Looking back at the top data breaches of 2021

Darren Craig Darren Craig / January 21, 2022 / Data Privacy

RiskXchange can help your company avoid becoming one of those affected by costly cyberattacks and ensure your organisation doesn’t make our list of top data breaches..

Cybercriminals flourished in 2021, which is, of course, bad news for businesses right around the globe. The Identity Theft Resource Center (ITCR) reported that by the end of September last year, the number of data breaches over the first three quarters of 2021 surpassed the total amount during the entirety of 2020. 

The most notable breach turned out to be the Colonial Pipeline ransomware attack of May 2021, which caused gas shortages throughout various parts of America. Others included a LinkedIn breach that affected 700 million users, a Twitch leak which impacted 5 billion users, and a state-sponsored attack on Microsoft. 

Let’s take a look back at the top data breaches of 2021.

1. Socialarks

Impact: 214 million records affected

In January 2021, social media management firm Socialarks suffered a huge data leak of over 400GB of personal data from social media platforms including LinkedIn, Facebook, and Instagram.

2. Accellion

Impact: More than 100 organisations affected

Malicious attackers targeted Accellion clients via their File Transfer Appliance service. Cybercriminals — including financial crime group FIN11 and ransomware group Clop— took advantage of the vulnerabilities both before patches were released and afterwards, after some organisations didn’t apply the patches fast enough. The affected organisations included Kroger, Shell, Morgan Stanley, and other leading businesses and government agencies. 

3. ShinyHunters: Wave 3

Impact: 129.4 million records leaked

Toward the end of January 2021, cybercriminal group ShinyHunters began posting stolen databases from various organisations in hacker forums. Companies including Pixlr, dating site MeetMindful, tee shirt site TeeSpring, and at least seven other organisations were affected. The stolen data included financial information, full names, email addresses, hashed passwords, and dates of birth.

4. The Astoria Company

Impact: 30 million records affected

In January 2021, 10 million customers of lead generation firm The Astoria Company had their Social Security numbers, driver’s license numbers and bank account details exposed. A further 10 million customers had their credit history, medical data, home, and vehicle information leaked. It is still unclear as to whether it was part of the ShinyHunters attack.

5. Microsoft

Impact: 250,000 servers affected

On March 2, 2021, Microsoft announced that it had been targeted by a state-sponsored cyber-attack by the Chinese hacker organisation Hafnium. Microsoft Exchange was infiltrated for about three months before being detected. The attack affected millions of people. Those affected were more than 30,000 organisations in the United States, government agencies, 7,000 servers in the United Kingdom, the European Banking Authority, the Norwegian Parliament, and Chile’s Commission for the Financial Market (CMF).

6. Twitch

Impact: 5 billion records leaked

Amazon’s streaming service Twitch was affected by another long-running attack in 2021. Cybercriminals took advantage of a human error made by personnel configuring a server and stole over 5 billion records. Between January and June, billions of private business records were leaked by the hackers.

7. ParkMobile

Impact: 21 million records affected

In March 2021, the ParkMobile parking app experienced a breach due to a vulnerability in third-party software the company uses. The personal data of 21 million users were stolen and shared on a Russian language crime forum. 

8. IDC Games

Impact: 4 million records affected

In March 2021, an IDC games database was shared on the dark web. More than 4 million usernames, email addresses, and hashed passwords were leaked.

9. ClearVoiceResearch.com

Impact: 15 million records affected

In April 2021, market research firm ClearVoice learned that an unauthorised user was offering profile information of survey participants to the public for purchase. The stolen data included names, genders, date of birth, physical and IP addresses, and plain text passwords. 

10. Reverb

Impact: 5.6 million people affected

In April 2021, a Reverb database was discovered on the dark web. The database included user data of names, contact information, email accounts, geographical addresses, PayPal account emails, and IP addresses. 

11. Colonial Pipeline

Impact: Five US states reported fuel shortages

In May 2021, one of America’s largest oil and gas companies, Colonial Pipeline, was affected by a ransomware attack that temporarily halted operations, causing an energy crisis in five US states. The airline industry was also affected due to a related shortage of jet fuel. Cybercriminals affiliated with Darkside undertook the attack and it was declared a public security threat.

12. Android

Impact: 100 million people affected

In May 2021, malicious actors stole the personal information of more than 100 million Android users, following configuration errors of the company’s cloud services. 

13. JBS

Impact: Beef shortage worldwide

In May 2021, REvil compromised the networks of JBS, a Brazilian meat processor, and America’s largest source for beef and pork. The attack forced all of the company’s plants to shut down and drove up meat prices worldwide. JBS were reported to have paid off the hackers following an $11 million ransom demand.

14. Volkswagen & Audi

Impact: 3.3 million records affected

In June 2021, Volkswagen and Audi announced that 3.3 million customers had their personally identifiable information exposed. Private addresses, personal data, email accounts, mobile numbers, and information regarding automobiles were compromised.

15. LinkedIn

Impact: 700 million records affected

In June 2021, data associated with 700 million LinkedIn users were posted on the dark by a cybercriminal called “God User”. Email addresses, genders, phone numbers, geolocation records, and other social media details were included in the breach which brought about a government investigation. 

16. T-Mobile

Impact: 40 million records affected

In August 2021, 40 million T-Mobile customer records were published on the dark web and offered for sale. Names, dates of birth, driver’s license/ID information, and Social Security numbers of customers were all part of the leak.

17. IndiaMART

Impact: 38 million records affected

In August 2021, 38 million records from e-commerce firm IndiaMART were found on a hacking forum. More than 20 million unique usernames, email addresses, phone numbers, and physical addresses were exposed.

18. Neiman Marcus Group

Impact: 4.35 million records affected

In September 2021, Neiman Marcus Group had 4.35 million customer data records stolen following an attack. Approximately 3.1 million payment and virtual gift cards were affected, and the breach is said to have cost the company millions to rectify.

19. CoinMarketCap

Impact: 3.1 million records affected

In October 2021, it was found that 3.1 million email addresses with accounts on the cryptocurrency market capitalisation website CoinMarketCap were being traded on hacking forums. CoinMarketCap is currently conducting an investigation as it’s still unclear as to how the information was obtained.

20. CyberServe 

Impact: 1.1 million records affected

Customer data from Israeli hosting provider CyberServe was breached and ransomed in October by a group known as “Black Shadow”. The impact of the breach was widespread mainly because LGBTQ dating site Atraf and the Machon Mor Medical Institute were involved.

Get in touch with RiskXchange to find out how to avoid becoming one of those affected by a data breach.

How RiskXchange can help

RiskXchange is one of the firms leading the fight against cybercrime, coming up with novel solutions to everyday problems experienced at the hands of hackers.

With full visibility over your eco-systems’ entire attack surface in near real-time, you can regularly monitor and mitigate risks to prevent unnecessary exposures. Our passive data collection methods are effective and have no impact on your network performance. Using data-driven insights to prevent breaches is the best way to reduce an attack surface and prevent cyberattacks. 

About RiskXchange

RiskXchange provides a powerful AI-assisted, yet simple automated and centralised 360-degree cybersecurity risk rating management approach. We generate objective and quantitative reporting on a company’s cyber security risk and performance, which enables organisations with evolving business requirements to conduct business securely in today’s open and collaborative digital world. 

RiskXchange is an information security technology company, which helps companies of all sizes fight the threat of cyber threats by providing instant risk ratings for any company across the globe. RiskXchange was founded and is led by recognised experts within the security industry, who have held leading roles within companies such as IBM Security. 

Find out more here.