaches, the first involving 4 million records and the second involving 21 million records. Some experts call these breaches are the most damaging to US national security ever. This is because the records stolen included entire background checks and fingerprints, perfect for blackmailing present and former government workers. The attackers stole a contractor’s credentials and used them to establish a malware backdoor into the network. The first breach went undetected for nearly a year until uncharacteristic SSL traffic and a decryption tool tipped off the systems administrators.
Fifteen million records were exposed at Experian, the world’s largest credit monitoring agency. The data stolen were of T-Mobile customers undergoing credit checks with Experian for a 15-day period in September. What is more disturbing; Experian’s encryption may have been compromised.
The UK's largest data breach of 2015 was reported in August by Carphone Warehouse, a conglomerate that does a lot more than sell car phones. Up to 2.4 million records containing personal and banking information and 90,000 encrypted credit card records were breached. There are conflicting reports of how the attack was executed. Some sources say there was a moderated DDoS to throw the security personnel off the scent while the break-in occurred. Others report that it was the result of a spear phishing attack. Carphone Warehouse reported the breach within 4 days after it was discovered.
In November, we were reminded that the Internet of Things (IoT) is not as secure as it should be. There was a breach of 4.8 million records at the toymaker VTech of Hong Kong. Its download portal was compromised, exposing a database of first names, genders, and birthdays of over 200,000 children. VTech purportedly had weak password security. According to Motherboard online magazine, the self-professed attacker said he planned to do "nothing" with the data.
The only good thing about a data breach is that it can lead to improved security overall. Some of the lessons of the 2015 data breaches are:
Why not subscribe to our blog below and we'll keep you updated on all the latest news on the current malware, spam and network security issues.
Sign-up for email updates...