2021 Top Breaches: Part I

Q1, 2021 saw the fallout from the Solarigate which of course began last year as well as the gargantuan Microsoft Exchange incident. Not to be outdone, nation state actors also showcased real world affects of a cyber security breach by poisoning water supply.

Here is how the Incident of the Week played out each week of Q1, 2021 here on the Cyber Security Hub:

With more than 140,000 members, Cyber Security Hub is the vibrant community connecting cyber security professionals around the world.

JAN

SolarWinds Hack Deeper And Wider Than First Anticipated
- SolarWinds' Orion update is currently inside of thousands of public and private institutions. Some have remediated the vulnerability. But Microsoft itself has noted in a statement that their investigation has “revealed attempted activities beyond just the presence of malicious SolarWinds code."
As The SolarWinds Hack Investigation Continues, New Insights Reveal A New Suspect
- The ongoing investigation into the SolarWinds cyber attack reveals a possible suspect—and it wasn’t the notorious Russian hacking group preliminary reports first assumed.
Another Solarigate Target Identified by Microsoft
- Microsoft’s investigation into Solarigate, has identified yet another victim. Mimecast is a cloud-based email management system that incorporates security, archiving, and other services into the Office 365 platform. Of Mimecast’s 36,000 customers, it is estimated that 10% are affected by the hack.
While The Solarigate Rages On, A New Strategy To Cyber Security Emerges
- In America’s free market, private sector and third-party technology vendors create information silos, both intentionally and unintentionally, which muddies the waters when it comes to investigating cyber security incidents. Malwarebytes and Mimecast have also made public calls for collaboration.

FEB

Washington State Audit Into Hacking Fraud Is Compromised In A Hacking Inception
- The ESD is insistent that this new breach—after the criticism it faced for the spring breach—is not responsible for this incident. Instead, the blame is placed on Accellion, a third-party file transfer software used by the auditor’s office.
A Thwarted Poisoning Attempt In A Small Florida County Serves As A Warning To Municipalities Across The Country
- The hack itself was unsophisticated in nature, but it exemplifies a big-picture problem that has concerned cyber security experts for years: internet accessible operational technology (OT). That concern has now become an actual systemic vulnerability.
End-Of-Life Third Party Software Responsible For Singtel Hack
- Bank account information was stolen from 28 former employees. A few dozen credit card numbers belonging to staff members of a Singtel corporate customer and information from 23 related enterprises were also stolen. Singtel notes that the latter could be damaging if leaked.
The U.S. Department Of Justice Takes A Stand Against North Korean Hackers
- The indictment serves as evidence that the United States is increasingly willing to punish cybercriminal actors; a move that was previously reserved for government hacks. Included in the indictment is the Sony hack and the cryptocurrency hack that only targeted American citizens.

MARCH

China Possibly To Blame For India’s 2020 Power Outage As Cyber Warfare Increases Globally
- Nation states are taking extra measures to keep threat actors out of its infrastructure including strengthening firewalls, blacklisting additional IP addresses, and utilizing antivirus software. Cyber attacks are a new form of warfare, both psychologically and with physical consequences.
A Massive Zero-Day Attack On Microsoft Exchange Users
- It appears that a number of other state-sponsored and rogue hacking groups were tipped off to the vulnerability. Several additional hacking groups have recently been identified as taking advantage of the vulnerability shortly after the patch was released.
Hackers Prove Modern-Day Security Firm Is Anything But
- The breach highlights the irony of a security company leveling-up the industry by going hi-tech, utilizing IoT and ML technologies doing anything but, by losing 150,000 of its live-feed security cameras to the eyes of someone else. To call it a hack is almost a misnomer.

2021 Top Breaches: Part I

JAN

FEB

MARCH

FIND CONTENT BY TYPE

Cyber Security Hub COMMUNITY

ADVERTISE WITH US

JOIN THE Cyber Security Hub COMMUNITY