Cyber breaches abound in 2019

Cyber breaches abound in 2019

News of high-profile cyber breaches has been uncharacteristically subdued in recent quarters.

Is this a harbinger of a worse hacking landscape in 2019?

The answer is unequivocally yes. No question, cyber breaches have been a gigantic thorn in the global economy for years. But expect them to be even more rampant in this new year 2019 as chronically improving malware will be deployed more aggressively on more fronts. Also  data-driven businesses simultaneously move into the “target zone” of cyber attacks.

On the cybersecurity side, a growing number of experts believe that multi-factor authentication will become the standard for all online businesses.

Here are links to some articles that can hopefully help you to handle your cyber security better:

Cybersecurity 101: Why you need to use a password manager

Cybersecurity 101: Five simple security guides for protecting your privacy


  1. Tomi Engdahl says:

    Russia’s Secret Intelligence Agency Hacked: ‘Largest Data Breach In Its History’

    Red faces in Moscow this weekend, with the news that hackers have successfully targeted FSB—Russia’s Federal Security Service. The hackers managed to steal 7.5 terabytes of data from a major contractor, exposing secret FSB projects to de-anonymize Tor browsing, scrape social media, and help the state split its internet off from the rest of the world. The data was passed to mainstream media outlets for publishing.

  2. Tomi Engdahl says:

    Russian FSB Intel Agency Contractor Hacked, Secret Projects Exposed

    A contractor for the Russian Federal Security Service (FSB) has been hacked and secret projects that were being developed for the intelligence agency were leaked to Russian Media.

    In addition, BBC Russia reports that the hackers stole 7.5TB of data from the contractor’s network. This data includes information about numerous non-public projects that were being developed by Sytech on behalf of the Russian government and its intelligence agency.

  3. Tomi Engdahl says:

    The latest example of exposed corporate passwords found in public GitHub repositories seems to be security company and SSL certificate issuer Comodo.

    “Seeing as they’re a security company and give out SSL certificates, you’d think that the security of their own environment would come first above all else,”

  4. Tomi Engdahl says:

    Capital One Data Breach Hits 100 Million; Ex-Amazon Worker Is Charged as Hacker

    The breach at Capital One, which led to charges against a software engineer in Seattle, was one of the largest-ever thefts of bank data.
    The breach at Capital One, which led to charges against a software engineer in Seattle, was one of the largest-ever thefts of bank data.

    A software engineer in Seattle hacked into a server holding customer information for Capital One and obtained the personal data of over 100 million people, federal prosecutors said on Monday, in one of the largest thefts of data from a bank.

    The suspect, Paige Thompson, 33, left a trail online for investigators to follow as she boasted about the hacking, according to court documents in Seattle, where she was arrested and charged with one count of computer fraud and abuse.

    Ms. Thompson, who formerly worked for Amazon Web Services, which hosted the Capital One database that was breached,

    The F.B.I. noticed her activity on Meetup and used it to trace her other online activities, eventually linking her to posts describing the data theft on Twitter and the Slack messaging service.

  5. Tomi Engdahl says:

    Capital One data breach: 1 arrested, tens of millions of customers affected

    hacker gained access to personal information from more than 100 million Capitol One credit applications, the bank said Monday as federal authorities arrested a suspect

    The hacker got information, including credit scores and balances, plus the Social Security numbers of about 140,000 customers, the bank said. It will offer free credit monitoring services to those affected.

    Capital One, based in McLean, Virginia, said Monday it found out about the vulnerability in its system July 19 and immediately sought help from law enforcement to catch the perpetrator.

    According to the FBI complaint, someone emailed the bank two days before that notifying it that leaked data had appeared on the code-hosting site GitHub

    Capital One said it believes it is unlikely that the information was used for fraud, but it will continue to investigate. The data breach affected about 100 million people in the U.S. and 6 million in Canada.

  6. Tomi Engdahl says:

    LAPD Police Officers’ Personal Information Stolen in Data Breach

    A suspected hacker claimed he or she had stolen the personal information of about 2,500 LAPD officers, trainees, and recruits, along with approximately 17,500 police officer applicants, in what may be a large breach of data held by the city of Los Angeles’ Personnel Department.

    The city’s Information Technology Agency said it was contacted last week by someone who claimed to have accessed and downloaded the data, and the person offered some example files

    The LAPD told officers in the message they should monitor their personal financial accounts, get copies of their credit reports, and file a complaint with the Federal Trade Commission.

  7. Tomi Engdahl says:

    Cyberattack On LAPD Confirmed: Data Breach Impacts Thousands Of Officers

    The Los Angeles Police Department has confirmed that it has been hacked, with the personal information of at least 20,000 people exposed.

  8. Tomi Engdahl says:

    Education software maker Pearson says data breach affected thousands of accounts in the U.S.

    Pearson, the London-based educational software maker,said todaythat thousands of school and university accounts, mostly in the United States, were affected by a data breach.

    The Wall Street Journal reports that the data breach happened in November 2018 and Pearson was notified by the Federal Bureau of Investigation in March.

    According to Pearson, unauthorized access was gained to 13,000 school and university accounts on AIMSweb, the company’s student monitoring and assessment platform.

  9. Tomi Engdahl says:

    CIS Countries Data Theft

    Currently, there is no Personal Data protection system in CIS countries at all. The volume of illegal trade of Personally Identifiable Information is enormous.

    Nowadays, it is true that there are forums in the Russian-language segment of the Internet that are exclusively aimed at selling personal data — hacked social network accounts, passport data, mobile phone operator databases etc. I’m not talking about the so-called “Darknet” at all, it is just a fact that you can simply find it on Google not even trying to.

  10. Tomi Engdahl says:

    A Technical Analysis of the Capital One Cloud Misconfiguration Breach

    This is a technical exploration of how the Capital One breach might have occurred, based on the evidence we have from the criminal complaint

    this post is to explore a combination firewall/IAM/S3 attack to illustrate some of the dangers of cloud misconfigurations that every organization on cloud should heed.

    In order to write this, I analyzed the technical details of the FBI complaint, and then formed a hypothesis of how the attack might have taken place. I then simulated the attack in my development account, so that I could provide specific details in this post.

    There were four different elements to the attack that we know about:

    Misconfigured firewall
    Gaining access to an EC2 instance
    Getting IAM role access to S3
    S3 bucket discovery and duplication.

  11. Tomi Engdahl says:


    If you own a boat or a jetski in Illinois, you might want to do a quick credit check.

    The Department of Natural Resources collects Social Security information for all watercraft owners

    What is a horrible idea is accidentally publishing everyone’s personal information on a public website. Which is what they did.

    Well, at least they said that it won’t happen again.

  12. Tomi Engdahl says:

    “No matter what transfer mechanism you use, you end up with a conflict. The U.S. laws allow espionage against EU citizens” – Max Schrems, lawyer and privacy activist

  13. Tomi Engdahl says:

    Sites using Facebook ‘Like’ button liable for data, EU court rules

    Europe’s top court ruled Monday (30 July) that companies that embed Facebook’s “Like” button on their websites must seek users’ consent to transfer their personal data to the US social network, in line with the bloc’s data privacy laws

    According to the European Court of Justice ruling, a site that embeds the Facebook “like” icon and link on its pages also sends user data to the US web giant.

  14. Tomi Engdahl says:

    Spanish brothel chain leaves internal database exposed online

    “Men’s club” exposes data about escort girls, customer reviews, and club finances.

    The leaky server, found by Bob Diachenko of Security Discovery, is your typical case of a MongoDB database left connected to the internet without a password for the admin account.

  15. Tomi Engdahl says:

    StockX confirms it was hacked (updated)

    Attackers reportedly stole records from 6.8 million customers.

  16. Tomi Engdahl says:

    Hundreds of exposed Amazon cloud backups found leaking sensitive data

    How safe are your secrets? If you used Amazon’s Elastic Block Storage, you might want to check your settings.

    You may have heard of exposed S3 buckets — those Amazon-hosted storage servers packed with customer data but often misconfigured and inadvertently set to “public” for anyone to access. But you may not have heard about exposed EBS volumes, which poses as much, if not a greater, risk.

    These elastic block storage (EBS) volumes are the “keys to the kingdom,”

    EBS volumes store all the data for cloud applications. “They have the secret keys to your applications and they have database access to your customers’ information,”

    all too often cloud admins don’t choose the correct configuration settings, leaving EBS volumes inadvertently public and unencrypted. “That means anyone on the internet can download your hard disk and boot it up, attach it to a machine they control, and then start rifling through the disk to look for any kind of secrets,”

    Morris found dozens of volumes exposed publicly in one region alone, he said, including application keys, critical user or administrative credentials, source code and more. He found several major companies, including healthcare providers and tech companies.

    He also found VPN configurations

  17. Tomi Engdahl says:


    Apparently the policies are so relaxed, that the contractor actually shared a cache of files to Motherboard.

  18. Tomi Engdahl says:

    Zack Whittaker / TechCrunch:
    Researcher finds hundreds of exposed AWS EBS snapshots leaking sensitive customer data, like VPN configurations, passwords, and in some cases government data

    Hundreds of exposed Amazon cloud backups found leaking sensitive data

  19. Tomi Engdahl says:

    3fun: Security glitch in threesome hook-up app reveals details of users in Downing Street and White House

    ‘Worst security of any dating app we’ve ever seen,’ say experts

    The app, 3fun, revealed users with locations appearing to be in No 10 in London, and the White House and the US Supreme Court in Washington DC, according to a report on cyber security firm Pen Test Partners’ website.

    Furthermore, private photographs were accessible too.

    Users of the app could restrict the app from showing their locations, but according to Pen Test Partners, the data was only filtered on the mobile app itself, not on the servers containing the data, which their experts were able to query to reveal location information.

  20. Tomi Engdahl says:

    Report: Data Breach in Biometric Security Platform Affecting Millions of Users

    Led by internet privacy researchers Noam Rotem and Ran Locar, vpnMentor’s team recently discovered a huge data breach in security platform Biostar 2.

    Biostar 2 is a web-based biometric security smart lock platform. A centralized application, it allows admins to control access to secure areas of facilities, manage user permissions, integrate with 3rd party security apps, and record activity logs.

    The app is built by Suprema, one of the world’s top 50 security manufacturers, with the highest market share in biometric access control in the EMEA region.

    Suprema recently partnered with Nedap to integrate Biostar 2 into their AEOS access control system.

    AEOS is used by over 5,700 organizations in 83 countries,

    This is a huge leak that endangers both the businesses and organizations involved, as well as their employees. Our team was able to access over 1 million fingerprint records, as well as facial recognition information. Combined with the personal details, usernames, and passwords, the potential for criminal activity and fraud is massive.

  21. Tomi Engdahl says:

    Report: Data Breach in Biometric Security Platform Affecting Millions of Users

    a huge data breach in security platform BioStar 2.

    The data leaked in the breach is of a highly sensitive nature. It includes detailed personal information of employees and unencrypted usernames and passwords, giving hackers access to user accounts and permissions at facilities using BioStar 2.

    Our team was able to access over 1 million fingerprint records, as well as facial recognition information.

    steps were taken by the company to close the breach.

    Date discovered: 5th August 2019
    Date vendors contacted: 7th August 2019
    Date of Action: 13th August, the breach was closed

    Our team was able to access over 27.8 million records, a total of 23 gigabytes of data, which included the following information:

    Access to client admin panels, dashboards, back end controls, and permissions
    Fingerprint data
    Facial recognition information and images of users
    Unencrypted usernames, passwords, and user IDs
    Records of entry and exit to secure areas
    Employee records including start dates
    Employee security levels and clearances
    Personal details, including employee home address and emails
    Businesses’ employee structures and hierarchies
    Mobile device and OS information
    One of the more surprising aspects of this leak was how unsecured the account passwords we accessed were.

  22. Tomi Engdahl says:

    Biostar security software ‘leaked a million fingerprints’

    Researchers working with cyber-security firm VPNMentor managed to access data from a security tool called Biostar 2.

  23. Tomi Engdahl says:

    New Data Breach Has Exposed Millions Of Fingerprint And Facial Recognition Records: Report

    It has been coming for some time, but now the major breach of a biometric database has actually been reported—facial recognition records, fingerprints, log data and personal information has all been found on “a publicly accessible database.” The damage is not yet clear, but the report claims that actual fingerprints and facial recognition records for millions of people have been exposed.

  24. Tomi Engdahl says:

    This data leak strikes at the heart of one of the big fears and criticism about biometrics: You can change your username and password with a couple of clicks. Your face and fingerprints are forever.

  25. Tomi Engdahl says:

    European Central Bank Breach: ECB Confirms Hack And Shuts Down Website

    The European Central Bank (ECB) has confirmed that it has suffered a breach that involved attackers injecting malware and led to a potential loss of data.

    In a statement published August 15, the ECB confirmed that “unauthorized parties” had succeeded in breaching the security of its Banks’ Integrated Reporting Dictionary (BIRD) website. The site, hosted by an external provider, appears to have been attacked in December 2018, according to a Reuters report. The breach was discovered months later as routine maintenance work was being undertaken.

    “Similar to the Capital One breach earlier this summer,” Draper continued, “this further demonstrates the exposures associated with third parties outside of a company’s security team.”

  26. Tomi Engdahl says:

    700,000 Choice Hotels records leaked in data breach, ransom demanded

    Researchers found the unsecured database, but hackers got there first

    700,000 records belonging to Choice Hotels have reportedly been stolen with hackers demanding payment for their return

  27. Tomi Engdahl says:

    Zack Whittaker / TechCrunch:
    Adult website Luscious left data of 1M+ users exposed, including user email addresses, location data, the content they uploaded, liked, and shared

    An anonymous hentai porn site exposed over a million users’ emails

    A popular hentai porn site that promises anonymity to its 1.1 million users left a user database exposed without a password, allowing anyone to identify users by their email addresses.

    The exposed data also included records that connected all of a user’s activity on the site, including their username, blog posts, followers and locations. Those records also contained users’ non-public email addresses.

    The database was exposed since at least August 4, according to data from Shodan, a search engine for exposed devices and databases.

  28. Tomi Engdahl says:

    Stop saying, ‘We take your privacy and security seriously’

    In my years covering cybersecurity, there’s one variation of the same lie that floats above the rest. “We take your privacy and security seriously.”

    You might have heard the phrase here and there. It’s a common trope used by companies in the wake of a data breac

    The truth is, most companies don’t care about the privacy or security of your data. They care about having to explain to their customers that their data was stolen.

    About one-third of all 285 data breach notifications had some variation of the line.

    It doesn’t show that companies care about your data. It shows that they don’t know what to do next.

    Every industry has long neglected security. Most of the breaches today are the result of shoddy security over years or sometimes decades, coming back to haunt them. Nowadays, every company has to be a security company, whether it’s a bank, a toymaker or a single app developer.

  29. Tomi Engdahl says:

    An exposed database on a MoviePass subdomain housing 161 million records was left unsecured and exposed credit card and customer card information on at least 60,000 of the ticket service’s customers.

    The database, which included expiration dates, names and addresses on some users as well as email and passwords, was discovered by SpiderSilk security researcher Mossab Hussein.

    “Because a database was left publicly accessible, reportedly for months, at least 58,000 records related to MoviePass customers are vulnerable to misuse and abuse at the hands of cybercriminals,”

    Because “technically, this breach can be interpreted as the company giving away customer data for free” and because the exposed data included personally identifiable information and payment card details, it leaves “impacted customers vulnerable to future fraud or phishing attacks,” said Arkose Labs CEO Kevin Gosschalk.

  30. Tomi Engdahl says:

    Via Techmeme:

    Brian Krebs / Krebs on Security:
    Sources: new data dump of 5.3M+ credit card accounts is linked to compromised gas pumps, coffee shops, and restaurants operated by Hy-Vee supermarket chain

  31. Tomi Engdahl says:

    Web host Hostinger says data breach may affect 14 million customers

    Hostinger said it has reset user passwords as a “precautionary measure” after it detected unauthorized access to a database containing information on millions of its customers.

  32. Tomi Engdahl says:

    The latest major data breach highlights the risk of using debit cards to pay at the pump.

    Why You Should Stop Paying For Gas With Your Debit Card

    Another week, another data breach. The latest happened at Hy-Vee, an Iowa-based chain of gas pumps, coffee shops and restaurants operating throughout the Midwest. 

    Consequently, about 5.3 million stolen credit and debit cards from 35 U.S. states have hit the black market. “One of the more popular underground stores peddling credit and debit card data stolen from hacked merchants announced a blockbuster new sale, reported cyber security investigative blogger Brian Krebs.

  33. Tomi Engdahl says:

    Some of Russia’s surveillance tech leaked data for more than a year

    Security researcher finds that some of Russia’s SORM wiretapping equipment had been leaking user data.

    A Russian security researcher has found that hardware equipment meant to be used by Russian authorities to intercept internet traffic had been leaving data exposed on the internet.

    But in a talk at the Chaos Constructions security conference last Sunday, on August 25, a Russian security researcher named Leonid Evdokimov revealed that some of these wiretapping devices have been leaking data.

    Evdokimov said he found 30 SORM devices installed on the network of 20 Russian ISPs that were running FTP servers that were not secured with a password.

    These FTP servers contained traffic logs from past law enforcement surveillance operations

  34. Tomi Engdahl says:

    Freedom Hosting II Hacked: 10,613 .onion Sites are Down

    A fifth of the Dark Web is down

    The Anonymous hacktivist group hacked the popular Dark Web hosting provider Freedom Hosting II. Roughly 10,613 .onion sites leveraging on the service have taken down.

  35. Tomi Engdahl says:

    It was sensitive data from a U.S. anti-terror program – and terrorists could have gotten to it for years, records show

    The information — housed on a dot-org website run by a private contractor — has been moved behind a secure federal government firewall, and the website was shut down in May. But Homeland Security officials acknowledge they do not know whether hackers ever gained access to the data.

  36. Tomi Engdahl says:

    XKCD—one of the most popular webcomic platforms known for its geeky tech humor and other science-laden comic strips on romance, sarcasm, math, and language—has suffered a data breach exposing data of its forum users.
    The security breach occurred two months ago, according to security researcher Troy Hunt

  37. Tomi Engdahl says:

    A huge database of Facebook users’ phone numbers found online

    Hundreds of millions of phone numbers linked to Facebook accounts have been found online.

    The exposed server contained over 419 million records over several databases on users across geographies, including 133 million records on U.S.-based Facebook users, 18 million records of users in the U.K., and another with more than 50 million records on users in Vietnam.

    But because the server wasn’t protected with a password, anyone could find and access the database.

  38. Tomi Engdahl says:

    Phone numbers for as many as 419 million Facebook users were reportedly found sitting online in a file where anybody could have found them

    Phone numbers linked to over 400 million Facebook accounts were recently found on an online server that was not password-protected

    The issue, a Facebook spokesperson told Business Insider on Wednesday, stemmed from a feature, which has since been shut down, that allowed users to search for friends by their phone numbers. Third parties could have used that feature to harvest the information

  39. Tomi Engdahl says:


  40. Tomi Engdahl says:

    Leaks: Data leaks happen with shocking regularity. Especially as companies have moved to the cloud in recent years, various misconfigurations and mistakes have left mountains of private data publicly exposed on the internet for anyone to see.

  41. Tomi Engdahl says:

    Database leaks data on most of Ecuador’s citizens, including 6.7 million children

    Elasticsearch server leaks personal data on Ecuador’s citizens, their family trees, and children, but also some users’ financial records and car registration information.

  42. Tomi Engdahl says:

    Data on almost every Ecuadorean citizen leaked

    Personal data about almost every Ecuadorean citizen has been found exposed online.

    Names, financial information and civil data about 17 million people, including 6.7 million children, was found by security company vpnMentor.

    The massive cache of data was found on an unsecured Amazon cloud server almost anyone could look at.

    “The data breach involves a large amount of sensitive personally identifiable information at the individual level,” wrote Noam Rotem and Ran Locar, from vpnMentor.


Leave a Comment

Your email address will not be published. Required fields are marked *