Cases involving hacking attempts, data breaches, and privacy invasion are quite common nowadays. Looking back at the year 2018, there have been quite a few high profile cybersecurity incidents that have taken the world by storm. Here’s a postmortem analysis on the top 4 hacking accomplishments in the year 2018, with a keen eye on the lessons learned from each of those incidents.
A group of hackers successfully broke through the security protocol of Under Armer’s MyFitnessPal app. Over 150 million users’ data was leaked which contained name, password and contact information of the users. While the hackers could not access sensitive data such as credit card information, location, and birth dates, the revelation came as a surprise to the industry experts as Under Armer is known to be vigilant about web security risks.
The basic user information was encrypted with SHA-1 hashing technique, which has its own flaws. The need of the hour is a modern, robust and sophisticated encryption technique which has a reputation for keeping its product up-to-date. A change in corporate policy and revision of the security protocols could go a long way to prevent such data breaches.
Additionally, users can make it a point to use a VPN which encrypts their web traffic and makes it difficult to hack. You could choose to go for NordVPN after going through NordVPN reviews such as this one and make a smart choice, if in doubt.
Two databases operated by The Sacramento Bee, a daily newspaper, were hacked by an anonymous hacker. One of the hacked assets contained voter registration numbers of the California residents, while the other had a list of subscribers with their contact details. Over 19 million users’ information was leaked in one of the biggest hacking incidents of 2018. Ransom money was demanded by the hacker to release the hacked databases, but the authority decided not to encourage such attempts and deleted both the assets from their end.
Weak authentication gateway was the primary cause of this security breach. The database servers were prone to brute-force hacking attempt and the hacker exposed it thoroughly. To prevent such an occurrence, the concerned IT department must devise a thorough security framework with strong password policy, multi-factor authentication technique, and firewall protection.
The popular booking website was hacked, taken down and vandalized by an individual hacker. If reports are to be believed, then the hacker had reportedly warned the authorities about a vulnerability in its system and demanded a ransom to fix it. The company refused to comply and the hacker went on to hijack the official TicketFly website. Both employee and customer data were leaked, including names, addresses, emails, and phone numbers. The incident affected more than 27 million users.
When you come across a potential vulnerability in your IT infrastructure, act immediately before someone else can expose it. If TicketFly would have consulted security experts as soon as they were informed about the vulnerability, the situation could have been prevented. They never disclosed the nature of the vulnerability to the public, so it is not possible to figure out the exact remedy.
4.Cambridge Analytica /Facebook
You must have come across all the hoopla surrounding this remarkable hacking attempt. Cambridge Analytica, a research and analytics firm, collected close to 87 billion Facebook users’ data through an app without the users’ consent. The app was used to fetch details about contact information, personalities, social circles, and user engagements. It was reported that the objective behind this data collection was politically motivated.
First of all, Facebook should be more vigilant about the apps released on the platform. There is a severe lack of scrutiny on the part of Facebook and it allows every Tom, Dick, and Harry to develop their own Facebook app. It’s not a one-off issue, there are a host of other Facebook apps that snoop on the users. The users too must take some of the blame. To be on the safer side, never play with unverified or unknown apps. The moment you engage with an unscrupulous app, you are risking your online privacy and security. The best way to protect yourself from being a victim of such data breaches is to stay away from unsolicited and miscellaneous apps.
IT infrastructure security is currently in the firing line. Cyber-security breaches are on an all-time high and hackers are getting more innovative, sophisticated and bolder. The incidents listed in this article are just the tip of the iceberg. You must be vigilant and proactive in your approach to secure your privacy over the World Wide Web.