5 Shocking Data Breaches in the First Half of 2020

The number of publicly reported data breaches has dropped in the first half of 2020 and according to The Identity Theft Resource Center and the number of individuals who have been impacted by data breaches, dropped by 66% compared to 2019. 

However, we have witnessed some shocking data breaches over the past 6 months as many businesses shifted their operations remotely due to the pandemic. This gave a whole new way for cybercriminals to thrive and eventually led to increasing the number of phishing scams and privacy breaches. Let’s take a look at the list of 5 shocking data breaches in the first half of 2020.


  1. 142 Million MGM Hotel Guests’ Personal Information (Cloud server) 

More than 142 million guests’ records were posted on a dark web forum for sale at USD 2,936.76, a scale as large as the entire population of Russia. However, MGM resorts failed to disclose the breach until early this year when personal information such as names, dob, addresses, phone numbers, and email addresses was already being sold on the dark web for free download. 


  1. High-profile Twitter Accounts (Access to internal systems and tools) 

Have you ever imagined Obama’s twitter account being hacked? What about Elon Musk’s or Bill Gates’? A 17-year-old teen is accused of masterminding the Twitter hack that occurred in July 2020. He manipulated Twitter employees, took control of celebrities and company’s accounts, and reaped USD 117,000 in crypto within a matter of hours. 


  1. Marriott Hotel Guests’ Personal Information (Wide range & linked account data)

Right after the MGM data breach, one of the biggest hotel group Marriott also posted an announcement saying that their guest information may have been accessed using the login credentials of two employees. What’s more shocking is that it has only been 2 years since their last massive data breach and data of 5.2 million guests were breached this time.


  1. Healthcare and the Pandemic (Ransomware attacks)

As the COVID-19 virus spread throughout the globe, the healthcare industry has been a prime target for cybercriminals and attacks. Countless of ransomware attacks were targeted at hospitals, research centers, and even patients. More than 100 incidents were reported in Q1 which resulted in affecting more than 2.5 million individuals, according to security boulevard


  1. Webcam Platform or the BigFooty? (Misconfigured database)

A popular Australian football fan app BigFooty.com left sensitive information including private messages, IP addresses, and GPS data, all of 132GB published on an Elasticsearch database. However, more shockingly, an adult webcam platform inadvertently left a database full of sensitive information without any password protection. It exposed 10.88 billion records which even included personally identifiable information. 


With only a few months till 2021 left, there’s no doubt that the companies must pay more attention to their customers’ data let alone the internal information and access. Although we may have experienced some sudden drops in the number of breaches starting this year, let’s not jump ahead of ourselves just yet. Hackers will always take advantage of our mistakes and distractions, which will most definitely lead to small to big incidents that could cost us even more than we expected. 


To protect your business along with your customers’ personal information, it’s necessary to install a network firewall that stops malicious packets from entering into systems. What’s more important is that you have a WAF installed before anything else. It’ll help your business to stop intrusions from the application layer, which is usually placed close to the internet-facing applications. Get to know more about the reasons your business must have a WAF installed here today. 


Check out Penta Security’s product lines:

Web Application Firewall: WAPPLES

Database Encryption: D’Amo

Identity and Access Management: ISign+ 

Car, Energy, Factory, City Solutions: Penta IoT Security