Cybersecurity Roundup for the First Half of 2018

Cybersecurity Roundup for the First Half of 2018

Each day tens of thousands of people from all over the world are hacked. Not just sent run-of-the-mill phishing emails, but legitimately hacked. This has made the cybersecurity industry grow at a rate only surpassed by the Internet of Things (which ironically may be one of the largest threats to cybersecurity in the world). We thought it would be good to go over some of the largest cybercrimes of the first half of 2018, and some telling statistics that will give you an idea of what exactly you are up against.

In trying to establish what were the most devastating hacks, we’ve combed through this year’s records and have decided to break it down by public and private hacks. Public hacks have to do with individuals and municipalities, while private hacks are the ones that infiltrate businesses and make available thousands and millions of records for sale. Without further ado, here are the biggest hacks so far in 2018:


  • 280,000 Medicaid records were exposed when a hacker broke into Oklahoma State University Center for Health Sciences. Patient names and provider names of these individuals were exposed.


  • FedEx had customer records leaked after an unsecured server owned by a company acquired by FedEx, Bongo International, was hacked. Over a hundred thousand files, including names, drivers’ licenses, national ID cards, voting cards, and utility bills were exposed.


  • Travel booking site, Orbitz, had a security vulnerability that resulted in upward of 880,000 customers’ payment card information, or about two whole years of customer data, taken off their server.
  • French news site L’Express exposed reader data by leaving a database up for weeks without a password needed for access. After being warned, the Paris-based periodical left the database exposed for weeks.
  • Hackers gained access to 134,512 patient and financial records after a malware attack at St. Peter’s Surgery and Endoscopy Center in Albany, NY.
  • Under Armor, one of the largest sports apparel brands in the world, had their mobile application, MyFitnessPal, hacked, exposing around 150 million people’s personal information.
  • Aerospace giant Boeing was hit by the WannaCry ransomware that affected “a few machines” that weren’t protected with Microsoft’s 2017 patch.


  • Twitter forced its hundreds of millions of users to change their passwords after admitting that, at one time, user passwords were stored in plaintext, and may have been exposed to internal company staff.
  • An unauthenticated API found on T-Mobile’s website exposed the personal information of all of their customers, by simply using their cell phone number. Information that was available included full name, address, account numbers, and in some cases, tax IDs.
  • A bug found in Atlassian development software titles Jira and Confluence allowed hackers to infiltrate the IT infrastructures of several companies and one U.S. government agency.
  • The predominant way for American travelers to secure European rail tickets, Rail Europe, had a three-month breach of credit cards. It’s thought that thousands of users’ credit card information was taken in the breach.


  • Around 340 million records were stolen from marketing company Exactis. It may be amazing to you that a company that you have never heard of leaked what amounts to the personal information of nearly every American. The company, which aggregates and compiles business and consumer data, has been hit with a class action lawsuit in response to the breach.
  • Apparel giant Adidas had their website hacked, resulting in the loss of a few million people’s personal and credit card information.
  • At least 800 e-commerce sites, including Ticketmaster, had consumer card information skimmed in a huge campaign by a hacker collective named Magecart. Targeting third-party developers, they are able to alter code and syphon off the information they wanted.


  • Department of Homeland Security was affected by a data breach that exposed 247,167 current and former employees and other individuals.


  • The City of Atlanta, Georgia was hit with a ransomware attack, dubbed SamSam, that caused a massive problem for their municipal infrastructure. Hackers asked for $51,000 to release the encrypted files, a number Atlanta’s leaders were unwilling to meet. It has subsequently cost the city more than 10x that. In fact, as of early June, there were still some parts of the city that were using analog or manual systems. Some experts believe that the total cost to taxpayers will be nearly $20 million.
  • India’s national ID database, Aadhaar, leaked data on over a billion people. In one of the largest-known breaches in history, a user could pay 500 rupees ($7) and get the login credentials that allowed anyone to enter a person’s 12-digit code and get their personal information. An additional 300 rupees ($4.20) gave users access to software through which anyone could print an ID card for any Aadhaar number.
  • It came to the forefront that Cambridge Analytica, the data analytics company that U.S. President Donald Trump used to help his campaign had harvested personal information from over 50 million Facebook users without their permission. While Facebook denied this was a “data breach”, Cambridge Analytica was banned from the service over the ordeal.


  • A major hack at a U.S. Government-funded active shooter training center exposed the personal data of thousands of U.S. law enforcement officials, while also exposing that many police departments are ill equipped or unable to respond to an active shooter situation.

These are just the most major of the hacks of 2018. There is still major fallout from 2017’s major breaches, including the Friendfinder hack that exposed 412 million user accounts and the Equifax data breach that affected 148 million people. In fact, even though the hacks referenced above cover a lot of ground, hundreds of organizations have their cybersecurity compromised each day. According to billionaire investor Warren Buffet, there is reasonable evidence that there could be a major cyberattack that could cost insurers tens of billions of dollars. The statistics back this up:

  • In 2017 over 130 large-scale breaches were reported, a 27 percent increase over 2016.
  • Nearly 1-in-3 organizations have experienced some sort of cyberattack in the past.
  • Cryptojacking (stealing cryptocurrency) increased 8,500 percent in 2017.
  • 100,000 organizations were infected with the WannaCry ransomware (400,000 machines).
  • 5.4 billion WannaCry attacks were blocked in 2017.
  • The average monetary cost of a malware attack for a business is $2.4 million.
  • The average time cost of a malware attack for a business is 50 days.
  • Ransomware cost organizations over $5 billion in 2017.
  • 20 percent of cyberattacks come from China, 11 percent from the United States, and six percent from the Russian Federation.
  • Phone numbers are the most leaked information.
  • 21 percent of files are completely unprotected.
  • 41 percent of companies have over 1,000 sensitive files left unprotected.
  • Ransomware is growing at 350 percent annually.
  • IoT-based attacks are growing at about 500 percent per year.
  • Ransomware attacks are expected to quadruple by 2020.
  • 7.7 percent of web requests lead to malware.
  • There were 54 percent more types of malware in 2017 than there were in 2016.
  • The cybersecurity market will be worth over $1 trillion by 2025.

Cybersecurity risk is high, and it’s just getting more and more risky. By assessing your company’s cybersecurity health the IT professionals at BNMC can put you with the solutions and services needed to keep threats at bay. If you are looking to improve your cyber security, or if you would like to know how to, contact us today at 978-482-2020.



No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Monday, January 21 2019

Captcha Image

Subscribe to Our Blog!

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Tip of the Week Best Practices Technology Email Cloud Privacy Malware Network Security Business Computing Hackers User Tips Tech Term Business Google Software Computer Internet Microsoft IT Services Efficiency Productivity Hosted Solutions Ransomware Mobile Devices Communication IT Support Hardware Smartphone Small Business Data Android Saving Money Managed IT Services Backup Browser Innovation Business Continuity Managed IT Services Windows 10 Windows Data Management Data Recovery Cloud Computing Internet of Things App Business Management Data Backup Microsoft Office Productivity Cybersecurity Workplace Tips Office 365 Remote Monitoring Disaster Recovery Encryption Outsourced IT Word Passwords Upgrade Facebook Server Phishing Artificial Intelligence Mobile Device Windows 10 Gmail Tip of the week IT Support Money Website Infrastructure Vulnerability BYOD Smartphones Applications Chrome Analytics Employer-Employee Relationship Managed Service Provider communications Network Risk Management Government Social Media Antivirus Office Tips Managed Service Google Drive Maintenance Access Control Bandwidth Big Data Content Filtering IT Management VoIP Miscellaneous Information Robot Settings Save Money Router Automation Paperless Office Users YouTube Data storage Company Culture Two-factor Authentication Avoiding Downtime SaaS Scam Outlook Unified Threat Management Managing Stress Spam Computing Data loss Holiday Operating System Telephone Systems WiFi Employee-Employer Relationship desktop Development LiFi Networking Alert Laptop Hosted Solution Firewall Display The Internet of Things Administration HIPAA VPN Mouse Document Management Data Security Vendor Management Downtime Server Management Monitors Business Technology Mobile Security Wireless Touchscreen Education Virtual Private Network Apple Quick Tips Storage Tablet Business Intelligence Printing End of Support Virtual Reality Hacker Deep Learning Google Maps Mirgation Recycling Network Congestion Mobile Device Management Troubleshooting Address Permissions IoT Security Cameras User Error Augmented Reality K-12 Schools Spying Patch Management Managed IT Service Cookies MSP Scary Stories Customer Relationship Management Computing Infrastructure Professional Services Wi-Fi Alt Codes Analysis Specifications Social Networking Writing Running Cable Human Error Buisness Bring Your Own Device Heating/Cooling Multi-Factor Security Chatbots eWaste Computers Star Wars Digital Payment Time Management Printer Wearable Technology Network upgrade Dark Data Update Virtual Desktop Social Break Fix Nanotechnology Sports Budget Digital Alerts USB Typing Humor Disaster Search Black Friday Motherboard Cables Retail Information Technology Device Politics Best Practice Collaboration Servers Google Calendar Identity Continuity Current Events LED Emergency Fraud Cost Management Network Management Smart Office Customer Service PowerPoint Dark Web Screen Reader Charging Spyware Licensing Dongle Cryptocurrency Uninterrupted Power Supply Cyber Monday Wires Office Samsung Apps Mobility Tech Support Google Docs File Sharing Legislation Solar Cybercrime IT solutions Going Green Co-Managed IT Computer Care IBM Assessment SharePoint Work Chromebook Hacks Onboarding Solid State Drive Microsoft Excel Smart Tech Marketing Identity Theft Techology Cooperation Service Level Agreement Bitcoin Slack Managed IT Smart Technology Voice over Internet Protocol Social Engineering Gadgets Google Wallet Print Toner Internet Exlporer Websites Business Growth Statistics Compliance Content Training Corporate Profile How To Lenovo Hotspot Legal Automobile Downloads IT Technicians Optimization Password Digital Signage Hard Disk Drive Mail Merge Blockchain Connectivity VoIP Unified Threat Management Staff Leominster Windows 8 Monitoring Dell Shortcut Distributed Denial of Service Modem FinTech Safety Halloween Unified Communications Drones Shortcuts Superfish Language Value Cabling Bluetooth Comparison Regulations Remote Computing Streaming WannaCry Firefox Administrator Cortana Taxes 3D Printing IT Budget Web Server what was your? Machine Learning Processors GPS Virtualization Mobile Computing Printers IT Consultant Unsupported Software Managed Services Cameras Computer Repair Relocation Meetings Tracking Mobile Data Cleaning Recovery CCTV How To Work/Life Balance Health Private Cloud Webcam BDR Black Market Error Regulation Law Enforcement Electronic Medical Records Point of Sale Ben McDonald shares Notifications Physical Security Travel Twitter Emoji G Suite Upgrades Gadget Supercomputer CrashOverride Crowdsourcing Personal Information Botnet Motion Sickness Staffing

What Our Clients Say

  • BNMC has provided us with nothing less than outstanding service and results for all of our IT needs for the past few years. Every member of their staff is professional, knowledgeable, friendly and eager to solve any problem...
  • 1
  • 2
  • 3