It may only be March, but already we have seen some notable hacks during the first two months of the year. In this article, we’ll run through the top five so far, though it’s inevitable that they’ll be more to follow through the rest of 2014.
5. The University of Maryland
Hackers managed to access over 300,000 records (309,079 to be exact) from the University of Maryland, which included: social security numbers, dates of birth and university numbers.
Wallace D. Loh confirmed that the university “was the victim of a sophisticated computer security attack that exposed records containing personal information. I am truly sorry. Computer and data security are a very high priority of our university.”
4. Kickstarter
Less than a week earlier, crowd funding website Kickstarter also confirmed that hackers had accessed passwords, email addresses and phone numbers from their site. Though we’re keen to stress that in both these cases, that no credit or debit card information was obtained.
“We’re incredibly sorry that this happened,” said Chief Executive Yancey Strickler. “We set a very high bar for how we serve our community, and this incident is frustrating and upsetting. We have since improved our security procedures and systems in numerous ways.”
3. Tesco
If we go back slightly earlier to February 14th, 2240 Tesco customers were the victims of a successful hacking attempt, which saw their email addresses, phone numbers and voucher balances online. Some of the unluckiest people also had their vouchers stolen – some totalling nearly £100.
A Tesco spokesperson commented: “We have contacted all customers who may have been affected and are committed to ensuring that none of them miss out as a result of this. We will issue replacement vouchers to the very small number who are affected.”
Usually the retail industry is more preoccupied with their PCI Data Security standards (security around the buyer’s payment information) and this is why this would have been quite an unexpected breach.
2. Edward Snowden
We’d class this as not currently a huge hack, but a potentially a big threat in the future. Why? Because the unnamed perpetrator who posted an image of Edward Snowden’s passport on an ethical hacking website, also claims to have ‘thousands of passports belonging to law enforcement and military officials.’ If this hacker’s claims are true, then who knows how many of the 60,000 professionals who have signed up to the EC-Council’s Certified Hacker certification could have had their details obtained.
1. @N
Perhaps the most alarming and most viral hacking story of the year so far in our opinion, is the ‘@N’ saga. Naoki Hiroshima was one of the 26 lucky (at the time) people who were handed one of the 26 single character Twitter handles – obtaining the letter N. Several people have tried unsuccessfully to steal it before, and Naoki claims he was once offered $50,000 for it too.
Without us going to deeply into the scary details, the hacker managed to obtain Naoki’s personal details through renowned websites such as PayPal and GoDaddy, convincing the former to give him the last four digits of Naoki’s credit card over the phone. The hacker then used all the personal information he had obtained in order to bargain for the very rare and expensive Twitter account.
Andrew Mason, Random Storm
Andrew Mason is the co-founder and technical director at RandomStorm. Andrew is committed to ensuring that the company develops innovative security solutions to their customers. He is a leading security expert and Cisco networking specialist, having attained the globally recognised CISSP and CCIE qualifications, awarded to only the top security professionals. Andrew is also a PCI SSC Qualified Security Assessor and is currently studying towards an MBA.
An active entrepreneur, Andrew has over 22 years industry experience across a range of sectors, including some of the major names in telecommunications, financial services, retailing and online gaming. Prior to the creation of RandomStorm he held a range of product development positions and has a proven track record of successfully creating and growing security businesses. Andrew is the author of several definitive books on Cisco products and security technologies.
[wp_ad_camp_4]
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.