2017 Outlook-Breaches and Attacks

Supercell hit it big with its Clash of Clans mobile app game. They host a vBulletin forum for customer support and gamer interactions. Unfortunately, using the third-party forum software made them vulnerable to popular vBulletin hacks. It’s estimated that over 1 million accounts were compromised.

Cloudflare

Cloudflare gave us an example of what can go wrong with just one typo in your code. The breach — named “Cloudbleed” — allowed anyone to read random plain-text data from different websites embedded in external HTML code even if it was protected by SSL. It all stemmed from using a “>” in code rather than “=”.  Cloudflare is a leading CDN, millions of customer records were potentially exposed.

Arby’s

Similar to the Target breach of 2013, Arby’s announced in February that it has been the victim of a malware attack on its payment card systems. The total amount of accounts exposed hasn’t been estimated yet, but they’ve identified that breaches occurred in 1,000 corporate restaurants.

Saks Fifth Avenue

In March, Buzzfeed found that customer data was exposed in plain text on Saks’ retail site. The investigation found that any customer who put their name on a waiting list was exposed in the breach. Payment information wasn’t exposed, but any contact details including email, phone, names and addresses were available to scrape and store for later.

Dun & Bradstreet

The company found that 33 million corporate accounts were spreading across the Internet. However, the company insists that the 52GB database was sold to customers, which makes it unclear if the breach occurred within its own network or a customer was hacked.

Bottom line, Don’t wait till the attack happens.

Turbocharge your forensics and incident response.

Talk with our forensic experts today and learn how our network forensics solution can be integrated into your security architecture.