“Well, all information looks like noise until you break the code”, wrote Neal Stephenson in his classic cyberpunk novel Snow Crash back in 1992. He must have known something since what was science fiction back then is quite the reality today. The year 2021 was a thriving one for hackers. Some of the biggest institutions that influence people’s everyday lives were targeted, including gas providers, manufacturers, and social media sites, just to name a few. The following are just some of the ones who faced the biggest data breaches of the year, and could’ve prevented their catastrophes had they taken just a handful of online security steps.
Colonial Pipeline: Fuel on Fire
April 2021. Cars lining up in front of mostly depleted gas stations. Increasing fuel prices by the hour. Panicking drivers hauling gasoline in buckets and plastic bags. These are the results of a hacker attack on Colonial Pipeline, the largest fuel transporter in the U.S. The entire gasoline pipeline of the company was shut down soon after the attack. All this due to a single compromised password.
It's no news how quickly passwords can be cracked. This time, the cybercrime group called DarkSide used an employee’s VPN account to gain access to Colonial Pipeline’s network. It’s unknown how the hackers got hold of the credentials, but it can only be assumed that the password was used somewhere else. The user didn’t set up multifactor authentication, so the hackers didn’t have a problem signing in.
The account has since been deactivated, but the hackers reportedly stole 100 gigabytes of sensitive data. They would have leaked all of it had Colonial Pipeline refused to pay the $4.4 million ransom they were asking for.
JBS: The Meat of the Matter
The Brazilian company JBS is the largest beef producer in the world. Its U.S. branch dominates the American beef market, while its subsidiary Pilgrim’s Pride processes the second most poultry in the country. Sadly, the JBS US branch was hit by a ransomware attack in May 2021.
On a Sunday morning, IT staff members started noticing that some servers were rapidly locking them out. It didn’t take long for a ransom message to appear, demanding $11 million in Bitcoin. FBI’s investigation revealed that the malware arrived through phishing emails, where a group of unaware employees opened Trojans that let hackers enter the company’s IT systems. They gained full control over JBS’s systems, and things escalated quickly afterward.
JBS eventually did pay the ransom and was forced to rely on backups to regain full control of all servers. The result of the conflict stirred a very vocal media response, where U.S. Secretary of Energy, Jennifer Granholm, openly condemned JBS for giving in to these threats. She further added that she’d support banning such conduct.
Facebook: User Data Leak
Social media is one of the driving forces behind today’s society. Even reluctant people tend to have at least a Facebook account, where they may join a plethora of groups, follow zillions of pages, and catch up with friends. Little do they know how vulnerable they are to getting hacked when using such a site.
The personal information of 533 million Facebook users was posted on a hacking forum in April 2021. Cybercriminals managed to scrap the data through a misconfiguration in Facebook’s contact importer. In order to get phone numbers and account details, hackers emulated the app and uploaded random information to see if any matched with existing data.
Although the breach happened back in 2019, and Facebook was aware of it at the time, the leaking of data in 2021 proves that there’s no such thing as sensitive information becoming irrelevant over time. The goal behind the hacking remains unknown, but social engineering and phishing in the name of millions are just two possibilities.
Moral of the Events
These are only the three biggest hacking tales of the many that happened in 2021, but each one demonstrates the need to prioritize cybersecurity. With multifactor authentication, companies can avoid being hacked: even when one factor is compromised (usually the user credentials), another factor like a one-time password can still secure the account. It’s also essential to have a unique password for each account you use. Of course, remembering so many passwords is impossible, and this is where reliable password managers – like Dashlane or RoboForm – can be of great help.
If hackers were able to breach big companies, such as Colonial Pipeline, JBS, and Facebook, it’s clear that businesses of any size are in danger. Investing in cybersecurity is essential to protect sensitive data and prevent significant financial losses.
Best Password Managers of 2023
|Editor's Choice 2023
Get the Best Deals on Password Managers
Subscribe to our monthly newsletter to get the best deals, free trials and discounts on password managers.