In 2014, cyber attacks and data breaches don’t look like they’re going to slow down. We’ve seen high-end data breaches of large companies, with data, personal records and financial information stolen and sold on the black market in a matter of days.
Analysts, Hold Security, startlingly announced in February that it had managed to obtain a list of 360 million account credentials for web services from the black market. That’s just after three weeks of research.
Criminals are stepping up their game and data breaches are becoming both common and devastating. According to research from Arbor Networks, the number of DDoS events topping 20Gbps in the first half of 2014, are double that of 2013. With more than 100 attacks at over 100Gbps or higher recorded in the first half of the year.
This incredible interactive map from Antivirus software firm Kaspersky, which depicts all the current cyber attacks occurring around the world in real time, shows the growing intensity of hacks as the year progresses.
We’re only half way through the year, but there has already been a few high-profile hacks that have stopped presses. Here I’ll explore - in no particular order - the most brutal hacks that have taken place in 2014 so far.
Ebay
eBay went down in a blaze of embarrassment as it suffered this year’s biggest hack so far. In May, eBay revealed that hackers had managed to steal personal records of 233 million users. The hack took place between February and March, with usernames, passwords, phone numbers and physical addresses compromised.
Hackers successfully stole eBay credentials and managed to gain access to sensitive data. eBay encouraged users to change their passwords and reassured them that financial information was not stolen, as it’s stored separately and encrypted. Although there were further concerns that the stolen personal information could leave eBay users vulnerable to identity theft.
Despite eBay not confirming who was behind the attack, the notorious Syrian Electronic Army claimed responsibility. Despite the huge data breach and the sensitivity of the data, the SEA said that it was a “hacktivist operation” and that they “didn’t do it to hack people’s accounts”.
Montana Health Department
The State of Montana’s health department revealed that a data breach may have affected more than 1 million people. The hack actually happened in July last year, but it wasn’t discovered until May this year, with the identity of the intruders, and the extent of the damage done, still unclear.
The state government said that it is notifying 1.3 million people including current and former residents, families of the dead and anyone else whose personal information may have been accessed in the attack.
It’s not clear if the attackers made-off with sensitive information, or if it had been used or sold on the black market. Richard Opper, director of the state's Department of Public Health and Human Services, said that there’s “no indication” the hackers accessed the information or used it inappropriately.
If they did, hackers would’ve gained access to highly personal information such as Social Security numbers, medical records, medical insurance records, names, addresses and birth certificates. Not to mention the bank details of all health department employees.
P.F. Chang’s
The chain restaurant suffered a huge data breach last month that compromised customer payment information. Chang’s didn’t specifically mention how many customers had been affected, but thousands of newly stolen credit and debit cards went up for sale online on June 9th.
Several banks had gotten in touch with Brian Krebs, a security journalist, to say that “they acquired from this new batch, multiple cards that were previously issued to customers, and found that all had been used at P.F. Chang’s locations between the beginning of March 2014 and May 19, 2014.”
Criminals managed to hack P.F Chang’s point of sale machines and record credit and debit card data, which then found its way on to the black market. Stolen records were being sold for between $18 and $140, with the price depending on how fresh the stolen data is. Chang’s responded by going low-tech and using age old manual credit card imprinting machines to take payment in its stores, which it then upgraded to new “encryption-enabled terminals”.
Chang’s is still working with the US Secret Service to discover the identity of the hackers.
Evernote and Feedly
It’s not clear if the attacks on both Feedly and Evernote were connected, but they happened within a day of each other and the two companies work largely in tandem. Whilst Evernote was taken down with a Distributed Denial of Service (DDoS) on Tuesday June 10th and was quickly restored within a few hours, Feedly, which went down the next day, suffered much more.
The news aggregation service was attacked in the early hours of Tuesday morning. CEO of Feedly, Edwin Khodabakchian, announced on Feedly’s official blog that the attack had been “neutralized” and that normal service had restored. However, two more DDoS waves were launched at Feedly which bought it down for another two days, with service being properly restored on June 14th.
Not much about the attacker is known, other than that they attempted to extort money out of Feedly in exchange for ending the attacks. Khodabakchian said that he refused to comply with the attacker’s ransom demands and the threat, eventually, was neutralized.
Domino's Pizza
Hacking group Rex Mundi held Domino’s Pizza to ransom over 600,000 Belgian and French customer records. In exchange for the personal data, which included names, addresses, emails, phone numbers and even favourite pizza toppings, Mundi demanded $40,000 from the fast-food chain.
If the ransom wasn’t met, the hackers threatened to publish the information online. The group then taunted Domino’s by saying: “Earlier this week, we hacked our way into the servers of Domino's Pizza France and Belgium, who happen to share the same vulnerable database. boy, did we find some juicy stuff in there.”
Domino’s refused to comply with the ransom and reassured customers that financial and banking information was not stolen. The hacking group had its Twitter account suspended and the data was never released, although it's not clear if Domino's ever complied with the ransom demands.
