During the first quarter of 2020, there was a reported 600% increase in cyber attacks. As the pandemic hit, companies were forced to adopt new strategies to ensure business continuity. Research suggests that remote working has become the source of up to 20% of cybersecurity incidents. Below, we take a look back at some of the cyber security incidents in 2020.
- Marriot Hotels
In February 2020, Marriot announced that it had been the victim of a cyber breach – again! 2 years after the 2018 cyber breach which saw over 500 million records stolen and resulted in a $126 Million charge and 65% drop in profit, Marriot announced that it had once again been hit, this time with up to 5.2 million guest’s data at risk. For the second time, the data breach was a result of a franchise companies lack of security standards which left Marriot liable for the £18.4 million bill. Both Marriot breaches reinforces that companies must secure not only their business but that of their partners, contractors, franchisees and suppliers.
In early 2020, hackers broke into Texas-based SolarWinds systems to add malicious code into the company’s software. This allowed hackers to gain access to private sector Fortune500 companies, government agencies, critical national infrastructure operators and even the DoE and NNSA, which has responsibility for maintaining the US’s nuclear weapons arsenal. The extent of the supply chain based attack is still being uncovered and it has now come to light that the malicious code which gave cyber criminals a back door entrance was active for ‘many months’ before it was discovered. An attack of this scale replicates the devastating disruption caused by the 2017 NotPetya attack on Maersk which resulted in $300 Million in losses.
- Magellan Health
Phishing emails are used in over 92 percent of all data breaches, with healthcare leading the way as the greatest target for cyber criminals. In April of 2020, Magellan Health discovered a breach to their systems. A sophisticated spear-phishing email in which a Magellan client was impersonated as Magellan Health client enabled criminals to gain access to the health plan’s servers revealing the personal health information of 364,892 individuals. Stolen information included treatment records, member ID, health-related information, email addresses, phone numbers, and physical addresses. The attackers set a ransom price and demanded payment or else the records would be sold on the dark web.
In May 2020, budget airline EasyJet suffered a data breach caused by a ‘highly sophisticated cyber attack’, in which the email addresses and travel details of around nine million people were stolen. Of these, 2,208 also had their credit and/or debit card details accessed. In already troubled times due to the restrictions on travel caused by the pandemic, EasyJet still faces an £18 billion class-action lawsuit over data breach, which if successful, every customer impacted by the breach could receive a payout of £2,000. To add insult to injury, EasyJet are also liable to face fines for failing to comply with EU GDPR which could result in another 10 million Euros or 2% of their global turnover.
In March 2020, T-Mobile announced a third data breach in three years. The latest breach was caused by an email vendor being hacked that exposed the personal and financial information of their customers. Some of the email accounts that were hacked contained T-Mobile customer information such as social security numbers, financial information, government ID numbers and billing information. To be successfully attacked three times in as many years not only highlights the sophistication of relentless attackers, but also the consequences of failing to understand your cyber exposure and lack of supply chain awareness.