August 26, 2020: A motion rehabilitation device manufacturer, Dynasplint Systems, experienced an encryption attack on its business devices that exposed the personal and medical information of 103,000 patients. Given the high stakes around cybersecurity, companies must reinforce their digital safeguards in 2020 and beyond. Why Businesses Need Customer Identity and Access Management (CIAM)? Comparitech’s security experts discovered the unprotected database cluster, which contained more than 350 million records. October 27, 2020: The immigration law firm responsible for representing Google, Fragomen, Del Rey, Bernsen & Loewy, announced a security incident has exposed the personal information of current and former Google employees. The information involved included customers’ names and login credentials (email address and password.) Subscribe to our Newsletter for Identity Theft Updates: September 16, 2019, to November 11, 2019, had their, names, shipping addresses, billing addresses, payment card numbers, CVV codes, and expiration dates skimmed and put for sale on the, Personally Identifiable Information (PII), 85,000 medical marijuana patients and recreational users. The exposed database also included numerous accounts using corporate emails of Infosys, Wipro, Google, Cognizant, and Facebook. Leonardo SpA, the largest defense contractor globally, experienced a malware attack that exfiltrated data up to 10GB. In April 2019, Evite, a social planning and invitation site identified a data breach from 2013. 616 data breaches of 500 or more records were reported to the HHS’ Office for Civil Rights. The breached portal exposed names, Social Security numbers, physical and email addresses, dates of birth, citizen status, and insurance information of business owners applying for emergency loans during COVID-19. The personal information of guests published on the hacker forum included: On March 31, 2020, the American hospitality company Marriott International disclosed a cybersecurity breach that exposed data of over 5.2 million hotel guests who used the company’s loyalty application. comes as no surprise that, the number of data breaches increased in 2019 and 2020. Regularly updated. The Home Depot, Inc., the largest home improvement retailer in the US, has reached a USD 17.5 million settlement with 46 states and Columbian District for the data breach it suffered in 2014. Individuals hand over their private data to websites and online companies in return for access to the services they provide, on the assumption that personal details will be safeguarded. Also Read: Ransomware Hits Largest US Fertility Clinic. July 28, 2020: The online alcohol delivery startup Drizly disclosed to its customers that a hacker accessed the account details of 2.5 million Drizly accounts. The database contains 1,852,595 records, including names, email addresses, country, gender, job description, online behavior related details, date of registration, IP addresses, social media profile links, and authentication tokens. The malicious actors acquired the login credentials of two Marriott employees to access the guest information. If you send USD 1000, I will send back USD 2000. StealthLabs can help you! As usual, incidents affecting UK organisations are in bold. Which breaches stood out in 2020, and what can we learn from them? Hackers accessed customers’ details from Warner Music’s e-commerce websites hosted and supported by a third-party, capturing customer’s names, email addresses, telephone numbers, billing addresses, shipping addresses, and payment card details such as card numbers, CVC/CVV, and expiration dates. The hacker gained access to a database that contained the details of 538 million users and sold the data for USD 250 on the dark web. May 24, 2020: At least 25 million Mathway app users, a top-rated mobile app calculator, had their email address and password exposed to data thieves, and the leaked database was quickly found for sale on the dark web. Data exposed includes leak dates, passwords, email addresses, email domains, and companies that were the source of the original leaks. June 22, 2020: More than 296 GB of data was leaked from US law enforcement agencies and fusion centers and posted the files online on a searchable portal titled BlueLeaks. View the recent data security incidents that have been reported or notified to the ICO, or that we have identified proactively. At least 530,000 Zoom accounts were listed for sale on the dark web and hacker forums. Researchers are still uncertain how this data was exposed originally, but have noted that 16.8 million of the Facebook profiles now include more data than originally exposed.