InForce Cyber

Threat Report 2019

2019 was a very active year for the threat actors worldwide. Here is a list of only few major breaches in the past 12 months.

  • January 16th – “Fortnite” got hacked. By keeping an old and unsecured web page “Fortnite” left its players exposed to the risk of having their accounts hacked
  • January 17th – Oklahoma Department of Securities. The “UpGuard Data Breach Research team” revealed that decades’ worth of data in a storage server belonging to the Oklahoma Department of Securities had been exposed.
  • January 17th – “Collection #1”: A massive data breach known as Collection #1 was revealed by ethical hacker and researcher Troy Hunt.
  • January 21st – “Elasticsearch cloud storage”: Over 108 million records of bets made at websites belonging to an online casino group were stored on an Elasticsearch server that hadn’t been secured with a password.
  • March 29th – “Verifications.io” : A database containing over 982 million email addresses was leaked by a marketing company in one of the biggest email database breaches to have ever occurred.
  • April 2nd – “Facebook” : According to the UpGuard Cyber Risk team, a digital media company called Cultura Colectiva based in Mexico left over 540 million records of user IDs, account names, likes, and comments exposed on a publicly accessible server.
  • May 24th – “Canva” : In May, Canva revealed that a cyberattacker had managed to access over 139 million users’ information, including names, email addresses, countries of residence, and cryptographically protected passwords.
  • May 25th – “First American Corp.”: First American Financial Corp., a Fortune 500 financial services company, was revealed to have allowed over 885 million records to be publicly accessed by anyone who had ever been emailed a link to a document by the company.
  • May 29th – “Flipboard” : Flipboard experienced an attack similar to the one on Canva between June 2018, and March 2019, when its databases were accessed by an unauthorized party.
  • July 15th – “Bulgarian NRA data breach” : The leaked data amounted to 57 folders with .csv files detailing the names and national identification numbers of some 5 million Bulgarian citizens, as well as records on revenues, tax and social security payments, debts, online betting data and company activities dating back as early as 2007, and as recently as June 2019
  • July 29th – “Capital One” : According to The New York Times, the hacker managed to steal over 80,000 bank account numbers, more than 140,000 Social Security numbers, over 1 million Canadian social insurance numbers, and millions of credit card applications. The data stolen dated back to as far as 2005, and the bank reported that the breach could potentially cost it more than $300 million.
  • August: A suspected Indian cyber espionage group conducted a phishing campaign targeting Chinese government agencies and state-owned enterprises for information related to economic trade, defense issues, and foreign relations.
  • September : North Korean hackers were revealed to have conducted a phishing campaign over the summer of 2019 targeted U.S. entities researching the North Korean nuclear program and economic sanctions against North Korea.
  • October: State-sponsored Chinese hackers were revealed to have conducted at least six espionage campaigns since 2013 against targets in Myanmar, Taiwan, Vietnam, Indonesia, Mongolia, Tibet, and Xinjiang.
  • October: Iranian hackers targeted more than 170 universities around the world between 2013 and 2017, stealing $3.4 billion worth of intellectual property and selling stolen data to Iranian customers.
  • November: Iranian hackers targeted the accounts of employees at major manufacturers and operators of industrial control systems.
Based on the static information it is evident that the number of security threats is growing in comparison with previous years.
However it seems that the Ransomware threats are less common.

Most security breaches are targeting major organizations with offices and resources in multiple regions.


  • Update vulnerable services
  • Only allow traffic to necessary and well secured ports
  • Update AV solutions
  • Phishing training for the employees.
  • Regular pentests would identify possible weak points