/List of data breaches and cyber attacks in December 2020 – 148 million records breached

List of data breaches and cyber attacks in December 2020 – 148 million records breached

What else would you expect from the final month of 2020 than the highest number of publicly disclosed incidents we’ve ever recorded?

We logged 134 security incidents in December, which accounted for 148,354,955 breached records.

That brings the total for 2020 to more than 20 billion. We’ll have a separate post looking at the year’s data breaches and cyber attacks in more detail, but in the meantime, you can find the full list of December’s incidents below.

As usual, incidents affecting UK organisations are in bold.

Contents

Cyber attacks
Ransomware
Data breaches
Financial information
Malicious insiders and miscellaneous incidents
In other news…

Cyber attacks

Firm that built NHS Nightingale Hospital hit by cyber attack (unknown)People’s Energy data breach affects every customer (270,000)Exmo crypto exchange halts all withdrawals after cyber attack (unknown)Scottish Environment Protection Agency targeted in a cyber attack (unknown)Hackers breach Israeli insurance company Shirbit (unknown)Jewellers Stuller hit by cyber attack (unknown)Brazilian plane manufacturer Embraer hit by cyber criminals (unknown)Three Estonian ministries had significant data breaches (9,158)Hacker attack blocks Eurolls; accessed via remote worker’s PC (unknown)Tennessee Proton Therapy Centers report cyber security breach (unknown)Cyber ​​attack causes chaos in the Braunau town hall (unknown)Cyber ​​attack and data breach paralyzed Austrian government website (unknown)Investigators seize devices from Fountain Hills residence in voter data theft case (unknown)Russia-based PickPoint online order delivery service hacked (unknown)French publisher Dedalus victim of a cyber attack (unknown)Websites of Canada-based SSQ and La Capitale paralysed (unknown)Canada’s OC Transpo notifying My Alerts subscribers of security incident (unknown)City of Long Beach still offline after cyber attack (unknown)Governments on alert after FireEye’s hacking tools stolen in cyber attack (unknown)Personal information of some University of Memphis employees exposed in security breach (unknown)European Medicines Agency claims victim of cyber attack (unknown)German manufacturer Michael Weinig AG hit by cyber attack (unknown)Thai securities trading firm ALTDOS goes offline after cyber attack (unknown)Air France-KLM victim of cyber attack (unknown)Cyber attack hobbles sales for DSW Shoe Warehouse (unknown)Brooklyn Defender Services identifies and addresses data security incident (unknown)U.S. Treasury breached by hackers backed by foreign government (unknown)Chinese hackers suspected of attacking government agencies in Mongolia (unknown)Norwegian cruise company Hurtigruten experiences cyber attack (unknown)FBI investigating after Weslaco ISD network hacked (unknown)Great Neck Yeshiva HS site hacked, anti-Semitic propaganda posted (unknown)Promutuel Assurance’s IT systems disabled by cyber attack (unknown)Production stands still as Huber & Suhner hit by cyber attack (unknown)Threat actors claim to have attacked Dade City, Florida (unknown)Sharaf Travels hit by cyber attack (unknown)Florida-headquartered MEDNAX Services notifies patients of security incident (unknown)Dozens of Israeli logistics companies affected after attack on Amital Data (unknown)Energy Department and National Nuclear Security Administration hit by cyber attack (unknown)SolarWinds hacked as attackers seize upon a Microsoft flaw (unknown)GenRx Pharmacy notifying those affected by ransomware attack (unknown)Journalists’ iPhones hacked with NSO ‘zero-click’ spyware (unknown)Hacked Ledger database dumped on Raidforums (1.25 million)Paderborn’s ‘Lernstatt’ under attack (19,000)FUNKE media group hit by cyber attack (unknown)Vietnamese tech firm Innovative Solution for Healthcare leaks data (12 million)European Court of Human Rights website hit by cyber attack (unknown)Canada’s DuBreton Meats hit by cyber attack (unknown)Koei Tecmo websites down due while probable cyber attack investigated (unknown)Cyber attack on the website and app of online submissions of Snai (unknown)Kawasai Heavy Industries discloses cyber attack (unknown)AIDA cruise ships under cyber attack (unknown)Grand Annecy, France, hit by malware attack (unknown)Lithuania’s public health body comes under cyber attack (unknown)Italy’s Ho-Mobile database of customer records stolen (2.5 million)IndiGo says some data may be compromised in server breach (unknown)Prestera Center for Mental Health Services in West Virginia says it has been breached (unknown)MA-based Mattapan Community Health Center notifies patients of breach (unknown)Five Points Eye Care in Athens, Georgia, notifies patients of security incident (unknown)Retailer Brendon Gyermekáruház Kft says it suffered a cyber attack (unknown)Cyber attack on emergency ambulance service in Wrocław (unknown)

ransomware stat

Ransomware

Transform Hospital Group falls prey to ransomware attack (unknown)Ransomware attack on Hampton Roads Sanitation District knocks out billing system (unknown)Italy’s Radio Azzurra hit by ransomware attack (unknown)Ransomware hits helicopter maker Kopter (unknown)Egregor ransomware steals data from recruiter Randstad (unknown)Ransomware impacted Greater Baltimore Medical Center’s IT systems (unknown)Foxconn electronics giant hit by ransomware, $34 million ransom (unknown)Ransomware causing major problems in Texas local government (unknown)Employment Specialists of Maine notifies patients after thwarting ransomware attack (3,000)Socorro Independent School District’s internal computer network taken down due to virus (unknown)Ragnar Locker claims cyber attack on Dassault Falcon Jet Corp (unknown)Amg Energia’s internal operations shut down by ransomware (unknown)Payment card processing giant TSYS suffers ransomware attack (unknown)NetGain takes data centers offline following ransomware attack (unknown)Independence, MO, recovering from ransomware infection (unknown)Baltimore County executive says school officials are refusing to provide information about ransomware attack (unknown)Jersey City utilities agency investigating ransomware attack that blocked access to ‘vital’ data (unknown)Intel’s Habana Labs hacked by Pay2Key ransomware, data stolen (unknown)Symrise impacted by ransomware attack (unknown)Firelands Middle School online classes suspended following ‘Zoom bombing’ incident (unknown)Olympia House notifying patients about ransomware attack discovered in early August (unknown)City of Evreux services crippled by ransomware (unknown)DoppelPaymer dumps data from public school districts in Mississippi and Montana (7,200)Trucking giant Forward Air hit by new Hades ransomware gang (unknown)Huntsville City School warns parents that personal info may have been stolen in ransomware attack (unknown)City of Ellensburg, WA, is the victim of a ransomware attack (unknown)Jefferson County PVA office hit by ransomware attack (unknown)Ransomware downed UVM Medical Center systems (unknown)France-based Albertville hospital victim of ransomware (unknown)Florida’s Leon Medical Center confirms ransomware attack (1 million)Cyber ​​attack hits IP telephony supplier Innovaphone (unknown)Florida’s Agency for Community Treatment Services suffers ransomware attack (unknown)Riverside Community Care notifies clients of ransomware attack (unknown)La Rochelle, France, says computer networks of the City and the Agglomeration inaccessible after cyber attack (unknown)Antwerp laboratory becomes latest victim of cyber attack (unknown)Cornelia, Georgia hit by ransomware attack on the day after Christmas (unknown)

Human error is to blame for 88% of data breaches in the UK

Data breaches

Probe launched after data breach at Highland Perthshire resort (2,400)Data breach affects more than half of East Devon Council (unknown)Unsecured Azure blob exposed confidential docs from UK firm’s CRM customers (500,000)Pensions firm NOW tells some customers a ‘service partner’ leaked their data (unknown)US lab results and medical records spilled online after a security lapse at NTreatment (109,000)Cayman Islands investment fund left entire filestore viewable online (unknown)Australian cryptocurrency exchange BTC Markets exposes users’ data (270,000)Apodis Pharma leaked over 1.7 TB of confidential data online (67,845,860)New Zealand Parole Board admits to privacy breach (37)Verizon has been leaking customers’ personal information for days (at least) (unknown)Alaskans’ voter data leaked in data breach (113,000)GE puts default password in radiology devices, exposing networks (unknown)Cedar Springs Hospital notifies patients of breach after state loses drive with patient data (unknown)Meadville, PA, reveals months-old ‘suspicious’ data incident (unknown)Tech unicorn UiPath discloses data breach (unknown)Fax Express database leaked online (560,000)Konikoff Dental Associates notifies patients and employees of possible data breach (unknown)Major leak ‘exposes’ members and ‘lifts the lid’ on the Chinese Communist Party (1.95 million)TennCare announces privacy breach (3,300)21 Buttons misconfigures database, exposes social media influencers’ info (50 million)Publishing industry firm NetGalley forces password reset following ‘security incident’ (unknown)Canada’s Sangoma Technologies confirms data breach resulting from ransomware attack (unknown)Broker Freedom Finance says client data was breached (16,000)Data breach discovered at Jerusalem Municipality (unknown)Oregon’s Treasure Valley Community College notifies community members of breach (unknown)Bill & Melinda Gates foundation’s charity GetSchooled breaches children’s details (930,000)T-Mobile data breach exposed phone numbers, call records (2 million)

32% of data breaches involved phishing.

Financial information

Indian cardholders’ data found for sale on the dark web (7 million)Payroll data compromised after ransomware attack on Town of Ludlow, MA (unknown)Proliance Surgeons notifies patients of payment card breach (unknown)Hezbollah-affiliated financial org, Al-Qard Al-Hassan hacked (unknown)

Malicious insiders and miscellaneous incidents

River City Bank notifies customers after discovering insider wrongdoing (unknown)Mercy Health discloses an insider breach, fires the employee (unknown)Federal Aviation Administration employee used confidential information in extortion scheme (unknown)Former Elgin Mental Health Center employee charged with identity theft (unknown)NEXA Mortgage sued over broker’s alleged data theft (unknown)Helena Public Schools notifies some employees after burglar snatched USB with their timesheets (unknown)

In other news…

Federal agencies warn that hackers are targeting US think tanksClass action suit launched against Dell after data breach led to years of scam callsRansomware masquerades as mobile version of Cyberpunk 2077

Subscribe to our Weekly Round-up

The post List of data breaches and cyber attacks in December 2020 – 148 million records breached appeared first on IT Governance UK Blog.

Read more: itgovernance.co.uk