Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
It was a A strange year in cyberspace, as US President Donald Trump and his administration launched foreign policy initiatives and massive changes to the federal government that had major geopolitical ramifications. And through it all, there has been a constant drumbeat of data breaches, leaks, ransomware attacks, digital extortion cases, and state-sponsored attacks that have unfortunately become the backdrop to daily life.
Here’s WIRED’s look at the most significant breaches, hacking episodes and digital attacks of the year. Stay alert, and stay safe out there.
Salesforce integrations
Attackers took data from sales management giant Salesforce in at least two hacks this year, but did not directly compromise Salesforce. Instead, the group violated third-party Salesforce contractors’ integrations, including those of stupidity and Cellloft.
Google Threat Intelligence Suite published about the August spree, saying that some Google Workspace data was compromised as part of the sales and marketing platform Salesloft Drift hack. Although the incident was not a direct Google Workspace hack, it represents a rare case in recent years of Alphabet customer data being exposed.
Other affected companies include Cloudflare, Docusign, Verizon, Workday, Cisco, LinkedIn, Bugcrowd, Proofpoint, GitLab, SonicWall, Adidas, Louis Vuitton, and Chanel. Credit bureau TransUnion also suffered a breach It appears to be linked to the situation that exposed the information of 4.4 million people, including names and Social Security numbers.
This attack was carried out by a group known as Scattered Lapsus$ Hunters, a possible combination of actors and tools from the hacking and data theft groups Scattered Spider, Lapsus$, and ShinyHunters. Researchers NoteHowever, the collection is not actually a single evolution of the three namesakes. Regardless, the scattered Lapsus$ hunters have it Data leak site They viewed large troves of data stolen from the campaign and carried out digital extortion attacks on the victims.
Club’s Oracle e-business hack wave
The Clop ransomware group is known for executing large-scale exploits of vulnerabilities for data breaches and extortion attacks. Past frenzy In recent years it has been Huge numbers of victims In both private companies and government agencies. This year, the group did it again, exploiting a vulnerability in Oracle’s internal e-business management platform to steal data from… Many companies and organizations.
As part of this operation, Klopp was able to steal employee data from multiple companies, including the personal information of executives, and used it to send emails and other threatening communications to senior employees as part of multi-million dollar ransom demands to delete the data rather than publish it.
Oracle rushed to Patch The vulnerability was discovered at the beginning of October, but Klopp was already exploiting it to steal data from hospitals, healthcare groups and media companies such as The Washington Postand universities such as the University of Pennsylvania (see below).
University violations
University of Pennsylvania It was revealed publicly A data breach at the beginning of November that It happened at the end of October, affecting personal data — some dating back years or decades — of students, alumni and donors. The data also included internal university documents and some financial information. The incident was the result of a phishing attack. The hacker sent emails to students and alumni calling Penn “woke” and saying the school prioritizes “legacies, donors, and unqualified affirmative action.” Edge I mentionedHowever, the hacker may ultimately have financial motives.
Harvard He said In a statement issued in November, he said that the systems of his Office of Alumni Affairs and Development had been compromised via a “mobile phishing attack.” The incident involved personal information of alumni, their associates, donors to Harvard, parents of current and former students, certain current students, and certain faculty and staff. The data included email addresses, phone numbers, physical addresses, event attendance records, information about donations to the university, and other fundraising details. Princeton University It suffered a similar attack in the same month, although the scope of the data affected appears to be more limited.