Updated: Feb 27
2019 was, as expected,a bumper year for cyber attackers. In some of the most dramatic cases the trouble was laid at the feet of poor vulnerability patching, in others it was the fault of improperly-secured databases left wide open to the web, zero-day vulnerabilities, even sinister things like deep-pocketed state sponsored advanced persistent threat groups.
IBM has some vital insight. Their latest annual Cost of a Data Breach research reveals how the average data breach costs as much as $3.92 million, including the notification, investigation, damage control, repairs, fines and legal expenses, an increase of 12% over the last five years. At the same time a firm suffering a data breach can lose their reputation, lose investors, lose custom and see their share price plummet. The end result can be years of under-performance.
We thought it'd be interesting to showcase just twenty of the worst cyber attacks in 2019 in all their varied glory. As you can see, it isn't just the small firms who get caught out – far from it. Breaches are not specific to a niche, a nation, or a sector. Cyber threats affect every shape, size and flavour of business, in every corner of the world.
Take a look, learn lessons, and make sure your systems are totally safe and sound for a profitable, cyber-healthy 2020.
Recent cyber attacks - 20 of the biggest cyber attacks for 2019
Serious 2019 cyber attacks include Singapore's Ministry of Health, which suffered a data breach that exposed the confidential, very sensitive records of more than 14,000 people diagnosed with HIV
In Sweden recordings of around 2.7 million phone calls made to one national health service hotline were kept on a wide-open server along with some phone numbers
Take care if you need to let your IT admin staff go - in 2019 one of them destroyed a total of 23 servers belonging to his ex-employer
Around 42,000 students from Salt Lake Community College lost their tax information when a USB drive containing the data 'fell out of an envelope'
A major storm was on the way when two cities in Texas had to take their tornado warning systems offline, after a cyber threat set off more than thirty false alarms
'Hundreds of millions' of Facebook, Facebook Lite and Instagram users suffered when the network's poor quality password storage management went wrong, leaving people's account credentials stored in plain text
The US's Federal Emergency Management Agency, FEMA, revealed PII and financial information for 2.3 million disaster victims, including survivors of Hurricane Harvey and Hurricane Irma
Georgia Institute of Technology suffered when a rogue web application featuring wide-open access compromised the security of 1.3 million employee and student records
A poorly-maintained Indian government healthcare server revealed more than 12.5 million records about pregnant women
In Australia the tech firm Canva was targeted by mischief makers, who said they'd stolen records from 139 million users including names and email addresses to sell on for profit
Burger King saw almost 40,000 customer records for their Kool King Shop for kids get leaked thanks to an insecure database
The credit agency giant Equifax had to pay a $700 million fine in 2019 following the theft of 146 million customer records in 2017
Banks in Bangladesh, India, Sri Lanka, and Kyrgyzstan suffered a hit by hackers who allegedly stole 'millions of dollars'
The US health insurer Dominion National suffered a data breach that went unnoticed for a decade thanks to an insecure server, leading to as many as 2.9 million member records being compromised
In the UK a Metropolitan police biometric database leaked millions of records
The dating apps Grindr, Romeo, and Recon all suffered security flaws that exposed users' locations
In Ecuador a misconfigured database left wide open leaked personal data for 20 million people, not far short of the country's entire population
Adobe left details from 7.5 million Adobe Creative Cloud customers on an unsecured database with no authentication required for access
Trend Micro saw a rogue employee steal support customer information then sell it on to scammers
LifeLabs had to pay hackers to recover 15 million account holder records plus a further 85,000 records of laboratory results
That was 2019, and that was just a tiny fraction of the large-scale recent cyber attacks the world saw last year. Znet has created a comprehensive list, which makes fascinating reading.
If you're not 100% sure you've plugged all the holes and made your IT systems as safe as possible, let's talk.