The Worst Types of Data Breaches of 2020 and 2021

Ensure your business doesn’t end up the next target of a cyber attack by exploring these major types of data breaches now.

Gal Gonen | August 18, 2021

With the worldwide transition to remote work over the past year, the scale and types of data breaches incurred by enterprises have been increasing rapidly. It is now more important than ever to protect your business from cyber threats. It’s up to your security team to understand previous cyber attacks and prevent them from happening in the future. Read below for the top five data breaches of the past year. 

  1. Microsoft (2020)

    1. In a January 2020 blog post, Microsoft announced that an internal customer support database on which the company stored anonymized user analytics had been accidentally exposed online. 
    2. Over 250 million Microsoft customer records, spanning 14 years, were exposed online without any password protection.
  2. Microsoft (2021): 

    1. On March 2nd, 2021, Microsoft reported it was the victim of a state-sponsored cyberattack from the Chinese hacking group called Hafnium. Microsoft explained in their announcement that the group “primarily targets entities in the United States for the purpose of exfiltrating information from a number of industry sectors.”
    2. Over 30,000 organizations were exposed from this data breach.
  3. Facebook (2020)

    1. In April 2020, around the time COVID-19 protocols were starting to take effect, more than 267 million Facebook profiles appeared for sale on the Dark Web and were sold for $600. 
    2. This incident was traced back to a data leak from December 2019 that caused these profiles to be vulnerable to spear phishing attacks.
  4. Major data leak in Brazil (2021)

    1. On January 19th, 2021, security researchers found highly sensitive personal data of over 220M Brazilians for sale online, a number that is greater than the current population of Brazil. The data also included detailed information on over 104 automobiles and 40M companies.
  5.  Automatic funds transfer systems (AFTS) attack (2021)

    1. On February 4, 2021, the data of tens of millions of individuals and dozens of agencies and organizations were breached, including financial documents.
    2. The company Cuba Ransomware was responsible for this attack and most likely initiated the breach through an infected website of phishing. Over half of these individuals also had data breaches from third party connections.

Make sure that your business doesn’t suffer the next big data breach. Secure your data with Vulcan Cyber. We offer end-to-end risk-based remediation with as much automation as you need, so you can find and prevent these types of data breaches before they even happen. Go from uncomfortably vulnerable to confidently secure today.

Free for risk owners

Set up in minutes to aggregate and prioritize cyber risk across all your assets and attack vectors.

"Idea for an overwhelmed secops/security team".

Name Namerson
Head of Cyber Security Strategy