2020 was a record year on many accounts. With the COVID-19 global pandemic requiring massive stay at home orders across the globe, life was dramatically interrupted. Unemployment hit all-time highs, but cyber-criminals found themselves in a much better market. 2020 was a record year for online attacks. The final numbers aren’t in, but there were several notable hacks of the year.
Here is a list of some of the biggest hacks and data breaches of the year.
- Estee Lauder exposed 440 million customer records early in 2020.
- An undisclosed number of customer’s information was exposed by Fifth Third Bank last year. The personal information included Social, driver’s license information, addresses, phone numbers, date of births, and account numbers.
- Hackers used the login credentials of two employees through a third-party app to expose the information of 5.2 million Marriott hotel guests.
- In April, more than 267 million Facebook profiles were listed for sale on the Dark Web – all for $600.
- A credential stuffing attack exposed the user IDs and passwords of 160,000 player accounts from Nintendo.
- In July, the smartwatch company, Garmin, announced that it fell victim to a ransomware attack and that they may have paid $10 million in ransom to have their data decrypted.
- Twitter experienced one of the largest attacks of 2020, when several prominent accounts were hacked, and all posted a similar message asking for bitcoin.
- The personal information for 17 million users of the free lodging, CouchSurfing, were found for sale on the Dark web.
- Capital One paid US federal authorities an $80 million penalty in the wake of their 2018 data breach that released the personal information and financial data for over 100 million Americans and six million Canadians – including 140,000 Social Security numbers and 80,000 bank account numbers.
- A Cisco engineer admitted to illegally accessing Cisco’s network and wiping 456 virtual machines. The damage costs Cisco nearly $2.4 million to fix.
- Pfizer exposed the personal and medical information of hundreds of medical patients taking cancer drugs through a data leak.
- Cybersecurity firm, FireEye, was hacked when cybercriminals accessed tools the company uses for penetration testing.
- 18,000 SolarWinds’ customers were breached when hackers installed malicious code into a software update.