Back to blog

Top 5 Cybersecurity Breaches in November

Pathlock
December 2, 2016

Top 5 Cybersecurity Breaches in November

Hackers aren’t taking a break this holiday season as we continue to read headlines of devastating breaches. Here are the top 5 breaches reported in November: Google Android: According to reports, there are now as many as 1.3 million Android phones infected with malware. The main purpose of the Gooligan strain is to get users to download apps that are part of an advertising network – the more people view the ads, the more money the creators of the malware make. It’s estimated to be ‘earning’ as much as $320,000 a month. The malware also enables access to the user’s Gmail, docs, photos and other information, but Google announced that the hackers don’t seem to be stealing data. Another thing that’s clear is the need to come up with better names for all of this malware… Gooligan?!? Michigan State University: A recent breach at Michigan State University may have involved up to 400,000 identification numbers as well as social security numbers of current and former students and employees. The hacker notified the university of the breach by sending an email and asking for an undisclosed sum of money. The breach is estimated to cost the school $3 million for identity protection services and improving security systems. United States Navy: A data breach at the Navy exposed the social security numbers of over 130,000 sailors. This occurred when a computer that included data regarding requests for re-enlistment and to change Navy Occupational Specialties became compromised. The Navy, FBI, and HPE are continuing their investigation into how the breach occurred. Europol: An employee at Europol accidentally exposed 54 European investigations online. This includes over 700 pages of sensitive information. It occurred when the employee took the reports home to make a private backup of the files, which is against Europol’s policy. The historical data included analysis of the Madrid bombings, attempts of attacks on airplanes with liquid explosives, and the Hofstad Network. Several hundred names and phone numbers of individuals thought to be linked to terrorism were made public. Whether it was intentional or not, organizations need to know who has access to sensitive data and what they’re doing with it. xHamster: Uh-oh… another adult site was hacked exposing 380,000 accounts. Hackers are trading personal details including usernames and email addresses. A report showed that 70 emails belonged to various government bodies in the US, UK and other countries. These breaches should be a red flag to all organizations. Whether it’s an inside threat or an external one, you need a better approach to protecting your company’s most valuable assets. Start by clicking here to learn how your cyber posture compares to other leading organizations.