The biggest cloud breaches of the decade
The last decade accounted for over four billion records tampered and stolen. Ten of the 15 biggest data breaches of all time took place in the 2010s. Here, industry expert Vincentas Grinius, CEO of Heficed, the IP address infrastructure service provider, has introduced the major cloud breaches of the past ten years and discussed how similar crimes could be avoided in the future.
Data breaches are more advanced than ever, and even tech giants like Facebook, Apple, or Adobe fall into hackers’ traps.
“Advanced data breaches are difficult to spot, not to mention, to investigate and find suspects. It might take years before a breach is detected, and by then it could’ve already caused millions of accounts to be affected,” said Grinius.
One of the unfortunate examples was the Apple iCloud breach in 2014, when many accounts were hacked and their information was leaked, including private photos of celebrities. The accident resulted in Apple strengthening its cloud security and introducing two-step verification, which is still commonly used in finance, legal, and data storage sectors. While the event caused public indignation, now the company is considered to use one of the highest user security and privacy measures.
At the beginning of the decade, Adobe faced a data breach that caused over 150 million users’ records to be compromised. According to Adobe officials, hackers mainly attacked invalid or inactive accounts and accounts with weak protection. Although the company contacted affected users and solved the problem rather fast, they recognised that hacks like that could be avoided with better encryption and increased user data security.
In recent years, the social media giant Facebook wasn’t in the best light. After the Cambridge Analytica scandal, the company jeopardised their users’ trust, but even bigger data breach occurred in 2019, resulting in 540 million Facebook users’ records being illegally stored on Amazon Cloud. Half the billion identification numbers, comments, reactions, and account names were available for everyone. The breach caused users’ outrage and pushed the company to increase security and investigate its third-party applications and networks.
“Heficed works with various client accounts, ranging from big to small businesses. It’s easier to protect smaller accounts from cyber crimes, as it’s more obvious when something is impaired. Then it comes as no surprise when large incumbents like Facebook or Apple take months if not years to detect breaches,” said Grinius.
While the decade marked one of the worst cloud breaches of all time, 2019 was the worst year of all. Last year, KrebsOnSecurity found that 885 million mortgage deal documents were leaked since 2003. First American Financial Corp was responsible for leaking such information as bank account numbers and statements, mortgage and tax records, Social Security numbers, wire transaction receipts, and driver’s license images. This data was used for phishing and scams, and identity thefts, as everyone who knew where to look could access the information.
Although these crimes affect billions of people, they are a hard lesson that needs to be learned. It also shows that companies and public organisations have a long way to go to improve cloud security.
Grinius has been working in the field for years and in his opinion, data breaches advance together with improved cyber security. He said: “It’s impossible to fully eliminate data breaches because whenever a new security system enters the market, hackers are challenged to take it down. The only thing organisations can do is to constantly work on improving security measures and covering blind spots that are usually how hackers compromise data.”
Cyber security is not a private issue anymore, and many governments around the world are recognising the need to improve the sector. More financing, implementation of smart technologies such as artificial intelligence, automation, and blockchain can significantly benefit the industry and help fight and minimise the aftereffects of data breaches. And even though the scope of cyber crimes is rising, so does cyber security.