Cyberattacks have increasingly been a trending topic in recent weeks. From the ransomware attack that caused the Colonial Pipeline to shut down, to one of the largest food processing companies, JBS, that took place three short weeks after. Hackers haven’t shown signs of slowing down.
Predictably, this alarming trend continued throughout June, with high-profile companies like McDonald’s, EA Sports, LinkedIn, Peloton, and Volkswagen. These high-level attacks continue to highlight the growing need to invest in a strong cybersecurity strategy. Mentioned below are some of the attacks that took place in June 2021 that made major headlines.
McDonald’s announced early into June that it, too, fell victim to a data breach. The hackers exposed private information about customers and employees in South Korea and Taiwan. Luckily, customers’ payment information was unable to be accessed, but personal data such as emails, home addresses, and phone numbers were among the small number of files that were obtained by the hacking group. Read more about the attack here.
It was discovered on June 22nd that LinkedIn would face its second massive data breach in the past 3 months. This time around, LinkedIn experienced 92% of server users (700M of its 756M users) had their information leaked. The hacker advertised a sample size of 1M records for sale on the dark web and checks confirming the data is up to date. The hacker reportedly obtained the data by exploiting the LinkedIn API to access user information such as email addresses, full names, phone numbers, home addresses, geolocations, and more. Read more about the attack here.
Peloton also experienced its second security concern in two months. Users of the indoor fitness bike have received alerts related to the potential threats with their touchscreen Bike+, which could become compromised by hackers. Peloton’s cybersecurity partner revealed a new vulnerability which enables hackers to access to the Peloton bike screen and watch users during their ride through the bike’s camera and microphone. By controlling the bike screen, the hacker can place apps on the bike like Hulu or Netflix to then obtain the user’s log-in information. Read more about the attack here.
On June 11th, it was announced by Volkswagen and Audi, (Volkswagen’s luxury brand) have exploited personal information about 3 million of its customers in Canada and the United States. Volkswagen disclosed that a vendor left unsecured data exposed on the internet. In most cases, the data gathered from Volkswagen included sensitive information like phone numbers and driver’s license numbers. In severe cases, Social Security numbers and VW/Audi account numbers were gathered. Read more about the attack here.
On June 6th, hackers vouched to have stolen 780 gigabytes of data from EA Sports, as well as a Frostbite source code, which serves as the game engine that runs its most profitable games such as FIFA, Madden, Battlefield, and others. The hacking group announced they have full capabilities to exploit all EA’s services. A threat analyst for Emsisoft, stated “source code could, theoretically, be copied by other developers or used to create hacks for games” (CNN Busines). Luckily for all players, EA claims player data was not compromised in the breach. Read more about the attack here.
Security and compliance no longer need to be a compromise. In fact, your organization can no longer afford for it to be. AgileBlue’s SOC-as-a-Service offers 24/7 monitoring and threat detection, so you can rest easy knowing that your cloud and network are protected. When threats arise, put your trust in our advanced machine learning, user behavior analytics, backed by our team of cybersecurity experts.
Want to learn more about AgileBlue’s one-of-a-kind security operations center? Request a demo.