Ten Big Breaches In 2011
No one was immune: not social networks, not financial institutions, and not even security firms
![](https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltc94608acf452fd67/655cf371ab171e040a838b2a/329050_DR23_Graphics_Website_V5_Default_Image_v1.png?width=700&auto=webp&quality=80&disable=upscale)
What happened: An attacker stole the username and password belonging to a Comodo trusted partner and used the credentials to register nine SSL certificates for seven high-value domains, including Google, Skype, and Yahoo. An Iranian hacker takes credit for the attack -- and a later attack on DigiNotar -- on Pastebin.
Losses: Nine certificates for high-quality domains and the unquestioning trust that many users had in the system of certificate authorities.
What happened: Using a phishing attack disguised as an e-mail with recruitment information, attackers infected an employee at RSA with the Poison Ivy Trojan by exploiting a Flash vulnerability in an Excel spreadsheet. Using the compromised beachhead within RSA's network, the attackers sought out information on the SecurID authentication tokens widely used as a two-factor authentication mechanism.
Losses: While RSA has remained vague on the actual data compromised by the attackers, its statements and later evidence suggests that its database of 40 million SecurID seeds was breached.
What happened: Attackers gained access to an e-mail server at marketing firm Epsilon. More than 100 companies that used the service -- including Best Buy, Chase, Disney Destinations, and Target -- had customers' names and e-mail addresses stolen, raising concerns that advanced phishing attacks would emerge.
Losses: Millions of customers' information collected by 111 of the company's 2,500 clients, according to DataBreaches.net.
What happened: Attackers hacked several servers run by Automattic, the company that maintains and augments the Wordpress code. Gaining root-level access, the attackers likely stole the WordPress source code, much of which is open source but some of which is proprietary. Partner code was likely also accessed.
Losses: Source code and application programming interface (API) information. The company does not believe that any information on its approximately 18 million users was taken.
What happened: After Sony levels legal threats at a Playstation hacker, attackers claiming to be part of the Anonymous movement -- and the offshoot LulzSec group -- break into a host of Sony properties, including the Playstation Network, Qriosity, and Sony Online Entertainment. The attack takes down the Playstation Network for more than a month, angering approximately 75 million owners and costing Sony an estimated $171 million. Other U.S. game companies, including Sega and Bethesda Softworks, were also hit.
Losses: The slate of breaches that occurred over 45 days chalks up more than 101.6 million user records, including 12 million unencrypted credit-card numbers.
What happened: Hackers stole names, account numbers, and contact information from Citibank in an attack that exploited the poor design of the financial company's website. By logging into a customer's credit card account and merely changing the account number in the URL, the hackers could access other customers' accounts. Automating the attack lead to at least 1 percent of the company's 21 million customers.
Losses: Attackers got information on approximately 360,000 customers.
What happened: Hackers stole the names, phone numbers and email addresses of approximately 35 million users from the servers of social and virtual-world site CyWorld. The service allows members to access email and other services, while the social site allows members to create a digital persona that lives in a virtual apartment. The company blamed Chinese hackers for the breach. It wasn't the only Korean entertainment network to be hit: At the end of November, online game firm Nexon reported that 13.2 million players of its Maple Story, becoming the second largest breach for a Korean game company.
Losses: The names, phone numbers and e-mail addresses of some 35 million members. Other information was also stolen but was encrypted, according to the firm.
What happened: The military's healthcare provider, TRICARE Management Activity, announced that its contractor SAIC lost back-up tapes that included information on 4.9 million patients. The organizations declined to discuss the format of the information or whether it was encrypted. Healthcare was the most breached industry in 2011, according to an analysis of the Privacy Rights Clearinghouse database.
Losses: The tapes included Social Security numbers, addresses, and phone numbers of 4.9 million military service members. Personal health data such as clinical notes, laboratory tests, and prescriptions were also included, but not financial data.
What happened: Researchers at the University of British Columbia sent more than 5,000 Facebook users friend requests during an 8-week period . Using 102 "socialbots," fake accounts, the researchers sent up to 25 friend requests each day. About 19 percent of requests were accepted. Then, leveraging those connections, the bots sent friend requests to their friends, with a 59 percent success rate. The researchers then gathered 250 GB of friend-only data from the accounts. Facebook has criticized the research.
Losses: The researchers gained access to 250 GB of data from more than 3,000 profiles, which they destroyed at the end of the research. They estimated 80 percent of Facebook users could be compromised with a social network.
What happened: Cyber-vandals defaced Valve's forum for its popular Steam game download service. The attackers had access to the database in which account information on Steam's 35 million users was stored. The company has not determined how much data was taken.
Losses: The attackers accessed a database with user names, hashed and salted passwords, game purchases, email addresses, billing addresses, and encrypted credit card information, according to Valve.
What happened: Cyber-vandals defaced Valve's forum for its popular Steam game download service. The attackers had access to the database in which account information on Steam's 35 million users was stored. The company has not determined how much data was taken.
Losses: The attackers accessed a database with user names, hashed and salted passwords, game purchases, email addresses, billing addresses, and encrypted credit card information, according to Valve.
What happened: Cyber-vandals defaced Valve's forum for its popular Steam game download service. The attackers had access to the database in which account information on Steam's 35 million users was stored. The company has not determined how much data was taken.
Losses: The attackers accessed a database with user names, hashed and salted passwords, game purchases, email addresses, billing addresses, and encrypted credit card information, according to Valve.
About the Author(s)
You May Also Like
CISO Perspectives: How to make AI an Accelerator, Not a Blocker
August 20, 2024Securing Your Cloud Assets
August 27, 2024