The start of this year hasn’t been a great one in terms of cyber-attacks. From phishing emails, to ransomware attacks to malicious payloads, cybercriminals have used a range of techniques to strike well-established organisations around the world.
H&M
What happened: A German newspaper reported in January that fashion retailer H&M collected information on illnesses and other personal circumstances of employees at the H&M Customer Center for Germany and Austria.
Who was affected: It was reported that a hard drive containing about 60 gigabytes of data was discovered by authorities that maintained “detailed and systematic” records about employees’ health, from bladder weakness to cancer, and about their private lives, such as family disputes or holiday experiences.
The confidential files were available to all H&M managers. According to one media report the October breach affected “several hundred” employees, but the company insists the files were deleted as soon as the incident was discovered.
Defence Information Systems Agency (agency in charge of communication for the White House)
What happened: The US Department of Defence confirmed that computer systems controlled by the Defence Information Systems Agency (DISA) had been hacked, exposing the personal data of thousands. The agency said there was "no evidence" the leaked information has been misused.
The agency oversees military communications. These include calls for US President Donald Trump.
Who was affected: The data exposed included names and social security numbers of about 200,000 people.
Toll Group
What happened: Logistics giant Toll Group was in the news after they were hit by a ransomware attack called Mailto.
iTnews reported that as many as 1000 servers in Toll’s data centre had been infected, and that staff had been advised not to turn on machines or try to connect them to the corporate network.
Who was affected: In a media statement, Toll said that “[it has] seen no evidence to suggest any personal data has been lost”.
It was reported that some customers were experiencing delays or disruption to their deliveries as the company had to rely on manual processes and systems to operate in the days following the attack.
Microsoft
What happened: Microsoft confirmed a massive data breach affecting anonymised data held on its customer support database.
The tech giant said the error stems from a change it made to the databases’ network security group, causing misconfigured security rules.
Who was affected: It was reported that up to 250 million records were exposed online between 5 and 31 December as a result of the tech giant failing to implement proper protections.
The information, which includes email addresses, IP addresses and support case details, was held on leaky Elasticsearch servers.
United Nations
What happened: A report released this year claims hackers compromised dozens of United Nations (UN) servers in 2019.
According to an internal report on the incident seen by The Associated Press, the hackers exploited a Microsoft SharePoint vulnerability to access the UN network. However, the type of malware is unknown, as is the location of the C&C servers used to exfiltrate the data. It’s also unclear how the attackers maintained a presence on the network once inside.
Who was affected: Approximately 400GB is thought to have been exfiltrated by the hackers, including Active Directory lists of users. Although it’s unclear exactly what other info was taken, the servers in question could have provided access to sensitive details on UN employees, and commercial contract data.
In each of these instances, regardless of the size or value of the information leaked, the destructive potential is immense. The damage sustained by companies as a result of cyber-attacks goes far beyond the immediate financial losses, and no doubt these firms and others that we haven’t mentioned, are still working through some of the implications.
Let these data breaches serve as a motivator for all of us to practise good cyber hygiene, and to remain vigilant.
Talk to us
MailGuard's partner blog is a forum to share information and we want it to be a dialogue. Reach out to us and tell us what your customers need so we can serve you better. You can connect with us on social media or call us and speak to one of our consultants.
Australian partners, please call us on 1300 30 65 10
US partners call 1888 848 2822
UK partners call 0 800 404 8993
We’re on Facebook, Twitter and LinkedIn.
