7 Most Infamous Cloud Security Breaches

A recent study by Thales found that 39 percent of businesses experienced a data breach last year. In the same survey, 75 percent of companies said more than 40 percent of their data stored in the cloud is sensitive. Meanwhile, an Arcserve-commissioned independent global study found that 43 percent of ITDMs falsely believe that cloud providers are responsible for protecting and recovering data in the cloud.

The same Arcserve study found that 82 percent of IT decision-makers expect an increase in hybrid cloud investments, and 70 percent expect an increase in multi-cloud investments. That means even more businesses could find themselves under a proverbial “dark cloud.”

Cloud security breaches result from various cyberattack vectors, but the consequences are the same. A company’s reputation is sullied, its customers may leave in droves, and the final cost may sink the company.

For all of us in IT, there are lessons to be learned from each breach. That’s especially true when you consider that cloud security breaches have surpassed on-prem breaches, according to the Verizon Data Breach Investigations Report (DBIR).

With that in mind, we wanted to look at the most infamous cloud security breaches that have made headlines.

1.    Facebook

Facebook was breached sometime before August 2019 but decided not to notify over 530 million users that their personal data was stolen—and shortly after that, posted to a public database—until April 2021. The data included phone numbers, full names, locations, some email addresses, and other details from user profiles.

While Facebook later posted an account about the attack on its blog, the damage to the company’s reputation was tainted. Facebook says it found and fixed the issue immediately, but the ripple effect even hit founder Mark Zuckerberg. He had to answer to federal regulators to settle a privacy case with the Federal Trade Commission that included a $5 billion penalty paid by the company.

Things only worsened in October 2021 when whistleblower Frances Haugen claimed that Facebook chooses profits over safety.

2.    Alibaba

In November 2019, an attack hit Alibaba’s Chinese shopping website Taobao, impacting more than 1.1 billion user’s data. The attack happened over eight months as a Chinese software developer trawled the site, secretly scraping user information until Alibaba noticed what was happening. The stolen data included user IDs, mobile phone numbers, and customer comments.

While the hacker didn’t get ahold of encrypted information like passwords, the breach was severe enough that the company notified the police. Because it happened in China, the full consequences of this attack will likely never be made public. But it’s an example that makes a strong case for better monitoring systems and networks.

3.    LinkedIn

Like Alibaba, in 2021, LinkedIn also fell victim to a data scraping breach. Affecting 700 million LinkedIn profiles, the information was primarily public. However, the data from the hack was posted on a dark web forum in June of 2021. LinkedIn explained that no sensitive, private data was exposed. The company also made the argument that the incident only violated the company’s terms of service.

But a scraped data sample in the dark web post included email addresses, phone numbers, geolocation records, genders, and other social media details. That’s plenty of data for a clever hacker to use for social engineering attacks. And, while LinkedIn refuses blame for the breach, it has undoubtedly opened many eyes to the data risks of using social media.

4.    Sina Weibo

Sina Weibo is one of China’s largest social media platforms. In June 2020, the personal details of more than 538 million users—including real names, site usernames, gender, and location—and phone numbers for 172 million users were posted on the dark web and other places. While it isn’t clear how the incident originated, the hacker put Weibo’s data up for sale for a mere $250, most likely because it didn’t include passwords.

Even though Weibo is heavily monitored and censored these days, it is still used, at times, to share unfiltered news from around the country. As a result, anonymous Weibo users may face the most significant risks due to the breach.

5.    Accenture

Accenture was hit by hackers connected to the LockBit ransomware group in August 2021. The group stole and leaked proprietary corporate data and, even worse, breached the company’s customers’ systems.

The hackers claimed to have stolen six terabytes of data and demanded a $50 million ransom. But Accenture told one publication that all affected systems were fully restored from backups without impacting Accenture’s operations or its clients’ systems.

6.    Cognyte

In June of 2021, cyber analytics firm Cognyte failed to secure its database, exposing 5 billion records detailing previous data incidents. The records were posted online without a password or any other authentication required to access them. The database was exposed for four days, and it isn’t clear precisely how many passwords were included, but all contained names, email addresses, and the data source. That’s the kind of data hackers can leverage for years to come.

7.    Toyota Motor Company

In June of 2023, automaker Toyota said approximately 260,000 customers’ data was exposed online due to a misconfigured cloud environment.

While the breach didn’t expose massive amounts of sensitive data, it highlights that a simple misconfigured can open the door to hackers. It also shows how long it can take before a breach is discovered, with Toyota writing that the data was exposed from February 2015 to May 2023, with in-vehicle device ID, map data updates, updated data creation dates, and map information and its creation date (not vehicle location) having potentially been accessible externally.

Conclusion

While you can’t stop every attack, you do need to make every effort to do so. That’s why we built the Arcserve Unified Data Resilience Platform on three pillars:

• Integrated cybersecurity that uses a deep learning neural network to detect both known and unknown malware without relying on signatures.

• Complete protection for physical and virtual on-premises, cloud, and SaaS-based data from external threats, major disasters, human error, and other unplanned outages.

• Fast recovery capabilities that let you spin up copies of physical and virtual systems onsite and offsite or in private and public clouds.

Source: ArcServe Blog

Recommended Posts

Leave a Comment

Contact Us

Get in touch, send us an email and we'll get back to you, asap.

Not readable? Change text. captcha txt
cyber-readiness-report