Almost 6 billion accounts affected in data breaches in 2021
The year 2021 was record-breaking in terms of the sheer size of data breaches. According to the data collected and analyzed by the Atlas VPN team, 5.9 billion accounts were affected by data breaches throughout 2021.
Atlas VPN has retrieved and calculated the numbers of breached accounts based on multiple publicly available sources. The total count includes worldwide data breaches that took place from January 1st, 2021, to December 31st, 2021.
February saw the biggest data breach of all-time — COMB, or in other words, the Compilation of Many Breaches, which is responsible for the leak of a whopping 3.2 billion unique cleartext email and password combinations.
The breach was named this way because it is not a result of a single hack of a specific organization but rather combines leaked data from a number of different breaches spanning five years, including Netflix, LinkedIn, and others.
The breached data was first offered for sale on RaidForums, an underground database sharing and marketplace forum, for just $2 in February. Other breaches that made it to the top five biggest data leaks of 2021 include LinkedIn (700 million people), Facebook (533 million people), Brazil’s Ministry of Health (220 million people), and SocialArks (214 million people).
Cybersecurity writer and researcher at Atlas VPN Ruta Cizinauskaite shares her thoughts on 2021 data breach trends: “Even with data breaches becoming a growing threat, it seems organizations are still not putting enough effort in protecting the personal information of their users. One of the first things every organization should do is evaluate the amount of sensitive user data it collects — the less sensitive data is stored, the lesser the risk of it being leaked.”
As people are looking for ways to unwind at home, the gaming industry has been one of the primary places people set their eyes on. Not only is it a way to entertain yourself for hours on end, but it is also a place for people to connect, which is otherwise hard to do during the pandemic.
According to data presented by the Atlas VPN team, 303,827 individuals’ devices were affected by gaming-related malware and unwanted software between July 1, 2020, and June 30, 2021. Mobile games are also a major threat for gamers.
As many as 50,644 users attempted to download 10,488 unique files disguised as the ten most-played mobile games, generating a total of 332,570 detections. Minecraft was by far the most popular game on both PC and mobile platforms for dangerous app distributors to hide behind. On PC, nearly 185 thousand users were affected with over 3 million malware and unwanted software detections.
On mobile, the number of victims exceeds 44 thousand for the period.
Unwanted software includes files like adware, spyware, and so on. There are various versions of Minecraft and a plethora of mods (modifications that may be placed on top of the basic game to diversify gameplay) may account for its enormous popularity. Because mods are unofficial and developed by users, they can be used to hide dangerous payloads or undesirable software.
Security tips for gamers
Protect your accounts with two-factor authentication (2-FA) whenever possible.
Use strong passwords for your accounts, with a different one for each. That way, even if one of your accounts is compromised, the remainder will remain unaffected.
Downloading games from official retailers such as Steam, Apple App Store, Google Play, or Amazon Appstore is safer. These marketplaces aren’t completely safe, but they are at least examined by store staff, and there is some sort of screening procedure in place: not every app is allowed into these stores.
If you want to buy a game that isn’t accessible in major stores, you should do it through the official website. Make sure to double-check the website’s URL to avoid impostor sites.
Be cautious of phishing campaigns and unfamiliar players. If you are unsure about the sender, do not open links you receive via email or in a gaming chat. Do not open files sent to you by strangers.
Another one of the most well-known game titles worldwide, The Sims 4, was the second most often used title to distribute unwanted files. Over 43 thousand users were impacted, with detections closing in on 1.3 million. For the Silo, Valentina Perez.
Cybercriminals are constantly attempting to exploit vulnerabilities that affect as many people as possible to maximize their profit opportunities.
According to the recent Atlas VPN team findings, Google and Microsoft accumulated the most vulnerabilities in the first half of 2021. Although not all exposures can cause critical damage, hackers could exploit some of them for severe attacks.
Google had 547 accumulated vulnerabilities throughout the first half of 2021. Exploiting Google products like Chrome is popular among cybercriminals. Next up, the second most exposures were found in Microsoft products — 432. State-sponsored threat actors from China abused Microsoft Exchange Server vulnerabilities to carry out ransomware attacks.
Oracle registered 316 total vulnerabilities in the first six months of 2021. Usually, the exploits are found in Oracle WebLogic Server, which functions as a platform for developing, deploying, and running enterprise Java-based applications.
Networking hardware company Cisco accumulated 200 vulnerabilities. Lastly, the producer of software for the management of business processes SAP had 118 exploits in total. Cybersecurity writer and researcher at Atlas VPN William Sword shares his thoughts on Microsoft and Google vulnerabilities: “Exploiting vulnerabilities in Google or Microsoft products allow cybercriminals to probe millions of systems. While the tech giants are doing a fair job of keeping up with exploits and constantly updating their software, people and organizations need to follow suit and keep up with the updates to prevent further exploitation.”
Vulnerability tiers
Exploits that can be turned into a severe attack get more attention from cybercriminals and companies themselves to fix the flaw as soon as possible. In the first half of 2021, there were 1,023 vulnerabilities found with a risk tier of 10.
One of the exploits that applied to such a tier is CVE-2021-22986, with a score of 9.8. National Vulnerability Database (NVD) issued risk tier 9 to 927 vulnerabilities. At this tier, exploit CVE-2021-28111 stood out with a score of 8.8. NVD recorded most vulnerabilities at a risk tier of 8 — 2,164. A notable exploit was CVE-2021-24092, with a score of 7.8. Finally, NVD recorded 501 vulnerabilities at risk tier 7. While second-most vulnerabilities — 1,765 — were found at tier 6.
Criminals continue to impersonate well-known brands to trick people into giving up their personal information.
According to the data presented by the Atlas VPN team, Crédit Agricole, a French financial group, was by far the most used brand in phishing attacks in H1 2021. The brand was linked with 17,755 unique phishing URLs, followed by social media giant Facebook with 17,338 and Microsoft with 12,777.
The figures are based on Phisher’s Favorite Top 25 H1 2021 report by Vade, which looks at the 25 most impersonated brands in phishing attacks from January 1, 2021, to June 30, 2021.
Multi-platform messaging service provider WhatsApp is the second social media brand to make the top ten list. It was taken advantage of in 8,727 phishing attacks. Meanwhile, French bank La Banque Postale occupies the fifth spot with 7,180 attacks.
Other brands in the top ten list include multinational telecoms company Orange (4,047), the world’s largest online retailer Amazon (3,501), multibillion-dollar media, entertainment, and communications company Comcast (3,116), digital payment service provider PayPal (2,601), and American national bank Chase (2,537).
Most phishing assaults were perpetrated in Brazil, followed by Russia and Indonesia.
Financial brands were criminals’ favorite
Generally, cybercriminals choose highly-trusted brands in their phishing campaigns. However, brands in certain industries were more favored than others.
Financial service brands were particularly popular in phishing attempts due to the rise in digital payments and growing reliance on online banking during the pandemic. They accounted for 36% of URL phishing attacks in H1 2021.
Cybercriminals spoofed well-known financial brands such as Crédit Agricole, La Banque Postale, PayPal, Chase, Wells Fargo, Square, HSBC, and Banque Populaire to lure out sensitive information from unsuspecting victims.
Social media companies were also heavily impacted. Social media brand impersonation accounted for over a quarter (26%) of all brand phishing attacks in the first half of this year. Apart from Facebook and WhatsApp, Instagram and LinkedIn were common choices for criminals.
Next up is the cloud sector. Cloud companies like Microsoft, Netflix, Adobe, and DocuSign were involved in 17% of URL phishing attacks. Meanwhile, 11% of phishing assaults targeted e-commerce and logistics companies, such as Amazon, DHL, Rakuten, Apple, and eBay.
The remaining 10% of brands spoofed in URL phishing attacks were internet and telecommunication companies, such as Orange, Comcast, Yahoo, SFR (9%), as well as government organizations (1%).
Tips to avoid phishing scams
Keep your browser up to date. Look out for browser updates. They are released regularly and may contain security patches for vulnerabilities that were discovered on the browser. Cybercriminals often launch attacks to exploit known security vulnerabilities. Therefore it is essential to install any browser updates as soon as they become available.
Inspect the website’s URL. Carefully inspect the website’s URL before taking any action. Criminals use visually similar characters such as lower case “L” and capital “I” to deceive people into thinking they are on a legitimate website.
Look for an SSL certificate. Make sure the portal address starts with HTTPS (not with HTTP) and has a green padlock symbol before the web address. This means that the website has an SSL certificate, and the connection is encrypted.
Beware of grammar mistakes. Scammers rarely hire professional writers to check their copy-cat website’s content for errors. If a website is riddled with spelling mistakes, there is a high chance it is not legitimate.
Check if the website has been flagged. You can use URL checkers to see if the website has already been flagged. You can find many tools for this purpose by searching “Check URL safety” in Google.
Use Tracker Blocker. Take advantage of the Atlas VPN Tracker Blocker tool, which stops third-party trackers and blocks malicious websites for a safer browsing experience.