During the pandemic, cyberattacks grew more than ever. Theft, hijacks, and data leaks are increasingly popular practices in cybercrime. The lock and hijack for ransom (ransomware) category has stood out a lot, as data is a highly valuable resource and most companies do not refuse to pay the million-dollar amounts charged to rescue their data. 

Moving to remote work models has caused more people to occupy virtual environments, which increases the chances of digital attacks. In addition, home office work, where business systems are accessed from home and through personal devices, has increased the attack surface in information security. 

In other words, the global destabilization generated by the pandemic has been a fertile field of vulnerabilities to be exploited by cybercrime.

This wave of attacks has been spreading around the world, reaching government agencies and companies from different sectors. One of the biggest risks for companies is having their data leaked, which can be one of the consequences of non-payment of ransomware, for example. 

Another potential leak occurs when attackers make the data available for sale on specific deep web forums.

The year is not over yet and we already have a generous list of this kind of cyberattacks. Check out the biggest data leaks that occurred in 2021 in Brazil and worldwide. 

Brazil: 223 million Brazilians’ Data Leaked 

The most recent case of data leak in Brazil has 223 million personal information about Brazilians, including names, dates of birth, gender, individual taxpayer numbers, corporate taxpayer numbers, vehicle information, addresses, face pictures, education, registration in retirement benefits, data from public officers, debt score, among others. 

That is pretty much all the data a person can have. If the Brazilian population is 212 million, data from almost all Brazilians would be included in this list, but the leak also contains information on deceased people and data from previous leaks.

The data package was posted on a forum to be marketed. The suspects responsible for putting the information up for sale have already been caught by the police. One of them is called Marcos Correia da Silva, known as Vandathegod. The second involved, Yuri Batista Novaes, known as JustBR, was arrested in the act in Petrolina and seized with 4 terabytes of data in his home.

Brazil has been one of the main targets of cybercriminals. In 2019, the country reached second place in the world in ransomware attacks. In 2020, in the second quarter alone, there was an increase of 350%, reaching both companies and governments, according to data from Kaspersky. 

The numbers do not stop growing, even in the first half of 2021 the world already has numerous cases of cyberattacks, and at least eight of these incidents occurred in Brazil, which corresponds to about one attack per week.

RockYou2021: Historical Leak of 8.4 billion Passwords

Considered the biggest leak in history, the attack makes reference to RockYou, a large leak that released 32 million passwords from users of the social network RockYou. This time, the leak involved 8.4 billion access passwords disclosed in a hacker forum. 

It is still not possible to say how these data were compiled and their source. But some experts believe the data has been accumulated over the years and merged with previous leaks.

This type of leak raises an alert, as these cybercriminals may use password matching techniques on multiple online accounts or build an access dictionary to facilitate attacks. The users’ neglect only makes the situation worse, as the common habit of reusing passwords, for convenience, can further increase the damage.

Facebook: 533 million Facebook Users’ Data Leaked

553 million people from 106 countries had their personal data published free of charge on a hacker forum. Information includes name, address, telephone number, date of birth, and email accounts. Tests performed by experts confirmed the legitimacy of the data and that it can still be used for future attacks.

When taking a stand on the case, Facebook stated it is a leak with data already violated in 2019. At that time, the attacker found a vulnerability in the platform that allowed the import of user data, linking phone numbers to specific users. “We found and fixed this issue in August 2019,” said a Facebook spokesperson.

Facebook has already been the target of speculation about data leaks and misuse since the case involving Cambridge Analytics, when it used data from 80 million users to interfere in the course of the 2016 elections in the United States.

Linkedin: 700 million Users’ Data Leaked

After the big data leak in April this year, Linkedin was the target of yet another attack involving data from 700 million users, offered for sale on a hacker forum. Data includes information such as name, email, address, phone number, location records, profile URL, gender, personal and professional histories, and links to accounts on other social networks. 

In the sale post, the hacker claims “I stole data from 700 million Linkedin users for fun.” The package was offered for about US $ 5,000.

However, Linkedin informed it is already working on the case, but added that these databases are not being generated by server or social network invasions, but through a technique that violates the terms of use of the platform, called Data Scraping, which consists of an automatic scan of public data. 

In other words, this technique just helps to very quickly gather a high number of information that is already made available by users on the platforms. The value of this package lies in the speed with which a large volume of data was collected and organized into blocks, a task that would take thousands of years to complete manually. With the Scraping technique, the data are ready to be used by third parties for various purposes.

While not an intrusion as such, the event raised several concerns about the need for greater protection of publicly shared user information.

Acer: Hijacked Data with Millionaire Ransom Value

The electronics company was targeted by Ransomware, a category in which access to data or the system is blocked by encryption. The ransom value is the highest ever recorded for this category of cybercrime. 

The hackers demanded the amount of US $ 50 million in exchange for releasing the data to the company, threatening to disclose it if payment was not made. To prove possession of the data, the main suspect, a group known as REvil ransomware, posted some images of the company’s files on its page, including bank account balances of the company’s members.

Acer said that it could not provide details at the time so as not to jeopardize the progress of the investigations and affect data security. However, it identified “abnormal activities” in its systems that had already been reported to law enforcement authorities for data protection. 

The company added that it has invested heavily in the continuous improvement of the cybersecurity infrastructure to protect the company’s business and the integrity of its information.

Experts believe that the REvil group has taken advantage of newly discovered vulnerabilities in Microsoft Exchange, which could make it easier for hackers to enter systems at various organizations. Fixing these flaws is now available from Microsoft through security updates.